Author: hheres
Notes from the lab: Citrix StoreFront 2203 and the cannot complete request
A quick blog regarding my Citrix lab upgrade from Citrix Virtual Apps and Dekstops (CVAD) 1912CU4 to 2203 and the little StoreFront snag I hit. Summary of my setup: Two Delivery controllers Two StoreFront servers cohabitating with Director as well Two FAS servers Two WEM servers One unmanaged VDA worker And a Citrix ADC HA…
Notes from the field: Citrix Files / ShareFile MDX SSO not working
At my latest Citrix Endpoint Management customer there were some issues regarding Citrix Files / ShareFile not achieving an SSO throughout the MDX/MAM enabled applications. Everything outside the MDX/MAM application bubble would work just fine only when tunnelling through the internal only application this would fail. The setup was comprising of a dual IDP setup…
Notes from the field: VMware Horizon instant clone breaks with Kerberos armoring
On my current customer project we’ve encountered a strange issue when some stricter security policies were implemented. Kerberos armoring was enabled which effectively broke the instant clone process for Windows 10 1809/1909 releases but not for 2009 or 21H2. It all started with a ticket that the image update process in Horizon would error out…
Notes from the lab: Citrix ShareFile and VMware Access SSO
When configuring Citrix ShareFile for an SSO experience with your Microsoft Active Directory setup we have the following guides to use it from Citrix. See How to Configure Single Sign-On (SSO) for ShareFile (citrix.com) Well I’m having my setup with another Identity Provider in my own lab and still want to achieve an managed SSO…
Notes from the field: Citrix CEM / XenMobile enabling Certificate Based Authentication (CBA) after enrollment
I think any consultant at some time encountered the scenario of username / password authentication being the only authentication on the Citrix Gateway setup of Citrix CEM / XenMobile. Afterwards advising the customer to use Certificate Based Authentication (CBA) and then also the sad news okay we need to reenroll all your devices for this…
Notes from the field: Another cannot complete your request with Citrix FAS
We’ve all seen it time and time again some misconfiguration with Citrix StoreFront and/or Citrix FAS and you’ll be getting the cannot complete your request message in your screen. Digging in the StoreFront logs and you’ll be seeing the most interesting messages of error kind in which you would think am I a rocket professor?…
Notes from the lab: VMware UAG content gateway and an A+ rating
In addition to Jesper Alberts his blog a follow up with another custom UAG edge service which has it quirks called the content gateway. For the SEG article see vJAL.nl – Secure Email Gateway Now diving in, when you configure the edge service you have the following options to configure Custom Values for Content Gateway…
Notes from the field: VMware Access Kerberos integration and Office 365
Okay let’s say you have your setup for VMware Access nicely configured with your directory search attribute configured as userPrincipalName because that’s the modern way with all cloud services etc. and configured your inbound Kerberos authentication through the IDP of the Access connector. Everyone is happy and all is working well with external connections, internal…
Notes from the field: VMware Workspace ONE UEM and Android Zero Touch
On a recent project we were implementing Android Zero Touch for out of the box enrollment through WS1 UEM. For a detailed explanation what Android Zero Touch is take a look at the following URL: Zero-touch enrollment for IT admins – Android Enterprise Help When the Zero Touch Portal is enabled through the reseller and…
Notes from the field: VMware Access with VMware UAG and JWT validation
It’s been a while since I’ve retested the setup with validating gateway request with JWT entries, because I thought it was depending on an appliance such as F5 for it to work. See Launching Horizon Resources Through Validating Gateways (vmware.com) I did try and configure it none the less but never got it farther then…