Enabling XenApp Administrative logs

If you have a busy XenApp farm with lots of published apps, users and administrators who have (I hope!) got delegated access – you may often want to check on who made a change, or removed a published app or affected some other settings. XenApp 7.5 Desktop Director has logging enabled by default.

 

It often gets over looked during setup, but the History node in the XenApp AppCentre console is all you need. If you click on it, and it’s blank – then it’s not enabled and you will need to configure it. Here’s how!

log1

Create a  service account for the DB owner- AD or a local SQL account on the database server, documenting the account and password.

Setup a new SQL database on your preferred server. By the way  –  If you want put the logs on the same server as your Farm DataStore server, you could look in the MF20.dsn and look for the “server=” line.  Start/Run  – \\citrixserver1\C$\Program Files (x86)\Citrix\Independent Management Architecture\  – should take you to mf20.dsn.

You can use Oracle, but all customers I come across are on SQL server.

Then create the database with a suitable name – eg xenapplog and assign the service account as the DB Owner.

Now – login to a DataCollector in your Citrix Farm. Right click on the farm name, and go to Farm Properties and click on Configuration Logging.

 log2

Then click on Configure Database.

log3

Enter the name of the database server, the authentication mode and the service account details.

log4

Then select the database you created from the list.

log5

Unless your database  uses encryption, select No for Use Encryption. Click Next.

log6

Then click on Test Database Connection – OK, then Finish.

log7

The only other option is to secure the delete options – by ticking the box for “Require Admin to enter database credentials before clearing log”. You did record that account password didn’t you?

log8

Click on Get Log – and recent changes should start to appear. You can also amend the columns and set Filters for tasks and data range if looking to narrow down the search for changes.

log10

So, a very useful addition to the console, and easy to setup. Happy Logging!

Advertisements

ShareFile Enterprise – to Mobility and beyond!

With so many customers looking at ShareFile I often get asked how it works and where does the data get saved and sync’d. In this blog, I will give you a quick overview of ShareFile Enterprise and some of the useful tools you can use for accessing, sharing and syncing your files and data to a secure location in your data centre.

ShareFile is a Citrix product that competes directly with Dropbox, Google Drive and other online file sync tools of which there are now dozens available – all with cloud storage, some with on premise and varying security standards. With ShareFile you can store data in the cloud and in your data centre as well as getting access to your existing file server resources and NAS drives in your secure network.  For full details, check out the Citrix web site – but here is a quick overview for now. 

sf1

The StorageZone Controller provides users with secure access to SharePoint document libraries and network file drives through Storage Zones Connectors. Users log onto ShareFile from their mobile device and retrieve a list of enterprise data repositories, which may include network drives and SharePoint document libraries.

After choosing an enterprise resource, the user authenticates with the StorageZone Controller using their company credentials, and is then able to enumerate and securely transfer files between the mobile device and the customer data center.

sf2

 

All  folders here – except Internal NovoShare – are hosted on Citrix ShareFile cloud. We have a 20gb cloud store. By default, all users’ folders are on the internal storage.

The Internal NovoShare is an iSCSI attached NAS with 3TB data available to staff. This is called a StorageZone, and runs on an internal Windows 2008 R2 server and gives our users about 20Gb each.

sf3

Being ISO certified, all our key data resides in a secure data center with very controlled access. Only our BCP documents would be stored in the Citrix cloud for emergencies.

Below – Connectors – links into your existing NTFS shares and SharePoint document repositories. New connectors can link into DropBox and other storage to enable migration or two way collaboration.

sf4

All of these folders are residing in our secure hosted data center. None of the files get sent to the Citrix Cloud – which only acts as a broker and authentication.

Single Sign-On from AD

Logging into the MDM portal on a browser, allows you to click on ShareFile – and seamlessly login to the ShareFile web site.

sf5

SAML single sign-on can also be enabled for using the /SAML/login extension to the normal web portal.

Outlook Plugin

sf6

 

 

 

 

This is very useful and allows files to be attached easily from ShareFile –  and to attach new files, that are then sent into ShareFile instead of emailed to multiple recipients.

Desktop Widget

Allows you to browse into your files and folders from a Windows/Mac desktop.

sf7

Sync Tool

Sync Tools allows you to sync local folders up to your ShareFile storage.

sf8

So, if your local laptop drive is encrypted as it should be , you can sync all or some of the data files to the Sharefile cloud folders.

Citrix World Wide ShareFile

sf9

Citrix ShareFile uses a “Control Plane” – sharefile.com and sharefile.eu, are used for broker authentication and location of data when hosted.  For example, European customers can choose to have the data in .eu. The Control Plane provides users with a list of files and folders, but doesn’t hold them in the Citrix cloud if they are onsite – instead, the device is directed to the on premise store.

sf10

Guest users and other contacts can be given access to shares and files very easily for single download or time restricted periods. FTP service? – no problem. Customizing your web portal is also very easy and provides a nice familiar interface for users. Various administrative rights can be delegated, and folder permissions granted so you can allow other users to control access and content.

ShareFile Enterprise is available as a separate product. However, if you are also considering an enterprise mobile device management (MDM) solution  Citrix XenMobile Enterprise includes ShareFile Enterprise for just a few dollars more than ShareFile on its own. Definitely worth checking that out. Free 30 days trial also available on request.

 

Some useful links:

Main product information

http://www.sharefile.com/

ShareFile for Health

http://www.sharefile.com/industries/Healthcare/?src=direct&v=e&cat=1

Security

http://www.citrix.com/products/sharefile/features/secure-by-design.html

Choose where data is stored

http://www.citrix.com/products/sharefile/features/storagezones.html