Citrix AppDNA is dead

Almost dead, but from version 1909 AppDNA is deprecated. Citrix purchased App-DNA in October 2011, now 8 years later the story ends.

Microsoft App Assure / FastTrack

The FastTrack Center Benefit for Windows Alternative to Citrix AppDNA is Microsoft App Assurance.(New name is FastTrack)

10 provides access to Desktop App Assure – a new service designed to address issues with Windows 10 and Office 365 ProPlus app compatibility. When you request the Desktop App Assure service, a FastTrack Specialist works with you throughout your migration to Windows 10 and Office 365 ProPlus and when you consume feature updates.

A Microsoft engineer works with you to address valid app issues at no additional cost to you with an eligible subscription. We also provide guidance to customers who face compatibility issues transitioning from Office clients to Office 365 ProPlus. This is a service provided by FastTrack and not a software package.

Its also own FastTrack for 365 migration as showed under. For more information see Microsoft own sites.

Enable 2FA for O365 users

Use of 2FA is something everyone should use on all services in 2019. 2FA will stops a lot of the mayor attack that has happened the last month. Example from Norway is attack on Visma, Maersk, Hydro. I don’t say that 2FA will solve everything, but helps a lot with the work. Everyone that has O365 license has free 2FA, admin just need to enable it.

App Password is default allowed; this give no extra security when users can create static password for apps like Outlook, OneDrive etc. When App Password is disabled, you need to activate modern authentication to get apps to work.

Default is modern authentication not enabled in Exchange Online. Modern authentication cannot be enabled in O365 portal, just possible to do with PowerShell. Has created an example how you can do this under:

  1. Connect to Exchange Online PowerShell.
  2. Run the following: Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
  3. Run the following to verify that modern authentication is enabled: Get-OrganizationConfig | Format-Table Name,OAuth* -Auto

Entire code together here:

# Setup PSSession to O365 (Step 1)
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking

# Enable modern authentication (OAuth)(Step 2)
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

# Verify value for for modern authentication (OAuth)(Step 3)
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto 

# Close PSSession
Remove-PSSession $Session

Citrix change name again of products

Synergy 2018, Citrix announced that the change all products name. This is not first time we have heard that. It has taken over 6 months to change all documentation and installation ISO.  If you plan to upgrade some of your Citrix product you need to know the new names. 

For those of you that has not heard about the change, I have created a list of the most common used products:

Old ProductName
New ProductName
XenApp
Citrix Virtual Apps
XenDesktop
Citrix Virtual Desktops
XenServer
Citrix Hypervisor
Receiver
Citrix Workspace App
XenMobile
Citrix Endpoint Management
NetScaler
Citrix ADC
Citrix Unified GatewayCitrix Gateway

Its two name change I want to highlight, XenServer and NetScaler. WHY? XenServer is now Citrix Hypervisor and NetScaler is Citrix ADC. 

First, Citrix Hypervisor, isn’t this a bit to obelus? Boeing does not call the newest flight model for Boeing Airplane. XenServer is well known name and have good reputation. 

Citrix. ADC. I understand. Less, NetScaler is something EVERYONE associate with something good and a product that work well. The Name has been with Citrix since 2005 when Citrix bought NetScaler. NetScaler has been the begin of Citrix Network product and has over all this year been one of the most known Gateway, Load balancing and ADC in the marked. I hope the name will get a comeback in the next 1-2 year as XenApp did 🙂

Self-Service Password Reset on Netscaler

From 12.1 build 50.28 version of Citrix ADC, SSPR can be activated on N-faktor flow. This gives users the ability to reset their own Active Directory passwords securely, from remote.

Prerequisites

Before you configure the self-service password reset, review the following prerequisites:

  • Citrix ADC feature release 12.1, build 50.28.
  • Supported version is minimum 2008 AD domain function level.
  • The ldapBind username bound to the Citrix ADC needs to have write access to the users AD OU.
  • Self-service password reset is supported in nFactor authentication flow only. (Require Enterprise license)

Installation

Citrix has done an great job with the documentation, so I will not create own and only redirect you to Citrix Docs: Citrix Docs – Self-service password reset

Registration flow

Under I try to explain the flow of user registration. It require that you have done all setup steps from Citrix Docs. Go to you login page https://portal.citrixblog.no or something like that. Normal logon form with username and password is shown.

Depend if user has registered personal information earlier or not, it will popup for new user only. If old user want to change or check the information, they can use https://portal.citrixblog.no/register

Both URL will open this form:

User need to choose some questions and add answers. This will be used to reset password if needed.

Password reset flow

This chapter will cover a Password reset workflow. User go to the portal and try to logon. If they has forgotten the password, user can Click Forgot Password.

1. User need to answer question added in the registration and click Log On
2. Enter the email OTP. Once the email OTP validation is successful, the password reset page is displayed.
3. User can now choose a new password and finish with Submit.

Windows Update failed – KB4480970

Release January 8, 2019—KB4480970 (Monthly Rollup) for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1 has Known issues that give you BIG problem.

Out of all the problem, i will cover two of them:

1. SMBv2  stops workling

Symptom from Microsoft

SMBv2 could not be connected anymore after installing this patch. The admins with networks using SMBv2 shares are reporting the bug.

2. Network interface controller may stop working

Symptom from Microsoft

After you apply this update, the network interface controller may stop working on some client software configurations. This occurs because of an issue related to a missing file, oem.inf. The exact problematic configurations are currently unknown.

For more information, check Microsoft own article about this update:
https://support.microsoft.com/nb-no/help/4480970/windows-7-update-kb4480970

New Year and new job

After and cozy holiday am ready to start the new year at Sicra AS as Solution Architect.

My focus will be on Citrix NetScaler, XenApp/Desktop and identity. Hope this year will be start on a new area in my carrier and my knowledge will growth together with Sicra and my new collage. 

Read more about me and Sicra on our homepage: https://sicra.no

My new contact info is:
E-Mail: andre@sicra.no
Mobile: +47 92865866 (same as earlier)

Windows Explorer crash when using “Send To – Mail recipient”

Got an problem with the context menu option:  “Send To – Mail recipient”. Windows explorer crash and reload. 

The problem is observed on Windows 2016 and Windows 10 (several Builds) in combination with Office365 and Click-To-Run.

The issue is not any news,  it should really be fixed soon in future release, please Microsoft.

Problem happens when a user click on the option showed.

Solution

Add the following registry value to all terminalserver/clients to fix the problem. It solved for users after logoff and on again.

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClickToRun\OverRide]
“AllowJitvInAppvVirtualizedProcess”=dword:00000001