Web Authentication Action in NetScaler

On one of my recent deployments, I needed to set up external access using NetScaler to an internally hosted web application (Grafana).

Grafana is a cross-platform open source application for graphical representation of data from various data sources such as InfluxDB, MySQL, PostgreeSQL, Prometheus and Graphite.

The challenge here was that the customer wanted to pre-install authentication on the NetScaler, but the users were only known to the web application itself.

The question that therefore came to me was:
How can I check the user of the web application if only the web application itself has access to the user data?

I had only used standards like LDAP, RADIUS, CERT, SAML etc. for user authentication on NetScaler, but these were not useful here because the target system should not be changed.

WEM Administration Console – Part 2 (System Optimization, Policies & Profiles and Security)

Current version is Workspace Environment Management 2206.

In the following I will give an insight into the menu items System Optimization, Policies & Profiles and Security.

System Optimization

These settings are used to reduce resource usage on the host. They are used to free up resources and make them available for other applications, thereby increasing the user density per host.

While the System Optimization settings are machine-based and apply to all user sessions of a machine, the Process Optimization under CPU Management is user-based.

That is, when a process triggers CPU Spike Protection in user A’s session, the event is recorded and limited for user A only. When user B starts the same process, the behavior of process optimization is determined only by process triggers in user B’s session.

WEM Administration Console – Part 1 (Actions, Filters & Assignments)

Current version is Workspace Environment Management 2206.

Known problems

When VUEMRSAV.exe is used to display results on actions applied through an action group for the current user, the Applied Actions tab may display the wrong source of actions. [WEM – 20002]

Installing Workspace Environment Management

Workspace Environment Management optimizes Citrix workers for the best possible performance (user density, logon time and application response time).

WEM is subject to the Current Release Lifecycle (Additional Component) and therefore there is no LTSR version of WEM available.

To use WEM, you must have an active Customer Success Services (CSS) for one of the following licenses:

Citrix Virtual Apps Advanced
Citrix Virtual Apps Premium
Citrix Virtual Apps and Desktops Advanced
Citrix Virtual Apps and Desktops Premium
Citrix Workspace Premium
Citrix Workspace Premium Plus

Technical Overview

Workspace Environment Management (WEM) is based on the following architecture:

Install Teams & OneDrive in Citrix (Machine-Based)

Update of the existing article to the latest requirements and features.

Microsoft Teams

User Based Microsoft Teams

The standard installation that the user can perform, e.g. via the Microsoft365 Apps portal, is a user-based installation. In the Citrix environment, this is only recommended for desktop operating systems (pooled or personal desktop).

A User-Based Installation can be detected very quickly in the User Profile, because data are then located under AppData\Local\Microsoft\Teams.

This type of installation in a worker with server operating system has many cons:

No control over the installed version
Several different versions possible installed on the same worker
Complete data (~1 GB) are in the user profile