The Good, the Bad and the Ugly
Notes from the field: Horizon and the locked.properties debacle
On a recent Horizon deployment version 2212.1 we just couldn’t get the workings correctly with the portalhost/balancedhost entries, the “workaround” for that matter until we get it sorted out is to turn back on the unexpected host feature like below: allowUnexpectedHost=true checkOrigin=false enableCORS=false Well this worked only for the original installed URL of the connection…
Notes from the field: Just one of those days that nothing goes as expected
Just a quick blog that these day’s it can be very difficult or very simple in regards of troubleshooting and resolving issues in a deployment. Let me take you on a journey 😉 Journey 1: UAG deployment fresh as fresh and no working logon page after a valid deployment, at first troubleshooting, troubleshooting, redeployed with…
Notes from the field: Citrix Gateway Advanced Auth RADIUS SSO not working
In the last couple of months, I came across some NetScaler redeployments regarding the latest CVE and on the other hand moving over from basic policies to advanced policies. For this to work we are depending on the AAA setup with authentication profiles to combine it all with a Citrix Gateway deployment. For RADIUS there…
Notes from the field: The Kerberos chronicles, the one with certificate-based authentication
If you’ve read my previous Kerberos chronicles blogs you see a trend with the Microsoft patches, hardening updates and with this one the upcoming strong mapping / full enforcement mode of certificate-based authentication. See the following article for explanation: KB5014754—Certificate-based authentication changes on Windows domain controllers – Microsoft Support This one is going to have…
Notes from the lab: VMware Workspace ONE and the home-lab setup for one external IP
Just a quick blog for setting up your home-lab and use all the VMware Workspace ONE services on the UAG’s with one external IP. Our starting point is based on the following articles: Unified Access Gateway Appliances Deployed in a Double DMZ (vmware.com) – follow the steps for double DMZ deployment, Minimum/Optional Horizon Protocols and…
Notes from the lab: Some magic, integrating Citrix resources with VMware Access
Like my friend Edwin de Bruin explains in his blog(s): Migrating from Citrix Gateway to VMware Access Workspace One: Part one (debruinonline.net) and Migrating from Citrix Gateway to VMware Access Workspace One: Part Two! (debruinonline.net) he expects me to deliver you all some magic. For this blog I’m going to start with the necessary resource…
Notes from the field: Microsoft Azure MFA Number Matching and the one with NPS extension
Regarding the upcoming change of Microsoft MFA number matching, some customers started to ask me hey what’s going on? Do we need to do something? Is there any impact for our users? Well, the short answer is yes. The long answer is well it depends, can we live with the current setup or is there…
Notes from the lab: Citrix XenMobile 10.15 upgrade fails
Regarding my own XenMobile deployment I had a 10.14 Rolling Patch environment 6 running and updated it to Rolling Patch 9 before the eventual upgrade to 10.15 base. This all is very easy to do and all the required information is presented at Release notes for Rolling Patches | XenMobile Server Current Release (citrix.com) regarding…
Notes from the field: Citrix NetScaler Azure subscription-based licensing
Just a quick blog regarding a deployment model of Citrix NetScaler on Azure. There is an option to use subscription-based licensing for a deployment, meaning you pay by the hour it is running in Azure. See Deploy a Citrix ADC VPX instance on Microsoft Azure for more details. This setup was chosen by a customer…
Notes from the field: VMware UEM Apple Registered mode pre-registration not working
On a recent project in which we use VMware UEM in a managed and registered mode of management the latter is experiencing a bug when pre-registering for enrollment is enabled. With closed enrollment enabled all devices need to be registered beforehand, this is a form of security to mandate there is no open enrollment possible.…
- December 2024
- December 2023
- November 2023
- October 2023
- September 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- May 2022
- April 2022
- February 2022
- December 2021
- November 2021
- August 2021
- July 2021
- May 2021
- March 2021
- February 2021
- January 2021
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- April 2020
- March 2020
- December 2019
- November 2019
- October 2019
- September 2019
- July 2019
- June 2019
- May 2019
- February 2019
- January 2019
- November 2018
- September 2018
- June 2018
- May 2018
- April 2018
- March 2018
- December 2017
- November 2017
- September 2017
- August 2017
- March 2017
- February 2017
- October 2016
- July 2016
- June 2016
- November 2015
- October 2015