What is App Masking and what do we need it for?
App Masking minimize the number of Golden Images required, by allowing all applications to be installed in a single Golden Image. The mapping and separation of applications (as well as printers, fonts, office add-ins, Internet Explorer plug-ins, etc.) is done without packaging, sequencing, backend infrastructure or virtualization.
This is achieved by granular access control of the installed applications through App Masking Rules. These rules can be used to completely hide the application in an user runtime, so that it no longer appears in the file system, registry or under programs and features.
Because no additional ressources are required by the system when using the rules, applications run at their native speed.
Continue reading “FSLogix App Masking in Citrix Environments”
In the past months, I have had to deploy Microsoft Teams and OneDrive from the Office365 portfolio in Citrix environments, in addition to the standard office applications in numerous projects.
The standard installation, that the user can perform through the Office365 portal, is a user-based installation. In a Citrix environment, this is only recommended for desktop operating systems (pooled or personal desktop).
A user-based installation can be detected very quickly in the User Profile, since data is then located under AppData\Local\Microsoft\Teams.
This type of installation in a worker with server operating system has many disadvantages:
Continue reading “Install Teams & OneDrive in Citrix (Machine-Based)”
- No control over the installed version
- Several different versions possible on the same worker
- Complete data (~1 GB) is stored in the user profile
Recently, I have been involved more and more in projects where Office365 is to be fully implemented in Citrix environments. This means that the customer not only needs the standard Office applications Outlook, Excel and Word, but also wants to use teams and OneDrive.
But this is exactly where we, without additional software, have big problems in non-persistent desktop environments. For example with our profiles (Team Installer stores its data in the profile) or so that the data is downloaded from the Internet every time (excluding OneDrive Sync data in the profile).
However, we have recently been in the fortunate position of being able to use FSLogix “free of charge” for this purpose, if we meet the following requirements:
Continue reading “FSLogix Container (Office/Profile) in Citrix Environments”
- Microsoft 365 E3/E5
- Microsoft 365 A3/A5/ Student Use Benefits
- Microsoft 365 F1/F3
- Microsoft 365 Business
- Windows 10 Enterprise E3/E5
- Windows 10 Education A3/A5
- Windows 10 VDA per user
- Remote Desktop Services (RDS) Client Access License (CAL)
- Remote Desktop Services (RDS) Subscriber Access License (SAL)
For quite some time (Beginning of 2017) it is now possible to solve SSO scenarios with Azure even without ADFS infrastructure. However, it is only recently that companies has started to not insist on ADFS. Now one may finally also point out the alternative solutions of Microsoft.
The possible scenarios for Seamless SSO are:
- Pass-through authentication (PTA)
- Password Hash Sync (PHS)
Pass-through authentication (PTA)
- No automatic detection of leaked login data
- Azure AD DS requires enabled Password Hash Synchronization feature in tenant to work
- Is not part of Azure AD Connect Health
Password Hash Sync (PHS)
Continue reading “Activation of Azure AD Seamless Single Sign-On”
- Password is synchronized to the cloud (as hash value)
To complete my previous article, I also directly implemented and tested Microsoft Azure MFA Cloud Service in my test lab. In this post I go straight to the ToDo’s for implementation. For more information on MFA and the differences between Local and Cloud, please read my previous post.
It is important that all my information has the status of March 2019 and since it is the cloud, it will soon be obsolete again.
Continue reading “Microsoft Azure MFA Cloud Service in Citrix ADC”