Citrix Workspace Authentication: Federated Authentication Services


I have one primary key to let me into my house. Once I’m inside my house, I can see many resources that I might want to use like a bed, bathroom, safe, TV and a freezer. However, some of these resources are secured with a different key. I might have a code to access NetFlix. There might be a lock on the bathroom door.  There is a lock on the safe.  There is even a key to access the freezer (gotta protect those bratwurst). The keys I need once I’m in my house are secondary. They provide me access to … Continue reading Citrix Workspace Authentication: Federated Authentication Services

Authentication: Push


One of my goals before the end of the year is to protect my online accounts with multi-factor authentication. I’ve been protecting many of my identities with TOTP. TOTP is a great way to add multi-factor authentication to our identity.  It adds the “something I have” to the “something I know”. However, I’m now running into a major user experience issue with TOTP. I’ve got too many tokens!!! When I try and authenticate to one of these providers, I have to load the authenticator app and find the right code before typing it in.  This is easy when I only … Continue reading Authentication: Push

Citrix Workspace Authentication: Citrix Gateway


One of the challenges with using cloud services is getting the same experience you had in an on-premises deployment. For the past 20+ years, many Citrix Virtual Apps and Desktop deployments utilized a Citrix Gateway to provide an ICA proxy through the firewall. For external users, Gateway also authenticated those users. Over the years, admins determined the authentication schema for their organization, most likely incorporating additional factors beyond passwords, like TOTP, certificates, RADIUS, nFactor, etc. Fast forward to 2019 and we now need to figure out how to use Citrix Workspace without impacting our secure authentication profile. Currently in tech … Continue reading Citrix Workspace Authentication: Citrix Gateway

SaaS and Web Apps in StoreFront


In a Citrix Virtual Apps and Desktops deployment, many organizations use StoreFront to provide access to Windows and Linux applications and desktops.  A lesser know feature, published content, can let StoreFront publish links to SaaS and web applications in an attempt to bring all resources together into a single view. (I see the differences between SaaS and web apps as follows: SaaS apps are browser-based applications hosted by a 3rd party while a web app is a browser-based app hosted within the internal datacenter).  Unfortunately, SaaS/Web apps introduces some interesting challenges for users: SSO – Users must remember the username … Continue reading SaaS and Web Apps in StoreFront

Logon: VM Start


Diagnosing long logon times is quite a challenge.  Citrix Director breaks our logon time down into unique phase to help focus your attention on an aspect of the entire logon process instead of logon in its entirety. Looking at my 100+ second logon time, I noticed I have a 24 second virtual machine start time.  This is new for my environment. If properly designed, the VM start time would add 0 seconds to a user’s logon time. We want our VMs ready before the user requests it. If we look at the power management settings I have for this delivery … Continue reading Logon: VM Start

Citrix VDA Performance


Winter in Minnesota.  Back the car out of my driveway, reach the road and my car immediately slides, sideways downhill.  I think I need new tires. One of the best practices I like to talk about is “Maintain, because set and forget does not work.” We all know it is important to maintain our systems, but rarely do we make it a priority.  For instance, how much of an impact would maintaining the virtual delivery agent (VDA) have on the performance of my virtual app or desktop session? Would it affect the server? Because the latest versions of the VDA … Continue reading Citrix VDA Performance

Synchronize vs Mirror


This has confused me with Citrix Profile Management… What is the difference between synchronizing a folder and mirroring a folder? When I say source and destination, I mean the following: Source = virtual desktop Destination = profile store The descriptions for both sound very similar, so I thought I would dig into this a little deeper by looking at what happens to items in the source/destination. Synchronize: New file (Source) – File is copied to the destination Modified file (Source) – File is copied over the file in destination New file (Destination) – File remains Mirror New file (Source) – … Continue reading Synchronize vs Mirror