
How to handle Citrix configuration changes for Citrix teams with many Citrix Admins
If you've got multiple admins making changes to your Citrix environment, you need configuration logging. Here's how to enable the built-in audit trail in XenApp.
97 articles tagged “security”

If you've got multiple admins making changes to your Citrix environment, you need configuration logging. Here's how to enable the built-in audit trail in XenApp.

If you need to add a security group to every published app in a XenApp 6.5 farm at once, here's a PowerShell script that does it without overwriting existing permissions.

If telnet from your NetScaler NSIP won't reach the STA, you're testing from the wrong IP. You need to test from the SNIP. Here's how using a temporary LB service.

If you want a weekly AD security group membership report emailed to your Citrix admins, here's a PowerShell script that does it automatically with Quest ActiveRoles.

If you're tired of piecing together NetScaler data from SNMP, LogParser, and EdgeSight, Insight Center gives you web, HDX, and Gateway traffic in one place using AppFlow.

If your AppSense Management Console crashes with 'Keyset does not exist' when you try to add Client Access Credentials, here's how to fix the Master Key decryption failure.

If users can't authenticate via RADIUS or TACACS on your NetScaler, capture the AAA debug output at /tmp/aaad.debug over SSH. It shows you the exact error.

Did you know XenCenter silently probes port 3389 on every VM you view? In a large PVS environment, that's thousands of SYN_SENT connections per hour triggering your firewall alerts.

If NTLM passthrough is failing for published websites on XenApp, you can fix it with local group policy (gpedit.msc) to add sites to IE zones server-wide without touching domain GPO.

If SEP 12 is freezing your Windows 7 XenDesktop VMs on PVS 6.1, it's a driver conflict with Advanced Download Protection, SONAR, and IPS. Exclude those three and you're good.

If ICA passthrough auth is failing when you connect to a different domain with Receiver Enterprise, add UseLocalUserAndPassword=Off and AutoLogonAllowed=Off to the ICA file. That fixes it.

If SEP is eating RAM and CPU on your XenApp servers from multiple SmcGui.exe and ccApp.exe processes, here's a script to disable them. Follows Symantec's own KB guidance.

If your XenServer VMs won't start with 'certificate verify failed', the cause is likely an expired StorageLink SSL cert. Here's how to find it and fix it fast.

If your users are getting prompted for credentials or seeing the Windows 2008 logon screen on XenApp 6.5 / WI 5.4, SSO is broken. Fix it by correcting the Receiver ADM template and XML Trust.

Need to know who's been hitting a specific URL? LogParser queries your IIS W3C logs and gives you every IP in chronological order. Then you can export unique IPs for identification.

If your image host goes down or exceeds bandwidth, this Greasemonkey script automatically redirects requests to the mirror site. No manual URL changes needed.

Inherited a SQL Server and don't know the SA password? Here's how to use single-user mode to create a new sysadmin account without resetting anything.

If SolarWinds NPM says 'unable to contact Thwack server' when you download templates, add a defaultproxy disabled entry to web.config. No IIS restart needed.