Uninstall Symantec without password

I need a solution

I applied Policy to prevent any user from unistalling the SEP without password, but user still can unistall the SEP without asking for password,

i am sure there is no problem in applying the policy, i applied as follow > 

  1. Click Clients
  2. Select Policies tab.
  3. Click on General Settings.
  4. Select Security Settings tab.
  5. Select Require a password to uninstall the client
  6. Type the <password> in the box.
  7. Click OK.

Note: user when try to stop SEP service “SMC-Stop” , he can’t because it’s asking for a password, i don’t know why it’s not working with unistall the application.

windows version 10 “1709 & 1803”

0

Related:

  • No Related Posts

Outlook Plugin User Guide

Article Contents

Basics Features Troubleshooting


Getting Started

After installation and setup, you will notice three new buttons on the message ribbon when composing a new email: Convert Attachments, Attach Files, and Request Files.

User-added image

Clicking one of these buttons will insert a temporary (non-functioning) link into your email. The link will be finalized and functional only after you click Send.


Attach Files

The Attach Files button allows you to attach files from both your PC and your ShareFile account.



From PC

User-added image

From PC – attach files stored on your computer to your email message. When you select this option, you will be able to select the files that you wish to attach to this email. Files uploaded from your computer using this method will be uploaded to the File Box of your ShareFile account. If you would like to use different ShareFile options for this specific email, select Use Custom Settings. After attaching the desired files and composing the email, click Send to send the email. The plugin will upload the files and convert the temporary link to a functioning link in the Outbox. Then Outlook will send the email containing the link to the indicated recipient.

Emails sent using this option will stay in your Outbox longer than normal after you click send as the files must first be uploaded to ShareFile.The amount of time this takes will depend on the speed of your Internet connection and the size of the attachments. Please do not close Microsoft Outlook until your upload is complete. ShareFile recommends that you do not upload extremely large files (more than 500 MB) to your ShareFile account through the plugin. You will have better, more reliable results logging into and using the ShareFile web application for large file uploads. You can then attach these large files from your ShareFile account using the From ShareFile option detailed below.



From ShareFile

User-added image

From ShareFile – attach files stored in your ShareFile account. Check the boxes to select the files and folders you want to attach to your email. Once you have selected the file and clicked OK, the file will be inserted into the body of your email as a temporary link. If you would like to use different ShareFile options for this specific email, select Use Custom Settings. After attaching the desired files and composing the email, click Send to send the email. The plugin will convert the temporary link to a functioning link and Outlook will send the email containing the link to the indicated recipient.

From ShareFile uses less bandwidth and storage as you are not uploading new data to your account.



Revoke Access from Outlook Message

Once you have shared a file using the ShareFile Plugin, you can revoke your recipient’s access to the files from within Microsoft Outlook. To do so, navigate to your Sent Messages in Microsoft Outlook and locate the email you sent your recipient. When viewing that message, locate the ShareFile Plugin header at the top of the message. Click the Revoke Access button. Once you confirm, the recipient will no longer be able to access the files via the email message. Revoking access does not prevent your recipient from viewing the file if they have already downloaded it.

User-added image



Request Files

User-added image

Request Files – insert a text link into the body of your email message. Your recipient will be able to click on the generated link and upload a file to your ShareFile account without downloading any software or signing up for an account. You can customize this automatically generated link in the Options menu.

Uploaded files are sent to your File Box. If you would like to change the upload destination for this specific email message, select Use Custom Settings. Once you have selected Use Custom Settings, you will be presented with a pop-up window that allows you to change the settings for the link. By clicking Edit to the right of Upload file to, you can select a new folder from your ShareFile account. Any changes made will only affect the link that you are sending in this individual email only.



Convert Attachments

User-added image

Convert Attachments – Convert normal file attachments to a secure ShareFile link. This option will only appear on a new message and will not be clickable unless there is an existing attachment on the email. After clicking Convert Attachments and composing the desired email, click Send to send the email. The plugin will upload the files and convert the temporary link to a functioning link. Then Outlook will send the email with the link to the indicated recipient.

Emails sent using Convert Attachments will stay in your Outbox longer than normal after you click send as the files must first be uploaded to ShareFile. The amount of time this takes will depend on the speed of your Internet connection and the size of the attachments.

Sending Large Files

ShareFile does not recommend converting extremely large files (more than 500 MB) via the plugin. You will have better, more reliable results logging into and using the ShareFile web application for large file uploads. Once you have uploaded the large file to your ShareFile account, you can then send the large file by attaching it to an email message using Attach Files From ShareFile.



Initiate Feedback and Approval Workflow

This feature is available on the ShareFile Plugin for Outlook, version 4.3 or later.
Click here for information on how to use this feature from within Outlook.


Features


Add a Request a File Link to Your Outlook Signature

1. Open a New Outlook Email Message.

2. Click the Request Files button, then Use Custom Settings.

  • Configure the options to your liking, designate your preferred uploading destination, and don’t forget to adjust your expiration settings! Click OK to generate the link.

User-added image

3. Highlight the newly generated Request a File link, right-click and select Copy.

User-added image

4. Click Signature in the ribbon and edit the Signature you wish to add the link to. Paste the Request a File link into the signature.

User-added image

5. Click OK to save the changes to your signature.


Using “Send To” with the ShareFile Plugin

You can also choose to send files using the plugin by right-clicking the files in your web browser screen or desktop. To do so, right-click on a file or folder and select Send to in the drop-down menu that opens. Next, click Mail Recipient with ShareFile. This will open a new Outlook message with a temporary link to the file already created.


Save Attachments to ShareFile

You can now save an email attachment directly into your ShareFile account in just a few clicks. To do so, right-click the attachment in your Outlook message and choose the Save to ShareFile option. Use the folder tree to select an upload destination on your account, then click OK. Your file will be uploaded to ShareFile.

User-added image



Protected Sharing Support

Specific ShareFile accounts can send a file with Protected Sharing options using version 4.0 or later. Use this feature to protect file access even after the file has been downloaded by your user. This feature may only be configuring by using the Use Custom Settings option. Click here for additional information on Protected Sharing.


Incompatible Add-Ins or Services

The ShareFile Outlook Plugin is not supported with any 3rd party service or add-in and cannot be guaranteed to function properly when used in conjunction with other add-ins. This includes meta-data scrubbers, SmartVault, iTunes, Grammarly and other add-ins. While frequently encountered add-ins may be specifically mentioned in this article, this article should not be treated as a final list of incompatible add-ins.

  • If you are using an antivirus program such as Kaspersky or McAfee, please take steps to add ShareFile as an exception to your apps.
  • Metadata Scrubbers may interfere with the ShareFile Plugin for Microsoft Outlook. It is recommended that any metadata scrubber add-ons be disabled in order for the ShareFile Plugin to function properly.
  • Likewise, Exchange Alternatives (such as Kerio Connector) are not compatible with the ShareFile Plugin and may block the plugin from functioning correctly. ShareFile recommends disabling these add-ons.




Contacting Support

Need help? You can find a link to contact the Support team directly through the Outlook Plug-in. To do so, click the Plugin Options button in your Outlook ribbon to open the Options menu.

Next, click the Help button and click Get Support. This will open your browser to the Help Center where you can search the Support Knowledge Center, or contact the Support team.


Sending Large Files

We do not recommend uploading extremely large files (more than 500 MB) to your ShareFile account through the plugin. You will have better, more reliable results logging into and using the ShareFile web application for large file uploads. Once you have uploaded the large file to your ShareFile account, you can then attach these large files to an email message using Attach Files From ShareFile.


Rich Text Format

The ShareFile Outlook Plugin does not support Rich Text Format messages.

Uninstall ShareFile Outlook Plug-in with default uninstaller

Windows 7 Users

  • Click on Start at the bottom left of the screen
  • Select Control PanelUninstall a program link.
  • Search for ShareFile Outlook Plug-in in the list, right-click it and select Uninstall.
  • Follow the instruction to finish the removal.
  • Restart your computer.

Windows 8 Users

  • Hover the mouse pointer in the lower right corner to see Win8 side menu.
  • Go to Settings > Control Panel > Uninstall a program link.
  • The rest are the same as those on Windows 7.

Related:

  • No Related Posts

Add a Request a File Link to Your Outlook Signature

Add a Request a File Link to Your Outlook Signature

1. Open a New Outlook Email Message.

2. Click the Request Files button, then Use Custom Settings.

3. Configure the options to your liking.

4. For the purposes of placing a secure link in your signature, the Sign In requirement cannot be used. “Sign In” requires that the recipient of your email message (the To field) be a user on your ShareFile account. Since many different recipients can access your signature link once its done, ShareFile cannot specify which user should be created as a user on your account, and will display an “Invalid Link” error when trying to send any email containing the link you generated using the Sign In option.

5. Don’t forget to adjust your expiration settings!

6. Click OK to generate the link.

User-added image
User-added image

3. Highlight the newly generated Request a File link, right-click and select Copy.

User-added image

4. Click Signature in the ribbon and edit the Signature you wish to add the link to. Paste the Request a File link into the signature.

User-added image

5. Click OK to save the changes to your signature.

Related:

  • No Related Posts

Citrix Files for Outlook User Guide

Getting Started

Once installed, Citrix Files for Outlook will be shown in two places in Outlook. The Options button will be available on the main Outlook view.

User-added image
Other functionality will be available when you compose or read a message.
User-added image

Options

Change options for Citrix Files for Outlook by clicking on the Options button on the Outlook home window.

User-added image

The Citrix Files for Outlook Default settings popup displays.

User-added image

This allows you to make changes to the default settings under the following categories:

NOTE: Some options may be set and restricted by Administrators.

  • General – Allows editing of General settings including
    • Attachments
    • Icon
    • Expiration Policy
  • Attaching Files – Allows editing of these components
    • Security
    • Notifications
    • Downloads
  • Requesting Files – Allows editing of these settings
    • Security
    • Notifications
    • Upload Location
  • Encrypted Email – Allows editing of these encryption settings
    • Security
    • Notifications
    • Expiration Policy
  • Inserting Links – Allows editing of these settings
    • Appearance
    • Linked Text
    • Language
  • Help – Allows you to set up usage log files.
    • Normal – select to store a record of basic usage activity.
    • Advanced – select to store a detailed record of all usage activity.
User-added image

Attach Files

The Attach Files button allows you to attach files from both your PC and files stored with Citrix.

When you attach a file to an email, Citrix for Outlook will place a banner in the email that lists the file(s) and availability (if applicable).

User-added image

From PC

User-added image

From PC – attach files stored on your computer to your email message. When you select this option, you will be able to select the files that you wish to attach to this email. Files uploaded from your computer using this method will be uploaded to the File Box on Citrix. If you would like to use different options for this specific email, select Use Custom Settings. After attaching the desired files and composing the email, click Send to send the email. The plugin will upload the files and convert the temporary link to a functioning link in the Outbox. Then Outlook will send the email containing the link to the indicated recipient.

Emails sent using this option will stay in your Outbox longer than normal after you click send because the files must first be uploaded to Citrix.The amount of time this takes will depend on the speed of your Internet connection and the size of the attachments. Please do not close Microsoft Outlook until your upload is complete. Citrix recommends that you do not upload extremely large files (more than 500 MB) through the plugin. You will have better, more reliable results logging into and using the web application for large file uploads. You can then attach these large files using the From Citrix option detailed below.

From Citrix

User-added image

From Citrix – attach files stored in Citrix. Check the boxes to select the files and folders you want to attach to your email. Once you have selected the file and clicked OK, the file will be inserted into the body of your email as a temporary link. If you would like to use different options for this specific email, select Use Custom Settings. After attaching the desired files and composing the email, click Send to send the email. The plugin will convert the temporary link to a functioning link and Outlook will send the email containing the link to the indicated recipient.

From Citrix uses less bandwidth and storage as you are not uploading new data to your account.

Revoke Access from Outlook Message

Once you have shared a file using the Citrix Files for Outlook, you can revoke your recipient’s access to the files from within Microsoft Outlook. To do so, navigate to your Sent Messages in Microsoft Outlook and locate the email you sent your recipient. When viewing that message, locate the Citrix Files for Outlook header at the top of the message. Click the Revoke Access button. Once you confirm, the recipient will no longer be able to access the files via the email message. Revoking access does not prevent your recipient from viewing the file if they have already downloaded it.

User-added image

After you click Revoke Access, a popup displays. You may click Revoke or Cancel.

User-added image

Request Files

User-added image

Request Files – insert a text link into the body of your email message. Your recipient will be able to click on the generated link and upload a file to your Citrix without downloading any software or signing up for an account. You can customize this automatically generated link in the Options menu.

Uploaded files are sent to your File Box. If you would like to change the upload destination for this specific email message, select Use Custom Settings. Once you have selected Use Custom Settings, you will be presented with a pop-up window that allows you to change the settings for the link. By clicking Edit to the right of Upload file to, you can select a new folder from your Citrix Files account. Any changes made will only affect the link that you are sending in this individual email only.

Convert Attachments

User-added image

Convert Attachments – Convert normal file attachments to a secure Citrix Files link. This option will only appear on a new message and will not be clickable unless there is an existing attachment on the email. After clicking Convert Attachments and composing the desired email, click Send to send the email. The plugin will upload the files and convert the temporary link to a functioning link. Then Outlook will send the email with the link to the indicated recipient.

Emails sent using Convert Attachments will stay in your Outbox longer than normal after you click send as the files must first be uploaded to Citrix Files. The amount of time this takes will depend on the speed of your Internet connection and the size of the attachments.

Features


Add a File Request Link to Your Outlook Signature

1. Open a New Outlook Email Message.

2. Click the Request Files button, then Use Custom Settings.

  • Configure the options to your liking, designate your preferred uploading destination, and don’t forget to adjust your expiration settings! Click OK to generate the link.
User-added image

3. Highlight the newly generated Request a File link, right-click and select Copy.

User-added image

4. Click Signature in the ribbon and edit the Signature you wish to add the link to. Paste the Request a File link into the signature.

User-added image

5. Click OK to save the changes to your signature.

Using “Send To” with Citrix Files for Outlook

You can also choose to send files using the plugin by right-clicking the files in your web browser screen or desktop. To do so, right-click on a file or folder and select Send to in the drop-down menu that opens. Next, click Mail Recipient with Citrix Files. This will open a new Outlook message with a temporary link to the file already created.

Save Attachments to Citrix

You can now save an email attachment directly to Citrix with a few clicks. To do so, right-click the attachment in your Outlook message and choose the Save to Citrix option. Use the folder tree to select an upload destination on your account, then click OK. Your file will be uploaded to Citrix.

User-added image

Incompatible Add-Ins or Services

Citrix Files for Outlook is not supported with any 3rd party service or add-in and cannot be guaranteed to function properly when used in conjunction with other add-ins. This includes meta-data scrubbers, SmartVault, iTunes, Grammarly and other add-ins. While frequently encountered add-ins may be specifically mentioned in this article, this article should not be treated as a final list of incompatible add-ins.

  • If you are using an antivirus program such as Kaspersky or McAfee, please take steps to add Citrix Files as an exception to your apps.
  • Metadata Scrubbers may interfere with Citrix Files for Outlook. It is recommended that any metadata scrubber add-ons be disabled in order for the Citrix Files for Outlook to function properly.
  • Likewise, Exchange Alternatives (such as Kerio Connector) are not compatible with Citrix Files for Outlook and may block the plugin from functioning correctly. Citrix Files recommends disabling these add-ons.

Contacting Support

Click here for Citrix Files Support Contact Information.

Sending Large Files

We do not recommend attaching large files (more than 500 MB) from your PC through the plugin. You will have better, more reliable results logging into and using the web application for large file uploads. Once you have uploaded the large file to Citrix, you can then attach these large files to an email message using Attach Files From Citrix.

Related:

  • No Related Posts

How to Implement RSA Authentication for NetScaler Gateway

The following procedure details how to configure NetScaler Gateway with RSA Authentication Manager Version 6.1 and Steel-Belted Radius installed on a Windows server:

RSA Server Configuration Steps

Note: If the RSA RADIUS Server component is not installed, consult the RSA RADIUS Server 6.1 Administrator’s Guide for further instructions.

  1. On the RSA server, go to Start > Programs > RSA Security and launch RSA Authentication Manager Host Mode. The RSA Authentication Manager 6.1 Administrator window opens.

  2. Go to RADIUS and choose Manage RADIUS Server in the drop-down menu.

    The RSA RADIUS — Powered by Steel-Belted Radius (RSA) window opens.

    User-added image

  3. In the right pane of the RSA RADIUS window, right-click RADIUS Clients and click Add. The Add RADIUS Client window opens.

    User-added image

  4. Provide the following configuration settings:

    • Name: Type the name of the NetScaler Gateway Server.

    • Description: Type a description (not mandatory).

    • IP Address: Type the NetScaler IP (NSIP) address of the NetScaler Gateway.

    • Shared secret: Type the shared secret between NetScaler Gateway and the RADIUS server.

    • Make/model: Choose – Standard Radius – from the drop-down menu.

  5. Click OK. The Add RADIUS Client window closes.

  6. Close the RSA RADIUS – Powered by Steel-Belted Radius (RSA) window.

  7. In the RSA Authentication Manager Host Mode window, click Agent Host and choose Add Agent Host.

    User-added image

  8. Configure the following settings for your NetScaler Gateway device:

    • Name: Provide the Fully Qualified Domain Name (FQDN) of the NetScaler Gateway device. After providing the FQDN, press the TAB key and the Network address field should populate itself.

    • Network address: If this field does not populate itself, provide the NSIP of the NetScaler Gateway.

    • Agent Type: Select Communication Server.

      Select the Open to All Locally Known Users check box. If all the users imported on the RSA server are not allowed, click User Activations… and import the users that are allowed to authenticate through the NetScaler Gateway.

  9. If not already present, create an Agent Host entry for the RSA server itself. Refer to the following screen shot:

    User-added image

  10. Configure the following settings for your RSA server:

    • Name: Provide the FQDN of the RSA server. After providing the FQDN, press TAB and the Network Address window should populate itself.

    • Network Address: If it does not self-populate, provide the IP address of the RSA server.

    • Agent Type: Select RADIUS Server.

Additional configuration steps on the RSA server

  1. Import users (through Lightweight Directory Access Protocol (LDAP) synchronization) or create local users.

  2. Assign token to users.

  3. Consult your RSA product documentation for more information on how to finalize the RSA server configuration.

NetScaler Gateway Configuration Steps

  1. In the Citrix NetScaler Gateway Configuration Utility, go to NetScaler Gateway > Policies and select Authentication.

  2. On the right pane in the Authentication window, click Add. The Create Authentication Server window opens. Refer to the following screen shot:

  3. Select Radius and then choose Server in the right pane.

    User-added image

    User-added image

  4. Configure the following settings for the NetScaler Gateway to connect to the RADIUS server:

    • Name: Type a name for the configured authentication server

    • Authentication Type: Select RADIUS.

    • IP Address: Type the IP address of the RSA server.

    • RADIUS Key: Provide the key configured as the Shared Secret in the RSA RADIUS Client configuration.

  5. Click Create. The Create Authentication Server window closes. An entry with the name of your authentication server should appear in the right pane of the GUI.

  6. Click the Policies tab and click Add. The Create Authentication Policy window opens. Refer to the following screen shot:

    User-added image

    User-added image

  7. Configure the following settings for the authentication policy:

    • Name: Type a name for the authentication policy.

    • Authentication Type: Select RADIUS.

    • Server: Select the authentication server configured in Step 3.

    • Named Expressions: Click the right drop-down menu next to General and select ns_true. Click Add Expression. The “ns_true” string should appear in the Preview Expression window.

  8. Click Create. The Create Authentication Policy window closes. An entry with the name of the policy appears in the right pane.

  9. In the left pane, go to NetScaler Gateway > Virtual Servers.

  10. Double-click the VPN virtual server on which you want to use RSA authentication. The Configure VPN Virtual Server window opens.

  11. In the Configure NetScaler Gateway Virtual Server window, click the Authentication tab.

  12. In the Authentication window, select the Primary radio button as the primary authentication mechanism.

  13. The authentication policy created in Step 6 should appear.

  14. Bind the policy to your NetScaler Gateway Virtual Server by selecting the policy from drop-down list.

    User-added image

Corresponding CLI Configuration Steps

  1. Add the RADIUS authentication server by issuing the following commands:

    add authentication radiusAction <name> -serverIP <IP> -radKey <key> -encrypted

    add authentication radiusAction SBR_RSA -serverIP 10.10.0.27 -radKey people –encrypted

  2. Add a RADIUS policy and choose the existing RADIUS server configured above by issuing the following commands:

    add authentication radiusPolicy <name> <expression> <RADIUS server>

    add authentication radiusPolicy RSA_Pol1 ns_true SBR_RSA

  3. Bind the session policy to a VPN vserver by issuing the following commands:

    bind vpn vserver <name> -policy <policy name>

    bind vpn vserver testvpn -policy RSA_Pol1

The following procedure details how to configure Access Gateway, Enterprise Edition with RSA ACE/Server version 6.0 and the RSA ACE/Server RADIUS deamon:

RSA ACE/Server version-specific settings

The RSA ACE/Server deamon listens on User Datagram Protocol (UDP) port 1645 by default. The following procedure describes how to change the listener port. Changing the RADIUS listener port is not required; the NetScaler Gateway allows you to set the port value for the listener port of the RADIUS server.

RSA Server Configuration

If you do not have the RSA RADIUS Server component installed, consult the RSA ACE/Server 6.0 for Windows Installation Guide for instructions.

  1. On the RSA server, go to Start > Programs > RSA ACE Server and click Database Administration – Host Mode.

  2. In the RSA Authentication Manager Host Mode window, click Agent Host and choose Add Agent Host.

    User-added image

  3. Configure the following settings for your NetScaler Gateway device:

    • Name: Provide the FQDN of the NetScaler Gateway device. After providing the FQDN, press TAB key. The Network Address field should populate itself.

    • Network Address: If this field does not populate itself, provide the NSIP of the NetScaler Gateway.

    • Agent Type: Select Communication Server.

      Select the Open to All Locally Known Users check box. If not all the users imported on the RSA server are allowed, click User Activations… and import the users that are allowed to authenticate through the NetScaler Gateway.

  4. Click Assign/Change Encryption Key… The Assign/Change Encryption Key window opens. In the Key field, provide the shared RADIUS key between the NetScaler Gateway and the RSA RADIUS component.

    User-added image

  5. Create an Agent Host entry for the RSA server itself if it has not been created already.

  6. In the RSA Authentication Manager Host Mode window, click Agent Host and choose Add Agent Host.

    User-added image

  7. Configure the following settings for your RSA server:

    • Name: Provide the FQDN of the RSA server. After providing the FQDN, press TAB. The Network Address field should populate itself.

    • Network Address: If this field does not populate itself, provide the IP address of the RSA server.

    • Agent Type: Select Net OS Agent.

Complete the following procedure if you need to change the default port configured on the RSA server for RADIUS:

  1. Go to Start > Programs > RSA ACE Server > Configuration Tools and click Configuration Management.

  2. The RSA ACE/Server Configuration Management window opens. Click Edit. A REMINDER window opens with further instructions.

  3. Read the instructions and click OK. The RSA ACE/Server Configuration Management window opens.

  4. In the Services section, type 1812 in the RADIUS field under the Port Number column. Refer to the following screen shot:

    User-added image

  5. Click OK to save the settings and close the window.

  6. Open the Service node and restart the RSA ACE/Server RADIUS deamon.

Related:

  • No Related Posts

Configure RDS Licenses for XenApp

Following 2 GPOs should be configured for licensing server and license type for RDS.

Apply policy: Computer configuration>Windows component>Remote Desktop Services>Remote Desktop Session host>Licensing

1. Use the specified Remote Desktop License Server

2. Set the remote Desktop Licensing mode

Also, perform below steps to configure RDSH server:

Install Remote Desktop Licensing

1) In Server Manager, open the Manage menu and click Add Roles and Features.

2) Click Next until you get to the Server Roles page. Check the box next to Remote Desktop Services and click Next.

3) Click Next until you get to the Role Services page. Check the box next to Remote Desktop Licensing and click Next.

4) Click Add Features if prompted.

5) Then finish the wizard to install the role service.

Activate Remote Desktop Licensing

1) After RD Licensing is installed, in Server Manager, open the Tool menu, expand Terminal Services and click Remote Desktop Licensing Manager.

2) The tool should find the local server. If it does not, right-click All servers, click Connect and type in the name of the local server. Once the local server can be seen in the list, right-click the server and click Activate Server.

3) In the Welcome to the Activate Server Wizard page, click Next.

4) In the Connection Method page, click Next.

5) In the Company Information page, enter the required information and click Next.

6) All of the fields on the Company Information page are optional so you do not have to enter anything. Click Next.

7) In the Completing the Activate Server Wizard page, uncheck the box next to Start Install Licenses Wizard now and click Finish. Since the session hosts will be configured to pull Per User licenses, there is no need to install licenses on the RD Licensing Server.

8) In RD Licensing Manager, right-click the server and click Review Configuration.

9) Ensure you have green check marks. If the person installing Remote Desktop Licensing does not have permissions to add the server to the Terminal Server License Servers group in Active Directory, ask a domain admin to do it manually. If you have the proper permissions, click Add to Group.

10) Click Continue when prompted that you must have Domain Admins privileges.

11) Click OK when prompted that the computer account has been added.

12) Click OK to close the window.

Remote Desktop Licensing Configuration

Do the following on your 2012 R2 Remote Desktop Session Hosts. The only way to configure Remote Desktop Licensing is using group policy (local or domain).

1) For local group policy, run gpedit.msc.

2) Go to Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Licensing.

3) Double-click Use the specified Remote Desktop license servers. Change it to Enabled and enter the names of the XenDesktop Controllers. Click OK.

4) Double-click Set the Remote Desktop licensing mode. Change it to Enabled and select Per User. Click OK.

5) In Server Manager, open the Tools menu, expand Terminal Services and click RD Licensing Diagnoser.

6) The Diagnoser should find the license server and indicate the licensing mode. It’s OK if there are no licenses installed on the Remote Desktop License Server.


NOTE: The group policy should point to your RD licensing servers. if you installed it on your Controllers then you would specify them. Otherwise specify the RD Licensing server names.

Related:

  • No Related Posts

7018598: Quickstart Guide: Setting up Active Directory Single Sign-On (SSO) with a GroupWise 2014 R2 SLES11 Linux Post Office

Assumptions:

a. For the example purposes of this document, it is assumed thatthe GroupWise Linux Post Office Server fully qualified hostname is“bperez13.bperez11.gwlab.com” and that the Active DirectoryDomain Server fully qualified hostname is “bperez11.gwlab.com”. Substitute your hostnames as appropriate.

Inthis example the User in Active Directory and the GroupWise UserID is“aduser1” that we will work with. Your SLES11 server is upto date on patches.

b. It is assumed that in your Microsoft Active Directory Server,DNS Manager, that you have a DNS “zone name”, in thisexample, of “bperez11.gwlab.com”, but substitute yourDNS zone name, that way you will not have to make changes to theGroupWise Linux server hostname and POA agent settings hostname onthat server.

c. It is assumed that you have or will have a DNS “A”Record (on your Microsoft Domain Server) of , in this example,bperez13.bperez11.gwlab.com, substitute your GroupWise server fullyqualified hostname as needed. So in this example in theMicrosoft Domain Controller Server, in the DNS application, under”Forward Lookup Zones”, you would have defined a DNS zonecalled “bperez11.gwlab.com” and under this zone you wouldcreate a DNS A record that would have a “Host” name of”bperez13″ and a “Fully qualified domain name (FQDN)of “bperez13.bperez11.gwlab.com” along with the ip addressthat resolves to bperez13.bperez11.gwlab.com. Make the propername substitutions as you need.

d. It is assumed you are working with a Microsoft Windows 2012 R2Server.

e. It is assumed that you have created an Ldap Directory and LdapServer in the GroupWise Web Admin Console under SYSTEM, “LdapServers” by following the steps listed in Section 6.1 , steps 1thru 6 of this URL :

https://www.novell.com/documentation/groupwise2014r2/gw2014_guide_admin/data/b199manl.html

andthis section 6.2.1, steps 1 thru 6 of this URL :

https://www.novell.com/documentation/groupwise2014r2/gw2014_guide_admin/data/b199mao7.html

f. It is assumed that you have imported the Active Directory usersinto GroupWise, that will be using the Single Sign-On (SSO) feature. So these users are associated with the Active Directory serverlisted in the Ldap Servers.

g. Lastly it is assumed on your Active Directory Windows Server 2012 R2box, in “Active Directory Users and Computers”, View, that youhave “checked”, “Advanced Features”.

NOTE:

Sinceyou will be changing the Security setting for the Post Office Agent,consider doing this on a Friday night after hours to minimize userimpact. Or you could certainly test this procedure on aGroupWise Test server, that is not production, until you arecomfortable that it will work as you expect.

NOTE:

Havea full complete backup of the GroupWise System before performingthese steps, in case there are any Issues. However these stepsworked correctly for me on my SLES11 GroupWise Server and Windows 7workstation with the GroupWise 2014 R2 Windows client.

NOTE: For any additional GroupWise servers that you want to haveSingle Sign-On functionality with Active Directory then you wouldjust repeat the steps in this Technical Document for each additionalLinux server where there is a GroupWise Post Office.

Stepsto Follow :

ForLinux Post Office Server you will have to “Join” theWindows Server Domain Controller and make the below changes NOW :

1. You need to know the current fully qualifiedhostname for the Linux GroupWise Post Office Server, let”s sayit is:

a. bperez13.bperez11.gwlab.com

2. You need to know current fully qualified hostnamefor your Active Directory Domain Server, let”s say it is:

a. bperez11.gwlab.com

3. Then the Linux Post Office Server will likelyneed a change to it’s listed “Name Server” in YAST, in thisexample: ( The Windows Domain Controller )

a. I.P address of the Windows Domain Controller

b. To make this “Name Server” change go to Yast,Network Devices, Network Settings,

andin the Hostname/DNS tab, the “Hostname” would have to be”bperez13“, no

quotes,and the “Domain Name” would have to be : “bperez11.gwlab.com”, no quotes. As

appropriatein your situation, change it NOW.

c. AND in this same tab, the “Name Server 1″would have to have ONLY the ip

addressof your Active Directory Domain Controller. Do not have anyvalues for

“NameServer 2” and “Name Server 3” . The “DomainSearch” list box to the

rightwould have to show – “bperez11.gwlab.com”, no quotes. Asappropriate in your situation, change it NOW.

d. The Routing tab, the “Default Gateway”,would of course have to be filled out correctly

foryour network environment. CLICK OK and exist YAST.

e. The result would be that when you go to a terminal as”root” on the Post Office

Server,you should at least be able to PING internal and external ipaddresses or hostnames to make sure you have proper ip connectivity.

4. Go to the below documentation URL for “ConfiguringSingle Sign-On with Active Directory” (54.2):

a. https://www.novell.com/documentation/groupwise2014r2/gw2014_guide_admin/data/b1f0s9uy.html

b. With the above GroupWise documentation URL, under thesection “Configuring Single Sign-On with Active Directory”(54.2), we will go over the listed first 4 bullet points inorder:

c. For the 1st bullet point, make sure both the POA LinuxServer and the User Windows Workstation are joined to the sameActive Directory Domain:

i. On the Linux box where the Post Office is located,Click Computer, Yast, Network Services, Windows Domain Membership, onMembership “Domain or Workgroup”, type the fully qualifiedhostname NOW for your Active Directory Domain Controller, in thisexample, but substitute yours :

“bperez11.gwlab.com”

ii. Click the Expert Settings button, for the KerberosMethod select “system keytab”, then Click OK.

iii. Click the “NTP Configuration” button, toensure time synchronization between the Linux Post Office Server andthe Active Directory Domain Server, as needed, set the Time server. Click ADD, Click Next, Type in an appropriate local or publicTime Server, Click Test, Click OK after it responds correctly, ClickOK, then OK again. Click the JOIN button in upper right ifpresent, otherwise Click OK. ClickOK again. You should see a dialog that pops up that says “Thishost is not a member of the domain <bperez11>”. Youwill see another dialog that says “Join the domain <bperez11>?”, Click Yes. Inthe resulting dialog put in the Windows domain controller“administrator” username and password and CLICK OK.

iv. Your Linux Server is now Joined to the Active DirectoryServer.

v. To Join the User Workstation, Go to the Windows PC, Itis assumed you are not yet joined. On either Windows 7 orWindows 8.1, or Windows 10:

1. Right click the Network Icon in the Windows Tray,select “Open Network and Sharing Center”, select “ChangeAdapter Settings”, Right Click the appropriate Network Card,Highlight “Internet Protocol Version 4 (TCP/IPv4)” andClick Properties.

2. For the “User the following DNS Serveraddresses:”, for the “Preferred DNS server”, type theIP address of your Active Directory Server. Click OK then CLOSE.

3. Now to actually Join to the Active Directory Server, goto :

a. Windows 7 workstation, Click Start, Right Click”Computer”, Properties, Advanced System Settings, ComputerName tab, to Change to a Domain, click the Change button.

b. For the Member Of : Domain , list box , type the fullyqualified hostname of the Active Directory Server (example,bperez11.gwlab.com). Click OK. Supply the appropriateActive Directory credentials, Click OK, then you should successfullyJoin and get a confirmation on this. Click OK. Click OKagain to RESTART your computer as required by Windows. I assumeyou will Click RESTART NOW.

c. When the Workstation reboots, you will come to aWindows Logon dialog, type for the Username:

i. The name of your Windows Domain ServerA.D. UserName,example, in this case is “BPEREZ11aduser1”

ii. Type the password for this Active Directory User andLOGIN

d. To confirm your credentials that the GroupWise SingleSign-On depends on, to go a DOS Window (cmd) and type “whoami”,it should respond with, in this example:

bperez11aduser1

e. Close the DOS Window.

f. Now for the 2nd bullet point listed in the aboveDocumentation URL:

“Makesure the POA object has the DNS fully qualified domain name insteadof the IP address :

Inthe GroupWise Admin Console > Post Office Agents > select thePOA

>Agent Settings > TCP/IP Address Field.” :

Inthis example, the value should already be: “bperez13.bperez11.gwlab.com”. Make this changeas needed NOW if necessary. Remember no I.P. Address, just thehostname.

g. For the 3rd bullet point of the Documentation URL :”Enable LDAP authentication in the GroupWise Admin Console >Post Offices > select the PO > Security tab. Make sureyour A.D. Ldap Server name is selected here. Refer to aboveAssumptions point “e” for details if needed.

h. For the 4th bullet point of the DocumentationURL: “Select Network authentication (eDirectory or ActiveDirectory) in the Admin Console > Post Office Agents > selectthe POA > Client Options > Security tab. Do this changenow. Remember to Click on SAVE.

Nowit”s time to move on in the Documentation to Section 54.2.2,”Linux POA”, there are 7 bullet points :

5. For the 1st of 7 bullet points, “Make sure thatall krb5 rpms are installed on the server”. This meansthat you should check in YAST, Software Management, search, type”krb5″, no quotes and click the SEARCH button.

a. Youshould have “checked” “krb5”, “krb-32bit”,AND “krb5-client”, if you don’t have all of these check offthe missing one and CLICK the ACCEPT button in the lower right of thedialog. Exit YAST.

b. Youcan also check what krb5 libraries you have installed by going to thelinux terminal as “root” and issuing the command:

a. rpm-qa | grep krb5

b. youshould see: krb5-client-<versionNumber>,krb5-<versionNumber>, and krb5-32bit-<versionNumber>

6. 2nd bullet point, “Make sure that the Linux serverpoints to the AD Server as it”s DNS Server” :

Wealready did this. Next step.

7. 3rd bullet point, “Join the Linux POA server tothe Windows Domain by”.” :

Wealready did this. Next step.

8. 4th bullet point, refer to this example file instead tocheck and verify what is configured in the file, modify NOW asappropriate for your environment, note the lines that are offset,they are “tabbed” not spaces, note the case of letters :

vi/etc/krb5.conf :

[libdefaults]

default_realm= BPEREZ11.GWLAB.COM

clockskew= 300

[realms]

BPEREZ11.GWLAB.COM= {

kdc= bperez11.gwlab.com

default_domain= bperez11.gwlab.com

admin_server= bperez11.gwlab.com

}

[logging]

kdc= FILE:/var/log/krb5/krb5kdc.log

admin_server= FILE:/var/log/krb5/kadmind.log

default= SYSLOG:NOTICE:DAEMON

[domain_realm]

.bperez11.gwlab.com= BPEREZ11.GWLAB.COM

bperez11.gwlab.com= BPEREZ11.GWLAB.COM

9. 5th bullet point, at a terminal on the Linux PostOffice Server, as “root”, issue this command NOW : NOTthe command in the documentation, unless it is the same :

a. net -Uadministrator@<activeDirectoryFullyQualifiedHostName> adskeytab add groupwise

b. Type the password for Active Directory “administrator”user

c. At the terminal on the GroupWise Linux server, cd to/etc, then issue the command “klist -k”, no quotes, youshould see among other content, as in this example, yours will bedifferent : 5 or so lines that show :

i. <a number>groupwise/bperez13.bperez11.gwlab.com@bperez11.gwlab.com

ii. You MUST see this fully qualified domain name, yourswill be different, that is to the left of the “@”character, “bperez13.bperez11.gwlab.com”

10. 6th bullet point, Make sure that the /etc/krb5.keytab file isreadable by the user that is running the GroupWise POA on the server.

Soif you run the GroupWise agents as “root”, or another

user,then that user must have ownership of this file.

Sowhen you go to the /etc/ directory on the Post Office Linux Serverand issue the command, as “root”, “ls -lkrb5.keytab” , no quotes.

Youwill see the owner of the file, root is the owner here :

a. -rw- – – – – – – 1 root root 2027 Jan 2215:16 krb5.keytab

b. And to compare who is running the POA process, issuethe command at the

terminal: “ps -eaf | grep gwpoa”, no quotes, the owner is in thefirst left most column.

Ifit says “root” then there is a match and the ownership ofthis file is good. If there is not a match, then you MUSTchange the ownership of the krb5.keytab file NOW with this command ,to match the user who is running the POA agent, at the /etc/directory :

“chown<userNameWhoRunsPOA>:users ./krb5.keytab”, no quotes.

c. I assume that If this is the “root” user,then “root” is part of the “root” group. Ifthe user is not the “root” user then, let”s say theuser is called “gwuser”, I assume that “gwuser”is part of the Linux group called “users”.

Thenyou must assign the appropriate user and group file permissions. Asappropriate do this NOW : either :

i. cdto the /etc/ directory, and issue the below commands NOW :

ii. chmod ug=rwx ./krb5.keytab

11. ( Optional ) 7th and final bullet point, “Create aGroupWise Name Server in DNS”. If you do not do this,users need to know the IP address and port number to connect to thePOA.

a. It is recommended you follow this technical document toaccomplish this by creating a Microsoft Service Connection Point(SCP), which has similar functionality to ngwnameserver :

https://support.microfocus.com/kb/doc.php?id=7023422

12. Note: In this example situation, when you start the GroupWiseWindows Client the first time after enabling Single Sign-On, youshould see the “Micro Focus GroupWise Startup” dialog, andin this dialog you “should” see “Connecting to Post Officeat : bperez13.bperez11.gwlab.com: 1677″. Substitute yourhostname for GroupWise. If you do not see the correct hostnameor you see an ip address, then just click CANCEL and correct the”Address” list box to show your GroupWise hostname, fillout the rest of the information needed in this dialog and CLICK OK. Now when you successfully login, it will remember your credentialsand the next time you attempt to login to GroupWise you should not beprompted for your password.

ClosingComment:

Ifyou follow this Document and if you have a problem where you arestill prompted for a password when attempting to login to theGroupWise Windows client and if you are on SLES11, it could be thatyou may have an older version of the linux Kerberos “krb5″files, you can review this TID on how to check on and correctthis issue :

https://support.microfocus.com/kb/doc.php?id=7021409

Otherthings to check if you still are prompted for a password:

1. Besure to verify that the “root” user owns the “/etc/krb5.keytab”file on the GroupWise Linux Post Office Server and has RWXpermissions, and also the group “root”. One command thatwill set this as described is :

a. Chmodug=rwx ./krb5.keytab

2. Verifyon the Windows Domain Controller server (Windows Sever 2012 R2), inthe application “Active Directory Users and Computers”, under theActive Directory Organization called “Computers” has an objectcalled the name of your GroupWise Linux Post Office Server name. Under this object, go under Properties, Attribute editor tab, youshould have an attribute called “servicePrincipalName”. Ifyou edit this attribute, you should see among other things,“groupwise/bperez13.bperez11.gwlab.com” . No quotes, andsubstitute your GroupWise Post Office Server hostname.

3. Fromthe perspective of the user, in Windows, in the GroupWise Windows14.2.2 client, click on Tools, Options, Security, Password tab, atthe bottom you should have a checkmark in the checkbox “No passwordrequired with eDirectory”. If you do not, Single Sign-On willnot work. If it is not “checked”, just type in yourpassword in the “Old password” listbox, then the checkbox willnot be greyed out, so you can check it. Then click APPLY andOK. Then exit the GroupWise Windows client and re-login.

4. Alsoon the user Windows workstation, go to the Dos Window ( cmd ) , andcd to : c:windowssystem32 , then type the command “klist” noquotes, you should see among other things a reference to theGroupWise Kerberos ticket, for me is shows :

Client: aduser1 @ bperez11.gwlab.com

Server: groupwise/bperez13.bperez11.gwlab.com @ bperez11.gwlab.com

KerbTicketEncryption Type: RSADSI RC4-HMAC(NT)

TicketFlags 0x40a10000 -> forwardable pre_authent name_canonicalize

StartTime: 1/9/2018 8:01:23 (local)

EndTime: 1/9/2018 16:31:30 (local)

RenewTime: 1/16/2018 6:31:30 (local)

SessionKey Type: RSADSI RC4-HMAC(NT)

5. If Single Sign-On is till not working, (you are being prompted for apassword, then do the below, after hours, so not to potentiallyaffect Post Office users, you will be toggling some settings underthe Post Office and POA objects :

a. In the GroupWise Web Admin Console, under the Post Office object,Security tab, it is assumedyou have “LDAP Authentication” turned on and that the “SelectedLDAP Servers” has a list of at least 1 Ldapserver. Do this NOW, highlight the LDAP server that is used withthis Post Office’s Single Sign-On process and CLICK the right arrowto move it to the “Available LDAP Servers” list. CLICK SAVE. Then CLOSE. Now go back to this same setting and put the LDAP serverback in the “Selected LDAP Servers” list and CLICK OK.

b. In this same area CLICK the the “Client Options” button tat thetop, Security tab, and it is assumed you currently have the checkboxchecked “Network authentication (eDirectory or Active Directory). Remove the checkmark on this setting. Click OK. Now go back to thissame setting and CLICK the checkbox “Network authentication(eDirectory or Active Directory)” AND LOCK IT, by clicking on theLOCK to the right. CLICK OK. Click SAVE at the bottom left, thenCLOSE.

c. Restart the affected POA at the GroupWise linux server terminal as“root”, issue : rcgrpwise status, you will see among otherthings : Assume your Post Office is called “provo” and yourdomain is called “utah” :

Checkingstatus [provo.utah] running”

Soissue the command : “rcgrpwise restart provo.utah”, no quotes.

Hopefullynow Single Sign-On is now working at your Windows 7, 8 or 10workstation that is configured as described in this document.

Related:

VNX: How To Remove a LUN from a Storage Group (User Correctable)

Please follow the steps below

1- Login to Unisphere and select the array serial number

2- Click on the system Tab

3- Click on the Host Tab

4- click on Storage Group

5- Highlight the desired Storage Group, then click on Properties

6- A new pop up window will appear, choose the LUN Tab

7- At the bottom half you will see the LUNs that are in that Storage Group, click on the LUN you wish to remove to highlight it

8-Click on the “Remove” button to remove it. (you may not receive an alert asking if you are sure)

9- Click Apply, or Okay to confirm


Below is a video demonstration of the same

https://www.youtube.com/watch?v=P3xudqZ2bBM

Related:

  • No Related Posts

7022812: Sequencing Reflection Desktop 16 as a Virtual Application with Microsoft Application Virtualization 5.x

Before using the Microsoft Sequencer Package Configuration Wizard to sequence Reflection Desktop 16, document the sequencing requirements and steps by determining which Reflection Desktop 16 components and features are to be installed, the location of installation files, and the location of any configured user data, such as session documents. Some Reflection application components may not be needed and it is recommended to install Reflection on a stand-alone PC to help identify and document the installation steps in advance.

If Reflection has any service packs or updates, ensure that the service pack installer file, *.MSP, is available for installation during the sequencing process. Reflection Desktop Productivity Microsoft Office Tools have not been tested to work with Microsoft Office streamed as a virtual application.

Use the Reflection Installation Customization Tool (ICT) to create Companion install packages and to define permissions files; the basic steps which are listed below. Refer to the Installation and Deployment Guide for Reflection Desktop 16 as a resource, which is available from https://www.attachmate.com/documentation/reflection-desktop-v16-1-sp1/deployment-guide/data/bookinfo.htm

The following steps for using the Installation Customization Tool assume that a Reflection Administrative Installation has been performed per the Installation and Deployment Guide.

If desired, use the Installation Customization Tool to create a Companion.MSI file:

1. Navigate to the Reflection Administrative Installation and run Setup.exe /Admin to launch the Installation Customization Tool.

2. Select “Create a new Companion installer.”

3. Click OK.

4. In the left pane, click “Specify install locations.”

Note: It is important to perform steps a. and b. in order.

a. Under Installation type, select the “Installs to all users of a machine” option.

b. In the Default installation folder drop-down list, type in [CommonDocumentsFolder]Micro FocusReflection.

5. In the left pane, click “Add files to”

6. Select the value of [CommonDocumentsFolder]Micro FocusReflection.

7. Click the “Add button” to add files that need to be included.

These files include pre-configured Reflection session documents (.rd3x, .rd5x, .rdox, .rfw, or .rwsp settings files).

8. Click File / Save As.

Save the Companion.MSI file in the same location as Setup.exe.


If desired, use the Installation Customization Tool to define permissions files:

1. If the Companion file created in the previous section is no longer open, open the Companion.MSI file.

Navigate to the Reflection Administrative Installation and run Setup.exe /Admin.

2. In the left pane, click “Specify install locations”.

Verify that “Installs only for the user who installs it” is selected.

(This option may be dimmed; as long as it is selected, there is no cause for concern)

3. In the left pane, click “Modify user settings” to define *.access permission files.

For example to define an .rd3x.access file to restrict TN3270Basic or TN3270Advanced settings.

a. Select the Application – Settings to modify and click the Define button.

b. Select the Group from the Groups drop-down list.

This allows or restricts accessibility for each item listed.

c. Repeat steps a. and b. until the permissions have been configured appropriately.

d. Click Next.

e. Optional: Select Additional security options for Session file encryption.

f. Click Finish.

4. Click File / Save

Save the Companion.MSI in the same location as Setup.exe.


Use the Application Virtualization Sequencer Wizard to start the sequencing process with Reflection Desktop 16:

1. Launch the Microsoft Application Virtualization Sequencer

2. Select “Create a New Virtual Application Package”

3. For the Packaging Method select “Create Package (default)”

4. Press Next

5. Resolve any issues shown on the Prepare Computer list

6. Press Next

7. For the Type of Application choose “Standard Application (default)”

8. Press Next

9. On the Select Installer dialog choose “Select the installer for the application”

Use the Browse button to find the Reflection Desktop SETUP.EXE program in the Reflection Administrative Installation location

10. Press Next

11. On the Package Name screen enter the Virtual Application Package Name of your choice, like “Reflection Desktop 16”

Enter the Primary Virtual Application Directory (required) name:

For example: C:Program Files (x86)Micro FocusReflection

12. Press Next

13. Wait for the Virtual Environment to load.

14. On the Install Micro Focus Reflection Desktop 16 screen, click Continue.

15. Read and accept the License Agreement; then click Continue.

16. Personalize the installation by completing the Full name, Organization, and VPA number fields on the User Information tab.

17. On the File Location tab, verify the File Location by clicking the Browse button.

Following the example in this article:

File Location is specified as C:Program Files (x86)Micro FocusReflection

Default user data directory should be set to C:UsersPublicDocumentsMicro FocusReflection

18. On the Feature Selection tab, de-select any features not needed so that they will not install.

For example, de-select the following:

UtilitiesKerberos Manager

UtilitiesKey Agent

CompatibilityIBM Personal Communications

CompatibilityNetManageRUMBA

Application Programmer Interface

19. On the Advanced tab verify that “Install to this PC” is enabled.

20. Click the “Install Now” button.

21. When the Installation has completed successfully, click the Close button.

22. If service packs or updates are to be installed to Reflection Desktop:

a. On the Installation dialog of the App-V sequencer, press the “Run” button

b. Select the appropriate *.MSP file(s) to install a service pack, update or patch.

23. When the update or patch is installed or if there is no further .MSP updates to install continue on

24. If a Companion install file is to be installed to Reflection Desktop:

a. On the Installation dialog of the App-V sequencer, press the “Run” button

b. Select the appropriate *.MSI file to install the Companion install file.

25. When the install is complete, check the box that says “I am finished installing”

26. Press Next

27. Wait while App-V collects the system changes and the Configure Software screen displays.

28. From the Configure Software screen, highlight the Reflection Workspace choice and click on “Run Selected” to launch the application.

(Do NOT click Run All.)

29. Verify that the Reflection session documents added by the Companion.MSI file created earlier are available.

To create any additional session documents, use the Create New Document wizard.

Save the session file in the C:UsersPublicDocumentsMicro FocusReflection folder to be available for all end-users.

30. Launch and then close each session document to create the App-V files that will be used for streaming.

If you launch the Reflection Workspace, Reflection FTP client, or any session document, and a Sequencer error displays:

“The Sequencer could not stop the MSIServer service,” click OK and try again.

31. After all the applications and Reflection Workspace have been run and closed, press Next.

32. Verify the data on the Installation Report screen and resolve any issues

33. Press Next.

34. On the Customize screen decide if further customization is needed.

For example: if restrictions are required concerning different operating systems this is the time to do it.

35. If no further customization is needed select “Stop now. Create a basic virtualization package (default).”

36. Press Next.

37. Select “Save the package now” and enter the Save Location for the package contents

38. Press Create.

By default the App-V package will be located on the desktop of App-V Sequencing PC.

39. After the package is created press Close to finish and exit the Application Virtualization Sequencer program.

40. Copy the completed sequenced App-V package files to the Distribution Point or Virtual Application Server.

Related:

How to Convert PFX Certificate to PEM Format for Use with NetScaler

Complete one of the following procedure to convert PFX certificate to PEM format for use with NetScaler:

NetScaler Wizard

Complete the following procedure to convert a PFX certificate to PEM format using NetScaler Wizard:

  1. Navigate to Traffic Management, Select the SSL node.

  2. Click the Import PKCS#12 link.

    User-added image

  3. Specify a file name you want for the PEM certificate in the Output File Name field.

  4. Click Browse and select the PFX certificate that you want to convert to PEM format. Some users prefer to upload the certificate to /ncsonfig/SSL directory and use it from there. If PFX certificate is stored on NetScaler then choose option Appliance and if it stored on your workstation then use Local.

    User-added image

  5. Specify the Import Password.

  6. Click OK.

    User-added image

  7. If the file is encoded, then select DES or 3DES as the Encoding Format:

    User-added image

  8. Specify the PEM Passphrase and the Verify PEM Passphrase.

  9. Click the Manage Certificates / Keys / CSRs link to view the converted PEM certificate files.

    User-added image

  10. You can view the uploaded PFX file with the converted PEM file.

    User-added image

  11. Expand the SSL node.

  12. Select the Certificates node.

  13. Click Install.

  14. Specify a Certificate-Key Pair Name in the Install Certificate wizard.

  15. Browse to the PEM file for both the Certificate File Name and Private Key File Name.

  16. Specify the Password.

  17. Click Install.

    User-added image

  18. Bind the certificate key pair to an SSL load balancing virtual server or NetScaler Gateway virtual server.

OpenSSL Utility

If you have requested and installed a certificate onto a Windows server using the Internet Information Service (IIS) certificate wizard, you can export that certificate with its private key to a Personal Information Exchange (PFX) file. To import this certificate onto the NetScaler Gateway, you must convert the PFX file to unencrypted PEM format.

You can use the open source utility OpenSSL to perform the conversion from PFX to PEM. Download a Win32 distribution of OpenSSL from Win32 OpenSSL.

You might also need C++ redistributable files if you want to use OpenSSL. Download this from Microsoft Visual C++ 2008 Redistributable Package (x86).

To convert a PFX file to a PEM file, complete the following steps on a Windows machine:

  1. Download and install the Win32 OpenSSL package from Win32 OpenSSL.

  2. Create a folder c:certs and copy the file yourcert.pfx into the c:certs folder.

  3. Open command prompt and change into the OpenSSLbin directory:

    cd %homedrive%OpenSSLbin

  4. Run the following command to convert the PFX file to an unencrypted PEM file (all in one line):

    openssl pkcs12 -in c:certsyourcert.pfx -out c:certscag.pem –nodes

    User-added image

  5. When prompted for the import password, enter the password you used when exporting the certificate to a PFX file. You should receive a message that says MAC verified OK.

    User-added image

  6. Point a browser to the NetScaler Gateway administration portal or HTTPS port 9001: https://netscaler-gateway-server:9001.

  7. Log on as root. The default password is rootadmin.

  8. Click the Maintenance link at the top of the page.

  9. Click the Browse button next to the Upload Private Key+Certificate (.pem) field. Browse to the c:certscag.pem file and click Upload.

  10. Restart NetScaler Gateway for the new SSL certificate to be applied.

Related:

  • No Related Posts