Error: “Your apps are not available at this time. Please try again in a few minutes or contact your help desk with this information: Cannot contact Store”

Command line installation (CLI) is not support for NetScaler URL. But, there are 3 options available that may be helpful.

1. Export store provisioning files for users https://docs.citrix.com/en-us/storefront/2-6/dws-manage/dws-manage-store/dws-export-file.html

2. Configuring NetScaler Gateway Store via GPO https://docs.citrix.com/en-us/receiver/windows/4-5/configure/receiver-windows-configure-app-delivery-wrapper.html#par_anchortitle_80df

3. Connecting to StoreFront by Using Email-Based Discovery http://docs.citrix.com/en-us/netscaler-gateway/10-1/ng-xa-xd-integration-edocs-landing/ng-clg-integration-wrapper-con/ng-clg-session-policies-overview-con/ng-clg-storefront-policies-con/ng-clg-storefront-email-discovery-tsk.html From the end-users perspective email discovery may be easiest. But requires support configuration of DNS entry and other configuration as noted in documentation. The export store provisioning file is easy to generate file in StoreFront, but requires user to open .CR file (it’s an XML file that is FTA with Receiver) and accept configuration (click “yes* button) and certificate accept dialog may display. So, it requires some user interaction and depends on end-user training even if the training is minimal. The GPO push of NetScaler URL (Configuring NetScaler Gateway Store via GPO) requires users to be connected to the domain to receive policy and configuration.

docs.citrix.com/en-us/netscaler-gateway/10-1/ng-xa-xd-integration-edocs-landing/ng-clg-integration-wrapper-con/ng-clg-session-policies-overview-con/ng-clg-storefront-policies-con/ng-clg-storefront-email-discovery-tsk.html

Related:

  • No Related Posts

Error: “Your apps are not available at this time. Please try again in a few minutes or contact your help desk with this information: Cannot contact Store”

Command line installation (CLI) is not support for NetScaler URL. But, there are 3 options available that may be helpful.

1. Export store provisioning files for users https://docs.citrix.com/en-us/storefront/2-6/dws-manage/dws-manage-store/dws-export-file.html

2. Configuring NetScaler Gateway Store via GPO https://docs.citrix.com/en-us/receiver/windows/4-5/configure/receiver-windows-configure-app-delivery-wrapper.html#par_anchortitle_80df

3. Connecting to StoreFront by Using Email-Based Discovery http://docs.citrix.com/en-us/netscaler-gateway/10-1/ng-xa-xd-integration-edocs-landing/ng-clg-integration-wrapper-con/ng-clg-session-policies-overview-con/ng-clg-storefront-policies-con/ng-clg-storefront-email-discovery-tsk.html From the end-users perspective email discovery may be easiest. But requires support configuration of DNS entry and other configuration as noted in documentation. The export store provisioning file is easy to generate file in StoreFront, but requires user to open .CR file (it’s an XML file that is FTA with Receiver) and accept configuration (click “yes* button) and certificate accept dialog may display. So, it requires some user interaction and depends on end-user training even if the training is minimal. The GPO push of NetScaler URL (Configuring NetScaler Gateway Store via GPO) requires users to be connected to the domain to receive policy and configuration.

docs.citrix.com/en-us/netscaler-gateway/10-1/ng-xa-xd-integration-edocs-landing/ng-clg-integration-wrapper-con/ng-clg-session-policies-overview-con/ng-clg-storefront-policies-con/ng-clg-storefront-email-discovery-tsk.html

Related:

  • No Related Posts

Error: “Your apps are not available at this time. Please try again in a few minutes or contact your help desk with this information: Cannot contact Store”

Command line installation (CLI) is not support for NetScaler URL. But, there are 3 options available that may be helpful.

1. Export store provisioning files for users https://docs.citrix.com/en-us/storefront/2-6/dws-manage/dws-manage-store/dws-export-file.html

2. Configuring NetScaler Gateway Store via GPO https://docs.citrix.com/en-us/receiver/windows/4-5/configure/receiver-windows-configure-app-delivery-wrapper.html#par_anchortitle_80df

3. Connecting to StoreFront by Using Email-Based Discovery http://docs.citrix.com/en-us/netscaler-gateway/10-1/ng-xa-xd-integration-edocs-landing/ng-clg-integration-wrapper-con/ng-clg-session-policies-overview-con/ng-clg-storefront-policies-con/ng-clg-storefront-email-discovery-tsk.html From the end-users perspective email discovery may be easiest. But requires support configuration of DNS entry and other configuration as noted in documentation. The export store provisioning file is easy to generate file in StoreFront, but requires user to open .CR file (it’s an XML file that is FTA with Receiver) and accept configuration (click “yes* button) and certificate accept dialog may display. So, it requires some user interaction and depends on end-user training even if the training is minimal. The GPO push of NetScaler URL (Configuring NetScaler Gateway Store via GPO) requires users to be connected to the domain to receive policy and configuration.

docs.citrix.com/en-us/netscaler-gateway/10-1/ng-xa-xd-integration-edocs-landing/ng-clg-integration-wrapper-con/ng-clg-session-policies-overview-con/ng-clg-storefront-policies-con/ng-clg-storefront-email-discovery-tsk.html

Related:

  • No Related Posts

After upgrading Citrix ADM, we see this error “Database streaming channel is broken between HA nodes”

Starting from ADM on-prem 13.0 71.x release, if database streaming between the nodes in an HA deployment fails, now you can click the Sync Database tab under System > Deployment > High Availability Deployment in the ADM GUI, to restore the database.

Alternatively if you are on version less than 13.0 71.x, then use the following procedure:

  • Access CLI of Primary ADM using username as nsrecover and password of nsroot user. Run below commands:
# cd /var/mps/db_pgsql/data/pg_log
# chown mpspostgres *
  • Access CLI of Secondary ADM using username as nsrecover and password of nsroot user:
  • Run the below command:
if ADM is below 12.1-59.x, 13.0-64.x ! (Replace with original IP addresses in the command):
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP nsroot > /var/mps/log/join_streaming_replication_console.log 2>&1 &
if ADM version is 12.1-59.x , 13.0-64.x or later
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP > /var/mps/log/join_streaming_replication_console.log 2>&1 &
  • Monitor the output of the above command in /var/mps/log:
# tail -f /var/mps/log/join_streaming_replication_console.log
  • Wait for a few hours and confirm if the HA channel is UP by running the command on Secondary:
# ps -ax | grep -i wal
  • You should see this line to confirm if the channel is UP
?? Ss 0:14.14 postgres: wal receiver process streaming

Related:

  • No Related Posts

After upgrading Citrix ADM, we see this error “Database streaming channel is broken between HA nodes”

Starting from ADM on-prem 13.0 71.x release, if database streaming between the nodes in an HA deployment fails, now you can click the Sync Database tab under System > Deployment > High Availability Deployment in the ADM GUI, to restore the database.

Alternatively if you are on version less than 13.0 71.x, then use the following procedure:

  • Access CLI of Primary ADM using username as nsrecover and password of nsroot user. Run below commands:
# cd /var/mps/db_pgsql/data/pg_log
# chown mpspostgres *
  • Access CLI of Secondary ADM using username as nsrecover and password of nsroot user:
  • Run the below command:
if ADM is below 12.1-59.x, 13.0-64.x ! (Replace with original IP addresses in the command):
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP nsroot > /var/mps/log/join_streaming_replication_console.log 2>&1 &
if ADM version is 12.1-59.x , 13.0-64.x or later
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP > /var/mps/log/join_streaming_replication_console.log 2>&1 &
  • Monitor the output of the above command in /var/mps/log:
# tail -f /var/mps/log/join_streaming_replication_console.log
  • Wait for a few hours and confirm if the HA channel is UP by running the command on Secondary:
# ps -ax | grep -i wal
  • You should see this line to confirm if the channel is UP
?? Ss 0:14.14 postgres: wal receiver process streaming

Related:

  • No Related Posts

After upgrading Citrix ADM, we see this error “Database streaming channel is broken between HA nodes”

Starting from ADM on-prem 13.0 71.x release, if database streaming between the nodes in an HA deployment fails, now you can click the Sync Database tab under System > Deployment > High Availability Deployment in the ADM GUI, to restore the database.

Alternatively if you are on version less than 13.0 71.x, then use the following procedure:

  • Access CLI of Primary ADM using username as nsrecover and password of nsroot user. Run below commands:
# cd /var/mps/db_pgsql/data/pg_log
# chown mpspostgres *
  • Access CLI of Secondary ADM using username as nsrecover and password of nsroot user:
  • Run the below command:
if ADM is below 12.1-59.x, 13.0-64.x ! (Replace with original IP addresses in the command):
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP nsroot > /var/mps/log/join_streaming_replication_console.log 2>&1 &
if ADM version is 12.1-59.x , 13.0-64.x or later
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP > /var/mps/log/join_streaming_replication_console.log 2>&1 &
  • Monitor the output of the above command in /var/mps/log:
# tail -f /var/mps/log/join_streaming_replication_console.log
  • Wait for a few hours and confirm if the HA channel is UP by running the command on Secondary:
# ps -ax | grep -i wal
  • You should see this line to confirm if the channel is UP
?? Ss 0:14.14 postgres: wal receiver process streaming

Related:

  • No Related Posts

After upgrading Citrix ADM, we see this error “Database streaming channel is broken between HA nodes”

Starting from ADM on-prem 13.0 71.x release, if database streaming between the nodes in an HA deployment fails, now you can click the Sync Database tab under System > Deployment > High Availability Deployment in the ADM GUI, to restore the database.

Alternatively if you are on version less than 13.0 71.x, then use the following procedure:

  • Access CLI of Primary ADM using username as nsrecover and password of nsroot user. Run below commands:
# cd /var/mps/db_pgsql/data/pg_log
# chown mpspostgres *
  • Access CLI of Secondary ADM using username as nsrecover and password of nsroot user:
  • Run the below command:
if ADM is below 12.1-59.x, 13.0-64.x ! (Replace with original IP addresses in the command):
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP nsroot > /var/mps/log/join_streaming_replication_console.log 2>&1 &
if ADM version is 12.1-59.x , 13.0-64.x or later
# nohup sh /mps/scripts/pgsql/join_streaming_replication.sh SecondaryIP PrimaryIP > /var/mps/log/join_streaming_replication_console.log 2>&1 &
  • Monitor the output of the above command in /var/mps/log:
# tail -f /var/mps/log/join_streaming_replication_console.log
  • Wait for a few hours and confirm if the HA channel is UP by running the command on Secondary:
# ps -ax | grep -i wal
  • You should see this line to confirm if the channel is UP
?? Ss 0:14.14 postgres: wal receiver process streaming

Related:

  • No Related Posts

Advisory: Receiver for iOS and Apple’s App Transport Security (ATS)

This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information

In 2015 Apple introduced App Transport Security (ATS) to enforce best practices in security for connections between apps and backend servers. These changes in code were enabled by default with the release of iOS 9 to force iOS apps to use secure HTTPS connections. However, Apple allowed iOS app developers to disable ATS enforcement. ATS enforcement is currently disabled in Citrix Receiver for iOS.

During the WWDC 2016 event in June, Apple announced that all apps submitted to the App Store will be required to have ATS enabled by the end of year 2016. Since then, Apple has extended this deadline until further notice to give developers and customers additional time to prepare.

Citrix will continue to disable ATS enforcement in the Receiver for iOS client as long as Apple allows. However, Citrix recommends that IT administrators take proactive action to comply with Apple ATS requirements in anticipation for these changes in the future and to align with industry leading practices around network security. Adopting the new recommendations for SSL certificates ahead of time will guarantee that Receiver for iOS users are not affected in the future. Customers can refer to this article for future updates.

The following list provides answers to frequently asked questions by IT administrators on the subject:

Which Citrix components are affected?

Depending on the environment configuration, the ATS mandate may impact Receiver for iOS connections to NetScaler, StoreFront, and Web Interface

What are the requirements to comply with ATS?

Backend services including NetScaler, StoreFront, and Web Interface must be configured with SSL certificates that meet a minimum of TLS v1.2 specifications with AES-128 encryption and SHA-2 hash algorithm.

These requirements would also apply to any third-party networking products, such as gateways or load-balancers, terminating SSL connections at any point in the path of Receiver.

Additional information on ATS can be found at in the Apple Developer website here under the “Requirements for Connecting Using ATS” section.

Does this change require session hosts (VDA) to be configure for secure ICA?

There is no need to configure VDA for secure ICA as part of this change. ATS will only impact connections to NetScaler, StoreFront, and Web Interface for brokering and application/desktop enumeration

Related:

  • No Related Posts

Receiver for Mac Support on macOS Sierra (macOS 10.12) Beta Builds

This article is intended for Citrix administrators and technical teams only.



Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information.


The Citrix Receiver for Mac team is working on product updates to support the upcoming release of macOS Sierra (macOS 10.12) in Fall 2016. Citrix is committed to provide zero-day compatibility for Receiver for Mac when Sierra is generally available. Zero-day compatibility means Receiver for Mac will operate with the new operating system platform from Apple at release.

In addition to zero-day compatibility, Citrix is reviewing new features that take advantage of Sierra. We will keep our customers informed as we learn more about the changes needed to support any of the new features.

The Sierra beta is available to the general public. Based on our early assessment of the current beta, we are aware of issues making ICA connections over SSL using Receiver 12.1.100 for Mac. Citrix has started to fix gaps and areas of incompatibilities with Sierra to ensure our commitment to Zero-day compatibility.

Receiver for Mac 12.2 (available August 1, 2016) does not suffer from the SSL issue on Sierra. Be aware however that Sierra beta is still not a supported platform. If Apple releases a new Sierra beta that causes Receiver for Mac to stop working, there is no guarantee that we will release a fix before the official release of Sierra. Citrix recommends that our customers not install the Sierra beta in production.

Related:

  • No Related Posts

How to Enable and Collect Advanced Logs for Receiver for iOS

New Logging for 5.9.1 and Later:

Enable Access to Log Files. Now with Receiver for iOS 5.9.1 it extends the Advanced Logging feature to gather diagnostic data for authentication, store add, and connection issues.

User-added image

Log options: Log Levels

Log Level Logs hold…
Level 1 Critical Critical notifications
Level 2 Errors Error notifications
Level 3 Warning Warning notifications
Level 4 Informational Receiver information notifications
Level 5 Detailed Information similar to verbose logs
Level 6 Debug All information sent by Receiver

To customize Logging settings:

  1. Click the Settings icon, then go to Support > Log Options.

  2. Choose one of the Log Detail options, for example 6 Debug.

    Note: Set the log level to 6 Debug for troubleshooting Receiver for iOS issues.

  3. Go back to Log Options.

  4. Click No to any warnings.

  5. From Log Destination Options, choose File, Console, or File and console.

  6. Go back to Log Options and set the slider for the Maximum number of log files and Maximum size of a log file.

  7. Click No to any warnings.

There are two ways to collect and send the Advanced Logs from the device:

Using Send Feedback to collect and send Advanced Logs

  1. Go to Settings > Support and select Request Help from Support.

    User-added image

  2. Send the email with compressed Logs.zip (Advanced Logs) to the Technical Support case owner for further investigation.

Sync to iTunes to collect Advanced Logs

  1. Attach and Sync the iPad/iPhone to your authorized Mac or PC with iTunes.

  2. Within the Apps tab of iTunes, ensure that the Receiver is selected to sync. If it is not, select and re-sync.

  3. Scroll down in the Apps tab of iTunes to File Sharing.

  4. Select Receiver under Apps and the CitrixLogs folder on the right pane, under Receiver Documents.

  5. Click Save to… and save the entire Logs directory to your local computer.

    User-added image

    Within the Logs folder are a series of logs. Compress and send the logs into Citrix Technical Support along with the steps preformed during the reproduction.

Related:

  • No Related Posts