Author Archives: John Davies

Configuring Internet Explorer 11 Enterprise Mode (IE11 Compatibility Mode)

With yesterdays release of Windows 8.1 Update 1 came the significant improvement to Internet Explorer 11 with the inclusion of Enterprise Mode, also known as compatibility mode. This will encourage businesses who are struggling to move to the later operating systems because of legacy applications reliant on using the older browsers such as Internet Explorer 8. These legacy and often business critical applications have probably had a lot of investment over the years making it a difficult business decision to move away from it.

Although not a fix for all, Internet Explorer 11 Enterprise Mode is here to ease the transition. This guide is a quick start to show you how to implement, manage and set it up centrally with a quick easy to follow screen guide.

Please note that to use the Group Policy Management the Server / Workstation must be on Windows 8.1 Update 1 / Windows Server 2012 R2 Update 1 or at least your ADMX Files must be updated.

Go to the following link to download the IE 11 Enterprise Mode Site List Manager

Once downloaded install on a server / workstation of your choice – we chose to install the Site List Manager on our domain controller.

Now before we dive off in to Group Policy and went and configured IE 11 Enterprise Mode for the End Users, it is identified that Enterprise Mode requires a centralised list of sites that are to be used with Internet Explorer 11 Enterprise Mode. Reading the small print it requires a web server to obtain the xml file from. I have seen a few other posts placing it as an xml off their main public facing website – not a security choice I prefer myself, and as big advocators of DirectAccess thought it best to place the “sitelist.xml” file on an internal web server. So as shown below a blank xml file was created under inetpub\wwwroot on the respective chosen server.

Using Group Policy Management Console we now configure Internet Explorer 11 Enterprise Mode for our users and sites. Choose a common Group Policy that is used by Users, or alternatively create a new GPO just for this. We often use specialised Group Policies for Common User and Computers Settings that we wish people to have so our choice was easy.

On Opening the GPO - Navigate to User Configuration \ Administrative Templates \ Windows Components \ Internet Explorer, and select the Let users turn on and use Enterprise Mode from the Tools menu setting to Enabled as shown below.

Then open Use the Enterprise Mode IE website list – enter the URL of your Internal Webserver and xml list name as per the example shown below

Click Apply and close the Group Policy.

Now Open Enterprise Mode Site List Manager

By Clicking add will bring up the dialogue box as shown. Enter the URL and select whether to use “Enterprise Mode” or “Default Mode”. Once you enter a URL the Enterprise Mode Site List Manager will attempt to connect to the URL to validate it. Additionally it is useful for other Administrators if notes are made.

Once the Sites are added and verified then save the list to the webserver \ wwwroot \ sitelist.xml

This then becomes the central repository for the Enterprise Mode Enabled Websites which after the Group Policy has applied will automatically switch between Enterprise Mode and Default IE 11 Mode.

Now when you navigate to the Enterprise Mode Enabled URL the following icon displays clearly to the user that it is in Enterprise Mode

Hope this guide was helpful to anyone wanting to deploy Internet Explorer 11 Enterprise Mode Centrally

If you need any help or advice please feel free to get in touch and we will run through your infrastructure deployment requirements and if you have any questions about the blog post please direct any questions to [email protected]

Windows 8.1 Update 1 Released

Microsoft have finally released Windows 8.1 Update 1 today, with a few nice touches to improve the user experience and also make the new metro interface more friendly for corporate environments. Iconic have already deployed this update and the effects are quite refreshing but are still being explored.

One of the key areas of Windows 8.1 Update 1 is to the desktop experience (shown below)

Here is a quick list of the improvements in Windows 8.1 Update 1 that can make life more effective when using the desktop.

Improvements include:

On certain devices the Power and Search buttons now appear at the top-right corner next to the account picture. This enables the ability to search and shutdown / restart more easily and is available from the Start screen. (See below)

Taskbar improvements – You can now pin both desktop apps and Windows Store apps to the taskbar, making it easy to open and switch between apps right from the desktop. When using a mouse, you can also see the taskbar on any screen by moving the mouse to the bottom edge of the screen.

Boot to desktop as default – At last something that makes Windows 8.1 more accessible for corporate users. Showing the desktop and icons is usually the preference for work environments and makes the transition from previous operating systems a little more palatable.

The Start screen and the desktop are more aligned – On the Start screen, if you right-click on a tile, you will get a context menu next to the tile that shows what you can do with the tile, such as pin to Start, or unpin from the taskbar, change the tile size or even uninstall the app.

Right-clicking on an app tile on the Start screen works just like right-clicking on something on the desktop which improves the end user experience.

Internet Explorer 11 Updates – With Windows 8.1 Update, Internet Explorer 11 detects your Windows device and input type, and adapts the browsing experience (such as the number of tabs on screen, the size of the fonts, and the size of the menus) accordingly. The most important feature though aimed at the corporate environment is the inclusion of IE11 Enterprise Mode. This mode will encourage businesses to transition to Windows 8.1 because of the Internet Explorer 11 Enterprise Mode This is a compatibility mode that runs on Internet Explorer 11 on Windows 8.1 Update and Windows® 7 devices, that allows legacy websites render using a modified browser configuration that is designed to avoid the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer, like Internet Explorer 7 or Internet Explorer 8. IE 11 Enterprise Mode can either be enabled using Group Policy or by using a Registry Key.

For full details on how to use Internet Explorer 11 Enterprise Mode follow this link to TechNet

If you need any help or advice please feel free to get in touch and we will run through your requirements and ff you have any questions about the blog post please direct any questions to [email protected]

Online Data Retrieval Error -Windows 2012 R2 Upgrade

Iconic have recently upgraded a large majority of our servers to Windows 2012 R2 – most of them were in place upgrades and resulted in the errors in Server Manager as shown and explained below.

Following an upgrade from Windows Server 2012 to Windows Server 2012 R2, upon opening Server Manager you may receive an issue telling you that you got an “Online Data Retrieval Error” as seen in the screenshot below.

This error arises because the event service is attempting to read an event log that no longer exists.

We can only assume that this event log is deprecated in Windows Server 2012 but we are investigating further.

The event log in question is Microsoft-Windows-DxpTaskRingtone/Analytic

A Review of the logs in the Event Viewer confirms this.

As does a manual inspection of the logs folder.

The simple answer to fix the error is to stop the event service looking for the log file by removing it from the registry.

Backup your registry keys before applying the below fix – this is just good standard practice

Delete the following key.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-DxpTaskRingtone/Analytic

Now return to Server Manager and refresh to see all is well.

Any questions or queries please email us at [email protected]

vmware vCenter 5.1 Update 1a Available

Iconic as vmware partners, are pleased to announce vCenter 5.1 Update 1a, released May 2013. This is the release that we, at Iconic, have been waiting for, as full official support of Windows Server 2012 as a vCenter Host is finally here.

As soon as the latest release was available we immediately downloaded it and upgraded both of our vCenter servers - Live and Demo Environments. We are pleased to report that all has worked flawlessly and operations are as expected - although ote if doing an in place Windows 2008 R2 Upgrade see our additional blog of minor issues we found - but nothing to worry about as long as you do it in the right order ! If you do encounter issues and require our help please contact us at [email protected]

The ability to utilise the latest Windows 2012 Operating System has been welcome as Iconic were early adopters of Windows 2012 throughout our network..

A brief feature list has been included below to let our customers know what is included in this release.

What’s New

This release of VMware vCenter Server 5.1 Update 1a offers the following improvements:

vCenter Server is now supported on Windows Server 2012

vCenter Server now supports the following databases.

Microsoft SQL Server 2012
Microsoft SQL Server 2008 R2 SP2

vCenter Server now supports customization of the following guest operating systems:

Windows 8
Windows Server 2012
Ubuntu12.04
RHEL 5.9

vCenter Essentials no longer enforces vRAM usage limit of 192 GB

With vSphere 5.1 Update 1, the Essentials and Essentials Plus licenses no longer restrict virtual machine power-on operations when the vRAM usage limit of 192 GB is met.

Full details of this release and important information can be found here

http://www.vmware.com/support/vsphere5/doc/vsphere-vcenter-server-51u1a-release-notes.html

If you have any questions about the blog post please direct any questions to [email protected]

Citrix XenApp 6.5 Feature Pack 2 Announced

Citrix Announce XenApp 6.5 Feature Pack 2

Enhance seamless delivery of apps across devices and extend 3D graphics experiences to more users

It is reconginsed by Iconic and Citrix that the existing customers of Citrix XenApp 6.5 may be reluctant to move to the new XenDesktop 7 experinece just yet – so with this in mind Citrix has released Citrix XenApp 6.5 Feature Pack 2. Iconic will be releasing this into the Demonstration Suite for our customers to experience as soon as it is available. Check back soon for any updated blogs and installation guides / issues that may arise.

Citrix XenApp 6.5 FP2 provides new functionality, sharing many of the innovations with the XenDesktop 7 release. The latest functionality includes seamless delivery of apps through a newly redesigned unified app store and clientless Citrix Receiver. Hardware-based GPU sharing of OpenGL-based apps lowers the cost of delivering powerful 3D graphics apps. The latest Windows app compatibility and management tools from Citrix and Microsoft accelerate physical to virtual (P2V) migrations and deployment.

Unified app store for desktops, apps, mobile and data*

Redesigned Citrix StoreFront unifies app and desktop access through a seamless user experience, whether on the corporate network or remote through Citrix NetScaler Gateway.
Updated Citrix Receivers are so easy to install that users can do it themselves. Users simply enter their corporate email address after installation to automatically configure Receiver.
Clientless Receiver experience renders apps and desktops in a browser in the event that a native Receiver cannot be installed on a user’s device.

3D professional graphics delivery at lower cost

Unique GPU-sharing technology for XenDesktop hosted-shared sessions extends the reach and value of delivering 3D professional graphics apps to non-designers that view and edit 3D data.
Latest OpenGL, Direct X, CUDA and CL versions supported

Windows app compatibility and management

Virtualize apps faster with AppDNA**

Analyse existing Windows apps for use in hosted shared environments and then automatically remediate and prepare the apps for immediate use on XenDesktop.

Latest Microsoft integrations including Hyper-V3 support

Microsoft Lync 2013 VDI plug-in for Citrix Receiver for Windows enables optimized audio and video performance of the latest Microsoft Lync 2013 client for VDI and hosted-shared delivery technologies.
Microsoft System Center Configuration Manager (SCCM) 2012 Connector enables administrators to deliver any Windows application to any user on any device through Citrix Receiver as a XenApp deployment type.

If you have any questions about the blog post please direct any questions to [email protected]

Citrix XenDesktop 7 Released Today

Iconic can announce the news that Citrix XenDesktop 7 (formerly Project Excalibur) is now available for download and install today - 26th June 2013.

We have already downloaded XenDesktop 7 and started an install- we will keep you posted how this goes.

New updates to this blog will include a step by step screenshot guide on a basic install so check back on our blogs to be kept up to date as this will be available shortly.

Iconic will deploy XenDesktop 7 to our Demonstration Environment – if you want to arrange a preview look at the new features please feel free to have a look.

Below is a copy of the reference architecture which XenDesktop 7 brings to the table. The ability to publish applications and desktops – both server and VDi Desktops from one console is quite simply brilliant. Above and beyond this the new storefront is pretty great as well.

Below is a list of features listed about XenDesktop 7 and how we anticipate a great take up from new and existing clients.

Citrix XenDesktop 7 offers integrated Windows application and desktop mobility, easier deployment options and simplified management, all delivered through cloud-style architecture console. Current XenDesktop and Citrix XenApp® customers will find the new architecture easier than ever to deploy, manage and support. XenDesktop 7 represents the state-of-the-art in application and desktop virtualization, enabling any business to mobilize Windows apps and desktops and deliver them as a cloud service to any device.

Feature List

New HDX Mobile™ Technologies Deliver an Intuitive, Mobile-Friendly Experience

Enterprises are under mounting pressure to respond to the demands of an increasingly mobile workforce and BYOD. However, most businesses use Windows apps that were never meant to be mobile. Breakthrough technologies in XenDesktop 7 enable any Windows app to function intuitively and transparently on mobile devices, providing a seamless experience on devices of any type. Innovative touch screen capabilities translate multi-touch gestures and finger swipes into smooth navigation and scrolling commands. Native menu controls streamline interaction with the application by translating pull-down lists and complex mouse navigation. Powerful compression and redirection technologies automatically adjust to accommodate mobile broadband networks. Industry-leading HDX technologies now fully incorporate H.264 compression for a 100 percent increase in WAN bandwidth efficiency. New HDX compression capabilities can dynamically optimize the bit rate of full HD video so it is viewable over 3G mobile networks. New Citrix StoreFront interface unifies and secures app and desktop access through a seamless user experience - whether on the corporate network or away from the office via the Citrix NetScaler® Gateway solution.

Simple to Deploy, Manage and Support

XenDesktop 7 simplifies administration and operations with purpose-built consoles for managing and deploying virtual apps and desktops:Simplified workflows and automated configuration checking to eliminate as much as 80 percent of the time and effort needed to deploy new services. Wizard-driven installation gets deployments up and running in 20 minutes. Advanced cloud management capabilities provide a purpose-built help desk console and real-time troubleshooting with EdgeSight® end-user experience analytics tools.

Cloud-style Architecture Designed for Automation and Scale

XenDesktop 7 integrates the market-leading XenApp and VDI desktop virtualization technologies into a unified FlexCast Management Architecture (FMA) for the most scalable solution for delivering Windows apps and desktops as cloud services. Simplified architecture can deliver Windows Server (RDS) or VDI desktops from a single console, speeding production deployments by as much as 80 percent. Automated physical to virtual app migration tools powered by Citrix AppDNA software speed application migration time by 90 percent compared to manual validation. Powerful new administration features automate common tasks while integrating the configuration of profile management, StoreFront, publishing and storage optimization. Built as an open platform that can be deployed on any hypervisor or cloud management solution, including Citrix CloudPlatform™, powered by Apache CloudStack, or Amazon Web Services.

Availability

XenDesktop 7 will be available in June 2013. XenDesktop 7 is available in Platinum, Enterprise and VDI editions on a per-user, per-device or concurrent basis. In addition, the new XenDesktop App edition is available for all hosted-shared (RDS) app and desktop workloads. XenApp Enterprise and Platinum customers with active Subscription Advantage can update to this edition at no additional charge and migrate their environments at their own pace.

Forefront TMG and UAG TCP Offload

Introduction

TCP Chimney Offload Overview

TCP Chimney Offload is a networking technology that helps transfer the workload from the CPU to a network adapter during network data transfer. In Windows Server 2008 and 2008 R2, TCP Chimney Offload enables the Windows networking subsystem to offload the processing of a TCP/IP connection to a network adapter that includes special support for TCP/IP offload processing. TCP Chimney Offload is available in all versions of Windows Server 2008, Windows Server 2008 R2 and Windows Vista. Both TCP/IPv4 connections and TCP/IPv6 connections can be offloaded if the network adapter supports this feature.

More Information

We have come across various problems at customer sites where their ISA, TMG or UAG was behaving in a very strange way. The configuration within the management console seemed to be OK, and all other network components with which the ISA / TMG / UAG Firewall communicating with also seemed to be configured just fine. Still, we’d see strange problems like:

· OWA Web Publishing Rules performing very, very poorly

· PPTP VPN access failed to establish a connection, while L2TP did not experience any problems.

· Adding a second site-to-site VPN tunnel caused the existing VPN tunnel to go down, and no VPN connectivity was possible until the new tunnel was removed from the configuration.

· SMTP server publishing returned lots of failed connection attempts. Some mail would come through, but a lot of mail just failed to be delivered.

Over time we realize that all of these problems were caused by advanced Network card features that are supported in newer versions of Windows. ISA, TMG and UAG are sometimes unable to work properly if these options are enabled. Somewhere deep within the Microsoft documentation these options are mentioned, with the advice to turn all these options off.
Issue

Issue with slow connectivity to UAG portals, end point scanning and general behaviour issues

Resolution or Work Round

Disable TCP Offload

Please be aware that when modifying the network card, you will lose connectivity to the server for a short period of time and I would recommend that you can get console access to the server

The following configuration should be added to the registry:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]

“EnableRSS”=dword:00000000

“EnableTCPA”=dword:00000000

“EnableTCPChimney”=dword:00000000

“EnableSecurityFilters”=dword:00000000

To confirm the settings use the following command - netsh int tcp show global

The output should look something like this:

If receive side scaling and/or chimney offloading are enabled, you can disable them with the following commands:

netsh int tcp set global chimney=disabled

netsh int tcp set global rss=disabled