You have not chosen to trust Equifax Secure Global eBusiness CA-1

Posted on November 10, 2008 by blandname

Though the Citrix client comes as part of the default install on SuSE Linux Enterprise Desktop, unfortunately the root certificate is not installed for the Citrix ICA client, and furthermore requires an extension that is slightly different than the certificate vendor’s version.

When attempting to access a Citrix secure web gateway on SuSE Linux Enterprise Desktop, you’ll get the following error: You have not chosen to trust “Equifax Secure Global eBusiness CA-1″
Here goes:
Install the root certificate by opening a root x terminal session:

wget http://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority_DER.cer && cp Equifax_Secure_Certificate_Authority_DER.cer /usr/lib/ICAClient/keystore/cacerts/Equifax_Secure_Certificate_Authority_DER.crt && exit

Browse to your Citrix web gateway again and login, then run an application.

Presto!

(PARDON THE LINEWRAP, BUT THIS ONE-LINER IS WORTH IT)

Citrix to Announce XenSource Purchase

Posted on August 14, 2007 by blandname

The Register is reporting that Citrix will be letting everyone know tomorrow that it plans to acquire XenSource tomorrow.

This doesn’t come as much of a surprise as we know Citrix has been looking long and hard at a virtualization platform.

While this seems to be a very good move on behalf of Citrix, it remains to be seen what the fate of the open source Xen project will be.

As predicted, 2007 is shaping up to be the year of the virtual machine with Microsoft, SWSoft, EMC/VMware and now Citrix ready and set to keep spending and marketing this paradigm.

Manage Linux Workstations Using Xming

Posted on October 19, 2006 by blandname

SSH is one powerful tool. You can do just about everything under the sun using an SSH login to a remote computer. SSH works very well in low-bandwidth situations like dialup, or satlinks.

But wakeup, we’re no longer in the 80s – people want GUIs, let’s give them fancy-pants graphics, bouncing cursors and silly linux wizards. Remotely.

Enter Xming, what I would name as top of my favorite applications. Xming is just like X over SSH, for dummies (or people who would rather spend more time working).

Xming allows you to connect to remote or local Linux workstations and servers and run full graphical applications on those remote machines on your local Windows computer.

Here’s how it works: all of the applications are run remotely, but when it comes to the graphics, the information that would invoke the graphics is sent to your local computer, not a bitmap or a sequence of bitmaps like VNC. Xming uses a local X server on your Windows computer in order to display your remote applications. This local X server is 2D accelerated, and it’s sometimes difficult to even notice that you are working remotely.

Since Xming can run in windowed or full-screen modes, you can establish thin client connections in this fashion, or you can publish applications Citrix-style.

Xming is completely free to install and setup. It is a great way to manage virtual machines, and in fact is often faster than Microsoft’s Virtual Server ActiveX control (surprised?), VMWare’s Virtual Machine view (even with VMWare tools!), and even Parallels speedy virtual machine view.

To set the whole thing up, you’ll need a computer running Microsoft Windows, one Linux box, a network connection between the two, but you won’t need much effort.

First install the Windows Xming server on your Windows computer. We’ll use Windows XP SP2 in this example, but it could easily be other varieties. Xming can be found on Sourceforge quite easily, download it, run the install (use defaults), and start XLauncher.

On the Linux computer this are slighlty more complicated, but not by much. For Gnome or KDE on Ubuntu Edgy, go to the System>Administration menu in your menu bar. In Administration, we’ll select login preferences as we’ll be setting up a new logon method (we’re using XDMCP). Select the Remote tab, and enable remote logon (same as local) to your Edgy Eft machine.

Now on your Windows machine, set up XLaunch to logon to your Linux machine using it’s IP address. Save the setting if you want, and connect. You will be presented with a logon screen to your Linux desktop!

Running Terminal Server on Windows XP

Posted on September 19, 2006 by blandname

This hack will allow you to connect multiple time to your Microsoft Windows XP machine using an RDP client coming from a Mac, Linux, or another PC like a real Terminal Server, or a Windows Server running Citrix.

In detail, this hack patches many pieces of Windows XP in order to allow the same Terminal Services functionality that you find in Microsoft Windows Terminal Server, but without the licensing costs. The stability of the hack has not been verified, but the virtual machine used has been running for over a week now with 20 conenctions to it and has yet to fail once.

In order to perform the hack you will need one external file, some guts, and a backup. The backup is extremely important. I highly recommend that you test the procedure using virtualisation technoloy like Parallels, Virtual Server (free), or VMWare Server (also free). You have no excuse to procede without a backup – consider yourselves warned.

Let’s begin.

The file needed for the hack is actually a combination of some registry tweaks and DLL/EXE patches made by “antiwpa”. antiwpa is known for dealing with another Windows XP issue that we won’t get into here – I’m sure you can guess what it is easily.

No that you have the file, and backup, we’ll extract it and start the install process. It’s quite simple – you double-click on the application, it starts a command line window, you press a key and the patch commences. Eventually the command line portion will end and you will get a Windows warning regarding system files having been replaced – we’ll cancel the restore “feature”, and let Microsoft know that we are running untested code by pressing the “yes” button on the next window.

A second patcher launches with full GUI this time. We click on the “patch” button and we are finished. Easy huh?

Moving on… If you try to connect to the XP machine now, you will notice that the maximum number of connections has been reached. This is easy enough to fix, but it’s readily apparent where we need to go. Click on Start, then Run, and type in:

gpedit.msc

Once the Group Policy Editor has opened, navigate to “Computer Configuration”, “Administrative Templates”, then “Terminal Services”.

In the “Terminal Services” tree, you’ll see a policy named “Limit number of connections”. Double-click on this policy. Set the policy to enabled, and adjust the maximum connections to suit your need. I recommend trying “2″ to start off with.

Now reboot your machine, and attempt to connect the amount of times you have specified. If you need mre connections, navigate back to the policy editor and set the maximum amount higher.

Once you have completed your testing, back the machine up once more for good measure. If you don’t have disk imaging software, I’d recommend using the open source g4u – otherwise commercial applications such as Symantec Ghost will work.

Moving on, if you feel the need to manage the users (log them off, control sessions) like on a real Terminal Server, you can grab a copy of the “tsadmin.exe” file from a Windows Server 2003 machine’s “SYSTEM32″ folder and copy to the Windows XP machine’s SYSTEM32 folder. Running TSAdmin is as easy as clicking on Start, Run, then typing tsadmin, but you might also want to make a shortcut to the file for good measure.

Publish a Remote App Using Longhorn Server

Posted on August 27, 2006 by blandname

A thumbnail of the result

First you will need to add the Terminal Services Role to your Longhorn installation either through the Roles Wizard or by using the Software Manager. You may also wish to install the Web TS Role while you are there to allow users to connect to a website, authenticate, and run a remote app easily. Once this has been completed, restart the system as required and head to the Administrative Tools Control Panel. Here you will find the Remote Programs applet. From here we can browse to an application to publish, and export it as an RDP file compatible with both Vista and current versions of Windows. You may also wish to add authentication to the file, but remember that if the file will be used on another system the authentication settings will be lost. In my case I used Word 2007 Beta – so I log in, and the window goes full screen with only Word loaded! This is a great way to securely publish apps with the right config, and I can’t wait to see what happens in the final version. This is very similar to what Citrix does, but presumably (keeping fingers crossed).

blandname

we’re here to help

Category Archives: citrix

You have not chosen to trust Equifax Secure Global eBusiness CA-1

Citrix to Announce XenSource Purchase

Publish a Remote App Using Longhorn Server