Citrix Synergy 2019 – Lunch Table Tech Chats

Breakout sessions may take a pause during the midday break, but Synergy learning and networking opportunities don’t stop, even for lunch, thanks to the volunteer Citrix User Group Community members and Citrix Technology Advocates who lead Lunch Table Tech Chats every afternoon in the Solutions Expo.

These informal but insightful discussions are designed to help you make new contacts and gather fresh approaches to your IT challenges while you eat. No need to sign up in advance; just find a topic that interests you and pull up a seat!

Lunch Table Tech Chats
Tuesday, May 21 – Thursday, May 23, 12:15 p.m. – 1:30 p.m.
GWCC, Building C, Level 1, Hall C4, Solutions Expo



Views: 34

Read More
Citrix, Community, CTA

Citrix Technology Advocate (CTA) Recognition

Community Champions: Citrix Technology Advocates (CTA)

I am honoured to being recognized as a Citrix Technology Advocate. I will keep contributing to community and to technology of my passion.

The main objective of the CTA program is to provide Citrix enthusiasts meaningful recognition for their community contributions, provide unique opportunities to connect with Citrix peers and internal stakeholders that will enable a continued growth and performance in their careers.

They spend countless hours sharing knowledge and connecting with community peers. Below are a couple of examples of their dedication, but the list is not exhaustive:

– Sharing their proficiency in the Citrix technology stack
– Participating in online forums such as CUGC and other technology forums
– Blogging about their experience with technology
– Speaking at Citrix and related industry events
– Supporting community programs
– Providing strategic feedback to Citrix product teams
– Volunteering for community initiatives such as leading local user groups, hosting lunch table tech chats at Synergy, participating in focus groups

These Citrix Technology Advocates are recognized for their wonderful contributions to the Citrix community, with benefits such as:

– Private community on
– Citrix education discounts
– Private Slack channel with key stakeholders
– Hosted networking engagements at Citrix Synergy and local CUGC meetings
– Unique opportunities for product feedback
– Exclusive product updates and tech previews
– Cadence of meetings with key Citrix stakeholders
– Candidate Contributions

Congratulations to other current and new CTA members! Thank you Citrix!

More information:

PS: Feel free to join our active Facebook groups:

Citrix Certified

NetScaler SME

Citrix Endpoint Management

Views: 140

Read More
Citrix, VMware, XenMobile

VMware Fusion 10 – Cannot import .ova virtual appliance templates anymore?

I came across this situation after upgraded Fusion 8 on macOS from to version 10 and didn’t manage to import anymore some particular .ova virtual appliance tempalates in to it. e.g. Citrix XenMobile virtual appliance.

VMware Fusion 10 fails to import .ova template and gives an error: “Invalid target disk adapter type: pvscsi”. Apperantly latest OVF Tool included in it has a bug to import if SCSI Controller type configured in template as “VirtualSCSI” = pvscsi.

Workaround, before VMware fixes this issue, extract .ova template and change the SCSI Controller configured in .ovf file from “VirtualSCSI” SCSI Controller
to “lsilogic”.


1. Extract .ova file and you’ll get three files;

– opt.ovf
– opt.vmdk

2. Open opt.ovf file and edit SCSI Controller section in it from “pvscsi” to “lsilogic”;

<rasd:Description>SCSI Controller</rasd:Description>

3. After file edited you still cannot import it as the manifest file “”, which has been SHA signed, doesn’t match anymore to the original opt.ovf file signed.

4. Use OpenSSL to sign manifest file again (download and install OpenSLL first);

– Openssl sha1 *.vmdk *.ovf >

5. After signed manifest file again you’re good to go and import .ova template succesfully. Of course it now uses different SCSI Controller, but it works at least for the latest Citrix XenMobile .ova template.

Views: 4682

Read More
Citrix, NetScaler

NetScaler Gateway – Two-Factor Authentication – How to hide 2nd password field

Some two-factor products (e.g. DUO, SMS Passcode) require you to hide the 2nd password field. Easiest way is to use Rewrite policies, which works both Web browser and Receiver self-service.

Tested with:

Citrix Receiver for Windows 4.6.0
Citrix Receiver for Mac 12.4.0
NetScaler 11.1

If you have any file level customizations on NetScaler, it needs to be reset as per default settings before doing these Rewrite policy – modifications.

For Web browser:

1. Create a Rewrite Action

Header Name: Set-Cookie
Expression: (“pwcount=”+ 1″)

2. Create a Rewrite Policy

Action: Select the rewrite action which you created
Undefined Result Action: -Global undefined result action
Expression: HTTP.REQ.HEADER(“Set-Cookie”).CONTAINS(“pwcount”).NOT

Bind this policy to the Netscaler Gateway Virtual Server where 2FA is configured.

For Receiver Self-Service:

1. Create a Rewrite Action

Expression to choose target location: http.res.body(1024)
Expression: “rn”+”<META http-equiv=”X-Citrix-AM-GatewayAuthType” content=”SMS”>”
Pattern: content=”text/html; charset=UTF-8″>

2. Create a Rewrite Policy

Action: Select the Rewrite action which you created
Undefined Result Action: -Global undefined result action
Expression: http.req.url.path.endswith(“vpn/index.html”)

Bind this policy to the Netscaler Gateway Virtual Server where 2FA is configured.


Views: 3252

Read More
Citrix, Exchange, NetScaler

NetScaler – Restrict SMTP Relay

Quick way to restrict Echange SMTP Relay in NetScalers is Extended ACLs. SMTP Relay can be restricted on Exchange servers or Firewalls using ACLs. Sometimes Firewalls could be managed by 3rd party company and it would be easier to manage ACLs on NetScaler. Here is an example how to configure it on NetScaler console:

#add Ectended ACLs
add ns acl InboundSMTP1 ALLOW -srcIP = -destIP = -destPort = 25 -protocol TCP -priority 101
add ns acl InboundSMTP2 ALLOW -srcIP = -destIP = -destPort = 25 -protocol TCP -priority 102
add ns acl InboundSMTP3 ALLOW -srcIP = -destIP = -destPort = 25 -protocol TCP -priority 103
add ns acl InboundSMTP4 ALLOW -srcIP = -destIP = -destPort = 25 -protocol TCP -priority 104
add ns acl InboundSMTP5 ALLOW -srcIP = -destIP = -destPort = 25 -protocol TCP -priority 105
#deny rest
add ns acl InboundSMTPSDeny DENY -destIP = -destPort = 25 -protocol TCP -priority 300
#apply ACLs
apply ns acls
#save netscaler config
save ns config




Views: 1013

Read More
1 2 3 7