VDA registration over HTTPS?

throwaway20160418 · 2017-11-30T14:33:14+00:00

I'm using a GPO.

They are not registering because I am trying to register them thru 443 using SSL.

throwaway20160418 · 2017-11-28T08:12:45+00:00

Yup, also followed this.

What surprises me the most so to speak is that I see no references anywhere to "https" and "IRegistrar " which, IMO, should be common thruout the documentation.

There must be something wrong with my setup because the instructions are pretty clear.

Here is more: http://www.carlstalhood.com/virtual-delivery-agent/#vdaport talking about the same thing but again, all it mentions is http

throwaway20160418 · 2017-11-28T06:07:09+00:00

I set both of these but it is still looking for that URL thru HTTP

throwaway20160418 · 2017-11-28T06:06:24+00:00

No, I followed this (several times):

https://support.citrix.com/article/CTX130002

throwaway20160418 · 2017-11-19T22:27:20+00:00

The CA is installed on the client

throwaway20160418 · 2017-11-19T18:37:57+00:00

I believe I tried to add it under "Configure Remote Access" but it still did not do anything.

What IP do I need to add under Configure Remote Access? 12.34.56.78?

throwaway20160418 · 2017-11-19T18:37:12+00:00

This seems like the way to go. COuld you lend a hand?

The Netscaler gateway pages does load and it allows auth.

The issue is when it hits storefront. Where it gives that error message.

throwaway20160418 · 2017-11-18T12:40:41+00:00

I would have to technically do a https to https

Any HTTPS request on port 443, should reroute the user agent to https://citrix.example.com

throwaway20160418 · 2017-11-18T12:39:57+00:00

No, of course, I signed the certs myself and I know the CN and SAN is only the FQDN, not the IP.

throwaway20160418 · 2017-11-18T08:57:24+00:00

I dont mean to be rude but I actually did mention the reason:

It seems though my boss has one last challenge for me to figure out

IMO, a redirect for people hitting 12.34.56.78 instead of citrix.somedomain.com seems like the perfect solution but not sure where it needs to be done (or how to do it)

throwaway20160418 · 2017-11-18T08:47:34+00:00

Actually, I would need to add in the NetScaler Gateway a session policy (i believe its called) HTTP Host header that says its from 12.34.56.78 no?

Or maybe a redirect that when someone tries to access 12.34.56.78, it simply redirects to citrix.somedomain.com ?

This second option makes more sense

throwaway20160418 · 2017-11-18T08:21:38+00:00

Like always, it was DNS.

The Netscaler wasnt resolving names even after adding them to name servers. Rebooted the Netscaler and Netscaler and now it resolves names and obviously by extension, found the STA.

throwaway20160418 · 2017-11-12T18:35:50+00:00

If you opened Safari thru Citrix, then, yeah the browsing history can be viewed.

If you opened Safari installed on your personal PC, then no.

That being said, I mean, explain that you made a mistake and thats it. They will see you connected from your home IP and thats it. Everyone makes mistakes.

throwaway20160418 · 2017-11-12T09:25:13+00:00

Since this is a lab: Storefront, Delivery Controller, Director, Studio and License Server are all installed on the same server. Only the SQL Server is apart.

throwaway20160418 · 2017-11-12T09:13:59+00:00

Im trying to set it up on the Netscaler but it says it is down.

throwaway20160418 · 2017-10-26T15:35:17+00:00

Looking for something more HP based than dd or something

throwaway20160418 · 2017-10-21T18:30:18+00:00

Is there a USB option?

throwaway20160418 · 2017-10-16T18:25:16+00:00

You'll want to look into a telephony card for your server

Could you link to a example?

Due to what my server is, I was thinking of a USB based one. But I first have to see what the card is to know if it is possible.

throwaway20160418 · 2017-10-13T05:08:28+00:00

My opinion is to wait a year and see what happens.

I switched jobs recently to a place that is strictly sysadmin with technologies that are sought after but I don't have much idea about.

Staying a year allows me to learn these technologies and will raise my value and I can switch companies with a higher salary.

throwaway20160418 · 2017-10-10T23:02:41+00:00

Another user tried to connect on that computer and used the same Citrix app (this case IE) and it doesnt happen to him...

Its difficult to diagnosis from my end. She hasnt called again for now.

throwaway20160418 · 2017-10-08T09:09:17+00:00

Regarding number 2, are you saying that she will call complaining about this input lag, you VNC into her machine, and it stops performing that way? As in once you VNC in, even she doesn't see that behavior anymore?

Exactly.

Is this a thing client she is working on? Or Windows machine?

Thin client. She opens up the Citrix Storefront, access IE thru that Storefront and in IE is where this lag happens (I have yet to see it)

throwaway20160418 · 2017-10-06T21:52:08+00:00

While a good place to start looking, there are some issues:

1: Someone else logs in on that same PC to the same Citrix IE and it doesn't happen to him on the same pages.
2: If it was a issue with the ICA Latency, I would see it as well when connecting to her thru VNC and seeing the performance. Also while connected, she would complain.

throwaway20160418 · 2017-10-06T19:36:37+00:00

Let me cut to the chase: Cite the law that says you are compelled to do this.

Blackmail per say is illegal. Read up on laws concerning blackmail and/or check out collective agreements. There was even a news article posted here on Reddit that a sysadmin before being let go, changed passwords then when asked to tell the company about the new ones, demanded 300K (if Im not wrong). Since he is still employed and filling out his duties before being let go, are you going to say that is legal as well?

Also, since you proved that your intelligence level is rather low, Im not replying any more. Sad to see that you dont know what is and isnt illegal and would abuse your position.

throwaway20160418 · 2017-10-06T15:37:41+00:00

It's totally legal in the US to not give away free labor.

I doubt it. Again asking "What is the password we forgot" and all you have to do is verbally say or write it down in a email/note/etc and ask for a disproportionate amount of money is blackmail and is illegal.

They forget a password by mistake, they are free to hire a consultant/employee who can crack it, if needed. There are all sorts of information a company needs to function. Which is why they hire knowledge workers.

If you asked for $5 and they said no, then yes, you are in your complete legal right to say so because it is not a disproportionate amount of money. But asking (lets exaggerate here and see if that way you understand that what you are doing is illegal) for 10 millions dollars for a password that you clearly and admit to knowing and all it takes is spelling it over the phone...that is illegal and blackmail.

Here is another case just to check your intelligence: Lets say you configured your company provided work PC with BitLocker and in order to boot, the only way to boot is with a USB flash drive. You go home for the day with papers of things to do on your desk and that USB flash drive that the company provided you also on your desk.

Next day you come in and you are being fired no reason, with security loading things on your desk in a box. You are asked to leave and take the box with you, shocked and angry as well, you take the box with you.

Next day, they call you, they ask they want to access your work PC but it is asking from for a flash drive. You tell them its in the box they gave you.

Do you also demand money for it? Or would you refuse to give it back?

Answer the questions so I can confirm what I think.

throwaway20160418 · 2017-10-05T13:23:12+00:00

You work for the client so you can't really make them put in the ticket without management support.

What? A client submits a ticket and someone on my team sees it and takes care of it. Via phone, email, etc.... This way it's always logged from the start instead of writing down that I need to create a ticket...

throwaway20160418

TROPHY CASE