Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Citrix EdgeSight for NetScaler Installation Guide . Citrix® EdgeSight® for NetScaler® 2.0 Copyright and Trademark Notice Use of the product documented in this guide is subject to your prior acceptance of the End User License Agreement. A printable copy of the End User License Agreement is included on your product installation media. Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Citrix Systems, Inc. © 2010 Citrix Systems, Inc. All rights reserved. Citrix is a registered trademark, and Citrix Presentation Server, Citrix XenApp, Citrix XenDesktop, and EdgeSight are trademarks of Citrix Systems, Inc. in the United States and other countries. Trademark Acknowledgements Adobe, Acrobat, and Flash are trademarks or registered trademarks of Adobe Systems Incorporated in the U.S. and/or other countries. Microsoft, System Center, Windows, Windows Server, and Internet Explorer are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks and registered trademarks are the property of their respective owners. Document Code: August 13, 2010 (MS) C ONTENTS Contents About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Related Documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Getting Service and Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Knowledge Center. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Education and Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Chapter 1 Installation Overview Server Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Pre-Installation Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Server Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 Browser Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Operating System Language Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 Software Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 Configuring Antivirus Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 Security Considerations for an EdgeSight for NetScaler Deployment . . . . . . . . . .14 SQL Server Data Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14 Web Server Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 Chapter 2 Installing Citrix EdgeSight for NetScaler Server Obtaining the Server MSI File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 Installing the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 Prerequisite Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 Setting Server Installation Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 Installing a Server Using the User Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 Running the Post Installation Setup Wizard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 2 Citrix EdgeSight for NetScaler Installation Guide Enabling EdgeSight for NetScaler Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 Enabling the NetScaler HTML Injection Feature. . . . . . . . . . . . . . . . . . . . . . . .25 Specifying the EdgeSight for NetScaler Server in the Injection Script . . . . . . .25 Configuring HTML Injection for Your Site . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 Verifying the HTML Injection Configuration . . . . . . . . . . . . . . . . . . . . . . . . . .27 Registering the NetScaler Appliance with the EdgeSight for NetScaler Server27 Upgrading Citrix EdgeSight Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 Uninstalling EdgeSight for NetScaler Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 P REFACE Preface Before you begin to configure EdgeSight for NetScaler, take a few minutes to review this chapter and learn about related documentation, other support options, and ways to send us feedback. In This Preface About This Guide Audience Related Documentation Getting Service and Support Documentation Feedback About This Guide The Citrix EdgeSight for NetScaler Installation Guide provides instructions to install the EdgeSight for NetScaler server. This guide provides the following information: • Chapter 1, “Installation Overview.” Learn about the prerequisites to installing and configuring the EdgeSight for NetScaler Server. • Chapter 2, “Installing Citrix EdgeSight for NetScaler Server.” Install and configure the EdgeSight for NetScaler server. Audience This guide is intended for the following audience: • System administrators of the NetScaler appliances • Network managers • Network and system analysts 4 Citrix EdgeSight for NetScaler Installation Guide The concepts and tasks described in this guide require you to have a basic understanding of network design, operation, and terminology. Related Documentation In addition to the guide you are currently reading, Citrix EdgeSight for NetScaler Installation Guide, the following guides may contain information that is relevant and useful for your system environment. Citrix documentation is available at http://support.citrix.com/. For information about Citrix EdgeSight for NetScaler, the following guides are available: • Citrix EdgeSight for NetScaler Administrator’s Guide. Conceptual reference and instructions for administering and configuring the EdgeSight for NetScaler Web Client. • Citrix EdgeSight for NetScaler Release Notes. Up-to-date information about new features and known issues. Getting Service and Support Citrix offers the following support options for EdgeSight for NetScaler. Knowledge Center The Knowledge Center offers a variety of self-service, Web-based technical support tools at http://support.citrix.com/. Knowledge Center features include: • A knowledge base containing thousands of technical solutions to support your Citrix environment • An online product documentation library • Interactive support forums for every Citrix product • Access to the latest hotfixes and service packs • Knowledge Center Alerts that notify you when a topic is updated Preface 5 Note: To set up an alert, sign in at http://support.citrix.com/ and, under Products, select a specific product. In the upper-right section of the screen, under Tools, click Add to your Hotfix Alerts. To remove an alert, go to the Knowledge Center product and, under Tools, click Remove from your Hotfix Alerts. • Security bulletins • Online problem reporting and tracking (for organizations with valid support contracts) Education and Training Citrix offers a variety of instructor-led and Web-based training solutions. Instructor-led courses are offered through Citrix Authorized Learning Centers (CALCs). CALCs provide high-quality classroom learning using professional courseware developed by Citrix. Many of these courses lead to certification. Web-based training courses are available through CALCs, resellers, and from the Citrix Web site. Information about programs and courseware for Citrix training and certification is available at http://www.citrixtraining.com. Documentation Feedback You are encouraged to provide feedback and suggestions so that we can enhance the documentation. You can provide feedback by sending email to [email protected] with the subject line “ES4NS Install Guide Feedback”. Be sure to include the following information in your email: document name, page number, and EdgeSight for NetScaler release version. 6 Citrix EdgeSight for NetScaler Installation Guide C HAPTER 1 Installation Overview This chapter provides requirements and procedures for installing and performing initial configuration of the EdgeSight for NetScaler Server, which displays performance data for monitored NetScaler devices. Citrix EdgeSight for NetScaler is installed using Windows Installer files. The EdgeSight for NetScaler Server setup files are invoked using a bootstrapper program (setup.exe). Server Installation Overview Use setup.exe to install the EdgeSight for NetScaler Web site components: database, report server, and data collector. All components can be installed on the same system as the database server, but the system should have dual core. It is highly recommended that you install Microsoft SQL Server Reporting Services before installing EdgeSight for NetScaler software. Reporting Services is used for the generation of historical reports. Reporting Services must be in place before historical reports can be displayed. For information on configuring Reporting Services for use with EdgeSight for NetScaler software, see Configuring Reporting Services for Citrix EdgeSight for NetScaler (http:// support.citrix.com/article/CTX114167). Note EdgeSight for NetScaler and other EdgeSight products can share a Reporting Services installation. Note The Reporting Services component should be of SQL Server 2005 or SQL Server 2008. Take this into account when planning your installation. When planning your installation, the required server components can be installed on the same or on separate systems. In all cases, ensure that the systems have sufficient memory and processor capabilities and that the systems are in the same domain. 8 Citrix EdgeSight for NetScaler Installation Guide Pre-Installation Considerations You need to review the following pre-installation considerations. • Virus scanning software—If your environment uses virus scanning software, script blocking features must be disabled to allow EdgeSight Server to run scripts. Also, exclude the server database from being scanned. See “Configuring Antivirus Software” on page 13 for detailed information on which files should be excluded from scans. • IIS Security Lockdown template—Any IIS Security Lockdown templates must allow the IIS components listed in “Server Requirements” on page 9 to run. Adjust the template as required. • Group Policy—Ensure that Group Policies do not prohibit any of the required software components from running on your EdgeSight for NetScaler Server. Also, ensure that policy changes that would prohibit software components from running are not scheduled for deployment after the installation is complete. • SQL Server 2005 Password Policy—SQL Server 2005 includes an option to enforce Windows password policy. This option is enabled by default and will cause an error if the passwords supplied for accounts during installation do not meet the necessary strength requirements. If an error occurs containing the text, “Password validation failed. The password does not meet Windows policy requirements because it is not complex enough,” then double check your password requirements, reattempt installation, and supply appropriately complex passwords. • SSL Certificate—If you choose to enable SSL for use on the Citrix EdgeSight for NetScaler Web server, you must either use an SSL certificate from a recognized certificate authority or a correctly generated and installed certificate from Microsoft Certificate Server to allow proper software operation. SSL certificates which do not meet these criteria do not allow remote pages to be displayed or remote scripts to be run. Attempts to perform these actions without a valid certificate result in an error message. • SMTP Server—During installation, you must specify an SMTP server. It is important that a valid SMTP server name is used. EdgeSight Server uses the SMTP server for many operations, including the distribution of alert notifications, server error conditions, and new user passwords. System Requirements The following section lists the system requirements for Citrix EdgeSight Server. Chapter 1 Installation Overview 9 Server Requirements The system requirements for the Citrix EdgeSight Server are listed in the following table. Report Server OS Windows Server 2008 or Windows Server 2003 SP1 or later. Both 32-bit and 64-bit systems are supported on all platforms. Internet Information Services (IIS) 7.0 for Windows Server 2008. See “IIS 7.0 Components Required on Windows Server 2008 Systems” on page 12 for a list of specific components. Microsoft Message Queuing (MSMQ) Microsoft Distributed Transaction Coordinator (MSDTC) ASP.NET Microsoft XML Parser 3.0 Windows Script 5.6 or higher .NET Framework 2.0 SP1 SQL Client Add-On Tools, including SQL-DMO objects.(if Web server and database server are on different machines) Note the following configuration requirements: Network COM+ access enabled Network DTC access enabled Default Web Site running ASP.NET allowed in IIS IWAM and IUSER users active and enabled IIS_WPG group enabled and ASPNET user enabled CPU 2 gigahertz (GHz) or faster CPU Memory 2GB of RAM recommended. 1 GB of RAM required. Disk Minimum 2 GB free space 10 Citrix EdgeSight for NetScaler Installation Guide Database Server OS Windows Server 2008 or Windows Server 2003 SP1 or later. Both 32-bit and 64-bit systems are supported on all platforms. The server edition must support SQL Server. See SQL Server Books Online for information on system requirements. Database SQL Server 2008 (Standard or better) or SQL Server 2005 SP2 or later (Standard or better). Note that SQL Server 2008 R2 is not supported, Important: Note the following configuration requirements: In SQL Server 2008, the Reporting Services Role called Manage Shared Schedules no longer exists as a stand-alone role; it is now part of the System Administrator Role. For more information, see Configuring Reporting Services for Citrix EdgeSight. SQL Server must be configured for case-insensitive collation. Case-sensitive collation is not currently supported for this release. SQL Server should be configured to use Windows Authentication or MixedMode Authentication. Reporting Services is included with SQL Server 2008 and SQL Server 2005. Reporting Services can be installed on a separate machine from the data source. SQL Agent Service running and set to start automatically (if Reporting Services is installed on the machine) CPU 2 GHz or faster CPU Memory 2GB of RAM recommended. At least 1 GB of RAM required. Disk Minimum 20 GB free space Chapter 1 Installation Overview 11 Data Collector OS Windows Server 2008 or Windows Server 2003 SP1 or later. Both 32-bit and 64-bit systems are supported on all platforms. The server edition must support SQL Server. Internet Information Services (IIS) 7.0 for Windows Server 2008. See “IIS 7.0 Components Required on Windows Server 2008 Systems” on page 12 for a list of specific components. Microsoft Distributed Transaction Coordinator (MSDTC) ASP.NET Microsoft XML Parser 3.0 Windows Script 5.6 or higher .NET Framework 2.1 SP1 SQL Client Add-On Tools, including SQL-DMO objects.(if Web server and database server are on different machines) Note the following configuration requirements: Network COM+ access enabled Network DTC access enabled Default Web Site running ASP.NET allowed in IIS IWAM and IUSER users active and enabled IIS_WPG group enabled and ASPNET user enabled CPU 2 GHz or faster CPU Memory 2GB of RAM recommended. At least 1 GB of RAM required. Disk Minimum 2 GB free space 12 Citrix EdgeSight for NetScaler Installation Guide IIS 7.0 Components Required on Windows Server 2008 Systems Specific IIS 7.0 components are required on a Windows Server 2008 system which will be hosting an EdgeSight for NetScaler Server. These components are checked by the bootstrapper program. When configuring IIS 7.0, ensure that the following role services are selected under the Role Services for the Web Server: • Static Content • Default Document • ASP.NET • ISAPI Extensions • ISAPI Filters • Windows Authentication • Request Filtering Ensure that the following Management Tools are selected under Role Services for the Web Server: • IIS 6 Management Compatibility • IIS 6 Metabase Compatibility • IIS 6 WMI Compatibility • IIS 6 Scripting Tools • IIS 6 Management Console Browser Requirements The following table lists the software components are required on systems from which users access the EdgeSight for NetScaler Web Client. Software Used to... Adobe Flash Player 9 Display Flash-based charts. (Not currently available on 64-bit browsers.) If you do not have Flash Player installed on your system, you will be prompted to download the software. Adobe Acrobat Reader Display reports exported in PDF format. Chapter 1 Installation Overview 13 In addition, JavaScript and cookies must both be enabled. Method.for enabling these capabilities depend on the browser type and version. Refer to your browser documentation for specific instructions on enabling Javascript and cookies. Note The EdgeSight for NetScaler Server Report Console uses popup windows to collect input data, such as report parameters. The popup windows are forced to the foreground to facilitate data entry. You may need to configure your browser to enable popup windows for the EdgeSight for Netscaler Serer Web Console site. Additionally, you may need to configure your browser to permit client scripts to manipulate these windows. Operating System Language Support Operating system languages must match in configurations where the EdgeSight database and Web server are installed on separate machines. Software Configuration Tasks In some cases, you may need to perform software configuration tasks to ensure that EdgeSight works properly in your environment. Review the following guidelines and implement the recommendations as required. In addition, review the applicable release notes for release-specific configuration information. Configuring Antivirus Software You must configure antivirus software running on your EdgeSight Server and all managed devices to exclude specific processes and files. Note The paths and filenames provided are based on default installation values for EdgeSight and other software components. If you have specified non-default paths and filenames, use the values applicable to your installation. You can use the About page on the EdgeSight Web Client to identify installation paths and filenames on the server. To configure antivirus software on your EdgeSight Server: • Ensure that the following files, which are script hosts, are not subject to script blocking: %CommonProgramFiles%\Citrix\System Monitoring\Server\RSSH\ RSshApp.exe 14 Citrix EdgeSight for NetScaler Installation Guide %CommonProgramFiles%\Citrix\System Monitoring\Server\RSSH\ RSshSvc.exe • Exclude the following folder, which contains the Citrix EdgeSight Web server: %ProgramFiles%\Citrix\System Monitoring\Server • Exclude the SQL DB folder %ProgramFiles%\Microsoft SQL Server\MSSQL\Data\ • Exclude the IIS Web Site Log files %SystemRoot%\SYSTEM32\Logfiles Security Considerations for an EdgeSight for NetScaler Deployment EdgeSight for NetScaler is designed to operate in a variety of environments, and properly securing the installation is a recommended task. The precise steps required will vary by installation and local security policies. This section details the available options, and provides recommendations. SQL Server Data Access EdgeSight for NetScaler uses Microsoft SQL Server for its data store, and SQL Server Reporting Services for the generation of historical reports. These products support installation options allowing authentication to be performed either using SQL login accounts or Windows domain accounts. EdgeSight for NetScaler fully supports installation and operation using either authentication model. Note Once a given authentication model is chosen, no facility is provided within the EdgeSight for NetScaler installation package to change authentication models. Should a change in authentication model be desired at some point in the future, it is recommended that you uninstall all components and reinstall the product using the new authentication model. EdgeSight for NetScaler uses SQL Server roles to control access to different segments of the database. Of particular importance is the ztdatacollector SQL role. This SQL role is only used by the Data Collectors. By default, the standard EdgeSight database login is added to this role, and should you wish to isolate the Data Collector’s access to SQL resources, please perform the following steps on each Data Collector: 1. Add the new SQL account to the ztdatacollector role. 2. If the authentication model is SQL-based, edit the EdgeSight for NetScaler.cfg file (located in the EdgeSight for NetScaler installation folder) to specify the user name and password of the new account. Chapter 1 Installation Overview 15 3. If the authentication model is Windows domain-based, ensure that the application identity of the PerfData application pool is set to the Windows domain account used. 4. Reset IIS 5. Generate traffic which should be monitored by this server and via the Windows NT Event log, ensure that the data collector starts successfully with the correct number of monitored devices. If any errors are found, correct them and repeat all above steps. Web Server Security The EdgeSight for NetScaler Report Server and Data Collector components operate on a Windows Server 2003 operating system running IIS with ASP.Net 2.0. The system has been tested with the default security templates in place with no issues observed. During installation, you have the option to select whether data access will occur using SQL authentication or a Windows domain account. If you select SQL authentication, the ASP.Net worker processes will run under the Network Service account. If you select a domain account, the ASP.Net worker processes will run under that account. Note Once a given authentication model is chosen, no facility is provided within the EdgeSight for NetScaler installation package to change authentication models. Should a change in authentication model be desired at some point in the future, it is recommended that you uninstall all components and reinstall the product utilizing the new authentication model. The Report Server and Data Collector are both required components of the system, and perform entirely different functions. A given EdgeSight for NetScaler installation will have a single Report Server providing access to various real-time and historical reports, and allowing for the management of the EdgeSight for NetScaler system. This console has a web-based user interface, and typically will be accessed by a limited number of users. The console can be secured via SSL, and this is the recommended configuration. Additionally, the console can operate on non-standard TCP ports. If both the Report Server and Data Collector components are installed on the same server, they must exist on the same web site within IIS. 16 Citrix EdgeSight for NetScaler Installation Guide Securing a Data Collector The Data Collector component in an EdgeSight for NetScaler installation receives data from instrumented pages and stores this data in the SQL Server database. To an instrumented page, it exposes a single web interface, but to the Report Server it exposes multiple web interfaces. You will generally want to secure the Data Collector under any of the following conditions: • Data Collection is receiving data for a public facing web site • Multiple Data Collectors are deployed in a web farm manner • Data Collectors are deployed in a DMZ Securing a Data Collector in these environments requires the use of firewall policies. Two distinct policies will need to be defined, one for the data collection interface, and a second one for the management interface. Data Collection Interface Firewall Policy The data collection interface exposes a single web page for use in the data collection process. This page resides at the following virtual path: \ens10\app\ext\suser\test.aspx. It responds only to the HTTP GET method. Optionally, you can ensure that only data from NetScaler devices configured in your environment is allowed to pass by filtering traffic based on the query string item iid. The value for the query string item iid will be identical to the SYS.IID value for each NetScaler configured for this EdgeSight for NetScaler installation. Note To determine the SYS.IID, use the NetScaler command line interface (CLI), and issue the following command: show prebodyInjection. In the results from the command, the SYS.IID is shown as the System IID. Data Collector Management Interface Firewall Policy The data collector exposes a number of web pages for use in managing operations from the Report Console. The pages all reside at the following virtual path (and below): \ens10\app\ext\suser. They all respond only to the HTTP GET method. These interfaces must be accessible from both the Report Console server and from the machine of any user accessing the Report Console. Chapter 1 Installation Overview 17 Securing the Report Server The Report Server component of EdgeSight for NetScaler is the central location for all reporting and configuration. This console should never be published on a public facing web server. If remote access to the Report Server is required, it is recommended that such access be granted through a VPN connection to an internal network having access to the Report Server. If further access control is required, a firewall policy can be defined limiting access to the Report Server. All content on the Report Server is published at the following virtual path (and below): \ens10\app. All content responds to either of the HTTP GET, POST or PUT methods. User Access Control EdgeSight for NetScaler requires users to authenticate to the Report Server prior to performing any operations. The Report Server support two types of authentication providers, Windows domain authentication via LDAP, and a builtin email-based authentication provider. Wherever possible, the recommended configuration is to use Windows domain authentication as the authentication provider. This provider leverages all the features of domain account logins to limit access to the Report Server, including password expiration, complexity and lockouts. More information on configuring authentication providers can be found in the online help topic Authentication Providers. In addition to the authentication model, EdgeSight for NetScaler provides functional access control via defined permissions. EdgeSight for NetScaler administrators can define who has access to perform certain functions, and who has access to view certain data. Users can be defined individually, or when Windows domain authentication is used, as Windows NT groups. Permissions can be assigned to individuals or to Windows NT groups. More information on configuring users, roles and permissions can be found in the online help topics Users and Roles. 18 Citrix EdgeSight for NetScaler Installation Guide C HAPTER 2 Installing Citrix EdgeSight for NetScaler Server This chapter provides instructions on installing and configuring the database and Web server that make up Citrix EdgeSight for NetScaler Server. The instructions are based on an initial installation. Before starting an installation, make sure that you have reviewed the prerequisites and system requirements listed in “Installation Overview” on page 7. Obtaining the Server MSI File EdgeSight for NetScaler Server software is distributed both electronically and on a CD. The installation package is available for both 32 bit and 64 bit versions of Windows. Please obtain the version which is specific to the operating system version on which you wish to install. Installing the Server You can install EdgeSight for NetScaler Server using the MSI command line or user interface: • Command line installation—Use the msiexec command and use public properties to define installation settings. • User interface installation—Double-click the setup.exe file to invoke the EdgeSight for NetScaler Installer user interface. If you are installing EdgeSight for NetScaler components on separate systems, you must install the components in the following order: 1. Database 2. Report Console 3. Data Collector 20 Citrix EdgeSight for NetScaler Installation Guide Ensure that all the systems are in the same domain. Prerequisite Checking During installation, the MSI file performs checks for the following software prerequisites and system characteristics. The conditions checked can be required or recommended. If any of the required conditions is not met, the installation stops. Correct the condition and restart the installation. Recommended conditions are flagged with a warning, but installation can continue at the discretion of the installer. Component Requirement Memory 1 GB of RAM SQL Server Client Tools SQL Distributed Management Objects Operating System Windows Server 2003 or Windows Server 2008 IIS feature Internet Information Services (IIS) 6.0 or later. See “IIS 7.0 Components Required on Windows Server 2008 Systems” on page 12 for information specific to IIS 7.0 and Windows Server 2008. Microsoft .NET Framework Microsoft .NET 2.0 SP1 Runtime Microsoft Message Queuing (MSMQ) The MSMQ service must be running. Microsoft XML MS XML Parser 3.0 Windows Script Host Windows Script 5.6 or higher Note that some requirements for full operation, SQL Server Reporting Services, are not checked by the MSI file. Setting Server Installation Properties The MSI file uses public properties to specify custom install settings. You can edit public properties using the following methods: • Run the installer user interface (if the property is exposed). A log file is not created when the user interface is used for installation. • Create a transform file using a tool such as Orca. For more information on using Orca with MSI files, see http://support.microsoft.com/kb/255905. • Specify key/value pairs on the command line. This method allows you to control the full range of installation options, including specifying a log file, as well as being able to specify public properties. The syntax for key/value pairs is KEY=value. Chapter 2 Installing Citrix EdgeSight for NetScaler Server 21 See your MSI documentation for syntax rules for property values. The following table lists the public properties available when installing the Citrix EdgeSight Server. You only need to specify properties with default values if you want to specify a value other than the default. Also, whether some properties are specified depends on what other properties are being specified. For example, if Windows authentication is not enabled using the WINDOWS_AUTH property, the DBUSERNAME and DBPASSWORD properties must be defined. Note Although additional properties are exposed when you examine the MSI file, only the public properties listed in the following table should be explicitly specified. Property Name Default Value PREREQUISITES_ PASSED DATABASEOPTIONS Description If this property is specified with any value, the bootstrapper is bypassed and you are allowed to perform a command-line installation of the server. new Specifies whether to install a new Citrix EdgeSight database or upgrade an existing database. Valid values are new or upgrade. DATABASESERVER The name of the server running an existing Citrix EdgeSight database. It is not necessary to specify a value when running the database locally. DBUSERNAME The username for the SA user. It is not necessary to specify a value if Windows authentication is enabled (WINDOWS_AUTH=1). DBPASSWORD The password for the SA user. It is not necessary to specify a value if Windows authentication is enabled (WINDOWS_AUTH=1). WINDOWS_AUTH 1 Specifies whether to use Windows authentication. Valid values are 1 (use Windows authentication) or 0 (do not use Windows authentication). If Windows authentication is not used, the DBUSERNAME and DBPASSWORD properties must be defined. DBNAME EdgeSight The name of the Citrix EdgeSight database that will be created during installation. Database names must be unique within an instance of SQL Server and comply with the rules for identifiers. Also, the database name can not contain the pipe character ( | ), single quotes, a period (.), a hyphen (-), or spaces. For information on identifiers, see SQL Server Books Online for the your version of SQL Server. ACCOUNTNAME The account name for the EdgeSight “run as” account. Specify the account using the computer name and username (computername\username) or the domain name and username (domainname\username). Do not use an FQDN. ACCOUNTPASSWORD The password for the EdgeSight “run as” account. 22 Citrix EdgeSight for NetScaler Installation Guide DATAFILESIZE 500 Specifies the initial size in megabytes of a data file. Each of the eight files in the file group is created using the specified size. The default size is sufficient for most installations. LOGFILESIZE 500 Specifies the initial size in megabytes of the log file. The default size is sufficient for most installations, RECOVERYMODEL SIMPLE Specifies the database recovery model. Valid values are FULL, SIMPLE, and BULK_LOGGED. EDGEDIR %ProgramFiles%\Citrix\ System Monitoring\ Server\EdgeSight Contains the web pages, scripts, .Net components and other components that make up the EdgeSight Server Web site. INSTALLOPTIONS Specifies what components are to be installed. Set the value to full to install the database, Web server, and script handler components. Set the value to dbonly to only install the database component. Installing a Server Using the User Interface Before performing an EdgeSight Server installation, set up an account for EdgeSight for NetScaler. You need to enter this account username and password during server installation. Specify the account using the computer name and username (computername\username) or the domain name and username (domainname\username). Do not use a fully qualified domain name (FQDN), as this will result in an installer error. To install a server using the user interface: 1. Double-click the setup.exe file to invoke the Setup wizard that installs the Citrix EdgeSight for NetScaler Server on your computer. 2. On the Welcome screen, click Next. 3. On the Select Features screen, select one of the following: 4. • EdgeSight for NetScaler Server Web site and Database: This installs the Web site files and the components. This also creates or upgrades an existing EdgeSight for NetScaler database. • EdgeSight for NetScaler Database only: This installs or upgrades an existing EdgeSight for NetScaler database. On the Prerequisite Check screen, verify whethet the check for minimum requirements has passed. If minimum requirements are not met, the installation is stopped and you are notified of missing components. If minimum requirements are met, but limitations are present due to the configuration of the target system, warnings are displayed. (Examples of warning conditions are the not meeting minimum memory requirements.) You can continue the installation even though warnings have been issued. Chapter 2 Installing Citrix EdgeSight for NetScaler Server 23 5. Accept the End-User License Agreement, and then click Next. 6. On the Feature Selection screen, select Database Components. This installs the SQL database used for data collection, reporting, and configuration. 7. On the Database Information screen, under SQL Server Selection, either enter the name of a new database server, or select the database server from an existing list. 8. Under Install Using, select Windows Authentication or SQL Server Authentication. The method you choose is partially determined by the accounts set up when SQL Server was installed. (Note that you must have administrative privileges on the database server.) 9. Under SQL Server Database selection, either select Install a new ES4NS DB and enter the name of the database, or select a database from an existing list. 10. On the Account Information screen, enter the user name and password that the ES4NS server uses to connect to the database, and then click Validate. Syntax for user name: domain\username or computer\username Do not provide a fully qualified domain name, as this will result in an installer error. The ES service configuration use account should be a member of the local administration group. 11. On the Data Collector Information screen, in Managed IP, enter the IP address of the data collector, and then click Next. The report console uses this IP address to communicate with the data collector. If all components are on the same system, enter 127.0.0.1. 12. Click Install to begin the installation. After installation is complete, you must go to the Web site to perform initial configuration tasks, as described in “Running the Post Installation Setup Wizard” on page 23. Running the Post Installation Setup Wizard After you have completed the EdgeSight for NetScaler Server installation of the report console, you must use the EdgeSight for NetScaler Post-Installation Setup Wizard to perform initial server configuration. You can either complete the setup wizard directly after installing the Report Console components, or at a later time. To display the setup wizard at a later time, open a browser and enter the URL for the EdgeSight for NetScaler Web site (http://serverIP/ens10/app). Important The post installation setup wizard must be run from the Windows Server used for the EdgeSight for NetScaler Web Console. Running 24 Citrix EdgeSight for NetScaler Installation Guide the post-installation setup wizard on non-Windows platforms can result in problems. The post-installation wizard helps you perform the following tasks: • Create an initial company. A company is the primary organizational unit on an EdgeSight Server. A single server can support multiple companies. • Create the Superuser account. This account has access to all companies hosted on the server and can create other users. • Configure email settings. This information is used on notification emails generated by the server. Note When logging in to the EdgeSight for NetScaler Web site to run the Post Installation Setup Wizard, specify the local administrator account credentials unless the account information is being passed automatically. You can complete the server installation, but run the Post-Installation Setup Wizard at a later time. If you then attempt to access the server using a browser other than Internet Explorer, the browser prompts you for credentials. Enter the credentials for a local machine admin account. To configure your EdgeSight for NetScaler Server 1. On the Welcome screen, click Next. 2. Under Create an initial company, enter the name of the company and select the associated time zone. 3. Under Create the Superuser Account, enter the first name, last name, email address, and password, and then click Next. The superuser has full access to all of the companies in the server database. You need to log in with this user credentials to be able to creat other users. 4. Under Configure Email Settings, enter the following details: 5. • SMTP Server: The server uses the smtp server to send emails for certain events. • Email Address: to which the srver sends the notifications. • Display Name and Email Address: appears in the From field of the emails sent by the server. Under Review Citrix EdgeSight for NetScaler Server Settings, review the details of company, superuser account, email settings, and then click Finish. Chapter 2 Installing Citrix EdgeSight for NetScaler Server 25 Enabling EdgeSight for NetScaler Server EdgeSight for NetScaler is an agentless solution for monitoring the end users’ experience with the HTML web content proxied by a NetScaler. (EdgeSight for NetScaler software is intended for use with the NetScaler 8.0 release.) In order for monitoring to occur, certain features within the NetScaler need to be enabled, and specific configuration items documented and entered into the EdgeSight for NetScaler Web Client. Once EdgeSight for NetScaler is installed and initial configuration has been performed, the following tasks must be performed to enable the server to receive and display data: • Enable the NetScaler HTML Injection feature • Specify the EdgeSight for NetScaler Server in the injection script • Configure HTML injection for your site • Verify the HTML injection configuration • Registering the NetScaler with the EdgeSight for NetScaler Server Enabling the NetScaler HTML Injection Feature The NetScaler HTML Injection feature must be appropriately enabled to ensure that data is generated for display by EdgeSight for NetScaler. For instructions on enabling this feature, see the section titled “Enabling/Disabling HTML Injection” in the NetScaler 8.0 Installation and Configuration Guide. Specifying the EdgeSight for NetScaler Server in the Injection Script Monitoring of the end-users’ web experience is accomplished by the NetScaler injecting a pair of script files (prebody.js and postbody.js) into the HTML response stream. The prebody.js file is edited to specify an Edgesight for Netscaler server. The following procedure describes how a NetScaler administrator specifies the EdgeSight for NetScaler server in an injection script. 1. Locate the prebody.js script file to be edited. The file is located in /nsconfig/htmlinjection/ens. 2. Determine which values in the file must be edited. At least one of the following values must be edited, g_csma_ns_server or g_csma_ns_ssl_server, depending on the type of pages to be accessed. If only SSL traffic is expected, edit g_csma_ns_ssl_server. If only non-SSL traffic is expected, edit g_csma_ns_server. If both SSL and non-SSL traffic is expected, edit both values. The correct format for the values is http:// edgesight.mydomain.com. Static IP addresses are valid. These values 26 Citrix EdgeSight for NetScaler Installation Guide represent the non-SSL and SSL web sites for the EdgeSight for NetScaler server. Note that if you expect SSL traffic, the Edgesight for Netscaler server must have a valid SSL certificate as specified in “Pre-Installation Considerations” on page 4. Configuring HTML Injection for Your Site In this section, only those configuration items which are required to enable EdgeSight for NetScaler are described. Review the appropriate sections of the NetScaler 8.0 Installation and Configuration Guide for details relating to complete NetScaler setup and configuration. Note EdgeSight for NetScaler depends upon the NetScaler 8.0 feature named HTML Injection. This feature provides a vehicle to insert the measurement script contained in prebody.js and postbody.js into the HTML web pages. Configuration of all required elements of HTML Injection requires the use of NetScaler CLI. Note In order to define an appropriate NetScaler configuration, you will need to enable the NetScaler HTML Injection and Content Filtering features. Policy Definition Implementation of a successful EdgeSight for NetScaler installation begins with a properly configured NetScaler policy. This policy defines the conditions under which the measurement scripts will be inserted into the HTML response, and ultimately executed in the end users’ browser. In order to appropriately manage the data collected, you should limit the policy to only those pages that you wish to monitor. Additionally, since the measurement script is designed to be inserted into HTML web pages, the policy should be configured to limit insertion to only content containing a MIME type of text/html. A sample policy matching for all URIs and named ESPolicy is defined as follows: add policy expression ESPolicy "REQ.HTTP.URL == /* && RES.HTTP.HEADER Content-Type CONTAINS text/html" Content Filter Definition In addition to the policy defining when to insert the measurement scripts, you must also define what to insert. This task is accomplished through the configuration of content filters. The following comands define the content filters and binds then to a vserver named MyServerVIP. add filter action res_act add " prebody" add filter action res_act_post add " postbody" add filter policy ESPrePolicy -rule ESPolicy -resAction res_act add filter policy ESPostPolicy -rule ESPolicy -resAction res_act_post Chapter 2 Installing Citrix EdgeSight for NetScaler Server 27 bind lb vserver MyServerVIP -policyName ESPrePolicy bind lb vserver MyServerVIP -policyName ESPostPolicy Specify Measurement Source Once the content filter has been defined, you will need to specify the source files for the measurement scripts. The following commands load the two required files. If the file content should be changed at any point (such as when changing the EdgeSight for NetScaler server location), these commands are also be used to reload file content. set filter prebodyInjection /nsconfig/htmlinjection/ens/prebody.js set filter postbodyInjection /nsconfig/htmlinjection/ens/ postbody.js Note Every time you change prebody.js, you must reissue these commands to ensure that the injection script is properly reloaded and the configuration saved. Verifying the HTML Injection Configuration Once the injection has been configured, verify that it is occurring correctly. 1. Navigate to an injected web page and view the source of the web page. 2. Locate the prebody.js contents at the very top of the page. 3. Assuming injection is occurring correctly, please record the value for _csma_NS_IID. This value represents the globally unique identifier for this NetScaler (SYS.IID) and must be entered into the EdgeSight for NetScaler device management page for data to be stored. Alternatively, you can obtain the SYS.IID by using the NetScaler command line interface and issuing the command: show prebodyInjection. In the results from the command, the SYS.IID is shown as System IID. Registering the NetScaler Appliance with the EdgeSight for NetScaler Server The value defined for the NetScaler variable SYS.IID needs to be recorded and then entered into the EdgeSight for NetScaler Report Console when the NetScaler applicance is registered with the server. 1. Using the EdgeSight for NetScaler Report Console, navigate to Company Settings > Server > Device Management. 2. Click the New Registration button. 3. Enter a unique NetScaler device name. This is the name that will appear on the Devices page. 28 Citrix EdgeSight for NetScaler Installation Guide 4. Enter the SYS.IID for the NetScaler. This is the value previously recorded for _csma_NS_IID, or from the System IID in the results of the show prebodyInjection command. 5. Enter the IP address for the NetScaler (the NSIP). 6. Enter the FQDN (Fully Qualified Domain Name) for the NetScaler. You can also use the IP address. 7. Click OK. The Data Collector Refresh Complete page is displayed. Click Done to return to the Devices page. Once the NetScaler appliance is registered, data for the end-user experience is collected as the injected pages are accessed. Upgrading Citrix EdgeSight Server Important You should back up your EdgeSight for NetScaler database before performing an EdgeSight for NetScaler Server upgrade. Use the setup.exe file to upgrade EdgeSight for NetScaler Server. You can use either the command line or the user interface to perform the upgrade. The setup.exe file checks for existing versions of the Citrix EdgeSight for NetScaler database and Web server components each time you invoke server setup. You are not allowed to reconfigure Edgesight for NetScaler components as part of an upgrade of EdgeSight for NetScaler version 1.1 to version 2.0. If you need to reconfigure components, such as installing the database and Web server components on different machines, you must uninstall and reinstall the EdgeSight for NetScale software. Uninstalling EdgeSight for NetScaler Server When you uninstall Citrix EdgeSight for NetScaler Server, only the Web Server is removed from your system. The database remains on the system running SQL Server. To remove an EdgeSight database, you must use the SQL Server Enterprise Manager (SQL Server 2000) or SQL Server Management Studio (SQL Server 2005 and SQL Server 2008). The data directory, usually located at %ProgramFiles%\Citrix \System Monitoring\Server\EdgeSight for NetScaler 2.0\Data, is not removed when uninstalling Citrix EdgeSight. This directory is used to store data, including crash dumps. Because these files can be quite large, you may want to remove the contents of the data directory manually. Chapter 2 Installing Citrix EdgeSight for NetScaler Server 29 To uninstall a Citrix EdgeSight for NetScaler Web Server Use the Add or Remove Programs option on the Control Panel to remove the program named Citrix EdgeSight for NetScaler 2.0 Server. It is recommended that you reboot the machine after uninstalling EdgeSight for NetScaler if you intend to reinstall the product; rebooting ensures that folders and files marked for deletion are cleaned up properly. 30 Citrix EdgeSight for NetScaler Installation Guide