I run into the issue that every so often I need to find Cisco and Citrix Visio stencils. It doesn't happen frequently but it does happen and when it happens I can never remember the name of them. As a shortcut for myself and others...VIOLA!
Citrix Infrastructure Stencils
https://citrix.sharefile.com/download.aspx?id=sddd6fb7daed4a55b
Cisco Topology Icons (Basic)
http://www.cisco.com/web/about/ac50/ac47/2.html
Tuesday, December 10, 2013
Tuesday, November 26, 2013
NetScaler - Logging Audit Messages
I was asked today if there was a way to get alerts from the NetScaler about a policy being hit for one of our external facing websites from an external source. I started to look into doing this but have decided that it would be quite the effort, at least for my first time. I did a bit of research and came up with a few sources which may help put the whole alerting system together. If I get a chance to configure this I will update this with how I completed it.
This solution requires:
Resources for creating custom logging:
Quick template of how to setup message actions from Citrix.com.
http://support.citrix.com/proddocs/topic/ns-system-10-1-map/ns-ag-al-confrng-policy-based-logging-tsk.html.
This shows how to log an HTTP header using policy-based logging.
http://support.citrix.com/article/CTX125466
This shows how to setup the message action and how to bind that policy to a responder policy.
http://blogs.citrix.com/2011/08/25/log-what-and-when-you-want-%E2%80%93-all-the-way-from-layer-2-to-layer-7/
This shows how to configure email alerts on Citrix Command Center
http://support.citrix.com/article/CTX133137
This solution requires:
- NetScaler
- Auditing
- Auditing Message Actions
- VServers
- Responder/Rewrite policies
- Citrix Command Center
- Alarm Trigger
Resources for creating custom logging:
Quick template of how to setup message actions from Citrix.com.
http://support.citrix.com/proddocs/topic/ns-system-10-1-map/ns-ag-al-confrng-policy-based-logging-tsk.html.
This shows how to log an HTTP header using policy-based logging.
http://support.citrix.com/article/CTX125466
This shows how to setup the message action and how to bind that policy to a responder policy.
http://blogs.citrix.com/2011/08/25/log-what-and-when-you-want-%E2%80%93-all-the-way-from-layer-2-to-layer-7/
This shows how to configure email alerts on Citrix Command Center
http://support.citrix.com/article/CTX133137
Tuesday, November 19, 2013
NetScaler - Use Source IP
The NetScaler can be a wonderful tool with all of its capabilities, but sometimes that can be a double-edged sword. The ever changing demands that IT personnel go through each day can be exciting and rewarding but sometimes leads to confusion. Today was a perfect example of this for me.
I have been attempting to get a SharePoint site externally available. I am doing this using the NetScaler and its SSL features. I have added the Server, Service, and Server in to the Load Balancing feature. After checking to make sure my responder policies/action were correct, I attempted to test the setup using my host file. I got the forever annoying, "Internet Explorer cannot display the webpage" message.
This is when I remembered the "Use Source IP" check box of the Load Balancing Service. This check box has singled markedly cause me hours of frustration and confusion. It forces the client's response to come from the Client's IP address rather than responding back to the NetScaler. I unchecked this and the Client no longer goes directly to the server when it responds, which fixed my problem.
tl;dr
Uncheck the "Use Source IP" check box which can be found in the Service configuration screen.
More info from Citrix below:
http://support.citrix.com/proddocs/topic/ns-system-10-1-map/ns-nw-ipaddrssng-enabling-use-src-ip-mode-tsk.html
I have been attempting to get a SharePoint site externally available. I am doing this using the NetScaler and its SSL features. I have added the Server, Service, and Server in to the Load Balancing feature. After checking to make sure my responder policies/action were correct, I attempted to test the setup using my host file. I got the forever annoying, "Internet Explorer cannot display the webpage" message.
This is when I remembered the "Use Source IP" check box of the Load Balancing Service. This check box has singled markedly cause me hours of frustration and confusion. It forces the client's response to come from the Client's IP address rather than responding back to the NetScaler. I unchecked this and the Client no longer goes directly to the server when it responds, which fixed my problem.
tl;dr
Uncheck the "Use Source IP" check box which can be found in the Service configuration screen.
 |
| Uncheck "Use Source IP" |
More info from Citrix below:
http://support.citrix.com/proddocs/topic/ns-system-10-1-map/ns-nw-ipaddrssng-enabling-use-src-ip-mode-tsk.html
Thursday, November 14, 2013
Citrix(NetScaler) Command Center
I have had my first foray into the Citrix Command Center 5.1 and let me tell you, it has been pretty positive. NetScalers are a multi-faceted tool so management of this device is not always easy if only using the given interface. Command Center expands upon the toolset offered by the NetScaler by giving you a set of tools to monitor the NetScalers. This includes all forms of alerting and logging! I have not dug much into the Command Center yet, but I fully intend to soon and will definitely post my findings (good and bad).
Wednesday, November 6, 2013
Error Text 10551 BPA Server
Recently I had been working on a workflow that inputs records into a SQL database through stored procedures. We tried to implement this functionality into our Production environment but we had been having some issues. We get an error, "Error Text: (10551) Expecting a constant, var name or function name." (Shown below, Fig. 1) whenever we ran the workflow. That error and an accompanying one, which is completely blank, is all the information that we had to go by.
After some deliberation and LOTS of test emails, we determined that an evaluation was causing the problem. We looked into the evaluation to see that the shared variable that we were looking at was named incorrectly. Once we changed it to the correct name, all went well.
After some deliberation and LOTS of test emails, we determined that an evaluation was causing the problem. We looked into the evaluation to see that the shared variable that we were looking at was named incorrectly. Once we changed it to the correct name, all went well.
 |
| Fig. 1 |
Tuesday, October 29, 2013
Reset UI Preferences - BPA
Your UI preferences can get all out of wack if you accidentally close or move
something. The easiest way to reset the preferences for your Workflow
Designer/SMC/Task Builder is to just delete the xml files in the folder
below.
C:\Users\(Desired User)\AppData\Roaming\Network Automation\AutoMate BPA Server 9
Deleting these files will remove your preferences and BPA will then recreate them from scratch.
Network Automation Forum for WFD/SMC Reset:
http://forums.networkautomation.com/forum/messageview.cfm?catid=42&threadid=9806
Network Automation How to for Task Builder Reset:
http://www.networkautomation.com/automate/urc/resources/livedocs/am/8/Task_Builder/Customizing_Task_Builder/Viewing_and_Hiding_Panes_in_Task_Builder.htm
The last resort for resetting your Task Builder UI is to remove the Registry item. We do this following Network Automation's support directions shown below.
C:\Users\(Desired User)\AppData\Roaming\Network Automation\AutoMate BPA Server 9
Deleting these files will remove your preferences and BPA will then recreate them from scratch.
Network Automation Forum for WFD/SMC Reset:
http://forums.networkautomation.com/forum/messageview.cfm?catid=42&threadid=9806
Network Automation How to for Task Builder Reset:
http://www.networkautomation.com/automate/urc/resources/livedocs/am/8/Task_Builder/Customizing_Task_Builder/Viewing_and_Hiding_Panes_in_Task_Builder.htm
The last resort for resetting your Task Builder UI is to remove the Registry item. We do this following Network Automation's support directions shown below.
File Path with Space in Email - BPA
A common request from our user base is to have email alerts sent to them. We
do this from BPA, Sharepoint, in house dev, etc. Many times the email that we
are sending contains a file path pointing to documents or folders containing
documents that need visibility. The problem then ensues.
Emails, sent/received using Exchange, with file paths containing a space in them will have broken hyperlinks. This is not a major issue but it looks unprofessional and is quite annoying.
Fix:
Encapsulate the path in quotation marks "" to keep the entire path one unit. I show an example of this below.
The first path will not properly keep the hyperlink to the folder "No Quotes". It will stop at \No and cut off the Quotes\ portion of the file path.
\\server1\No Quotes\
The second path will properly keep the hyperlink to the folder "Yes Quotes".
"\\server1\Yes Quotes\"
Emails, sent/received using Exchange, with file paths containing a space in them will have broken hyperlinks. This is not a major issue but it looks unprofessional and is quite annoying.
Fix:
Encapsulate the path in quotation marks "" to keep the entire path one unit. I show an example of this below.
The first path will not properly keep the hyperlink to the folder "No Quotes". It will stop at \No and cut off the Quotes\ portion of the file path.
\\server1\No Quotes\
The second path will properly keep the hyperlink to the folder "Yes Quotes".
"\\server1\Yes Quotes\"
Tuesday, October 8, 2013
NetScaler - Mobile Redirect
Previously I was asked to make our intranet site more accessible for our users by creating a mobile redirect on the NetScaler. We previously did it on the web server but the mobile redirect would only take effect after the entire desktop version loaded. This obviously created a bad user experience and extremely long load times.
As we got more into the redirect we found that there were other features that we could add to improve the redirect. I will summarize what the below code does in order to select what traffic to redirect.
The traffic cannot have a path/query with /mobi, it means that the URL does not contain the mobile path which may or may not be intentional. The traffic must not have the mobile=false query string which we use to designate that the user has chosen to use the full version of the site. The traffic cannot have the /lib/ path because this is used for the pdfs and other documents and redirect this traffic will not allow those to be downloaded. The last requirement is that the HTTP Request contains a User-Agent that is for a mobile device. (Android, iPhone, iPod, BlackBerry, Windows Phone, IEMobile, webOS)
WARNING: Referer is spelled incorrectly because it is part of the HTTP protocol spelled incorrectly. DO NOT FIX THAT.
Responder Action for All Mobile Redirects:
Type: Redirect
http://www.intranet.com/mobile (Dummy link)
Responder Policy for Maintaining Full Version:
HTTP.REQ.HEADER("Referer").TO_LOWER.CONTAINS("mobile=false") && HTTP.REQ.URL.PATH_AND_QUERY.TO_LOWER.CONTAINS("mobile=false").NOT
If the referer contains mobile=false and the request URL does NOT contain mobile=false, we add &mobile=false to the end of the path and query. This maintains the Full Version status that was requested.
Responder Action for Maintaining Full Versions:
Type: Redirect
"http://" + HTTP.REQ.HOSTNAME + HTTP.REQ.URL.PATH_AND_QUERY + "&mobile=false"
Responder Policy for new Full Version Requests:
HTTP.REQ.HEADER("Referer").TO_LOWER.CONTAINS("mobile=false") && HTTP.REQ.URL.PATH_AND_QUERY.CONTAINS("?").NOT
If the user clicks the hyperlink (containing mobile=false) and they did not have a ? in the path and query, they get moved to the Full Version by adding a ?mobile=false to the path and query.
Responder Action for new Full Version Requests:
Type: Redirect
"http://" + HTTP.REQ.HOSTNAME+ HTTP.REQ.URL.PATH_AND_QUERY + "?mobile=false"
As we got more into the redirect we found that there were other features that we could add to improve the redirect. I will summarize what the below code does in order to select what traffic to redirect.
The traffic cannot have a path/query with /mobi, it means that the URL does not contain the mobile path which may or may not be intentional. The traffic must not have the mobile=false query string which we use to designate that the user has chosen to use the full version of the site. The traffic cannot have the /lib/ path because this is used for the pdfs and other documents and redirect this traffic will not allow those to be downloaded. The last requirement is that the HTTP Request contains a User-Agent that is for a mobile device. (Android, iPhone, iPod, BlackBerry, Windows Phone, IEMobile, webOS)
Responder
Action for All Mobile Redirects
HTTP.REQ.URL.PATH_AND_QUERY.TO_LOWER.CONTAINS("/mobi").NOT
&& HTTP.REQ.URL.PATH_AND_QUERY.TO_LOWER.CONTAINS("mobile=false").NOT
&& HTTP.REQ.URL.PATH_AND_QUERY.CONTAINS("/lib/").NOT &&
(HTTP.REQ.HEADER("User-Agent").CONTAINS("Android") ||
HTTP.REQ.HEADER("User-Agent").CONTAINS("iPhone") ||
HTTP.REQ.HEADER("User-Agent").CONTAINS("iPod") ||
HTTP.REQ.HEADER("User-Agent").CONTAINS("BlackBerry") ||
HTTP.REQ.HEADER("User-Agent").CONTAINS("Windows Phone") ||
HTTP.REQ.HEADER("User-Agent").CONTAINS("IEMobile") ||
HTTP.REQ.HEADER("User-Agent").CONTAINS("webOS"))
TL;DR
Traffic that gets switched meets the below conditions
- Does not contain /mobi in the path and query
- Does not contain the mobile=false querystring
- Does not contain /lib/ in the path.
- Does not contain a mobile device User-Agent
Responder Action for All Mobile Redirects:
Type: Redirect
http://www.intranet.com/mobile (Dummy link)
Responder Policy for Maintaining Full Version:
HTTP.REQ.HEADER("Referer").TO_LOWER.CONTAINS("mobile=false") && HTTP.REQ.URL.PATH_AND_QUERY.TO_LOWER.CONTAINS("mobile=false").NOT
If the referer contains mobile=false and the request URL does NOT contain mobile=false, we add &mobile=false to the end of the path and query. This maintains the Full Version status that was requested.
Responder Action for Maintaining Full Versions:
Type: Redirect
"http://" + HTTP.REQ.HOSTNAME + HTTP.REQ.URL.PATH_AND_QUERY + "&mobile=false"
Responder Policy for new Full Version Requests:
HTTP.REQ.HEADER("Referer").TO_LOWER.CONTAINS("mobile=false") && HTTP.REQ.URL.PATH_AND_QUERY.CONTAINS("?").NOT
If the user clicks the hyperlink (containing mobile=false) and they did not have a ? in the path and query, they get moved to the Full Version by adding a ?mobile=false to the path and query.
Responder Action for new Full Version Requests:
Type: Redirect
"http://" + HTTP.REQ.HOSTNAME+ HTTP.REQ.URL.PATH_AND_QUERY + "?mobile=false"
Friday, August 2, 2013
NetScaler Integrated Cache Not Expiring
Recently, we were attempting to publish updates to one of our domains in order to update one of the css files. This problem could happen with any file/site that the NetScaler caches in the Integrated Caching. After completing the publish, we tested to make sure that the updates took effect but they had not. The website was not showing any of the styles that we were applying through the master style sheet. We cleared the client cache as well as the server cache. This lead us to the NetScaler (NS) that we use to load balance our website.
We verified that the server was not being hit when calling the master style sheet, proving that the NS was caching the style sheet. I do not have much experience with caching on the NS so I had to do some digging.
The resolution was to flush the NS's cache of the master style sheet because it had an old version that was not expiring.
Steps to resolve:
We verified that the server was not being hit when calling the master style sheet, proving that the NS was caching the style sheet. I do not have much experience with caching on the NS so I had to do some digging.
The resolution was to flush the NS's cache of the master style sheet because it had an old version that was not expiring.
Steps to resolve:
- Log into the NS.
- Open the Integrated Caching feature.
- Choose the Cache Objects.
- Find the file that is not being updated when you makes changes.
- You can use the find to narrow down the selections. I was looking specifically for a .css cached object.
- Flush or expire the cached object that is causing problems.
- Attempt to contact the resource that was originally not working and verify that the cache is now updated.
Tuesday, July 23, 2013
Access Violation at Address in Module 'AMEngine.dll'
The error (the title) was received one day when working on a task that deals with
Excel. Network Automation tech support and I worked on resolving this for about
ten days to find out that the error was the name of the Excel worksheet. The error that BPA Server returns is not all that helpful when troubleshooting but the message itself makes sense. Basically you are telling Excel to write to a nonexistent worksheet, which it does not like.
If we break down the error:
If you see this error when writing to an Excel workbook, check your worksheet names!
If we break down the error:
- Access Violation
- This is because you are attempting to write somewhere that you can't. (It doesn't exist!)
- At address
- is where it was trying to write (presumably on the disk, not verified) at.
- in Module 'AMEngine.dll'
- AMEngine.dll is the dynamic library this is telling it how to perform the Excel write.
- After doing some research, the AMEngine.dll seems to be the Automate Task Interpreter.
If you see this error when writing to an Excel workbook, check your worksheet names!
Wednesday, July 10, 2013
File Conditions/Trigger
In BPA Server we need to be very careful when we are using file conditions and
file triggers. There is a large distinction between a file trigger and a file
condition.
- File Trigger
- A file trigger is a file "condition" used at the beginning of a workflow. This is used to kick off the entire workflow.
- ONLY THE BEGINNING
- To make a file "condition" a trigger, we set it to Wait for Condition and to wait Indefinitely.
- Once the condition is true, the workflow will store information about that file in the AMTrigger object.
- In the expression builder, this can be found in the Objects -> Triggers -> File System folder.
- File Condition
- A file condition is a file "condition" used anywhere BESIDES the beginning of the work flow. These can be used throughout the workflow as a Wait so that it will not continue until a file condition is met.
- IN THE MIDDLE
- To make a file "condition" a condition, we set it to Timeout after. Setting the time will change how long the file condition will check for a file. After that period it will stop the workflow.
- Once the condition is true, the workflow will store information about that file in the AMCondition object.
- In the expression builder, this can be found in the Objects -> Conditions -> File System folder.
Tuesday, July 2, 2013
CAML Query - SharePoint Action Automate Server
I have been working with a product called BPA(business process automation) Automate Server 9 for about 9 months now and I am finally starting to get comfortable with using the tool proficiently. I am using this tool to improve efficiency and reduce human error in processes that we have not been able to remove the human element from. One very neat use is with SharePoint and moving list items between lists, more specifically lists that are not in the same SharePoint site. With that said, I still have my fair share of mistakes and screw ups because let's face it...I'm human! This leads us to the meat of this post, shall we?
In BPA Automate 9(BPA), we can use CAML queries to help us interact with SharePoint Lists and libraries. I needed a CAML query that would limit the number of records to more accurately filter the data returned by SharePoint to improve the efficiency of my workflow. My goal was to avoid looping through all the list items on a SharePoint library because I only needed a list of the files, not folders.
There are a few things that helped me. The first thing is the following link, http://msdn.microsoft.com/en-us/library/dd582942(v=office.11).aspx. This allowed me to see what I needed in my query, using the Query section. The other thing that helped me is a program called CamlDesigner, which can be downloaded from http://sharepoint.biwug.be/Pages/Downloads.aspx. There is more information on how to use this at this link, http://www.camldesigner.com/?p=596.
There are some syntactical problems with using CAML when you are unfamiliar, as I am. I am posting a CAML query below that shows the format that BPA needs it in. The values in "" can all be change as long as the values are real and match what they are in SharePoint.
<View><Query><Where><Eq><FieldRef Name="FSObjType" /><Value Type="Integer">0</Value></Eq></Where></Query></View>
One of the first things that someone who is familiar with SharePoint and CAML queries will notice is that it is not formatted the way you would expect. It cannot be formatted like a normal markup language. It needs to be tight and without spaces like above. (I know, it doesn't seem to make much sense. I can only think that BPA formats it later so they want it in a nice neat string before they format it.)
In BPA Automate 9(BPA), we can use CAML queries to help us interact with SharePoint Lists and libraries. I needed a CAML query that would limit the number of records to more accurately filter the data returned by SharePoint to improve the efficiency of my workflow. My goal was to avoid looping through all the list items on a SharePoint library because I only needed a list of the files, not folders.
There are a few things that helped me. The first thing is the following link, http://msdn.microsoft.com/en-us/library/dd582942(v=office.11).aspx. This allowed me to see what I needed in my query, using the Query section. The other thing that helped me is a program called CamlDesigner, which can be downloaded from http://sharepoint.biwug.be/Pages/Downloads.aspx. There is more information on how to use this at this link, http://www.camldesigner.com/?p=596.
There are some syntactical problems with using CAML when you are unfamiliar, as I am. I am posting a CAML query below that shows the format that BPA needs it in. The values in "" can all be change as long as the values are real and match what they are in SharePoint.
<View><Query><Where><Eq><FieldRef Name="FSObjType" /><Value Type="Integer">0</Value></Eq></Where></Query></View>
One of the first things that someone who is familiar with SharePoint and CAML queries will notice is that it is not formatted the way you would expect. It cannot be formatted like a normal markup language. It needs to be tight and without spaces like above. (I know, it doesn't seem to make much sense. I can only think that BPA formats it later so they want it in a nice neat string before they format it.)
Subscribe to:
Posts (Atom)