Install Teams & OneDrive in Citrix (Machine-Based)

Update of the existing article to the latest requirements and features.

Microsoft Teams

User Based Microsoft Teams

The standard installation that the user can perform, e.g. via the Microsoft365 Apps portal, is a user-based installation. In the Citrix environment, this is only recommended for desktop operating systems (pooled or personal desktop).

A User-Based Installation can be detected very quickly in the User Profile, because data are then located under AppData\Local\Microsoft\Teams.

Teams User Based Install

This type of installation in a worker with server operating system has many cons:

  • No control over the installed version
  • Several different versions possible installed on the same worker
  • Complete data (~1 GB) are in the user profile
Continue reading “Install Teams & OneDrive in Citrix (Machine-Based)”

SAML Authentication between Citrix & Microsoft with Azure MFA

Update the existing article to the latest Azure GUI.

As a result of increasing projects, here is a little how-to with the summary of my previous articles. The main points are:

  • Azure AD Seamless Single Sign-On (PTA / PHS)
  • SAML Authentication (Azure AD as IdP & Citrix Gateway as SP)
  • Citrix Federated Authentication Service (FAS)
  • Microsoft Azure Multi-Factor-Authentication with Conditional Access

Requirements

  • Fully working Citrix Virtual Apps and Desktop Environment (StoreFront & DDC Minimum Version 7.9)
  • Citrix ADC with successful base configuration & activated Enterprise or Platinum license (Minimum Version 12.1 Build 50+ for native workspace app, for browser Minimum Version 11.1)
  • Configured Unified Gateway vServer
  • Internal and external DNS entries for Unified Gateway vServer (e.g. citrix.deyda.net)
  • Certificates for DNS entries (wildcard certificates are the easiest)
  • Existing Azure Tenant with Azure-AD base configuration (Domain, AAD Sync) & activated Azure AD Premium license
  • AD Connect version installed and configured (Minimum Version 1.1.644.0)
  • Firewall release for *.msappproxy.net on port 443
  • Domain administrator credentials for the domains that connected to Azure AD via AD Connect
  • Installed Authenticator App on Test User Mobile Phone
Continue reading “SAML Authentication between Citrix & Microsoft with Azure MFA”

Citrix ADC 101 – Fundamentals

The following is a collection of basic information about Citrix ADC. From licensing, to the most important commands, to the update procedures that can be performed.

General Information

Here is some basic information about Citrix ADC.

Operating System and Architecture

Citrix ADC is based on the open source operating system FreeBSD. Unlike the very similar Linux, FreeBSD has a modular kernel and Citrix has taken advantage of this to modify FreeBSD’s Bash shell by removing the networking subsystem and replacing it with its own. The modifications were placed in a custom kernel module called NetScaler Core Packet Processing Engine (PPE).

Citrix ADC FreeBSD
Continue reading “Citrix ADC 101 – Fundamentals”

Why a Windows Server 2019 VDI should be Hybrid Azure AD joined

What is Hybrid Azure AD Join ?

Let’s just start with the official definition from the Microsoft documentation:

Hybrid Azure AD Join: Joined to on-premises AD and Azure AD requiring organizational account to sign in to the device.

This means that after the device is Hybrid Azure AD joined, it behaves the same as any other computer connected to Active Directory.

Sign in with an Active Directory account is required.
User credentials are verified against an Active Directory domain controller.
Group Policy objects for users & computers read from the domain controller are applied automatically.

Hybrid Azure AD Join

After the Active Directory connection process is complete, additional steps are performed asynchronously in the background to register the device in Azure AD as well.

Continue reading “Why a Windows Server 2019 VDI should be Hybrid Azure AD joined”

Installing Workspace Environment Management Version 2012

Workspace Environment Management optimizes Citrix workers for the best possible performance (user density, logon time and application response time).

WEM is subject to the Current Release Lifecycle (Additional Component) and therefore there is no LTSR version of WEM available.

To use WEM, you must have an active Customer Success Services (CSS) for one of the following licenses:

  • Citrix Virtual Apps Advanced
  • Citrix Virtual Apps Premium
  • Citrix Virtual Apps and Desktops Advanced
  • Citrix Virtual Apps and Desktops Premium
  • Citrix Workspace Premium
  • Citrix Workspace Premium Plus

Technical Overview

Workspace Environment Management (WEM) is based on the following architecture:

WEM architecture

Continue reading “Installing Workspace Environment Management Version 2012”