Citrix

group: “Citrix FAS” When you are using Citrix FAS you will also have a Authorization Certificate. Without this certificate Citrix FAS would not be able to function. The same is applicable when the Authorization Certificate is expired, FAS can no longer do it’s job. When the Authorization Certificate is expired users are no longer able to login. Because FAS cannot request new smartcard certificates for a user.

group: “NetScaler” In this HowTo article, we’ll walk through the complete process of configuring a Citrix NetScaler HA pair to serve as an authoritative DNS server for a subdomain. This step-by-step guide covers everything from setting up the Authoritative DNS (ADNS) service on the NetScaler to delegating the subdomain in the parent domain’s DNS management panel. Whether you’re looking to improve DNS resolution performance, gain more control over DNS records, or support advanced NetScaler features, this guide will help you get it done efficiently and securely.

It’s crucial to regularly update your Citrix WorkspaceApp to an up-to date version. Many environments still use outdated versions with significant security vulnerabilities (CVEs). Too often, I encounter environments that are still running old versions, including the antiquated “Receiver” versions. Not updating to a non-vulnerable or recent supported version poses a real security risk! In many environments, users have company-managed devices, for example managed via Microsoft Intune, which can be updated centrally. These devices are typically kept up to date. The greatest risk lies with non-company-managed devices, such as privately owned laptops or bring-your-own-device (BYOD) systems, where users are responsible for maintaining updates themselves.

group: “NetScaler” Upgrading firmware on time is crucial for the business continuity. Especially when new firmware become available containing fixes for high CVE’s we have seen recently. This how to guide focuses on upgrading the NetScaler manually. If you are using an ADM appliance or ADM service, you can use those as well, to automatically upgrade the node(s). 

group: “NetScaler” Before you start an upgrade. You must make sure to have enough free space available. Although in the GUI you see sometimes that you must have 5 GB available, in my experience you need at least 6,5 GB free space.

group: “NetScaler” A backup can save you a lot of time in case of emergencies, configuration errors or hacks. You could download and save it in a secure environment. And when needed restore a new appliance with the saved backup.

group: “NetScaler” In this how-to article I will explain the procedure how to update a certificate on a Citrix NetScaler. If you wait until a certificate is expired wil cause a lot of issues for your users or visitors. By being on time with the renewal will save you a lot of trouble.

group: “NetScaler” In this how-to article I will explain the procedure how to install a new certificate on a Citrix NetScaler. Certificates are an important piece in a secure connection from a client to a server.

group: “Windows” Certificates are an important part of a modern environment. They make communication safer by encrypting the traffic between the client and server. A safe way to move certificates between servers or store them safely is by exporting the certificate (private and public key) to an encrypted format. A commonly used format is “pfx” (Personal Information Exchange also known as PKCS#12). A pfx file can contain one or more certificates and is encrypted with a password. Without the correct password the pfx is useless. You commonly see that a pfx contains a (web) server certificate and one or more intermediate certificate(s) and a root certificate.

Some companies want to allow other (guest) companies to connect to their environment and for example allow them to open a Citrix Desktop. This can be achieved by Connecting an existing Citrix environment to the guest company via SAML (and yes there are other possibilities). SAML is an authentication method based on a two-way trust. Two Microsoft products that can offer SAML authentication are ADFS (Active Directory Federation Services, an on-premises solution) and the other is and Enterprise App you can configure from the Azure portal. The other requirement is Citrix FAS (Federated Authentication Services). In this article I will show you a way to connect a guest (company) via SAML to allow them access to your Citrix environment without the need for adding the guest companies suffix to your domain.