The Good, the Bad and the Ugly

  • Notes from the lab: Citrix XenMobile 10.15 upgrade fails

    Regarding my own XenMobile deployment I had a 10.14 Rolling Patch environment 6 running and updated it to Rolling Patch 9 before the eventual upgrade to 10.15 base. This all is very easy to do and all the required information is presented at Release notes for Rolling Patches | XenMobile Server Current Release (citrix.com) regarding […]

  • Notes from the field: Citrix NetScaler Azure subscription-based licensing

    Just a quick blog regarding a deployment model of Citrix NetScaler on Azure. There is an option to use subscription-based licensing for a deployment, meaning you pay by the hour it is running in Azure. See Deploy a Citrix ADC VPX instance on Microsoft Azure for more details. This setup was chosen by a customer […]

  • Notes from the field: VMware UEM Apple Registered mode pre-registration not working

    On a recent project in which we use VMware UEM in a managed and registered mode of management the latter is experiencing a bug when pre-registering for enrollment is enabled. With closed enrollment enabled all devices need to be registered beforehand, this is a form of security to mandate there is no open enrollment possible. […]

  • Notes from the field: The Kerberos chronicles, the one with Citrix NetScaler

    The same as my previous Kerberos blog but this time we have Citrix NetScaler in the mix with drumrolls… Kerberos Constrained Delegation henceforth to be known as KCD. This in an setup derived from the following article: Tutorial: Azure Active Directory single sign-on integration with Citrix ADC SAML Connector for Azure AD (Kerberos-based authentication) – […]

  • Notes from the field: The Kerberos chronicles, the one with VMware TrueSSO

    After a lengthy and cumbersome troubleshoot on a VMware TrueSSO setup finally had the time to blog this one. In summary the situation with a customer was a working VMware TrueSSO setup which stopped working, after lengthy troubleshooting we opened a support case with VMware and later also with Microsoft. The issue was manifesting in […]

  • Notes from the field: The broken VMware Access, UEM, and HUB portal

    On a recent project with a customer, we encountered the issue that the VMware integration of the three products would be sort of “broken”. We first observed the issue after implementing the Intelligent Hub Verify rule set and see that this wouldn’t work. The devices and UEM wouldn’t show in the portal and the access […]

  • Notes from the field: VMware App Volumes LDAP(S) lockout

    This is a quick blog to address a lockout issue if you are having troubles with LDAP(S) and or the validation of the certificate. When you want to validate this or for that matter resolve it because you can’t login to the App Volumes Manager anymore do the following on the database: Select the dbo.ldap_domains […]

  • Notes from the field: VMware Access CRL url too long?

    This is just a quick post regarding CRL checking in VMware Access. It seems that when you have the “NEW” UI interface enabled there is a bug when you put in a valid CRL location in the lengths of: http://this.ismycrlfilelocation.crl that it would chop the end off and stay at http://this.ismycrlfilelocation and then a faulty […]

  • Notes from the lab: Using VMware Access as IdP for Citrix Gateway

    I like to fiddle around with possibilities when it comes to SAML, OAUTH authentications. This all started when a customer engineer triggered me with the possibility of achieving an SSO experience with the Citrix NetScaler and using VMware Access as the source of truth for authentication. Well guess what this works! And even for the […]

  • Notes from the field: Citrix Cloud Connector we’re having trouble signing you in

    Recently I’ve encountered an issue after installing the Citrix Cloud Connector on new Windows Server 2022 machines. The configuration on my first machine went just fine until the sign-in, here my interest got peeked because I still have IE11 on my box, strange that it uses the sign-in for Citrix Cloud. Well let’s test the […]