Download citrix metaframe secure access manager-deployment

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
Document related concepts

URL redirection wikipedia , lookup

Transcript 
Citrix Confidential
MetaFrame Secure Access Manager
Deployment/Integration Tips and Tricks
Trey Baumgardner
System Engineer – Dallas Texas
Citrix Systems
Disclaimer
• Some customizations, tips, tricks and info
supplied on this power point may not be fully
supported by Citrix.
• Please use the information supplied in this
power point at your own risk.
• Download these slides - detailed notes with Reg
tweaks etc.
• I say ya’ll and fixin to often
Citrix Confidential
Agenda
•
•
•
•
Deployment
Integration
Performance
Configuration and
Management
Citrix Confidential
Deployment
Deployment Basics
•
•
•
•
•
Uninstall Tech Preview
Update Service Packs and OS Hotfixes
Disable unused Services (windows media, ftp etc)
Single Server Setup (Workgroup or Domain)
Distributed Server Setup (Domain)
– Multi-server installation
• Web, Agent and State Server
– SQL or MSDE Database
Citrix Confidential
Architect Your Users/Roles
• Avoiding Login Delays
–
–
–
–
Create a local group
Install a DC for the remote domain
Active directory Universal groups
Put non-dynamic CDA’s on Home Pages
Citrix Confidential
State Server Cache
• The template file is located in:
– c:\Program Files\Citrix\Secure Access
Manager\Config\State Server
• Cache types
–
–
–
–
–
Session
User
Role
Configstore
Group
• Cache Types:
– Cache Size
– Persists Type
Citrix Confidential
Access for Unique Users
• What about dial-up and wireless users?
–
–
–
–
–
–
Limit the amount of data on the pages
Limit the size of header graphics
Use fewer CDAs on each page
Publish Access Center on a MetaFrame server
Enhance client side performance
Access for non IE users
Citrix Confidential
Time keeps on slipping…..
• ICA sessions action counted as idle time
– Adjust ICO time
• Working in Website Viewer or Embedded
applications can count as idle time
– Increase session timeout
• Synchronize Agent servers time
– Bios and OS clocks
• Unsynchronized Agent servers can…
– User session time-outs counted inaccurately
– CDA caching based on time
Citrix Confidential
Integration
Integrating new ideas….
Give your CDA’s Namespaces!!!
• Shared action:
<a name="<%=application("cdainstanceid")%>">
• At the end of any links to this CDA, or form
actions posting to this CDA append
#<%=application("cdainstanceid")%>
Citrix Confidential
Web Favorites CDA
• Use Web Favorites w/command line
parameter to perform a specific tasks
Citrix Confidential
Shared Documents CDA
• Use ICA files in Shared Documents CDA to
gain access to published apps or apps in a
different farm
Citrix Confidential
Visit the Technology Lab, just past the
Exhibit Hall
Citrix Confidential
ICA in Header and Footer
Citrix Confidential
Program Neighborhood CDA
• Do not place too many apps in Add menu
– Application sets appear in menu of every page
• Use PN CDA to increase performance
Citrix Confidential
Real Time Collaboration – Project Pearl
Citrix Confidential
Performance
Improving the User
Experience
Server Profiles
• Agent servers are CPU intensive
• Performance may be improved with…
–
–
–
–
Additional processors up to 71% faster!!!
Faster processors
Add additional Agent Servers up to 77% faster!!!
256MB is sufficient
• Disk caching vital in State server performance
–
–
–
–
–
Lots of MEMORY
Not CPU intensive
Use 15,000 rpm, SCSI-3 disk drive for best performance
Accessing data from memory up to 150% faster
Reg tweak IOPageLockLimit reg key to 4 - 8 MB. The
default is 0.5 MB or 512 KB
• Web server are CPU intensive
– Web servers can communicate to any Agent Server
Citrix Confidential
Further improving Server Performance
• Menu configuration affect Agent server performance
– Menus appear on every page
• Reduce number of pages and folders
– Less than 10 Folders
• Reduce pages associated with roles
• Limit number CDAs per page
Citrix Confidential
Also consider Client Side Performance
• Client CPU affects page display
• Web Browser processes HTML and
JavaScript
• Menu processed by JavaScript
– Reduce Pages and Folders
– Limit number of published applications
• CDA performance
Citrix Confidential
Adjust IIS Bandwidth
• Tune/enable Bandwidth Throttling for the
Default Web Site
How?
• To throttle the bandwidth for the Default
Site, right-click on its icon in the IIS
console, select Properties, choose the
Performance tab, select "Enable
Bandwidth Throttling," and type in the
maximum number of kilobytes per second
(KBps) you want to allow.
Why?
• By default only for WWW services…
Citrix Confidential
Tuning the IIS
• Accurately set Performance Tuning
settings based on hits per day
How
• To set the Hit Rate Performance Tuning
setting, right click on its icon in the IIS
console, select Properties, choose the
Performance tab and move the slider to the
range that most accurately described your
monitored usage. If this is a new
environment, start with the “Fewer than
10,000” setting.
Citrix Confidential
Adjust IIS Cache
• Tune the size of the IIS5 data cache
How?
• HKEY_LOCAL_MACHINE \SYSTEM
\CurrentControlSet \Services \Inetinfo
\Parameters\ MemCacheSize
(REG_DWORD)(size set in megabytes)
Why?
• Accessing Memory is faster than disk
Citrix Confidential
Avoid potential Bottlenecks
• Recommended 5:1 Agent server to Web
server ratio with SP1
• Monitor MetaFrame servers for excessive
CPU utilization
– IMAService specifically
• Load balance MetaFrame servers
– Inadequate MetaFrame Servers can cause delays
in Secure Access Manager environment
– Never list the data collector or Master ICA Browser
as the first server in priority list
• Use NIC aggregation technologies or upgrade
the network to gigabit technology
• Disk I/O monitored on State Server
Citrix Confidential
CDA Profiling
• The CDA title bar displays execution time
in milliseconds and output in bytes
• 1. Stop the Citrix Secure Access Manager
State Server service
• 2. Edit the following file:
– install_ directory\Config\State Server\Access
CenterName\ConfigStore\{\2\{235F25C0-F04D11D3-8113-00C04F607D9F}&#124;cdsconfig.txt
• 3. Change the following line:
– <profile>false</profile>
– To:
– <profile>true</profile>
Citrix Confidential
Configuration and
Management
Citrix Service Utility
• Use Citrix Service Utility to
change the accounts used for
Secure Access Manager services
Citrix Confidential
NFuse.conf File
• Configurations outside the AMC
–
–
–
–
–
–
–
–
Timeout
AlternateAddress
EnableServerLoadBalancing
CacheExpireTime
BypassFailedServerDuration
ClientAddressMap
ServerAddressMap
Etc…
• Restart the Agent Server service on all
servers in the server farm to implement
changes
Citrix Confidential
CDA Management
• Limit the number of CDAs on a page
• Lock down CDAs
• “Silo” resource-intensive CDAs on
separate pages
• Include small number of low-impact CDAs
on Home page
• Non dynamic data on Home page
• Eliminate MyPage
Citrix Confidential
Recovering Data
• To recover the server farm configuration data, copy
the Config folder from the most recent backup
• Use SQL Enterprise Services to Restore backed up
databases
• Time sensitive Back both these up at the same time!
Citrix Confidential
Recovering Virtual Directory
• You can regenerate Virtual Directory on Secure
Access Manager Webserver
– 1. In the AMC, right-click the server farm and choose
Properties.
– 2. On the Web Servers tab, clear the check box of the
Web server with the problem virtual directory.
– 3. Click OK.
– 4. Verify that the virtual directory has been deleted from
the Web server. If the directory still exists, delete the
directory manually.
– 5. Right-click the server farm and choose Properties,
select the Web server on the Web Servers tab, and then
click OK. Secure Access Manager creates a new virtual
directory on the Web server and copies the required
files into the directory.
Citrix Confidential
Import/Export
• Moving from a development to production
a production environment
• Duplicate configurations by exporting and
importing with a different name
– Portal cannot be overwritten by an imported
portal
• Users added to the environment
individually are exported
• Importing portals is resource intensive
• Do not use for backup purposes
Citrix Confidential
How do you get there?
•
•
•
•
•
•
Focus on end user experience
Shouldn’t be a liability
Successful deployment draws users
Scale as necessary
Read between the lines
TEST, TEST, TEST!!!
Special thanks to Jason Maynard, Chong Yi, Kevin Castleman, Chirag Patel
and Adam Marano
Citrix Confidential
Creating Citrix Value-Added Solutions
•
Get Educated on Citrix Products
–
–
•
Understand full product suite: http://www.citrix.com/products/
Download SDKs and relevant whitepapers from the Citrix
Developer Network: http://apps.citrix.com/CDN
Build Value Add Solutions
–
–
•
Leverage industry standards and tools such as Visual Studio.NET
and Web Forms
Leverage SDKs to guide development and test efforts
Post Solution
-
Fill out form, and post screen shot, link and/or solution to
http://apps.citrix.com/CDN and www.mycitrix.com
•
Other useful sites
-
www.dabcc.com
www.tweakcitrix.com
www.citrix.com/support -follow self support links and find the
users forums.
Citrix Confidential
Questions and Answers
Citrix Confidential
Related documents
WebInterface
WebInterface
Access to Citrix for PC (see page 2 for Mac)
Access to Citrix for PC (see page 2 for Mac)
Competitive Analysis - Green Technology Asia Pte Ltd
Competitive Analysis - Green Technology Asia Pte Ltd
Protocols which provide Remote Desktop
Protocols which provide Remote Desktop
Connecting to nasoutions
Connecting to nasoutions
Kuldeep Pathak Wintel Server Engineer Mob: 962-044-0010
Kuldeep Pathak Wintel Server Engineer Mob: 962-044-0010
janisar-IT-Administrator
janisar-IT-Administrator
Sales and Marketing Executive Why you`ll be so
Sales and Marketing Executive Why you`ll be so
This is a printed page that we have put on our
This is a printed page that we have put on our
Humana Medical Risk Adjustment Presentation
Humana Medical Risk Adjustment Presentation
Corporate Marketing Plan Template
Corporate Marketing Plan Template
BEYOND THE BLOOD BRAIN BARRIER
BEYOND THE BLOOD BRAIN BARRIER