Blockchain Technology Partners and enterprise blockchain challenges

BTP LogoAt the Hyperledger Global Forum (being held in Basel, Switzerland) Blockchain Technology Partners (BTP) is discussing how its recently-launched Sextant blockchain management platform addresses commonly-cited blockchain implementation issues. BTP CEO Duncan Johnston-Watt and Chief Strategy Officer Kevin O’Donnell are leading two sessions focusing on “Running Hyperledger Sawtooth in Production”.

Our mission is to bring the benefits of blockchain to business by providing Sextant — a blockchain management platform which leverages both Hyperledger Sawtooth and Kubernetes,” said Duncan Johnston-Watt, CEO of Blockchain Technology Partners. “Sextant radically simplifies blockchain adoption because enterprises can focus on application development with training, consulting and support provided by us. We are passionate about open source and we are active members of both the Hyperledger and CNCF communities. Participating in both makes perfect sense given we are standardizing on Kubernetes as our runtime platform and we look forward to promoting the synergies between the two initiatives.”

Duncan Johnston-Watt
Duncan Johnston-Watt

Two BTP sessions

The first session provides a brief overview of Hyperledger Sawtooth and BTP’s rationale for focusing on this framework. It discusses:

  • the challenges of running Sawtooth in production
  • the benefits of standardising on Kubernetes as the underlying container orchestration platform.

BTP’s Sextant blockchain management platform claims to deliver one-click deployment of enterprise-grade Hyperledger Sawtooth networks. These networks run on Kubernetes in the cloud.

The second sessions demonstrates how enterprises can:

  • deploy Hyperledger Sawtooth
  • become productive in a matter of minutes
  • leverage a Kubernetes cluster in the cloud and with Sextant.

BTP is also inviting participants to play a tic-tac-toe Sawtooth application. The challenge is to beat the system by bending the rules to suit each player’s own purpose.

Hyperledger Sawtooth

According to the Hyperledger Sawtooth web pages, Sawtooth “is an enterprise blockchain platform for building distributed ledger applications and networks. The design philosophy targets keeping ledgers distributed and making smart contracts safe, particularly for enterprise use.

“Sawtooth simplifies blockchain application development by separating the core system from the application domain. Application developers can specify the business rules appropriate for their application, using the language of their choice, without needing to know the underlying design of the core system.

“Sawtooth is also highly modular. This modularity enables enterprises and consortia to make policy decisions that they are best equipped to make. Sawtooth’s core design allows applications to choose the transaction rules, permissioning, and consensus algorithms that support their unique business needs.”

Sextant and Sawtooth

The objective of Sextant is to unlock the value of blockchain for businesses. BTO suggests it accelerates innovation by:

  • providing enterprises with a platform on which to build
  • ensuring enterprises focus on the business and business application development (not blockchain infrastructure).

Given these priorities BTP says Hyperledger Sawtooth is the best emerging open source blockchain technology. It bases its conclusions about Sawtooth on three premises:

  • the support for Ethereum smart contracts
  • the pluggable consensus mechanism
  • the scalable, modular architecture.

In addition, BTP believes that Sawtooth’s clear separation between the network and the application tiers makes it easy for developers to:

  • create new blockchain applications
  • leverage existing code and apply existing programming best practices.

BTP released Sextant in November 2019 at the Amazon AWS re:Invent event (in Las Vegas, NV). Sextant is available via the AWS Marketplace for Containers as:

  • a blockchain management platform which leverages a curated distribution
  • by delivering one click deployment of enterprise-grade Sawtooth networks.

For BTP Kubernetes is the logical choice for production-grade orchestration. Under the covers, Sextant automatically generates Kubernetes manifests so that Sawtooth can either be deployed on existing Kubernetes clusters or on brand new ones spun up by Sextant on AWS using Kubernetes Operations.

Enterprise Times: what does this mean

Enterprises are finding blockchain tough. Not only are blockchain-skilled resources expensive and hard to come by but blockchain technology remains a challenge with multiple levels of challenge, not least about selection of platforms and implementation paths.

In many ways the Blockchain Technology Partnership approach – to simplify adoption of blockchain technologies – is exactly what enterprises want to hear, and buy. The increasing acceptance of Blockchain as a Service (BaaS) offerings (from the likes of Amazon, IBM, Microsoft, Oracle and others) opens technology doors without major capital investment. Kubernetes adds another fashionable dimension.

In this context BTP’s Sextant could introduce the benefits of blockchain to business by providing blockchain management platform that delivers one click deployment of scalable Hyperledger Sawtooth networks running on Kubernetes in the cloud. If Sextant frees up enterprises to focus on application development (rather than infrastructure) it may find many enterprises beating a path to its door, not least because to ‘leave’, if frustrated, will not be costly.


  • No Related Posts

Access a local development Hyperledger Composer REST server on the internet

Developers who want to get a fast start in developing a blockchain solution can quickly begin by using Hyperledger Composer on a local development system. After a business network is created and deployed locally, it’s also possible to deploy a REST server that exposes the business network for easy access by a front-end application.

But what happens when the target front-end application is for a mobile system or is running on a cloud runtime environment, such as a Cloud Foundry application or a Docker container, and the app needs to access the local blockchain business network? Or in general, you might be looking for a way to establish a connection to a network service that is running on a host that has outbound internet access, but it doesn’t support inbound access. The network service might be behind a firewall or on a dynamic IP address.

You can solve these problems by creating an internet-based proxy that accepts network connections and then forwards them to the service of interest. In this tutorial, you learn how to create this proxy for a Hyperledger Composer REST server by using the IBM Secure Gateway service.

Learning objectives

Complete this tutorial to understand how to create a REST server for a Blockchain business network and how to make it available on the internet. The tutorial shows how to configure a simple business network using Hyperledger Composer running on a local virtual machine. Then, you use the IBM Secure Gateway service to provide an internet-reachable network service that proxies connections to the REST server on the virtual machine.


To complete this tutorial, you need:

This tutorial does not cover the development of blockchain business networks using Hyperledger Composer. For more information about developing those blockchain business networks, see the Hyperledger Composer tutorials.

Estimated time

The steps in this tutorial take about 30-45 minutes to complete. Add time to create the desired business network, if you are creating one from scratch.


Complete the following steps to create a local virtual machine (VM) that is capable of serving a Composer Business Network as a REST API endpoint. First, you use Vagrant to configure a VM with Docker support. After the VM is configured, continue by following the Hyperledger Composer set-up steps for a local envionment at Installing the development environment. Finally, after you have the local Composer REST server running locally, configure a Secure Gateway instance to expose the API on the IBM Cloud.

Configure a VM with Docker support

  1. Create a directory for the project:

    mkdir composer

  2. Copy the contents of the Vagrantfile into the directory.

  3. Start the Vagrant image from the directory (this might take a little while):

    vagrant up

  4. After the VM is up, log in to start configuring Hyperledger Fabric:

    vagrant ssh

Set up Hyperledger Composer

  1. Follow the pre-requisite setup steps for a local Hyperledger Composer environment for Ubuntu at Installing prerequisites. Complete these steps as an ordinary user and not a root user on the VM. Log out from vagrant with exit and reconnect with vagrant ssh when prompted.

    curl -O chmod u+x ./

  2. After you finish installing pre-requisites, set up the Hyperledger Fabric local development environment as described at Installing the development environment, starting with the CLI tools.

    npm install -g composer-cli@0.20 npm install -g composer-rest-server@0.20 npm install -g generator-hyperledger-composer@0.20 npm install -g yo

  3. Install Composer Playground.

    npm install -g composer-playground@0.20

  4. Optional: Follow steps to set up IDE Step 3 of Installing the development environment.

  5. Complete Step 4 from the set-up instructions to get Hyperledger Fabric docker images installed.

    mkdir ~/fabric-dev-servers && cd ~/fabric-dev-servers curl -O tar -xvf fabric-dev-servers.tar.gz cd ~/fabric-dev-servers export FABRIC_VERSION=hlfv12 ./

  6. Proceed with the steps under “Controlling your dev environment” to start the development fabric and create the PeerAdmin card:

    cd ~/fabric-dev-servers export FABRIC_VERSION=hlfv12 ./ ./

  7. Start the web app for Composer (“Playground”). Note: Starting the web app does not start up a browser session automatically as described in the documentation, because the command is running inside the VM instead of on the workstation.


    After the service starts, navigate with a browser tab to http://localhost:8080/ (this local port is mapped by the Vagrantfile configuration to the VM).

  8. Develop a business network and test in the Composer Playground as usual. If you’ve never used composer playground, the Playground Tutorial is a good place to start.

  9. After you have completed testing the intended business network, deploy the Composer REST server, providing the card for the network owner (admin@marbles-network in this example). See Step 5 from Developer tutorial for creating a Hyperledger Composer solution for explanations on the responses to the input prompts. The Secure Gateway connectivity steps in this tutorial were tested with the following options.

     composer-rest-server ? Enter the name of the business network card to use: admin@marbles-network ? Specify if you want namespaces in the generated REST API: always use namespaces ? Specify if you want to use an API key to secure the REST API: No ? Specify if you want to enable authentication for the REST API using Passport: No ? Specify if you want to enable the explorer test interface: Yes ? Specify a key if you want to enable dynamic logging: ? Specify if you want to enable event publication over WebSockets: Yes ? Specify if you want to enable TLS security for the REST API: No

    To restart the REST server using the same options, issue the following command:

     composer-rest-server -c admin@marbles-network -n always -u true -w true Discovering types from business network definition ... Discovering the Returning Transactions.. Discovered types from business network definition Generating schemas for all types in business network definition ... Generated schemas for all types in business network definition Adding schemas for all types to Loopback ... Added schemas for all types to Loopback Web server listening at: http://localhost:3000 Browse your REST API at http://localhost:3000/explorer

    Keep the REST server running in the terminal. When finished with the REST API server, you can use Ctrl-C in the terminal to terminate the server.

  10. Test the REST API server by opening http://localhost:3000/explorer in a browser.

Configure a Secure Gateway instance to expose the API on the cloud

  1. Open the IBM Cloud catalog entry for Secure Gateway to create a Secure Gateway instance in your IBM Cloud account. You need either a paid account or Trial promo code. The Essentials service plan is sufficient for implementing traffic forwarding for a development hyperledger fabric network with a capacity of 500 MB/month of data transfer. Verify that this plan is selected, and click on Create.

  2. Click Add Gateway in the Secure Gateway Service Details panel. Enter a name in the panel, for example: “Blockchain”. Keep the other gateway default settings of Requre security token to connect clients and Token expriation before 90 days. Click othe Add Gateway button to create the gateway.

  3. Click the Connect Client button on the Secure Gateway Service Details panel to begin setting up the client that runs on the VM and connect to the Secure Gateway service.

  4. Choose Docker as the option to connect the client and copy the provided docker run command with the Gateway id and security token.

  5. Open a new local terminal window, change directory to the folder with the Vagrantfile and then connect to the VM using vagrant ssh. Paste the docker run command shown into this terminal to start the Secure Gateway client and leave a CLI running in the terminal. Do not close this terminal. After the container starts, you see messages like the following example, indicating a successful connection:

     [2018-10-20 18:34:01.451] [INFO] (Client ID 1) No password provided. The UI will not require a password for access [2018-10-20 18:34:01.462] [WARN] (Client ID 1) UI Server started. The UI is not currently password protected [2018-10-20 18:34:01.463] [INFO] (Client ID 1) Visit localhost:9003/dashboard to view the UI. [2018-10-20 18:34:01.760] [INFO] (Client ID 11) Setting log level to INFO [2018-10-20 18:34:02.153] [INFO] (Client ID 11) The Secure Gateway tunnel is connected [2018-10-20 18:34:02.304] [INFO] (Client ID HxzoYUW6z74_PZ9) Your Client ID is HxzoYUW6z74_PZ9 HxzoYUW6z74_PZ9>

    After the client has started, close the web ui panel to display the Secure Gateway service details.

  6. On another terminal on the vagrant VM, use the ip address show command to find the IP address of the VM. Many interfaces are listed. Select the one that begins with enp or eth. In the examples that follow, the VM IP address is

  7. Return to the terminal for the Secure Gateway client docker container, create an acl entry that allows traffic to the composer REST API server running on port 3000.

    acl allow 1

  8. Define a basic http connection through the Secure Gateway service to the Composer REST API server. For more advanced security settings refer to the Secure Gateway documentation. Click on the Destinations tab in the Secure Gateway service details. Next, click on the “+” icon to open the Add Destination wizard. Select the Guided Setup option.

  9. For the “Where is your resource located?” item, select On-premises and then click on Next.

  10. For “What is the host and port of your destination?”, put in the IP address from step 20 as the hostname and 3000 as the port. Then click on Next.

  11. For the connection protocol, select HTTP and then click on Next.

  12. For the destination authentication, select None and then click on Next.

  13. Skip entry of the IP address and ports for the options to “… make your destination private, add IP table rules below” step and click on Next.

  14. Enter a name like Composer REST server for the name of the destination and click on Add Destination

  15. Click on the gear icon for the tile of the destination that was just created to display the details. Copy the Cloud Host : Port – which looks something like: This host and port is the Cloud endpoint that can be accessed. Traffic is forwarded by the Secure Gateway service to the running Composer REST server.

  16. Append /explorer after the host and port and open this url in a web browser. For the example, the final url would be: .


At this point you should be able to access the Composer REST server to perform actions in the deployed business network, using the host name and the port from the Secure Gateway destination. This server is reachable from any system with access to the internet and is best suited to development and testing, and not production use.

You can develop the application locally on the host (instead of within the vagrant VM) without going out to the cloud endpoint. The Vagrantfile maps the local port 3000 to the Composer REST server. This mapping allows you to use the http://localhost:8080/ endpoint when developing your application locally. When deploying to the cloud (as a Cloud Foundry application, or Docker container) switch the endpoint to the cloud URL (for example

The Hyperledger Composer can generate a basic Angular interface to the business network. This step is described in Writing Web Applications.

To see how to deploy this Angular application to Cloud Foundry using DevOps, check out the Continuously deploy your Angular application tutorial. There are two changes to the tutorial for the generated Angular application. First, use the full project contents by leaving the Build Archive Directory empty in the Delivery Pipeline Build stage. Second, the application reads the REST API server endpoint from the environment, set this in the Delivery Pipeline Deploy stage by adding an environment property of REST_SERVER_URL with a value of the cloud URL.


Huawei Cloud Ships Blockchain Service Officially

Dec 02, 2018 at 13:09 // News

Coin Idol

In March this year, Huawei, China's biggest tech company was planning to manufacture a brand-new smartphone able to operate with applications related to Blockchain, as Coinidol reported.

Huawei, the telecom & smartphone maker giant, has officially rolled out a Blockchain Service for world use via its cloud services.

In March this year, Huawei, China’s biggest tech company was planning to manufacture a brand-new smartphone able to operate with applications related to Blockchain, as Coinidol reported.

On Wednesday, November 28, Huawei Cloud, a section under the Huawei firm, officially rolled out its Blockchain Service (BCS) for world use after its rollout for commercial use in Asia, specifically China, on Wednesday, October 10, 2018.

Huawei Cloud revealed that the service was developed to assist:

“World enterprises and developers create, deploy and manage blockchain applications quickly and at minimal cost on Huawei Cloud.”

Adding that the launch would set a strong foundation for a wide distributed world blockchain technology platform.

Huawei Creating a DLT Community

Furthermore, blockchain technology is decentralized and enables building confidence between transaction partners. The Blockchain technology can produce value when applied in enterprise applications in particular industry cases.

Meanwhilst, Huawei had hard-wired Hyperledger in the year of 2016. Hyperledger is among the most swayful open source project in the distributed ledger technology (DLT) industry, hosted by Linux Foundation. Huawei company was recognized as a primary Hyperledger maintainer with incessant technical and code contributions in two significant sub-projects: STL and Fabric.

Hyperledger is a blockchain-as-a-service (BaaS) platform which enables users to make smart contract applications that largely aim at the supply chain, crypto securities and public services such as ID verification, and small or large-scale financial auditing.

Nevertheless, BCS applies the benefits of Huawei Cloud’s container & security tech, and many more. In addition, the DLT service has the following advantages:

  • To uncover data transactions
  • Food source tracing
  • Proof of information (like real estate & education)
  • Identity authentication
  • IoT device management
  • Remote healthcare
  • The Internet of Vehicles (IoV)

Some of the BCS Benefits

The DLT platform will provide technical support for businesses which create DLT applications and solutions. However, some of the benefits of BCS include:

  • A simple configuration
  • Cost-effectiveness
  • Privacy protection
  • Deployment in minutes
  • Robust security
  • Flexibility and efficiency

In the middle of this year, Huawei declared that customers of its smartphones could download various Bitcoin wallets on their gadgets. Now, the crypto wallets are set for pre-installation on every new Huawei mobile smartphones.


Amazon launches Managed Blockchain service with support for Ethereum, Hyperledger Fabric Inc. is jumping on the blockchain wave with new cloud services that help customers build the technology needed to record transactions.

Amazon Web Services Chief Executive Officer Andy Jassy on Wednesday announced Amazon Managed Blockchain, a new service underpinning blockchain networks that record millions of transactions. The company spent the past year studying the needs of customers interested in blockchain solutions before creating the new products, Jassy said.

The service can be used to manage peer-to-peer payments, process loans and help businesses transact with distributors and suppliers, Jassy said.

Amazon Managed Blockchain supports two popular open source blockchain frameworks — Ethereum and Hyperledger Fabric.

“This service is going to make it much easier for customers to use the two most popular blockchain frameworks,” AWS CEO Andy Jassy told a packed house during his keynote address at ReInvent 2018 conference here on Wednesday.

Amazon QLDB is a transparent and cryptographically-verifiable ledger for applications that need a central, trusted authority to provide a permanent and complete record of transactions, like supply chain, financial, manufacturing, insurance, and HR. ALSO READ: NITI Aayog, Oracle to fight fake drugs in India through blockchain

Customers looking to implement blockchain technologies are typically trying to accomplish one of two things.

Some need a centralised ledger that records all changes or transactions and maintains an immutable record of these changes. This ledger is owned by a single trusted entity and is shared with any number of organisations that are working together.

Other customers want the immutable and verifiable capability provided by a ledger; however, they want to share data without a trusted central authority. For this, customers use blockchain frameworks like Ethereum and Hyperledger Fabric.

“Many of our customers want to build applications where multiple parties can execute transactions without a central, trusted authority, and they also need to create a blockchain network.

“Building a scalable blockchain network with existing technologies is just too hard today, and that’s why customers pay expensive consultants to help them,” said Rahul Pathak, General Manager, Amazon Blockchain at AWS.

Amazon Managed Blockchain eliminates the muck involved in setting up a network, adding and removing members, and scaling to meet application demands.

“Customers can use either Ethereum or Hyperledger Fabric, the two most popular blockchain frameworks, and get a functioning blockchain network set up with just a few clicks,” Pathak added.

AWS also announced a string of other new or updated cloud offerings, seeking to maintain its lead in the market for internet-based computing. ALSO READ: Tech Mahindra, Microsoft to develop blockchain-based solution to curb spam calls

Amazon uses the annual re:Invent conference to highlight new tools and features, seeking to stay ahead of cloud rivals Microsoft and Alphabet Inc.’s Google. The global public cloud market will grow to $278 billion in 2021, up from $176 billion this year, according to Gartner Inc.

AWS sales will reach $71 billion in 2022, which would give the division a valuation of about $350 billion, according to Jefferies analyst Brent Thill.

(with inputs from IANS)

First Published: Nov 29, 2018 09:29 IST


Amazon Web Services joins the blockchain party with managed blockchain service for Hyperledger …

Amazon Web Services CEO Andy Jassy speaks at re:Invent 2018. (GeekWire Photo / Tom Krazit)

LAS VEGAS — Last year at re:Invent 2017, Amazon Web Services CEO Andy Jassy questioned whether blockchain technology was really something that customers needed to have in their tech arsenal. One year later, he’s changed his tune.

Jassy unveiled Amazon Managed Blockchain on Wednesday during his re:Invent 2018 keynote. The new offering will allow customers that need secure and decentralized transaction processing to use a managed AWS blockchain service using either the Hyperledger Fabric or Ethereum protocols. Several other cloud and enterprise tech companies, such as IBM and Microsoft, have embraced blockchain for a while now as a novel method for solving supply chain issues as the cloud market leader took a wait-and-see approach.

“The culture inside AWS is that we don’t build things for optics,” Jassy said. However, after AWS was asked repeatedly about blockchain last year, Jassy said the company set out to try and figure out what customers actually were trying to solve with blockchain technology.

One of those problems — conducting transactions with centralized trust — AWS realized it had actually solved inside its own operation as part of a quest to log service transactions within its EC2 compute service. It now plans to make that service available to customers as a new database called Amazon Quantum Ledger Database.

As AWS engineer Tim Bray put it:

QLDB tl;dr: The database we build AWS Services on in the cases where DynamoDB isn’t a fit. #reInvent

— Tim Bray (@timbray) November 28, 2018

But when it came to another problem — secure decentralized transaction processing — AWS concluded that blockchain technology was actually the right solution, leading to the development of Amazon Managed Blockchain, Jassy said.

Specific details about the database and managed blockchain service were not immediately available, but will likely be released later on Wednesday at re:Invent, and we’ll update this post as those details come out.


Blockchain Technology Partners Launches Blockchain Management Platform Sextant on AWS …

LAS VEGAS–(BUSINESS WIRE)–Nov 27, 2018–AWS re:Invent 2018 – Blockchain Technology Partners, the leading enterprise blockchain company, today announced the general availability of Sextant™, its powerful blockchain management platform, on Amazon Web Services (AWS) Marketplace for Containers. Sextant unlocks the value of blockchain for business. It accelerates innovation by providing enterprises with a platform that they can build upon; ensuring that they focus on business application development, not blockchain infrastructure.

“AWS Marketplace for Containers enables AWS customers to use the Amazon Elastic Container Services (ECS) console and AWS Marketplace for Containers to discover, produce, and deploy container solutions – including a comprehensive blockchain management platform from Blockchain Technology Partners,” said Dave McCann, Vice President Migration Services, AWS Marketplace and Service Catalog. “With today’s announcement, AWS Marketplace has extended its existing benefits and features to container products, with a rich discovery and search experience offering access to a curated catalog of trusted software from reputable vendors. AWS customers can find and deploy Sextant and simplify the deployment of Hyperledger Sawtooth.”

“We are excited to be part of the AWS Marketplace for Containers launch at AWS re:Invent 2018 and we are delighted to be able to leverage AWS Fargate to streamline the delivery of Sextant to our customers,” said Duncan Johnston-Watt, CEO of Blockchain Technology Partners. “With the help of Sextant, enterprises can navigate blockchain management with ease and, with the launch of AWS Marketplace for Containers, they can be up and running and exploring the brave new world of blockchain in no time at all.”

BTP has identified Hyperledger Sawtooth as the best emerging open source blockchain technology for the enterprise on the basis of its support for Ethereum smart contracts, its pluggable consensus mechanism and its scalable, highly modular architecture. In addition, the clear separation between the network and the application tiers makes it exceptionally easy for developers to create new blockchain applications leveraging existing code and applying existing programming best practices.

Sextant is a comprehensive blockchain management platform that utilizes a carefully curated Hyperledger Sawtooth distribution – built, tested and maintained by BTP – to deliver one-click deployment of enterprise-grade Sawtooth networks. These networks can either be standalone – typically the case if a developer is testing a new blockchain application or smart contract – or join existing Sawtooth networks.

Sextant is cloud-first, and Kubernetes is the logical choice for production-grade orchestration. Under the covers Sextant automatically generates Kubernetes manifests so that Sawtooth can either be deployed on existing Kubernetes clusters or on brand new ones deployed by Sextant on AWS using Kubernetes Operations.

To try Sextant please visit our entry on AWS Marketplace for Containers.

About Blockchain Technology Partners

Blockchain Technology Partners (BTP) is a leading enterprise blockchain company whose mission is to radically simplify adoption of blockchain technologies. BTP brings the benefits of blockchain to business by providing Sextant™ – a blockchain management platform that delivers one click deployment of scalable Hyperledger Sawtooth networks running on Kubernetes in the cloud. Sextant frees up enterprises to focus on application development, not infrastructure, with training, consulting and support provided by BTP. BTP is a member of the Linux Foundation and an active participant in both the Hyperledger and CNCF communities. Its founding team has an exceptional track record in open source, operations and cloud. BTP has offices in Edinburgh, Singapore and New York. To learn more visit

View source version on

CONTACT: Jennifer Massing Harris

MassingPR, LLC

tel: +1 917 293 2405



SOURCE: Blockchain Technology Partners

Copyright Business Wire 2018.

PUB: 11/27/2018 05:53 PM/DISC: 11/27/2018 05:53 PM


“TerminatingError: Error retrieving item from path” while using PowerShell code when creating Machine Catalogs for MCS in Azure

PowerShell cmd let “$provScheme” fails with following error while creating MCS catalog on Azure using Citrix blog with Narrow Scope Service Principal:

PS C:> $provScheme

TaskId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Active : False

Host : Server name

DateStarted : mm/dd/yyyy hr:mm:ss AM/PM

Metadata : {}

Type : NewProvisioningScheme

Status : Finished

CurrentOperation :

TaskExpectedCompletion :

LastUpdateTime : mm/dd/yyyy hr:mm:ss AM/PM

ActiveElapsedTime : 1

DateFinished : mm/dd/yyyy hr:mm:ss AM/PM

TerminatingError : Error retrieving item from path /IMAGE-resource-group.resourcegroup/imagestorage.storageaccount/images/IMAGE-name.vhd.vhd Not appended with a valid AzureInvetoryType.

Parameter name: fullPath

Actual value was IMAGE-resource-group.resourcegroupimagestorage.storageaccountimages.container.

Storage : {}

WorkflowStatus : Terminated

Citrix Studio would show following error:

User-added image

User-added image

Application event log in Delivery Controller has following event logged:

Log Name: Application

Source: Citrix Machine Creation Service

Date: mm/dd/yyyy hr:mm:ss AM/PM

Event ID: 2007

Task Category: None

Level: Error



Computer: <FQDN ServerName>


Provisioning scheme creation workflow operation failed : System.InvalidOperationException: UnknownError in Create ProvScheme, Get snapshot {0} —> PluginUtilities.Exceptions.WrappedPluginException: Error retrieving item from path /IMAGE-resource-group.resourcegroup/imagestorage.storageaccount/images/image-name.vhd.vhd —> PluginUtilities.Exceptions.WrappedPluginException: Not appended with a valid AzureInvetoryType.

Parameter name: fullPath

Actual value was image-resource-group.resourcegroupimagestorage.storageaccountimages.container.


Ensuring Data Privacy without Sacrificing Mobility with ZENworks

Gil Cattelain

Mobility is a critical element to most successful business operations today.  While there are some workers, such as sales teams, who have operated in mobile capacities for years, today’s networks, high-powered devices, cloud-based resources, and other modern technologies have created a new business model where mobility is a must-have for a high percentage of the …

+read more

The post Ensuring Data Privacy without Sacrificing Mobility with ZENworks appeared first on Cool Solutions. Gil Cattelain


CSPs & Citrix Content Collaboration

Types of StorageZones

Currently, CSPs are not able to provide hybrid storage to their tenant accounts, i.e. cloud and on-premise StorageZones on the same account. Rather, the CSP can provide exclusively on-premise or cloud storage to each of their tenants.

Multi-Tenant StorageZone: This is a single storage repository, managed by the CSP, which can be shared by an unlimited amount of CSP Content Collaboration tenants. This type of StorageZone is classified as an on premise StorageZone it can be linked to the partner’s cloud blob.

User-added image

Normal or Standard StorageZone: This is a storage repository, managed by the CSP, which is dedicated to one Content Collaboration account. This type of StorageZone is classified as an on premise StorageZone it can be linked to the partner’s cloud blob.

Cloud StorageZone: This is a storage repository managed by Citrix, and not the CSP. This offering for CSPs provides an unlimited of storage to each Content Collaboration tenant.

Getting Started with Reselling Content Collaboration as a CSP

1. Log-in to with partner MyCitrix credentials. Within the main dashboard, select the “Resell” button under the Content Collaboration badge. If the button appears as “Manage” the partner can skip to step #4.

2. Create or Link a Content Collaboration Partner Account: Fill out the necessary fields in order to create a new Content Collaboration partner account or link an existing Content Collaboration partner account. If the partner has an existing Content Collaboration partner account but it doesn’t appear for automatic linking, please contact Citrix Support.

3. Optional – Set up a Multi-Tenant StorageZone: If the CSP decides to provide a Multi-Tenant StorageZone then the CSP needs to ensure the following:

  1. The Multi-Tenant StorageZone needs to be registered and live on the partner’s Content Collaboration account before the CSP creates a Content Collaboration tenant account.

  2. To check that the partner has successfully installed and registered a Multi-Tenant StorageZone to their partner Content Collaboration account, they can check by logging into their partner account from the Content Collaboration web app and navigate to “Admin Settings” >> “StorageZones.” Here, the Multi-Tenant StorageZone should be located under “Partner-Managed” tab.

  3. If their StorageZone is under the “Customer-Managed” tab then they accidentally installed and registered a standard StorageZone (not Multi-Tenant enabled). In order to change their standard StorageZone to a Multi-Tenant StorageZone the partner will have to “Delete this Zone” within the Content Collaboration web app, remove the StorageZone from their designated server, and re-create the StorageZone and run the Multi-Tenant command prompt.

User-added image

4.Create a Content Collaboration Tenant Account: From the partner’s Citrix Cloud customer dashboard, select “Invite or Add.” If the partner would like to add a new Citrix customer they will be prompted to fill out information about their new tenant’s Citrix Cloud account. If the partner would like to invite an existing Citrix Cloud customer to their customer dashboard, they can send them a link. Once that customer receives that link and accepts the terms and conditions of becoming a tenant of the CSP. The partner can then add services to their tenants through the customer dashboard by selecting the three dots by the tenant’s company name, then selecting “Add Service” >> “Content Collaboration.”

  1. The partner will select the primary StorageZone that the Content Collaboration tenant will consume. If they select a Multi-Tenant StorageZone, they are required to specify the existing StorageZone (live, and registered on their Content Collaboration partner account).

  2. Master Admin user information must be specified, and will be added to the tenant’s account, along with a partner admin user.

  3. All tenant accounts receive 1,000 available licenses. The CSP payment model is based on the total number of used licenses, and not on total number of all licenses.

Managing CSP Content Collaboration Tenants

How to Update Tenant Accounts:

A partner admin user is always provisioned on the CSP’s Content Collaboration tenant account. This allows the partner to manage the customer’s account, such as configure account settings, manage employee users, run reports, etc. This partner admin is added to the Super User group within their tenant’s account, giving this user complete access to all files and folders. If the partner does not want access to the customer’s Content Collaboration data, they will need to remove the partner admin user from the Super User group. Once the partner admin is removed from the Super User group then that user will only receive access to files that are specifically shared by other employee users.

  • Change their Content Collaboration subdomain: Any admin user on the Content Collaboration account is able to change the subdomain under “Admin Settings” >> “Company Account Info”
  • Add more licenses: Prior to creating tenant accounts within the partner’s Citrix Cloud account, CSPs had to request an account through an online form. This form allowed partners to specify the amount of licenses on the account. If this is how the CSP created the tenant account and the partner is looking to add licenses to that account, they can submit that type request here. This request will automatically increase the total license count to 1,000 for that tenant account.
  • Change Master Admin user: Find directions here.
  • Cancel an account: Request here.
  • Convert a trial or POC account to an in-production account: Request here.

Tenant Management:

If the CSP has managed Content Collaboration tenants prior to establishing their Citrix Cloud partner account, then their existing tenants will not appear on their Citrix Cloud customer dashboard. Instead, these tenants will only appear on the partner’s Content Collaboration account under “Admin Settings” >> “Advanced Preferences” >> “Tenant Management.” If “Tenant Management” is not an option, then this particular partner user will need to enable the “Manage Tenants” user permission. There is currently not a way to import or show these existing tenants in the CSP’s Citrix Cloud customer dashboard.If the CSP creates a tenant from within Citrix Cloud, then that tenant will appear in their Citrix Cloud tenant dashboard.

If the CSP has created some tenants via the online form and some via Citrix Cloud, then the partner can easily see all tenants from within the partner’s Content Collaboration account (first bullet).

For Multi-Tenant StorageZones:

Each tenant onboarded to a partner’s Multi-Tenant StorageZone receives their own root-level folder within the StorageZone. The name of the root-level folder is the tenant’s unique Content Collaboration account ID (starts with an “a”).

  • This folder structure, with each tenant having their own root-level folder, ensures that tenant data within their Content Collaboration account is separated from other tenants sharing the Multi-Tenant StorageZone. Tenant end-users will only have access files and folders created and uploaded within their own Content Collaboration account.

For CSP reporting (i.e. payment model):

CSPs are required to report on the amount of used licenses by their Content Collaboration tenants to their preferred Citrix distributor. For directions on capturing the accurate number of licenses for monthly reporting:

  • If the partner created a Content Collaboration tenant within Citrix Cloud: Log-in to the CSP Citrix Cloud account and navigate to the customer dashboard.
  • If the CSP has Content Collaboration created tenants from a third-party online form, rather than Citrix Cloud: Log-in to the CSP Content Collaboration partner account and navigate to “Admin Settings” >> “Advanced Preferences” >> “Tenant Management”
  • Within either of these dashboards, sort the Content Collaboration tenant accounts by “Paid” status.
  • From list of “paid” Content Collaboration tenants, further separate them by storage type and see if they are defaulted to a Citrix-managed cloud StorageZone or a partner-managed on-premise StorageZone.
  • Then, the partner must total up the amount of used licenses from all the “paid” cloud tenants and the “paid” on-premise tenants. The reason for separating the used license count by storage type is because they have different reporting SKUs (and subsequent partner price).
  • Please consult with your preferred Citrix Distributor for reporting SKUs and their pricing, which will be based on the Content Collaboration tenant’s storage type.


Alibaba launches global Enterprise BaaS. How big is the demand?

This week Alibaba Cloud released its Blockchain as a Service (BaaS) offering around the globe, including South East Asia, the US and Europe. The company is offering two solutions, one for Hyperledger Fabric and the other is the proprietary Ant Blockchain from affiliated company Ant Financial. But one question is: how big is the demand for enterprise BaaS?

Some might mistakenly dismiss Alibaba Cloud as primarily a Chinese vendor where it’s the leader for enterprise. In Gartner’s 2018 magic quadrant for worldwide cloud infrastructure (not just BaaS), just six companies qualified and Alibaba was one of them. Only Amazon AWS, Microsoft and Google made it into the leader quadrant, and even Google barely squeaked in. The other three Alibaba, Oracle and IBM appeared (in that order for “ability to execute”) in the niche player segment.

“Our customers in China have already experienced the benefits from our BaaS platform and we are excited to extend this service to other enterprise customers all over the world,” said Yi Li lead of Alibaba Cloud Blockchain Service.

The new Alibaba BaaS service offers Hyperledger Fabric 1.1 whereas the latest release is 1.3. However, many other cloud providers also don’t offer the most recent version.

Neither Azure nor AWS provides version information for Hyperledger Fabric when you browse for solutions. AWS launched its BaaS offering in April. For AWS during the creation process for a Hyperledger Fabric stack, you aren’t provided clear version options. It states that it’s the latest but elsewhere the license says April which means it’s version 1.1 at best.

BaaS demand?

How popular are enterprise BaaS services? The AWS blockchain templates are only available in three US datacenters. Given six months has passed since the launch, if there had been significant demand, you would expect more regional options. Plus looking at the AWS forums there were only 19 discussion threads, of which 18 related to Ethereum.

Many enterprise networks fall into two camps. One group involves a single centralized party setting up the network for everyone. In which case they have a skilled team and don’t necessarily need a BaaS solution. The other group is the early stage consortium without a specialist technology provider where BaaS should the easiest route, in theory.

And the vast majority of projects are still in the development phase where the code is sitting on a developer’s laptop.

Image Copyright: Alibaba