Data Store:-
Databases used for the data store:-
Farm:-
A Farm is a group of Citrix servers which provides published applications to all users that can be managed as a unit, enabling the administrator to configure features and settings for the entire farm rather than configuring each server individually. All the servers in the farm share a single data store
Zones:-
Zone Data Collector:-
IMA is a centralized management service comprised of a collection of core subsystems( ImaRuntimeSs.dll,ImaPsSs.dll) that define and control the execution of products in a server farm.
IMA can be defined as a SERVICE, PROTOCAL and as a DATASTORE.
IMA Service: IMA Service is the central nervous system of Presentation Servers. This service is responsible for just about everything server-related, including tracking users, sessions, applications, licenses, and server load.
IMA Data store: Which stores Presentation server configuration information, such as published applications, total licenses, load balancing configuration, security rights, Administrator Accounts, Printer configuration, etc?
IMA Protocol: Which is used for transferring the ever-changing background information between Presentation servers, including server load, current users and connections, and licenses in use.
Ports used by IMA:
2512: Used for Server to Server Communication
2513: Used for CMC to Data store Communication
In Presentation Server, the IMA protocol does not replace the ICA protocol. The ICA protocol is still used for client-to-server user sessions. The IMA protocol is used for server-to-server communication in performing functions such as licensing and server load updates, all of which occur “behind the scenes.”
ICA:- (Independent Computing Architecture)
Printer Terminology in Citrix:-
An administrator can configure the following types of printers for use in an ICA session:
Client local printer
Network printer
Server Local printer
Client Printers: The definition of a client printer depends on the ICA Client platform. On DOS-based and WinCE client devices, a client printer is physically connected by a cable to a port on the client device. On 32-bit Windows platforms (Windows 9x, Windows NT, and Windows 2000), any printer that is set up in Windows (these printers appear in the Printers folder on the client device) is a client printer.
Network Printers: Printers that are connected to print servers and shared on a Windows network are referred to as network printers. In Windows network environments, users can set up a network printer on their computers if they have permission to connect to the print server. When a network printer is set up for use on an individual Windows computer, the printer is a client printer on the client device.
Local Printers: Printers that are connected directly to Citrix servers are local printers within a particular server farm. This definition includes a printer that is connected to the Citrix server that hosts a user’s ICA session, as well as printers that are connected to other Citrix servers in the same server farm. If a printer is connected to a Citrix server outside of a server farm (either the server is not a member of a server farm or is a member of a different server farm), the server farm considers the printer a network printer, not a local printer.
How to implement Policies in Citrix?
Presentation Server policies are created by adding policy rules. Policy rules are broken down into the following categories:
Bandwidth
Client Devices
Printing
Security
User Workspace
An administrator can apply policies by filtering:
Client IP address
Users and user groups
Client names
Servers
Access Control
once a policy is created it has to be prioritized for effective functioning. Following options are available for prioritizing a policy
Make Highest priority
Increase Priority
Decrease Priority
Make Lowest Priority
Citrix Policies can be configured from XenApp Advanced Configuration Console
if there are any policies which conflicts to each other; the resultant applied policies are the one with higher priority
Policies Override
1. Citrix Policy
2. Group Policy
3. ICA Session Setting
4. User Object setting
Protocol and Port Numbers:-
Components of Citrix Presentation server:-
Clients for the Citrix:-
Citrix XML service:-
Isolation Environment:-
This is the place where all the static information is stored.It is the central repository where almost the entire citrix implementation is invested.The Administrators of the farm, the license server to point to, the whole farm configuration, the published applications, all their properties, the security of who gets access to what, the custom load evaluators, custom policies, configured printers and print drivers, all this is stored in the central repository called the data store.
Microsoft Access
Microsoft SQL Server 2000 Desktop Engine (MSDE)
Microsoft SQL Server
Oracle
IBM DB2
Farm:-
A Farm is a group of Citrix servers which provides published applications to all users that can be managed as a unit, enabling the administrator to configure features and settings for the entire farm rather than configuring each server individually. All the servers in the farm share a single data store
Zones:-
zones are used to group servers by subnet or location, control communication, enhance performance, or discourage bottlenecks between groups of servers within the farm. Servers in a zone can communicate directly with one another.
A logical sub-grouping of servers in a server farm
Zone Data Collector:-
- A zone data collector is a server that manages dynamic information about the servers in the zone. Each farm has at least one zone.
- Server role, which is responsible of collecting all dynamic data within a server farm zone.
- Data collector is a Citrix Presentation Server whose IMA service takes on the additional role of tracking all of the dynamic information of other Presentation Servers. This information is stored in memory and called the “dynamic store”. The data store is a database on disk. The dynamic store is information stored in memory.
- "query farm /zone" determines which server act as a Zone data collector in a Zone.
- IMA service running on each presentation server downloads the information it needs from the central datastore into a local MDB ( IMALHC.mdb )database called LHC. The LHC is unique for each server. It also provides the redundancy of the data store.
- Location: HKLM\Software\Citrix\LHCDatastore\Datasourcename
- IMALHC.dsn is stored in the same place as MF20.dsn.
- Citrix created the local host cache for two reasons:
- 1. Permits a server to function in the absence of datastore connectivity.
2. Improves performance by caching information used by ICA Clients for enumeration and application resolution. - The LHC is an Access database (Imalhc.mdb) stored default in the path "<ProgramFiles>\Citrix\Independent Management Architecture" folder.
LHC contained the following information:
1. All servers in the farm, and their basic information.
2. All applications published within the farm and their properties.
3. All Windows network domain trust relationships within the farm.
4. All information specific to itself. (Product code, SNMP settings, licensing information) - The local server's IMA service only interacts with the LHC. It never contacts the central data store except when it's updating the LHC.. If the server loses its connection to the central data store, there's no limit to how long it will continue to function. (In MetaFrame XP, this is limited to 48 or 96 hours, but that was because the data store also store license information.) But today, the server can run forever from the LHC and won't even skip a beat if the central connection is lost
- In fact now you can even reboot the server when the central data store is down, and the IMA service will start from the LHC without any problem. (Older versions of MetaFrame required a registry modification to start the IMA service from the LHC.)
IMA is a centralized management service comprised of a collection of core subsystems( ImaRuntimeSs.dll,ImaPsSs.dll) that define and control the execution of products in a server farm.
IMA can be defined as a SERVICE, PROTOCAL and as a DATASTORE.
IMA Service: IMA Service is the central nervous system of Presentation Servers. This service is responsible for just about everything server-related, including tracking users, sessions, applications, licenses, and server load.
IMA Data store: Which stores Presentation server configuration information, such as published applications, total licenses, load balancing configuration, security rights, Administrator Accounts, Printer configuration, etc?
IMA Protocol: Which is used for transferring the ever-changing background information between Presentation servers, including server load, current users and connections, and licenses in use.
Ports used by IMA:
2512: Used for Server to Server Communication
2513: Used for CMC to Data store Communication
In Presentation Server, the IMA protocol does not replace the ICA protocol. The ICA protocol is still used for client-to-server user sessions. The IMA protocol is used for server-to-server communication in performing functions such as licensing and server load updates, all of which occur “behind the scenes.”
ICA:- (Independent Computing Architecture)
- The Independent Computing Architecture (ICA) is the communication protocol by which servers and client devices exchange data in a server environment. ICA is optimized to enhance the delivery and performance of this exchange, even on low-bandwidth connections.
- The ICA protocol transports an application’s screens from the server it is running on to the user’s client device, and returns the user’s input to the application on the server.
- ICA browsing is a process in which a client transmits data to locate servers on the network and get information about the server farm’s published applications.
- 1494: ICA Protocol on TCP (TCP + HTTP) & 1604: ICA Protocol on UDP.
Printer Terminology in Citrix:-
An administrator can configure the following types of printers for use in an ICA session:
Client local printer
Network printer
Server Local printer
Client Printers: The definition of a client printer depends on the ICA Client platform. On DOS-based and WinCE client devices, a client printer is physically connected by a cable to a port on the client device. On 32-bit Windows platforms (Windows 9x, Windows NT, and Windows 2000), any printer that is set up in Windows (these printers appear in the Printers folder on the client device) is a client printer.
Network Printers: Printers that are connected to print servers and shared on a Windows network are referred to as network printers. In Windows network environments, users can set up a network printer on their computers if they have permission to connect to the print server. When a network printer is set up for use on an individual Windows computer, the printer is a client printer on the client device.
Local Printers: Printers that are connected directly to Citrix servers are local printers within a particular server farm. This definition includes a printer that is connected to the Citrix server that hosts a user’s ICA session, as well as printers that are connected to other Citrix servers in the same server farm. If a printer is connected to a Citrix server outside of a server farm (either the server is not a member of a server farm or is a member of a different server farm), the server farm considers the printer a network printer, not a local printer.
How to implement Policies in Citrix?
Presentation Server policies are created by adding policy rules. Policy rules are broken down into the following categories:
Bandwidth
Client Devices
Printing
Security
User Workspace
An administrator can apply policies by filtering:
Client IP address
Users and user groups
Client names
Servers
Access Control
once a policy is created it has to be prioritized for effective functioning. Following options are available for prioritizing a policy
Make Highest priority
Increase Priority
Decrease Priority
Make Lowest Priority
Citrix Policies can be configured from XenApp Advanced Configuration Console
if there are any policies which conflicts to each other; the resultant applied policies are the one with higher priority
Policies Override
1. Citrix Policy
2. Group Policy
3. ICA Session Setting
4. User Object setting
Protocol and Port Numbers:-
ICA sessions (clients to servers) - 1494,1604
Session reliability - 2598
Citrix XML Service - 80
Citrix SSL Relay - 443
Server to server (IMA) - 2512
Presentation Server Console to server (IMA) – 2513
Server to license server - 27000
RDP - 3389
Telnet – 23
Ftp -20,21
Database – 1433
Edgesight Agent – 9036
DNS – 53
CAG Appliance – 9001,9002
AAC - 9005
Components of Citrix Presentation server:-
- Installation Manager. (Enterprise Edition only.) IM is a powerfull feature in Metaframe XPe that facilities the rapid installation of applications and other software components. It supports ADI,MSI and MSP format. We can use package utility provided by IM to package a software in ADF format
- Resource Manager. (Enterprise Edition only.) Provides customizable metrics and reporting, real-time graphs and alerts, and capacity planning for server farm resources.
- Load Manager. (Advanced and Enterprise Editions.) Provides load balancing of user connections across servers to more effectively use server resources.
- Network Manager. (Enterprise Edition only.) Provides the ability to administer server farms through the native management consoles of leading network management solutions.
Standard Edition,
Advanced Edition &
Enterprise EditionClients for the Citrix:-
Program Neighborhood,
Program Neighborhood Agent,
Web Client and
Java ClientCitrix XML service:-
Citrix XML Service provides the Web Interface and the Clients for Win32 connecting over TCP/IP+HTTP with the names of published applications available in the server farm
Isolation Environment:-
An application isolation environment creates a virtual layer that allows Presentation Server to redirect communication between the application and system resources, such as file systems and the registry. The application continues to function, using virtual copies of the resources instead of the actual resources.
Administrators can use application isolation environments in the following instances:
1. To install and publish different versions of an application that are not
compatible with each other on the same server.
2. To publish applications that are not inherently multi-user compatible.
3. To install and publish applications that are not compatible with other
Applications.
The isolation environment creates a virtual space in which to run the applications
XML Broker:
The web interface and the XML Broker are complementary services. The Web interface provides users with access to applications. The XML Broker determines which applications appear in the web interface based on the user’s permission.
Citrix XML service:-
Citrix XML Service provides the Web Interface and the Clients for Win32 connecting over TCP/IP+HTTP with the names of published applications available in the server farm
Session relabilty and what is the port number:-
Session Reliabilty keeps sessions active and on the users’s screen when network connectivity is interrupted. Users continue to see the application they are using until network connectivity resumes.
Session relaibilty reconnects users without reauthentication prompts.
If the session Reliabilty feature is enabled, the default port used for the session communication changes from 1494 to 2598
Load Evaluator:-
Load evaluators consist of rules, which in turn determine how load is calculated. Load evaluators can be created by combining many of the available rules. When several rules exist in a single load evaluator, the rules work together to determine the overall server or published application load
There are 2 types.
1. Default- Load throtlling and server user load
2. Advanced –Load throtlling, CPU Utilization,memory usage and page swap
Application Streaming:-
Application streaming allows citrix administrators to install and configure applications on one file server and then deliver those application to desktop and xenapp server on demand. Another added bonus about Application streaming is that updates, upgrads and patches can be installed one time on the file server instead of across all servers and workstations
streaming profile:-
The citrix streaming profiler is used to create application profiles to deliver applications to the users by streaming them to their desktops or the xenapp servers. With the profiler administrators can build an application that includes several operating system targets to match the variety of user environments
Session Shadowing:-
Shadowing, which allows an administrator to view an ICA session
from another device and allows the administrator to monitor session
activity. During installation, an administrator can choose the
following shadowing options:
1. Logging
2. Notify
3. Allow keyboard and mouse control within the shadowed session.
4. Shadow other users by enabling the corresponding policy in the
Presentation Server Console. Shadowing must be enabled on the server and
the ICA connection.
Citrix SSL Relay:-
Securing small environments of five or fewer servers
Encrypting end-to-end communication between client devices and servers running Presentation Server
Encrypting Client traffic between the Web Interface server and the server farm
Implementing Network Address Translation (NAT) or server IP addresses when they must be hidden
Certificates and its types:-
Digital Certificates
The Secure Gateway uses two types of digital certificates to provide secure communication and effective authentication:
Server Certificate, which is issued by a certification authority (CA) to identify a specific network system such as a web server. The server certificate is based on a specific DNS name.
Root Certificate, which is issued by a CA and is used to confirm the authenticity of the CA signature on server certificates; third-party root certificates are often embedded into most client operating systems.
An Intermediate Certificate is typically issued when a certificate base is too large for a single CA to maintain and the responsibility for issuing certificates is
delegated to an intermediate CA.
Secure Gateway:-
The Secure Gateway provides secure access to the published applications and resources on server running Presentation Server through SSL/TLS encrypted sessions. The Presentation Server uses the Secure Gateway in combination with the Web Interface
Web Interface:-
The Web Interface provides user access to the published applications through a web browser. The web interface allows for multi-farm administration from a single Access Suite Console
Pass through Authentication:-
Pass-through authentication, which allows Presentation Server to use the same credentials as those entered to log on to the client device.
Difference between ICA and RDP Protocol:-
a) RDP only works with TCP/IP where as ICA addinionally work with IPX,SPX,NETBEUI and Direct Async.
b) ICA supports for windows Audio(.wav files)
c) ICA has access to local printers where as RDP not.
d) ICA has access to local serial ports where as RDP not
e) ICA having administrative remapping of local drivers.
f) ICA has cut and paste between sessions
g) ICA has session shadowing or remote control.
h) ICA allows administrative to create preconfigured clients with application, IP address, server names and connection options
RDP supports multiple level encryption of client connection natively, where as ICA system can encrypt client/ server communication, but it requires the additional citrix secureICA services
Mapping of drivers:-
Mapping the local drives of the client to citix session as ( V$ and U$). This can be enabled in citrix polices and client drive mapping
Difference between AMC and PSC:-
PSC: Presentation Server Console
Create polices for users connections
Set up and manage printers
Manage application isolation environments
Manage Zone
AMC: Access Management Console
Publishing the application in citrix
Monitoring the user session
Create reports on the report center
Hotfix management.
Citrix Edge sight
Citrix Edge sight server components provide the primary interface for Citrix administratrors to display both real time agent data and historical aggreagets data for the entire environment. Edge sight server also allows citix administrator to set up real time alerts notifications of cirtical system events and ots the point for all configuration taks and changes.
Citrx Start up License file:-
The Start up license does not affect the license count. It is used to allow citrix products to communicate with the license server using a continuous open connection. Every five minutes the license server and the products send a heart beat message to each other to verify that they are mutually communicating.
No comments:
Post a Comment