Wednesday, 11 April 2018

Writing better DSC Configurations with Configuration Data

Configuration Data in Windows PowerShell Desired State Configuration (DSC) allows you to separate the what from the where. Configuration Data enables you to write better DSC configuration. Configuration Data is defined as a Hash table and is passed in when the configuration is compiled. If you're using Automation DSC on Azure, that looks like this:

As you can see on the last line, the configuration data is imported as part of the Automation DSC compilation job.

The basic layout of a Configuration Data file is:

Each Node entry must have a NodeName property as this property is used to generate a MOF file for each node in the AllNodes array.

When you import a Configuration Data file, new variables are available to you when defining your configuration. These variables allow you to define more sophisticated and succinct configurations. The variables are:

  • $AllNodes - Refers to the AllNodes array, use this variable with .Where() and .Foreach()
  • $Node - Refers to the current node within the AllNodes array once the array has been filtered
  • $ConfigurationData - This refers to the entire configuration data file hash table

You can use AllNodes.Where() to select specific nodes, for example, let's say we have a node that has a property of Role, and that role is defined as either DomainController or FileServer. Let's use the below configuration data as an example:

When you compile the above configuration, with the configuration data, you will get two MOF files, one for DC1 and one for FS1. The DC1 configuration file will only have settings for the DNS and NTDS services, the FS1 MOF file will only have settings for a File on D:\.

You can go one step further than this, by using the $ConfigurationData variable to access data outside of the $AllNodes block. Let's look at the below example:

In the above example, the configuration will loop through each of the services defined on a role and add them to the configuration.

Now let's assume that you have heaps of software, features, services and other settings you need to deploy to each of your nodes. You're going to start saving lines in your configuration, and eliminating code that would otherwise be repeated.

Sunday, 11 June 2017

Add-HybridRunbookWorker : Machine is already registered to differnt account


If you receive the error: Add-HybridRunbookWorker : Machine is already registered to differnt account

Simply delete the key under: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\HybridRunbookWorker and try the command again.

Saturday, 10 December 2016

Procedure: Using a Responder to block access to a URL from a specific subnet

Create the responder action

In the Expression below, I am creating a HTML response that will respond with the blocked URL, the CLIENT IP and the CLIENT subnet, which is based on a 24-bit mask.

Create a Responder policy

In the expression below, I am checking if the red URL is being accessed and if the subnet (again 24-bit mask) is in the subnet that is not permitted.

Bind the Policy to the vServer

This is a simple process, click the + symbol on Policies, select Responder and bind the responder policy that you’ve created.


From a blocked client

Check the reverse to ensure permitted clients are not blocked. The naming conventions for the NetScaler entities used in this blog post are not recommended in a production environment.

Wednesday, 5 October 2016

Citrix NetScaler - How to generate a CSR and Install Signed Certificate


Enable SSL Offload

1. Navigate to System –> Settings and click Configure Basic Features

2. Select SSL Offloading and click OK

Create the RSA Key

1. Navigate to Traffic Management –> SSL –> SSL Files

2. Click Create RSA Key

3. Enter in the following details (Only the fields marked * are required, but I recommend filling in more details) and click Create

  • A file name, you will need this later, so make note
  • A key size (2048 is OK – The higher the number, the longer it will take to generate)
  • The PEM format and PEM encoding algorithm
  • The passphrase

Create the Certificate Signing Request (CSR)

1. Click CSRs in the menu (It’s located here: Traffic Management –> SSL –> SSL Files)

2. Click Create Certificate Signing Request (CSR)

3. Enter in the following details:

  • Request file name
  • Key file name (Created in the previous step)
  • Format
  • Passphrase for the key
  • The Digest Method
  • The other required files

And click Create

Provide the CSR to the Certificate Authority (CA)

I’m using StartSSL in the example below.

1. Select the CSR and click Download

2. Open the Certificate in a text editor and copy the text

3. Paste the text into the CSR request form

4. Download your certificate

Install the certificate

1. In the top menu, click Certificate

2. Click Upload

3. Browse for the file that you downloaded (You can use the Apache files) and click OK

4. Navigate to Traffic Management –> SSL –> SSL Certificate –> Server Certificates

5. Click Install

6. Enter in a name for the Certificate-Key Pair, choose the certificate file (you just uploaded), the Key File and enter the password for the Key file

7. Click Install

Monday, 29 August 2016

Citrix Unified Gateway - It is all that!


Citrix Unified Gateway, the evolution of Citrix NetScaler Gateway. It really is all it’s cracked up to be. Sure it might not be feature complete just yet, but it’s a powerful solution that provides access to all your apps, desktops, email, and remote desktop from a single URL, with no client to install. Basically, NetScaler Gateway provides:

  • Any App (Internal, SaaS, Virtual)
  • Any Desktop (XenApp, XenDesktop, RDP)
  • Any Device (Windows, iOS, Android)
  • Any time
  • From one URL
  • With one sign-on (Single sign-on, access every app)

In the next series of blog posts, I will show you how to configure your very own NetScaler Unified Gateway.

Sunday, 7 August 2016

Citrix NetScaler–Configuring High Availability


If you haven’t already checked out my previous posts, you can start there and get a pair of NetScalers ready to configure as a HA pair.

  1. Installing NetScaler VPX on Client Hyper-V (Windows 10)
  2. NetScaler VPX - Initial Configuration

High Availability Configuration

1. Logon to your NetScaler (Either will do), no need to logon to both

2. Click System –> High Availability

You will notice that the NetScaler you are logged on to is already listed, that’s because it is part of a single-node high availability group.

3. Click Add

4. Enter the IP Address (NSIP) and the remote system login credential and click Create

5. Initially the node status will show as UNKOWN, click Refresh to check for an updated status

6. Save the configuration

7. The top right corner will show the current HA status.

IMPORTANT: Always make configuration changes on the PRIMARY node.

Saturday, 6 August 2016

Licensing Citrix NetScaler 11 VPX (Trial)


1. Configure a static MAC address on your NetScaler VPX VM to ensure it does not change, and make note of the MAC Address, you will need it in step 6

2. Login to

3. Navigate to the following URL:

4. Enter the License Key you were emailed when you signed up for the trial and click Continue

5. Select the checkbox next to your license key and click Continue

6. Enter the MAC Address and click Continue

7. Click Confirm

8. Click OK to download your license file

9. Logon to your NetScaler and select System –> Licenses

10. Click Add New License

11. Click Browse, browse for your license file and click OK

12. Click Reboot

Saturday, 30 July 2016

NetScaler VPX - Initial Configuration

If you haven’t already read my Installing NetScaler VPX on Client Hyper-V (Windows 10) post, start there and come back here when you’re good to go.

What I have done since that post is:

  • I have downloaded an updated version of the NetScaler 11.1, 10.5 was used in that post
  • I have repeated the steps in that post for a second NetScaler so I can configure a HA pair

Initial Configuration

Initially you will want to configure the following:

  • At least one Subnet IP Address (SNIP)
  • The Hostname and DNS Server/s
  • Install the license
  • Configure NTP
  • Change the NSROOT password and optionally add another user to administer the device with

The Welcome wizard makes many of these steps a little easier, I will use the wizard for the steps below but also show you where the configuration is saved by the wizard.

Add a SNIP

1. Click the Subnet IP Address option in the wizard

2. Enter in a SNIP mask combination and click Done

You can check it out later, the above information is saved in System –> Network –> IPs –> IPV4s (shown below)

Configure the Hostname, DNS Servers and Time Zone

1. Click The Host Name, DNS IP Address, and Time Zone step in the wizard

2. Enter a hostname for the NetScaler, Enter at least one DNS Server, select the Time Zone and click Done

3. You will likely be asked to reboot, go ahead and do that

You can check it out later, the Time Zone is saved in System –> Settings (Shown below)

The DNS Server/s are saved in Traffic Management –> DNS  -> Name Servers (Shown below)

The Hostname can be changed at any time by re-entering the welcome wizard or by using the CLI

To quickly view the Hostname, click your username in the top right

License the NetScaler

1. Click the Licenses step in the wizard

2. You have a few options for adding a license. I’m going to use a License Access Code

3. No matter how you add the licenses, you will need to reboot after adding them, so go ahead and do that

4. After restarting, you will be told what you have been licensed for, and the wizard should disappear

Returning to the Wizard

If you want to return to the wizard at any time, select the “Cog” in the top right corner of the menu

Configure NTP

It’s important for your NetScaler to have a reliable time source, so it’s best to configure an NTP server

1. Select Configuration in the top menu

2. Select System and then NTP Servers in the left menu

3. Click Add

4. Enter an NTP server address and click Create

5. Repeat the process for any additional NTP Servers

You may need to enable NTP synchronisation, to do this follow the steps below:

6. Click the Select Action drop down menu

7. Select NTP Synchronisation

8. Select ENABLED and click OK

9. Save your configuration by clicking the Save Configuration icon in the top right

Change the default password

1. Click Configuration in the top menu

2. In the left menu, select System –> User Administration –> Users

3. Select the checkbox next to the nsroot user and click Change Password

IMPORTANT: The nsroot passwords on a HA pair of NetScaler devices must match

You now have a One-Arm NetScaler deployment. In the next post, we will configure High Availability

best-it-exam-    | for-our-work-    | hottst-on-sale-    | it-sale-    | tast-dumps-us-    | test-king-number-    | pass-do-it-    | just-do-it-    | pass-with-us-    | passresults-everything-    | passtutor-our-dumps-    | realtests-us-exam-    | latest-update-source-for-    | cbtnuggets-sale-exam    | experts-revised-exam    | certguide-sale-exam    | test4actual-sale-exam    | get-well-prepared-    | certkiller-sale-exam    | buy-discount-dumps    | how-to-get-prepared-for-the    | in-an-easy-way    | brain-dumps-sale    | with-pass-exam-guarantee    | accurate-study-material    | at-first-try    | 100%-successful-rate    | get-certification-easily    | material-provider-exam    | real-exam-practice    | with-pass-score-guarantee    | certification-material-provider    | for-certification-professionals    | get-your-certification-successfully    | 100%-Pass-Rate    | in-pdf-file    | practice-exam-for    | it-study-guides    | study-material-sku    | study-guide-pdf    | prep-guide-demo    | certification-material-id    | actual-tests-demo    | brain-demos-test    | best-pdf-download    | our-certification-material    | best-practice-test    | leading-provider-on    | this-course-is-about    | the-most-reliable    | high-pass-rate-of    | money-back-guarantee    | high-pass-rate-demo    | recenty-updated-key    | only-for-students-free-download    | courseware-plus-kit-for    | accurate-answers-of    | the-most-reliable-id    | provide-training-for    | welcome-to-buy    | material-for-success-pass    | provide-free-support    | best-book-for-pass    | accuracy-of-the-answers    | pass-guarantee-id    |    |    |