Thursday, October 29, 2015

Output SMS from Powershell (RedOxygen)

I have been completing some investigatory work around SMS gateways recently, specifically for our new contact centre suite to contact our customers.

I came across a SaaS based gateway product called RedOxygen.  They have a number of methods of sending SMS messages, ranging from an Office plugin, to a documented API.

My interest was the latter option as this is what we plan to use.  You can sign up for a free account which gives you 25 free messages (very useful for testing).  There is an interface option for HTTP GET and POST to send your messages which is easy to combine with lots of programming/scripting languages.

I am not a programmer or developer but I have worked with Powershell before, so I set myself the challenge of creating a little GUI which will take input from a user to type a telephone number and a message which upon hitting a button, would send the message to a mobile phone.  I also wanted it to display a return result to inform the user if there was a problem.
Here is the result.

[system.reflection.assembly]::LoadWithPartialName( "System.Windows.Forms")

#if like me you have a authenticated proxy server in the way
$global:PSDefaultParameterValues = @{

#Fill in RedOxygen account details here.

#This function will send the SMS
Function SendText
$global:SMSresultlabel.text = ""

#Retrieve SMS message from textbox
$global:SMS = $smsinput.text
#Retrieve Telephone number and remove trailing 0
$global:number = $numberinput.text -replace '^0'

#build POST data



#Run the HTTP POST command and return result
$global:result = Invoke-WebRequest -Uri -Method POST -Body $POSTDATA | select-object -ExpandProperty RawContent

#Display result in variable
$global:SMSresultlabel.text = $result

# General Form option
$form = New-Object Windows.Forms.Form
$Form.Size = New-Object System.Drawing.Size 400,500 
$form.text = "SMS Sender"

# This is a simple infolabel for Telephone Number
$Telinfolabel = New-Object Windows.Forms.label
$Telinfolabel.Location = New-Object Drawing.Point 50,30
$Telinfolabel.Size = New-Object Drawing.Point 300,20
$Telinfolabel.text = "Enter the telephone number below"

# This is where an user types Telephone Number
$numberinput = New-Object Windows.Forms.textbox
$numberinput.Location = New-Object Drawing.Point 50,60
$numberinput.Size = New-Object Drawing.Point 200,30

# This is a simple infolabel for SMS message
$SMSinfolabel = New-Object Windows.Forms.label
$SMSinfolabel.Location = New-Object Drawing.Point 50,90
$SMSinfolabel.Size = New-Object Drawing.Point 300,20
$SMSinfolabel.text = "Enter the message below"

# This is where an admin types in the SMS message
$SMSinput = New-Object Windows.Forms.textbox
$SMSinput.Location = New-Object Drawing.Point 50,120
$SMSinput.Size = New-Object Drawing.Point 200,200
$SMSinput.Add_KeyDown({if ($_.KeyCode -eq "Enter") 

# This button is used to run the SendText function
$Go1button = New-Object Windows.Forms.Button
$Go1button.text = "Go!"
$Go1button.Location = New-Object Drawing.Point 260,60

# This is a simple infolabel for SMS result
$SMSresultlabel = New-Object Windows.Forms.label
$SMSresultlabel.Location = New-Object Drawing.Point 50,200
$SMSresultlabel.Size = New-Object Drawing.Point 300,200

# Add the controls to the Form

# Puts focus in the text box on launch
$Form.Add_Shown({$Form.Activate(); $numberinput.focus()})

# Display the dialog

Here is how it looks
Successful text

Text Received on my phone

Unsuccessful Text

Clearly the powershell code above could be improved upon with number validation and improved feedback rather than the RawContent from the Invoke-WebRequest.  The main thing I wanted to do is prove how easy you can send SMS's from Powershell.

I guess this might be useful for those weekend scripts or if certain systems fail.

Have fun with it.

Monday, July 27, 2015

Workspace Control doesn't work

Workspace control is a feature of Citrix where users are able to seamlessly reconnect to their active or disconnected sessions from other devices.  It is part of a wider feature set called Smooth Roaming which has been part of ICA for a number of years.

Recently I found that our production Citrix Access Gateway environment stopped supporting Workspace Control.  Users who became disconnected from their desktop session were unable to reconnect to that same session because it was "active" between the CAG and the XenApp box.  It meant that admins had to disconnect the session and on next desktop launch it would reconnect.

The other thing to note is that Citrix built a couple of buttons to handle these actions manually.  They showed underneath the Logon button in Web Interface.



These buttons only show up in Internet Explorer and if the WI site is in Trusted Sites or the specific setting you need to DISABLE is

"Only allow approved domains to use activeX without prompting"

At this point I will acknowledge that using WI 5.4 and CAG 5.4 is pretty old school and an upgrade is being designed, but for those living in the real world and can't just upgrade willy nilly (especially given the fact StoreFront has had some serious issues) WI 5.4 is still pretty important.

So why did it stop working all of a sudden?

Well I don't know, my gut feel is that Microsoft have updated IE11 or a core component.  But I have a workaround.  If you put the WI site into compatibility view mode, the disconnect/reconnect buttons show up and Workspace Control automatically reconnects your sessions on logon (as long as your settings in WI cater for it).

Tools > Compatibility View settings

The user is also then able to configure their own settings too.


Hopefully this workaround will relieve your admins whilst you upgrade to Storefront etc.


Tuesday, June 30, 2015

Preparation for Azure lab

Recently I have been completing some test work with Azure, Azure AD and ADFS.  In the next week or two I will be doing some work with the Enterprise Mobility Suite (Intune for MDM, Azure AD Premium and Azure Rights Management).

Hopefully I will be able to blog some random information from my experiences, but this post is to identify potential speed bumps before you attempt to use Azure, Azure AD and ADFS.

Using Azure virtual machines and storage costs money.  When you sign up you must provide valid credit card information.  You are given a £125 trial for a month, but after that it will cost you.  You can configure spend limits which will stop surprise bills being racked up each month.

If you have a Visual Studio or MSDN subscription you actually get free credits.  I have a Visual Studio Ultimate Subscription through my work so I get £95 a month to spend in Azure (which is plenty for labs).

MSDN Credits

Make sure you turn off your Cloud Instance when you are not using it.  This will drastically reduce the cost of running your lab from the cloud.

Buy yourself a domain name.  Doesn't matter what as long as you like it.  I'd be tempted to use a popular registrar such as GoDaddy as the verification mechanism for Azure works really simply with the big registrars.  My registrar had to manually load some DNS TXT records which couldn't be completed in my admin interface.

Wildcard Certificate
The wildcard vs named certificates is an interesting debate which will continue forever I suspect.  I can see the pros and cons, but in this environment it is MUCH easier to have a publicly trusted wildcard certificate.  These can be quite pricey from some Certificate Authorities.  I used a CA called StartSSL who actually charge you on verification rather than per certificate.


You can create a free account and generate free named certificates, but you will soon hit a brick wall with certain services which required alternate names etc.

StartSSL Verified (which allows you to create as many wildcard/SAN certificates as you like) will set you back about $60 per year.  To complete this process you have to send them some personal documentation which did make me a little uneasy, however saving a few hundred quid was worth it I think.

StartSSL Verified

Internet Connection without outbound port blocking
This one will only apply to a small portion of the population.  Wherever you plan on connecting to your Azure cloud instance from, make sure they do not block outbound ports.  Most companies only allow a small set of ports outbound like 80,443,25 etc.  These are all used for business purposes but the likelihood of them allowing 3389 through the firewall is low.

Have a chat with your network team at work or connect to Azure Cloud Instance from home.

Lastly some links
Here are some articles I read to help me build my labs

Have fun!

Thursday, June 25, 2015

Citrix User Group - London - 2015

The event was held at the Novotel on Blackfriars Road in London. Unbeknown to me it was the 13th session in the UK (my first).   The announcement of the Citrix User Group Community at Synergy made me more aware of these events.

So how was the day?

Well it was bloody good fun, unusual for these types of events. Lots of jokes, a few swears but crucially some really interesting technical information.
News & Synergy Update
Neil Spellings

Firstly Neil ran a news update session which covered the Eliot group shareholders analysis of Citrix's business strategy.

Forbes article
He also covered some high level Citrix news including Xenserver 6.5 sp1 release, acquisition of telephony provider Grasshopper and resurrection of the domain which Citrix purchased some years ago for Citrix Workspace Cloud.
He also showed that Citrix and Xenmobile specifically is in top quadrant for EMM.

Neil followed up with a whistle stop tour of Synergy highlights.   Firstly Citrix say they love XenApp and backed it up by extending XenApp 6.5 support by a year to 2017.

He covered the tech preview of Framehawk which will be in Feature Pack 2.  This provides excellent graphical performance on poor network conditions.

Citrix also announced that they will be releasing the Linux VDA which has been in tech preview for a while and the discussed how the Receiver platform will be unified across the devices with the help of StoreFront 3.0

They announced a new proposition called Cloudbridge virtual Wan, which can connect multiple sites using different network connections. It can provide a cheap way to move away from traditional MPLS.

Netscaler 11 will have a mechanism to move Citrix services behind a content switch... Yay!   This will reduce the amount of public IP addresses you need on your Netscaler when publishing Storefront, xenmobile, sharefile etc.

Citrix Workspace cloud was a huge announcement which was briefly mentioned as an idea last year.   Now there is a proper environment you can test with.  This will move the Citrix controllers from your data centre into the cloud.  It could save administrators lots of time!


Citrix customer visits
Ben Dowen
Ben is a Senior Software Test Engineer at Citrix and he gave the opportunity for customers to visit engineering in Cambridge to talk about challenges and see products being built.  This sounds like a fantastic opportunity for heavy Citrix customers.  If you are interested then get in touch with him on Twitter.

Storefront 3.0
Simon Frost

Simon is the chief architect for the Storefront team in Cambridge.   He publicsed the fact that Storefront was built in UK.

The 3.0 version will include the following
Chrome npapi replacement, edge support
Customisation, routing for sites, Xml service based authentication and enhanced monitoring for netscaler.

Simon discussed scalabity and dismissed the folklore around there being maximum of 5 Storefront servers per group. This isn't true as they tested with 6 servers and they could login 175k users an hour.  It can also increase with extra vcpu in a linear fashion.

They can complete 40k users in 15 minutes with 2 Storefront nodes.

Npapi replacement will be included for Chrome which will stop ICA files being downloaded.   This will be achieved using custom URLs which will be used to bridge gap between browser and receiver.   This will be important going forward as Microsoft Edge browser has no active x.

This will reduce situations where Ica files are found on disk.   SF 3.0 will provide the ability to change between html5 and native receiver.

The new architecture adds a Web browser element to receiver which downloads and caches the website effectively. This makes it easy to look consistent across all devices.

3.0 provides documented custom content (CSS level), vs easy image pickers for custom UI. Allows the work flow to be change significantly, so something between auth and loading apps or just be branded correctly.

Customisations will remain after upgrades as the files are stored in a custom folder.... not like old Wi days!

There are lots of CSS options like removing toolbar on small (mobile) devices.

Receiver 4.2 finally provided key features again like desktop apps, named folders etc. Very admin and enterprise focused.

Prefer keyword for second hop launch

What is on the Road map?
There will be improved powershell for installing and configuring Storefront and a better admin console.

No plans to embed SF in the Netscaler. This is because it is easier for internal and external users to only have 1 Storefront rather than hairpining.

End of June is when it should be released!
Fraser Norman - UK territory manager

Next up was LiquidwareLabs. The first mention from Fraser was that he was non techie... Ouch.. In front of a room of techies!

In fairness he showed his product very well. They position themselves as a Citrix Ready Partner in the Desktop transformation space, migrating from XP to Windows 8.

Their core offering us understanding what people use physically now and whether VDI is the right move by installing agents on PCs which collects data and produces reports.

They have a product called Profileunity which can move profiles across different platforms. Very attractive to companies going through complex desktop change programmes.

They can provide privilege escalation per app which  is useful for unruly applications which aren't written correctly. Not ideal but fixes some potential issues if the application is important.

Flexapp is one product they have which virtualises apps by streaming from Vhd files.

Stratusphere FIT (assesment) and UX (baseline and remediation) are other tools which can be used before a desktop transformation project and during change control windows to ensure the platform is performing how they should.

Fraser had a video demo which showed adding and removing these streamed apps very quickly but look and feel native.
Pernix data
James Smith -  SE

Next up was Pernix data.   They are a Vmware technology which was curious at a Citrix User Group, however many Citrix end users (including myself) use Vmware to virtualise their OS platforms.

This tool helps remove complexity and latency to speed up apps. Satyam Vaghani who wrote vaai and VMFS is one of the founders of Pernix data. Their product is VM and Storage agnostic.

How does it speed up applications? It shares VM resources (RAM, SSD etc.) across hosts to speed up access and caching for backend storage.  It works with anything in the vmware HCL.

It helps move storage performance to hypervisor layer and leave backend storage for capacity.

Very interesting!
Matthew Nichols

Matt is a Solution Architect with Esteem and  demoed a technology that Citrix recently acquired called Octoblu.  This is a IoT technology that can produce workflows to complete business tasks.

It was demonstrated at Synergy

His demo showed tweets sent to the #ukcuglon hashtag output on a LED screen. It completed this through a node running on Raspberry Pi.

It was very interesting, but not sure how Citrix will monetise this effectively.

Matt is hilarious too, I haven't laughed so much through a demo in ages (whilst still learning lots too!)

User profile management, is it just a load of FUD
James Rankin - Talosys

James talked about managing profiles and whether non native products can actually provide benefit over roaming profiles.

He did a good deep dive on how traditional roaming profiles work and the issues. He also showed the history of these platforms and what can cause profile issues, described as profile failure due to Microsoft refuting the term profile corruption.

He typically found that most customers who had issues had the GPO for limiting profile size.

There are other things which external products can provide like removing the last writer wins issues. These tools fall into 2 categories, light tools e.g.
Citrix, Fslogix and Immidio. On the other side there are heavy tools sets or platforms including Liquidware, Res and Appsense.

He finished up with the relevation that MS have their own tool as part of the MDOP pack called Microsoft user experience virtualisation.

Gary McAllister - Product Manager 

Gary McAllister from AppSense did a session update on their product set.

Desktop Now 8.6 has a cut the amount of infrastructure required to run EUM in half.  There is also dedupe in database which drastically reduces the size of the DB.

There is easier on boarding of profiles and apps and now has the ability for end users for rolling back parts of their profile.  This feature has been available for admins for a while, but extending it to the users could save help desks some time.

App Manager 8.9 has the ability to lockdown windows 8 apps which is really useful for Enterprises.  It can also control admin access to services so local administrators cannot stop certain key services.  I am not sure how secure this is, I would imagine that there must be a way around this albeit it might be quite destructive.

Performance Manager - Same old, nothing new to report here.

AppSense Insight looks like Citrix Edgesight product set by providing a breakdown of user experience e.g. showing why logons are slow.  Going forward AppSense Insight will be able to use this information to auto configure other products going forward rather than admins having to interpret the data and make changes accordingly.  This could help save admin time, but scares the hell out of me.  Do I want a tool automatically changing configurations on the fly?  Probably not, this is why we have Change Control!

AppSense Exchange
Templates and tools can be uploaded by the forum.  Templates will allow quick updates rather than waiting for service releases.

V10 simplification of what they do at the moment. Managed from Unified Web console and very nice it looks too.

I haven't used AppSense myself but it does seem like a huge swiss army knife to tackle many typical VDI and RDS workload issues.  The trouble is that the price tag matches it which can price out smaller customers.
An end to the java version hell
Fslogix-James Rankin

James came back to present another session on behalf of Fslogix. They have a product which hides java from the OS.

He started with the now legendary quote.

If java were a person I would kick it's face in!

He showed us how multiple versions of Java can be installed and presented to websites based on configuration rules. This looks excellent!

They also have some tools around Profile management, reverse layering, image management, app delivery.

Citrix life cycle management and Workspace cloud
Andrew Wood & Jim Moyle

Jim and Andrew from Atlantis did a presentation on Citrix Workspace Cloud and life cycle management. Well eventually, after many techy issues the monitors finally worked!

These tools Split the control layer apart from worker layer much like sharefile does and makes it SaaS. So you could have Citrix Studio as a cloud based app. It uses connectors in your data centre to connect to all of the VDA.  It connects back to on outbound 443 which will make the firewall people happy!

They showed Citrix life cycle management which is a template provisioning service.  It could trigger build and deploy on monitors e.g. build machines when usage goes above a certain percentage.

Q3 release date
Auth flexibility for XA/XD and NSG
Andrew Innes

Andrew discussed authentication flexibility for Citrix technologies using the SDK.

He showed a graph of attack vectors from Verizon DBIR which shows credentials as the weakest/most targeted item by hackers.

Verizon recommend enabling 2FA which can take many forms including Tokens, biometrics, phone apps, smart cards, gridcards

The SDK provides the mechanism to perform Risk based authentication. Ask extra questions when logging on from different or untrusted locations.

The SDK also provides a way to create a Legal disclaimer, custom auth checks (shift patterns), Identify user first then pointing to auth method and Password reset link to external service.
XenApp powershell DSC
Virtual Engine - Iain Brighton

Desired state Configuration
Any configuration tool which can create MOF files can be used to push configuration out to Windows machines. Extending tools like Chef and Puppet to manage Windows endpoints using powershell.

This session was a little complicated and went over my head a little. However it looks very interesting and I'll be investigating more!

Wednesday, June 24, 2015

Add File Extensons via Powershell

We are using an extraction tool to export data from one of our business applications in preparation to switching to our ERP solution. Unfortunately this tool doesn't add the file extensions to the exported files!

So I needed to create a powershell script to do the job for us.

As with most things there is no point reinventing the wheel.  I did a google search and found this useful blog post.

The script was pretty much there, but I needed to tweak it slightly.  I added a line which asks the user which file extension they want to use.  I also changed it so that it would only change files which currently have no file extensions configured.
What users are presented with

The result is as follows
$extractedfiles = Get-ChildItem | Where-Object {$_.Extension -eq ""}
$fileext = read-host "what file extension?"
ForEach ($file in $extractedfiles) {
$filenew = $file.Name + ".$fileext" Rename-Item $file $filenew
All files without extensions are now .jpg

Monday, January 19, 2015

Windows 2012 R2 install fails

Whilst installing a Windows 2012 R2 virtual machine in Hyper-V, I received the following error message immediately after choosing the edition.

"Windows cannot find the Microsoft Software License Terms.  Make sure the installation sources are valid and restart the machine"

I had built many 2012 R2 servers in my lab previously so wondered what was different here?  The only thing I had changed was the amount of RAM to 512MB as I had a number of virtual machines already running.  When you change the RAM to 1024MB this problem no longer occurs.

I wish Microsoft would do a RAM check and show a message which said "not enough RAM" rather than this cryptic mess.