Citrix Systems 4.2 manual Adding Password Management to Your Templates

Page 136

Chapter 13. Working with Templates

3.Name the VM, choose the NFS VHD SR under Storage, enable "Run Operating System Fixups" and choose the NFS ISO SR.

4.Click Next, then Finish. A VM should be created.

Option two:

1.Run XenConvert, under From choose VHD, under To choose XenServer. Click Next.

2.Choose the VHD, then click Next.

3.Input the XenServer host info, then click Next.

4.Name the VM, then click Next, then Convert. A VM should be created.

Once you have a VM created from the Hyper-V VHD, prepare it using the following steps:

1.Boot the VM, uninstall Hyper-V Integration Services, and reboot.

2.Install XenServer Tools, then reboot.

3.Prepare the VM as desired. For example, run sysprep on Windows VMs. See Section 13.10, “Creating a Windows Template”.

Either option above will create a VM in HVM mode. This is fine for Windows VMs, but Linux VMs may not perform optimally. Converting a Linux VM to PV mode will require additional steps and will vary by distribution.

1.Shut down the VM and copy the VHD from the NFS storage to a web server; for example, mount the NFS share on the web server and copy it, or from the XenServer host use sftp or scp to upload it to the web server.

2.In CloudPlatform, create a new template using the following values:

URL. Give the URL for the VHD

OS Type. Use the appropriate OS. For PV mode on CentOS, choose Other PV (32-bit) or Other PV (64-bit). This choice is available only for XenServer.

Hypervisor. XenServer

Format. VHD

The template will be created, and you can create instances from it.

13.13. Adding Password Management to Your Templates

CloudPlatform provides an optional password reset feature that allows users to set a temporary admin or root password as well as reset the existing admin or root password from the CloudPlatform UI.

To enable the Reset Password feature, you will need to download an additional script to patch your template. When you later upload the template into CloudPlatform, you can specify whether reset admin/root password feature should be enabled for this template.

The password management feature works always resets the account password on instance boot. The script does an HTTP call to the virtual router to retrieve the account password that should be set. As long as the virtual router is accessible the guest will have access to the account password that should be used. When the user requests a password reset the management server generates and sends a

126

Image 136
Contents Page Page User Services Overview Getting More Information and HelpConcepts Cloud Infrastructure ConceptsSetting Up Networking for Users Service OfferingsSteps to Provisioning Your Cloud Infrastructure Working With Virtual Machines Working With Hosts 103Working with Templates 113 Working With Storage 129Working with Usage 141 Managing Networks and Traffic 147Page Tuning 249 Troubleshooting 251Working with System Virtual Machines 229 System Reliability and High Availability 233Event Types 259 Alerts 261 Getting More Information and Help Additional Documentation AvailableCitrix Knowledge Center Contacting Support ChapterPage What Is CloudPlatform? ConceptsWhat Can CloudPlatform Do? Multiple Hypervisor SupportDeployment Architecture Overview Management Server Overview Cloud Infrastructure OverviewNetworking Overview More InformationPage Page About Regions Cloud Infrastructure ConceptsAbout Zones Cloud Infrastructure Concepts About Pods About Clusters About Hosts About Primary StorageAbout Secondary Storage About Physical NetworksBasic Zone Network Traffic Types Advanced Zone Network Traffic Types Basic Zone Guest IP AddressesAdvanced Zone Guest IP Addresses Advanced Zone Public IP Addresses System Reserved IP AddressesAll zones A zone that uses advanced networkingPage Accounts Accounts, Users, and DomainsDedicating Resources to Accounts and Domains How to Use Dedicated HostsBehavior of Dedicated Hosts, Clusters, Pods, and Zones Configuring an Ldap Server Using an Ldap Server for User AuthenticationAdding an Ldap Server Trust Store Trust Store Password Removing an Ldap Configuration Example Ldap Configuration CommandsSearch Base Active Directory Query FilterApacheDS SSL Keystore Path and Password Search User Bind DNPage User Services Overview Page User Interface Supported BrowsersLog In to the UI End Users UI OverviewRoot Administrators UI Overview Logging In as the Root AdministratorChanging the Root Password Using SSH Keys for AuthenticationCreating an Instance from a Template that Supports SSH Keys Output is something similar to what is given below Creating the SSH KeypairResetting SSH Keys Logging In Using the SSH KeypairCreating an Instance Page Using Projects to Organize Users and Resources Configuring ProjectsSetting Up Invitations Overview of ProjectsSetting Resource Limits for Projects Setting Project Creator PermissionsAdding Members to a Project Creating a New ProjectSending Project Membership Invitations Accepting a Membership Invitation Adding Project Members From the UIUsing the Project View Suspending or Deleting a ProjectPage Steps to Provisioning Your Cloud Infrastructure Overview of Provisioning StepsAdding Regions optional First Region The Default RegionAdding a Region Adding Third and Subsequent Regions Deleting a Region Create a Secondary Storage Mount Point for the New Zone Adding a ZonePrepare the System VM Template Steps to Add a New Zone Basic Zone Configuration Network Offering DescriptionSteps to Provisioning Your Cloud Infrastructure Page Advanced Zone Configuration Page Steps to Provisioning Your Cloud Infrastructure Page NFS Adding a Pod VmfsAdd Cluster KVM or XenServer Adding a ClusterAdd Cluster OVM VMware Cluster Size Limit Add Cluster vSphereAdding a vSphere Cluster Steps to Provisioning Your Cloud Infrastructure Page Adding a Host XenServer, KVM, or OVM Adding a HostRequirements for XenServer, KVM, and OVM Hosts Warning Adding a XenServer, KVM, or OVM Host KVM Host Additional RequirementsAdding Primary Storage Adding a Host vSphereAdding Secondary Storage Adding an NFS Secondary Staging Store for Each Zone Initialize and Test Steps to Provisioning Your Cloud Infrastructure Compute and Disk Service Offerings Service OfferingsCreating a New Compute Offering Creating a New Disk Offering Modifying or Deleting a Service Offering System Service OfferingsCreating a New System Service Offering For more information, see .7, Stopping and Starting VMs Page Page Setting Up Networking for Users Overview of Setting Up Networking for UsersAbout Virtual Networks Isolated NetworksNetwork Service Providers Network Service Providers Support MatrixRuntime Allocation of Virtual Network Resources IndividualSupport Matrix for an Isolated Network Combination ACLSupport Matrix for Shared Network Combination Network Offerings Support Matrix for Basic ZoneCreating a New Network Offering Supported Services Description Isolated Shared See Section Remote Access VPN Changing the Network Offering on a Guest Network Creating and Changing a Virtual Router Network Offering Page Page About Working with Virtual Machines Working With Virtual MachinesBest Practices for Virtual Machines VM Lifecycle Install Required Tools and DriversMonitor VMs for Max Capacity Creating VMs Creating a VM from a templateConfiguring Usage of Linked Clones on VMware Creating a VM from an ISOAccessing VMs Appending a Display Name to the Guest VM’s Internal NameStopping and Starting VMs Assigning VMs to HostsAffinity Groups Creating a New Affinity GroupAssign a New VM to an Affinity Group Change Affinity Group for an Existing VMView Members of an Affinity Group Virtual Machine Snapshots for VMwareDelete an Affinity Group Using VM Snapshots Configuring VM SnapshotsLimitations on VM Snapshots Changing the VM Name, OS, or Group Changing the Service Offering for a VM CPU and Memory Scaling for Running VMsConfiguring Dynamic CPU and RAM Scaling How to Dynamically Scale CPU and RAMUpdating Existing VMs LimitationsResetting the Virtual Machine Root Volume on Reboot Moving VMs Between Hosts Manual Live MigrationDeleting VMs Recovering a Destroyed VMWorking with ISOs Adding an ISO Attaching an ISO to a VM Changing a VMs Base ImagePage 102 Scheduled Maintenance and Maintenance Mode for Hosts VCenter and Maintenance ModeXenServer and Maintenance Mode Working With HostsTo take a server out of Maintenance Mode Disabling and Enabling Zones, Pods, and ClustersRemoving Hosts Working With HostsRe-Installing Hosts Using Cisco UCS as Bare Metal Host CloudPlatformMaintaining Hypervisors on Hosts Removing XenServer and KVM HostsRegistering a UCS Manager Associating a Profile with a UCS BladeChanging Host Password Disassociating a Profile from a UCS BladeOver-Provisioning and Service Offering Limits Setting Over-Provisioning Ratios Limitations on Over-Provisioning in XenServer and KVMRequirements for Over-Provisioning Balloon DriverService Offering Limits and Over-Provisioning Vlan ProvisioningVlan Allocation Example Adding Non Contiguous Vlan RangesAssigning VLANs to Isolated Networks Default Template Working with TemplatesCreating Templates Overview Requirements for TemplatesCreating a Template from an Existing Virtual Machine Private and Public TemplatesWorking with Templates Creating a Template from a Snapshot Uploading TemplatesWorking with Templates Creating a Windows Template Exporting TemplatesSystem Preparation for Windows Server 2008 R2 Working with Templates Page Working with Templates System Preparation for Windows Server 2003 R2 Importing Amazon Machine Images Create a grub entry in /boot/grub/grub.conf Exit out of chroot Converting a Hyper-V VM to a Template Adding Password Management to Your Templates Windows OS Installation Linux OS InstallationDeleting Templates 128 Storage Overview Working With StoragePrimary Storage Storage Tags Working With StorageFiber Channel support NFS support Local storage support Storage over-provisioningMaintenance Mode for Primary Storage Secondary StorageBest Practices for Secondary Storage Changing the Secondary Storage IP AddressWorking With Volumes Creating a New VolumeUsing Local Storage for Data Volumes Changing Secondary Storage ServersUploading an Existing Volume to a Virtual Machine To Create a New VolumeAttaching a Volume Hypervisor Disk Image FormatDetaching and Moving Volumes VM Storage MigrationMigrating a Data Volume to a New Storage Pool Migrating a VM Root Volume to a New Storage PoolResizing Volumes Reset VM to New Root Disk on Reboot Volume Deletion and Garbage CollectionTo enable root disk reset on VM reboot Working with SnapshotsVolume Status Incremental Snapshots and BackupAutomatic Snapshot Creation and Retention VMware Volume Snapshot Performance Snapshot RestoreSnapshot Job Throttling Configuring the Usage Server Working with UsageWorking with Usage Alerttypeusagesanityresult =Setting Usage Limits Globally Configured Limits Parameter Name DefinitionDefault Account Resource Limits Per-Domain Limits Guest Traffic Managing Networks and TrafficNetworking in a Pod Networking in a Zone Managing Networks and TrafficAdvanced Zone Physical Network Configuration Basic Zone Physical Network ConfigurationConfiguring Isolated Guest Network Configure Public Traffic in an Advanced Zone Configuring a Shared Guest Network Using Security Groups to Control Traffic to VMs About Security GroupsSecurity Groups in Advanced Zones KVM Only LimitationAdding a Security Group Enabling Security GroupsAdding Ingress and Egress Rules to a Security Group External Firewalls and Load Balancers About Using a NetScaler Load Balancer MPXConfiguring SNMPCommunity String on a Rhel Server VPXInitial Setup of External Firewalls and Load Balancers Load Balancer Rules Adding a Load Balancer RuleConfiguring AutoScale Prerequisites Configuration Managing Networks and Traffic Disabling and Enabling an AutoScale Configuration Updating an AutoScale ConfigurationHealth Checks for Load Balancer Rules Sticky Session Policies for Load Balancer RulesRuntime Considerations About Global Server Load Balancing Global Server Load BalancingComponents of Gslb How Gslb Works in CloudPlatform Configuring Gslb For more information, see Configuring a Gslb Virtual Server4 Prerequisites and Guidelines Enabling Gslb in NetScalerAdding a Gslb Rule Assigning Load Balancing Rules to Gslb Reconfiguring Networks in VMs Using Multiple Guest NetworksAdding an Additional Guest Network Selecting the Default Network PrerequisitesAdding a Network Removing a NetworkAcquiring a New IP Address Guest IP RangesReleasing an IP Address Reserving Public IP Addresses and VLANs for Accounts Dedicating IP Address Ranges to an AccountGateway Netmask Dedicating Vlan Ranges to an AccountStart IP End IP IP Reservation in Isolated Guest Networks IP Reservation ConsiderationsBest Practices Configuring Multiple IP Addresses on a Single NICReserving an IP Range Port Forwarding and StaticNAT Services Changes Use CasesGuidelines Assigning Additional IPs to a VMPrerequisites and Guidelines Multiple Subnets in Shared NetworkAdding Multiple Subnets to a Shared Network About Elastic IP Managing Networks and Traffic Portable IPs About Portable IPAcquiring a Portable IP Configuring Portable IPsGuidelines Transferring Portable IP Static NATEnabling or Disabling Static NAT IP Forwarding and Firewalling Configuring an Egress Firewall RuleEgress Firewall Rules in an Advanced Zone Allow Configuring the Default Egress PolicyDeny Firewall Rules IP Load Balancing Port ForwardingConfiguring Remote Access VPN Remote Access VPNDNS and Dhcp Using Remote Access VPN with Windows Using Remote Access VPN with Mac OS Setting Up a Site-to-Site VPN ConnectionSee .27, Configuring a Virtual Private Cloud Creating and Updating a VPN Customer Gateway NoteManaging Networks and Traffic Page Creating a VPN gateway for the VPC Updating and Removing a VPN Customer GatewayCreating a VPN Connection Note CidrManaging Networks and Traffic Restarting and Removing a VPN Connection Isolation in Advanced Zone Using Private Vlan About Private VlanCreating a PVLAN-Enabled Guest Network PrerequisitesAbout Inter-VLAN Routing Page About Virtual Private Clouds Configuring a Virtual Private CloudMajor Components of a VPC Connectivity Options for a VPC Network Architecture in a VPCVPC Network Considerations Adding a Virtual Private Cloud Adding Tiers Managing Networks and Traffic About Network ACL Lists Configuring Network Access Control ListCreating ACL Lists Creating an ACL Rule Creating a Tier with Custom ACL List Assigning a Custom ACL List to a TierAdding a Private Gateway to a VPC Source NAT on Private Gateway See .27.5.2, ACL on Private GatewayACL on Private Gateway Creating a Static RouteDeploying VMs to VPC Tier and Shared Networks Deploying VMs to the TierBlacklisting Routes Acquiring a New IP Address for a VPC Releasing an IP Address Alloted to a VPC Enabling or Disabling Static NAT on a VPC Adding Load Balancing Rules on a VPC Load Balancing Public Traffic Public LBCreating a Network Offering for Public LB Creating a Public LB Rule Load Balancing Tier-to-Tier traffic Internal LB How Does Internal LB Work in VPC?Enabling Internal LB on a VPC Tier Creating an Internal LB Rule Adding a Port Forwarding Rule on a VPC Removing Tiers TCP UDPEditing, Restarting, and Removing a Virtual Private Cloud Persistent NetworksPersistent Network Considerations Creating a Persistent Guest Network Working with System Virtual Machines System VM TemplateMultiple System VM Support for VMware Console ProxyChanging the Console Proxy SSL Certificate and Domain Working with System Virtual MachinesConfiguring the Virtual Router Virtual RouterSecondary Storage VM Upgrading a Virtual Router with System Service OfferingsBest Practices for Virtual Routers HA-Enabled Virtual Machines System Reliability and High AvailabilityHA for Management Server Dedicated HA HostsConfiguring the API Request Rate Primary Storage Outage and Data LossSecondary Storage Outage and Data Loss Limiting the Rate of API RequestsLimitations on API Throttling 236 Using Tags to Organize Resources in the Cloud Managing the CloudAbout Configuration Parameters Setting Configuration ParametersManaging the Cloud Setting Global Configuration Parameters Setting Local Configuration ParametersGranular Global Configuration Parameters Cluster.cpu.allocated.capacity.disablThethr Changing the Database Configuration Administrator AlertsSending Alerts to External Snmp and Syslog Managers Customizing Alerts with Global Configuration SettingsSnmp Alert Details Configuring Snmp and Syslog Managers Syslog Alert DetailsCustomizing the Network Domain Name Deleting an Snmp or Syslog ManagerStopping and Restarting the Management Server Provisioning and Authentication API CloudPlatform APIAllocators User Data and Meta DataCloudPlatform API Tuning Performance MonitoringIncrease Management Server Maximum Memory Set Database Buffer Pool SizeTuning Configure XenServer dom0 MemorySet and Monitor Total VM Limits per Host Troubleshooting EventsEvent Logs Event NotificationStandard Events TroubleshootingLong Running Job Events Event Log Queries Deleting and Archiving Events and AlertsWorking with Server Logs ProcedurePermissions Using cloud-bugtool SymptomLog Collection Utility cloud-bugtool Data Loss on Exported Primary StorageRecovering a Lost Virtual Router Maintenance mode not working on vCenterSolution CauseUnable to power on virtual machine on VMware Unable to deploy VMs from uploaded vSphere templateLoad balancer rules fail after changing network offering Appendix A. Event Types 260 Appendix B. Alerts Appendix B. Alerts
Related manuals
Manual 6 pages 23.94 Kb Manual 194 pages 3.03 Kb

4.2 specifications

Citrix Systems, a leading provider of virtualization solutions and cloud computing technologies, released version 4.2 of its popular software, Citrix XenApp, which was previously known as Presentation Server. This version marked a significant evolution in providing users with remote access to applications and desktops, emphasizing simplicity, performance, and security.

One of the standout features of Citrix XenApp 4.2 is its improved application streaming capabilities. This technology allows applications to be delivered to users in real-time, reducing the need for extensive local installations and enhancing the user experience. With application streaming, administrators can efficiently manage applications on a central server while ensuring that users have immediate access to the necessary tools.

Another highlight of this version is the enhanced security measures put in place to protect sensitive data. Citrix XenApp 4.2 includes support for SSL encryption, providing a secure communication channel for data transmitted between the server and clients. This is particularly crucial for businesses that need to comply with strict data protection regulations. Additionally, the integration of endpoint security features ensures that unauthorized access to applications is minimized.

Performance enhancements are also a critical focus in this release. Citrix optimized the delivery of applications over various network conditions, ensuring that users experience minimal latency regardless of their location. This was achieved through the incorporation of SmartAccess and SmartControl technologies, which allow administrators to set policies based on user roles, device types, and network conditions. This level of granularity enables organization-wide security without compromising on usability.

The user experience was further improved with a revamped interface, making it easier for end-users to access their applications and data. Simplified menus, clear navigation paths, and the ability to customize user settings contributed to a more efficient workflow, allowing users to focus on their tasks rather than struggling with the software.

Finally, Citrix XenApp 4.2 was designed to be highly scalable. Organizations of all sizes could deploy this solution to deliver applications efficiently, adapting to their specific needs as their user base grows or changes. This flexibility is crucial for businesses looking to future-proof their IT investments while maintaining optimal performance.

In summary, Citrix XenApp 4.2 stands out with its enhanced application streaming, robust security features, improved performance under varying conditions, user-friendly interface, and scalability, making it an ideal choice for organizations seeking to leverage virtualization for remote access to applications and desktops.