Supported Databases for XenApp and XenDesktop Components

Citrix is committed to ensuring that our products function with the latest Microsoft SQL databases. Citrix supplies reasonable efforts to ensure compatibility with upcoming database releases. New versions of supported databases released after our products have been released, must work. However, Citrix recommends creating a test environment to ensure there are no unforeseen issues related to changes made to the new version or update of the third-party product. Individuals wishing to use the new release with current Citrix products must perform their own testing before using the platform. Citrix does not support any BETA versions of third-party products.

This document will be updated periodically as new information becomes available.

What has changed from the last release of the matrix

  • Updated support for Virtual Apps and Desktops 7 1912 LTSR
Supported Databases Virtual Apps and Desktops (XenApp/XenDesktop) 7.15 LTSR / 1909 / 1912 LTSR XenApp/XenDesktop 7.6 LTSR Provisioning Services 7.15 LTSR / 1909 / 1912 LTSR Provisioning Services 7.6 LTSR XenApp 6.5 HRP07
SQL 2017
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes (1) Yes (1) Yes
SQL 2016 SP1, SP2
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes (1) Yes (1) Yes
SQL 2014 SP1, SP2, SP3
x86 Yes Yes Yes (1) Yes (1) Yes
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes Yes Yes
SQL 2012 SP1, SP2, SP3, SP4
x86 Yes Yes Yes (1) Yes (1) Yes
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes Yes Yes Yes Yes
SQL 2012
x86 Yes Yes Yes (1) Yes (1) Yes
x64 Yes Yes Yes (1) Yes (1) Yes
Express Yes (2) Yes (2) Yes Yes Yes
SQL 2008 R2 SP2, SP3
x86 Yes Yes Yes Yes Yes
x64 Yes Yes Yes Yes Yes
Express Yes Yes Yes Yes Yes

  1. PVS 7.7 onwards Always ON is supported. PVS 7.11 introduced Multi-subnet Failover
  2. Known issue using SQL 2012 and above with XenDesktop, Refer to article ‘CTX132438 – Unable to Create New XenDesktop Site Using SQL 2012 Server’

Note:

  • The x86 and x64 versions of SQL (version 2012 and later) have been validated with Always On, Clustered, Standalone and Mirrored modes.
  • The Express edition has been validated only as Standalone.

Related:

Sophos Anti-Virus for Linux Heartbeat: Functional differences from Heartbeat for Sophos Anti-Virus for Windows

This article provides a description of the functional differences between Heartbeat on SAV for Linux compared to Heartbeat on SAV for Windows.

The following sections are covered:

Applies to the following Sophos products and versions

Sophos Anti-Virus for Linux

Operating systems

All supported Linux distributions (see Platforms supported by Sophos Server Security)

1. MTD is not required to run on Linux for Heartbeat (HB) though it is essential on Windows.

Heartbeat on Windows depends on the MTD packet tracer to do C3 process lookup and indeed Windows heartbeat and MTD are being combined to make sure this is efficient.

SAV Linux uses two separate packet sniffers; a discriminating one in MTD that looks only for outgoing HTTP connections over TCP and drops anything that isn’t that as soon as it can, while heartbeat has it’s own TCP/UDP packet capture optimised for capture efficiency that grabs all TCP and UDP packets. Therefore SAV for Linux Heartbeat does not require MTD.

2. Exclusions will not be implemented in HB on Linux.

As SAV for Linux does not use HIPS this is not necessary.

3. There will be no Exclude DNS option in exclusions.

This is a Windows specific feature that refers to Microsoft’s DNS server for Windows, a specific component with a known location supplied by the (single) OS vendor which would not be the case in Linux environments.

4. The user will always be reported as Server.

5. WiFi won’t be implemented for Heartbeat version 1 on SAV for Linux

6. There are the following Health Status differences:

  • SAV for Linux has no Quarantine Manager and associated Health Status’s. For SAV for Windows threats are remembered by Quarantine Manager on Disk and these threats remain until cleared in Central. The Health Status remains red, over reboots.

    For SAV for Linux there is no Quarantine Manager so threats are remembered by the adapter in memory, are cleared on reboot and the Health Status returns to green on reboot.

  • For Heartbeat on SAV Windows a threat that is cleaned up only triggers orange Health status (failure to cleanup = red) SAV Linux cleanup has no cleanup, so red status is the only one used.

7. As per point 6 above Clean-up (Malware Delete) is not available in Heartbeat version 1 on Linux

8. IPv6 won’t be supported in version 1 of Heartbeat on SAV Linux

9. Linux Heartbeat Daemon:

There is an additional process heartbeartd controlled by savd. This runs under root.

10. Logging:

The log file Heartbeat.log is found in the /opt/sophos-av/log/heartbeat

As well as connectivity and configuration messages this contains heartbeat status messages such as:

Current status is -> health: Good (1) service: Good(1) threat: Good(1)

Current status is -> health: Bad (3) service: Good(1) threat: Bad(3)

Current status is -> health: Bad (3) service: Bad(3) threat: Good(1)

as per the following:

The information reported is to the firewall is in three areas; Health, Service and Threat.

Name Values Detail Names Detail Values
Health 1: Good

2: Suspicious

3: Bad
None None
Service 1: Good – All Services Running

3: Bad – At least 1 service is not running or missing
Service Names 0: Running

1: Not Running

2: Missing
Threat 1: Good – Nothing in Quarantine Manager

2: Suspicious – Static malware/PUA in Quarantine Manager

3: Bad – C2/C3/HIPS in Quarantine Manager, or Cleanup Failed
None None

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Related:

Be prepared and ready to upgrade to Open Enterprise Server 2018 (SP1)

BSCHOOFS

Upgrading to Open Enterprise Server (OES) 2018 and 2018 SP1 (2018.1) is a breeze… if you’re prepared beforehand… There are basically 2 manners to get an existing server from a previous version of Open Enterprise Server towards version 2018(.1): In place upgrade or TransferID migration. Both are valid upgrade paths, but still have their …

+read more

The post Be prepared and ready to upgrade to Open Enterprise Server 2018 (SP1) appeared first on Cool Solutions. BSCHOOFS

Related:

SLES11 SP4 notification while patching OES11 SP3 and OES2015 SP1

Madhan

Hi Everyone, Just a heads up.  As you may know SLES11 SP4 went out of general support at the end of March 2019. Now, if you try to patch any OES version based on that like OES11 SP3 or OES2015 SP1, you may receive an pop-up notification like the below.  It’s informational in nature and …

+read more

The post SLES11 SP4 notification while patching OES11 SP3 and OES2015 SP1 appeared first on Cool Solutions. Madhan

Related:

7023372: IDM Activation and Bundled Edition

This document (7023372) is provided subject to the disclaimer at the end of this document.

Environment

Identity Manager 4.5 and above.

Situation

IDM Bundled Edition installed on a non-OES server.

Identity Manager activation appears to be installed but the IDMactivation is not in effect.

In iManager | Driver Overview | Activation | Information tab -all the activated drivers and engine appear to be properlylisted. IDM drivers may not even have the evaluationmessage.
Drivers will not start and in cases where drivers do have anevaluation expired message, the message never goes away even thoughthe drivers appear to be activated in the Information tab.

Resolution

IDM does not support an Bundled Edition Activation license on anon-OES server. A Bundled Edition Activation will only be supportedon a OES server with the IDM Bundled Edition.

If a non-OES server is installed with the IDM Bundled Editionthe install of the activation license may look like as if it isinstalled but some or all of your drivers will not work properly.The activation is accepted but will produce some strange behavior.It is not supported in this situation. The solution is to install aStandard Edition or Advanced Edition of the software and use a SEor AE activation license file.
Furthermore – No purchasable drivers (eg, Delimited Text,PeopleSoft, SAP, JDBC, Azure, etc) are supported on a BundledEdition install or activation. The activation files may appear tobe installed but will not work properly. The mechanism to actuallyactivate the purchased driver does not function in a BundledEdition install nor does it work in a Bundled Editionactivation.

Additional Information

Summary

Open Enterprise Server + IDM Bundled Edition (Limited Drivers) = Supported
Open Enterprise Server + IDM Bundled Edition + Purchasable Drivers = Bundled Edition limited drivers will work, Purchased Drivers will not activate
Non-OES + IDM Bundled Edition = Not Supported, May work for limited Drivers, In danger of an Audit
Non-OES + IDM Bundled Edition + Purchased Drivers = Not Supported, Purchased Drivers will not activate, In danger of Audit

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.

Related:

Community Webinar – Early look into OES2018 SP1

Madhan

Following up on the earlier blog on Registrations being open for OES2018 SP1 Beta Program, we are hosting a community webinar that gives an early look into the updates and features that will be delivered as part of Open Enterprise Server 2018 SP1. Please register for the webinar – ‘An early look at OES 2018 …

+read more

The post Community Webinar – Early look into OES2018 SP1 appeared first on Cool Solutions. Madhan

Related:

7023360: Unable to access resources when using Sophos STAS

This document (7023360) is provided subject to the disclaimer at the end of this document.

Environment

NetIQ eDirectory 8.8.8
Client for Open Enterprise Server 2 SP4
Sophos XG Firewall
Sophos Transparent Authentication Suite (STAS)

Situation

Unable to access Internet resources when authenticating to eDirectory through STAS.

Resolution

Ensure that each eDirectory user object has the UserID (UID) attribute populated. One approach is to use the steps outlined in Cool Solution “Setting Up UIDs in iManager based on CN Values” https://www.novell.com/coolsolutions/feature/18867.html

Cause

STAS relies on the UID being populated.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.

Related:

7023054: DSfW: Unable to join a NetApp SVM to a domain.

This document (7023054) is provided subject to the disclaimer at the end of this document.

Environment

Open Enterprise Server 2015 (OES 2015) Linux Support Pack 1

Open Enterprise Server 2018 (OES 2018) Linux

Domain Services for Windows
DSfW

Situation

Attempting to join a NetApp SVM version 9.3P1 or higher fails with the following message:

Error: Machine account creation procedure failed

[ 121] Loaded the preliminary configuration.
[ 451] Created a machine account in the domain
[ 452] Successfully connected to ip x.x.x.x, port 445
using TCP
[ 456] Unable to connect to LSA service on dsfw01.ourlab.com
[ 456] Successfully connected to ip x.x.x.x, port 445
using TCP
[ 459] Unable to connect to LSA service on dsfw02.ourlab.com
[ 459] No servers available for MS_LSA, vserver: 3, domain:
ourlab.com.
**[ 459] FAILURE: Unable to make a connection (LSA:OURLAB.COM),
** result: 6940
[ 460] Could not find Windows SID
'S-1-5-21-706389590-1342203275-300340892-512'
[ 465] Deleted existing account
'CN=netapp_server,CN=Computers,DC=ourlab,DC=com'
Error: command failed: Failed to create the Active Directory machine account
"FILER01". Reason: SecD Error: no server available.

Resolution

In order to join the NetApp SVM to the DSfW domain, SMBv1 needs to be enabled. This can be done by entering the following command:

cifs security modify -vserver <virtual_server_name_here> -smb1-enabled-for-dc-connections true

Cause

DSfW only supports SMBv1 at this time. NetApp version 9.3P1 and later have SMBv1 disabled.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.

Related:

7022955: DSfW: Unable to join Windows 10 version 1709 workstation to domain.

This document (7022955) is provided subject to the disclaimer at the end of this document.

Environment

Open Enterprise Server 2015 (OES 2015) Linux

Open Enterprise Server 2015 (OES 2015) Linux Support Pack 1

Open Enterprise Server 2018 (OES 2018) Linux

Domain Services for Windows
DSfW

Situation

Attempting to join a Windows 10 workstation to a DSfW domain will fail in the following conditions:
  • The Windows 10 workstation has the Fall Creators Update version 1709 installed.
  • The Windows 10 workstation is a new installation of version 1709 or higher.
  • The DSfW domain has not been updated to the 2008/2012 functional level. NOTE: In case the domain functional level has been raised, the join operation will succeed but it is not possible to access GPO’s, SYSVOL, or any other domain resources.

Resolution

In order to join the workstation to the domain, the SMBv1 feature on the Windows 10 workstation needs to be enabled using the add or remove programs method.
Details on how to do this can be found here

Cause

SMBv1 is not installed by default in Windows 10 Fall Creators Update and Windows Server, version 1709 and later versions. DSfW only supports SMBv1 at this time.

Additional Information

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.

Related: