XenMobile SSL Offload with Re-encryption not supported (anymore)

While configuring a customer implementation in a high security environment I’ve looked up the general ssl offload article for XenMobile.
The article was updated a few days ago with a table in the end stating that SSL Bridge should be used.
As I wanted to SSL Offload the Traffic on the NetScaler and send it re-encrypted for DMZ traversal to the XenMobile XMS Server I’ve checked with my Citrix contacts if MDM Offload is still supported. It’s not anymore!

Here is another article from Citrix stating the same:
Supported Architectures Between NetScaler and XenMobile Server

From now, SSL Offload for MDM traffic only if you plan to use Port 80/HTTP to the XenMobile Server Appliance

XenServer bulk rename of VDIs

Ever had the issue that the VDI naming is incorrect?

However here is a script executable on the xenserver which takes the inventoryname of a virual machine and sets all attached VDI’s with a given name

#separator the for-loop is comma
IFS=','

#Collect and prepare VM uuids for export
for VMUUID in $(xe vm-list is-control-domain=false params=uuid --minimal);do
 VMNAMELABEL=$(xe vm-list uuid=$VMUUID params=name-label --minimal)
 echo "INFO: Naming $VMNAMELABEL"

 for VDIUUID in $(xe vbd-list vm-uuid=$VMUUID params=vdi-uuid --minimal);do
  #here gets the name set with postfix "-system"
  xe vdi-param-set uuid=$VDIUUID name-label=$VMNAMELABEL-system
 done

done

Cheers,
Mauricio

exclusionios

WorxApps Release v10.2.0 Exclusion List

Citrix has released a new MDX version!
iOS has been released on Sep 8, 2015, the Android Version on Oct 6, 2015

As soon as you upload the new Version to you existing packages it doesn’t overwrite some attributes like the exception lists which is getting changed from time to time. Means your user could miss features like starting an facetime-audio call directly from WorxMail.
That’s why it does make sense to upload each app as a new App, copy out the exceptions and then update the existing Apps with the new Version putting in the copied information.
However, this list contains the exclusions for the new v10.2.0 apps and does may save some time for you

Happy copy&pasting!

Continue reading

XenMobile 10 Require MDM Enrollment

I get asked from time to time how to ensure that people are enrolling in MDM first or how to suppress the initial prompt to users if they want to “secure the devices” as well

However, in XenMobile 9 this was controlled by a setting in the AC Configuration named require Device Manager enrollment. In XenMobile 10 it went over to Configuration -> Settings -> Server Properties and look for the key named wsapi.mdm.required.flag
This one property decides if device must be enrolled in MDM prior to MAM deployment.

If you want to enforce MDM enrollment, set this value to true

wsapi.mdm.required.flag

ShareFile Reset Script v2

Here is V2 of the script, it does reset now the following things:

  • User Accounts
  • StorageZones
  • Appearance Settings
  • SSO Settings

The Script is available here:
Blog-Reset-Sharefile

#Workdir
#This is where the Script and all Credentials are stored
$workDir = "D:\CloudStation\Scripts\ShareFileReset"

#Load Accounts
$colLabs = Import-Csv "$workDir\StudentAccounts.csv"

You need to modify these lines in order to get the script running.

The CSV needs to be setup as follows

"Account","Login Name","Password"
"lab01.sharefile.com","lab01@mauricio-schaepers.de","Test123"

Pre-Requirements
The Script uses the ShareFile Powershell Snapin available here

XenServer VM bulk export

a small script to export any VM on a XenServer to a given folder
I didn’t had time to find a command to separate the user templates from the system templates, so I pasted quick and dirty just the UUIDs

It does not snapshot VMs!


#!/bin/bash

#Switch to working dir
cd /mnt/labimages/

#separator the for-loop is comma
IFS=','

#Collect and prepare VM uuids for export
for VMUUID in $(xe vm-list is-control-domain=false params=uuid --minimal);do
	VMNAMELABEL=$(xe vm-list uuid=$VMUUID params=name-label --minimal)
	echo "INFO: Export $VMNAMELABEL"
	xe vm-export uuid=$VMUUID compress=false filename=$VMNAMELABEL.xva
	echo "INFO: Finished exporting $VMNAMELABEL"
	sleep 5
done

#Collect and prepare template uuids for export
colTEMPLATEUUID=8a560dd1-a488-426a-b3bb-482b4dc71cd6,6bf4fd8d-d4e2-9d76-72a2-4ed3e21d578a,dd2b5406-b2ba-5e32-859e-1d25771a6b75

for TEMPLATEUUID in $colTEMPLATEUUID;do
	TEMPLATENAMELABEL=$(xe template-list uuid=$TEMPLATEUUID params=name-label --minimal)
	echo "INFO: Export $TEMPLATENAMELABEL"
	xe template-export uuid=$TEMPLATEUUID compress=false filename=$TEMPLATENAMELABEL.xva
	echo "INFO: Finished exporting $VMNAMELABEL"
	sleep 5
done


Active Directory How to bulk create demo user

I’m right now preparing a lab environment and need some ad account for represent user of different departments.
As I was not able to find something in google which does create the users in the way I like, I decided to write up something in my own.

As it is maybe useful to some of you guys, here it is :)

#Globalconfig
$password = "S3cr3tP@ssw0rd!"
$departments = @("Sales", "Helpdesk", "Engineers", "User", "Manager", "Admin", "Test", "User")
$OrganisationUnit = "OU=GlobalUser,dc=adnlab,dc=local"

#userconfig
$UserOrganization = "ADNLab"
$UserUPNsuffix = "@adnlab.local"
$UserEmailsuffix= "@adnlab.local"
$UserChangePasswordatLogon = $false
$UserCity = "Bochum"
$UserPostalCode = "44688"
$UserState = "NRW"
$UserStreetAddress = "Josef-Haumann-Str. 10"
$UserCountry = "DE"
$UserCompany = "ADNLab"
$UserPasswordNeverExpires = $true

$securepassword = ConvertTo-SecureString -AsPlainText $password -Force

foreach ($usertype in $departments) {
	1..7 | foreach { 
		New-ADUser -Name "$usertype $_"-SamAccountName $usertype$_ -UserPrincipalName $usertype$_$UserUPNsuffix -Organization $UserOrganization -Department $usertype -Surname $_ -EmailAddress $usertype$_$UserEmailsuffix -ChangePasswordAtLogon $UserChangePasswordatLogon -City $UserCity -PostalCode $UserPostalCode -State $UserState -DisplayName "$usertype $_" -Company $UserCompany -StreetAddress $UserStreetAddress -Country $UserCountry -GivenName $usertype -PasswordNeverExpires $UserPasswordNeverExpires -AccountPassword $securepassword -Enabled $true -Title $usertype -Path $OrganisationUnit
		}
}

XenServer VM Export Script on Powershell

Hi all,

I was unable to find an existing script which does simply export all user created VMs and templates to xva files named like the VM.
It uses the commandline executable of XenCenter as I’m not able to install the PowerShell Extension everywhere

Powershell VM-Export

Hint: If you want to increase data throughput, convert compress=true to false at costs of your storage

# XenServer VM-Export
# Author: Mauricio Schäpers
# Description: Exports all vms into a given directory


$xeserver = "192.168.0.1s"
$xeuser = "root"
$xepw = "s3cr3tP@55w0rd"
$xvadir = "D:\ExportFolder"


#Check where xencenter is installed
$xecmd = "c:\program files (x86)\citrix\xencenter\xe.exe"
if (!(Test-Path $xecmd)) { $xecmd = "c:\program files\citrix\xencenter\xe.exe"}

 <a href="http://www.mauricio-schaepers.de/2015/04/22/xenserver-vm-export-script-on-powershell/#more-283" class="more-link">Continue reading <span class="meta-nav">&rarr;</span></a>