Solving Java issues on XenApp Servers (Part 1)

Recently I was troubleshooting an issue with Java on a provisioned server. The problem manifested by the user being asked to install Java when a particular UI interface was called that in turn invoked Java to display a Gannet table of appointments. As the user did not have elevated rights any attempt to install failed. Simply refusing to install also caused the function to fail. After much trial and error I determined that this was a result of two issues.

When a user connects to a Java app that user session, in normal conditions, it will try and determine if Java is installed. It does this by checking if it has a path to the \bin folder and if it has access to the cache folder. If either fails it will then attempt to install Java, however this is not possible for Citrix users normally as it will try to install on the hosting server.

What has to be done, to make Java applications work in Citrix, is to ensure that when a user connects they are able to satisfy the Java run-time requirements. To do this several changes need to be made on the hosting server so that both the run-time files are seen by the user session and that the cache is not in a location that requires privileged rights to access.

On the host XenApp server (provisioned or standard) the following needs to be done:

1. Make a note of the version(s) of Java currently installed. Download the offline installer(s) for those versions.
2. Log off all remote user sessions to ensure a clean uninstall.
3. Uninstall all Java versions currently installed on the server.
4.  Delete old file locations if any. These are often found in the following locations: C:\Program Files (x86)\Java\<version> or C:\Program Files\Java\<version>
5. Starting with the oldest (lowest numbered version) install using TS-Install or “change user” process. 
1.  If the version(s) of Java installed are pre version 6u20 you will need to make the ‘C:\Windows\Sun\Java\Deployment’ manually. This is important for supporting clients that have more current version installed locally. 
6. Once all versions are installed, you will need to change the default location for the Java cache folder. To do this:
1. Make a new folder: C:\JavaCache, make it R/W for “Everyone”. 
2. Create a file named ‘deployment.properties’ which should include the information of all Java versions installed as well as the location of the cache folder. Example:
3. Save the file, see step ‘f’ for location.
4. Create a file named ‘deployment.config’. This will have to be done for each version location and for use in ‘C:\Windows\Sun\Java\Deployment’
5. In each file you need to add the path for the properties file. This will depend on where the file is in relation to the version. Example:
6. Save file, see below for location.
7. Each of these files will need to be saved in the C:\Windows\Sun\Java\Deployment folder and C:\Program Files (x86)\Java\<version>\lib for each version.
7. Entry needs to be added in the servers PATH variable pointing to the /bin directory of each version. Example: C:\Program Files (x86)\Java\jre1.6.0_05\bin;C:\Program Files (x86)\Java\j2re1.4.2_19\bin
8. Navigate to the server configuration and access the User group rights. Ensure that either:
1. The Remote Users Group is included in the Users group or,
2. The User group includes the same user groups that are a part of the Remote Users Group.
9.  Close all. Proceed with the process of sealing the image if the server is provisioned.

What the above does is redirect the user session to a cache that doesn’t require elevated rights to access (such as the default). This along with the path changes allows the client to see that Java is installed and that the cache is available.

For verification, navigate to a Java app that is served from the configured XenApp server. Once opened access the Java Control Panel located in the System Tray, right click and select Open Control Panel. If properly operating you should be able to see the Java cache path properly configured.

If using roaming profiles you might need to reset (move or delete) the store profiles where ever they are stored.

In part two I will outline the other problem that showed up regarding Java interaction and an issue with XenApp configuration of SFTA.

Peace.

From the: Should Have Seen it Coming file ...

On March 16 Google moved all its Google App nonprofit offerings under the Google for Nonprofits group. This after moving Google Apps for Nonprofits from out of the Google for Educators Edition (which was known as Google Premium Edition) thus splitting it from Google Apps for business. With me so far? Good.

Unfortunately this meant that they also changed their guidelines which pretty much cut off all churches (schools however are still able to apply to the GA for Education), political NPOs, evangelical groups, and any one that limits its members by race, religion or sexual orientation. There are additional restrictions but I’ll not list them all here, follow the link if you want to know more.

So imagine my surprise at the surprise of some in the religious community that were not aware and others that should have known also being in “shock” that this had happened … five months ago. The change was posted the day it happened and people on Google Apps Forums have been generally aware of it, by posting about it, at least two months ago.

Here’s the thing; some would have you believe that Office 365 is the answer. For some it very well could be but if you are deciding based on TOC and ROI then Office 365 compared to Google Apps for Business just don’t add up well, even for nonprofits. What really gets me is that in the article Christianity Today takes a snipe at an old foe of cloud computing: security. “Services like Google use public - not private - servers, raising the possibility of future security breaches involving e-mails, documents, and other sensitive data.” (Christianity Today) Thing is that they then quote a ridiculous price for a private server running Exchange. Trust me that cost is way off any way you slice it.

So let’s set the record straight:

    Google Apps for Business - $50/user/year [no minimum requirement]
    Microsoft Office 365, Plan E2 (w/ charity discount) - $76.80/user/year [25 user minimum]
    Microsoft Office 365, Plan E3 (w/ charity discount) - $115.20/user/year [25 user minimum]

You can argue which option gives you the most bang for the buck. Even I’d say that for a church that already has Office 2010 you might seriously consider Office 365. Doing the math however shows that for a 320 user environment, going with Google Apps will save a church $8,576 per year (over plan E2). Google Apps is just as secure as Office 365 and can sync with the more common Microsoft Office applications (Word, Excel, etc.) improving collaboration at no additional cost. There is a process to get the discount on Office 365 so be sure and work with closely with a qualified adviser.

It’s unfortunate that Google decided to cut off the groups and institutions that it did. It’s still highly possible that they will change their mind. Seeing the “outcry” however makes me wonder if the change is that impactful. Yes, of course they probably shouldn’t have but then again the changes seem focused on polarizing groups. I’ve also like to put forth that maybe some of those nonprofit groups that were affected might be able to side step it if they a) file their own 501(3)c application or b) for multiple charities create an umbrella group separate from their church.

Either way, as you can see from above, all is not lost. With Google Apps for Business you get more than enough tools to carry on the good work that you do. If you need someone to help chart the course just contact Astral IT Solutions, a Google Apps Reseller and a Microsoft Cloud Partner. Whichever you choose, we can help get it done right.

Ok so what happened?

Hi all, been a bit of a break since my last post. Those (very) few that have come out here might be wondering what happened? Well this happened:

Astral IT Solutions

Yep, those changes I hinted at near the beginning of the year, well that was it. I finally got fed up with where I was and pulled the trigger on starting up my own company. Of course I'd been toying with various ideas and mulling my future paths for a long time prior. In the end it came down to two things that made me jump the shark: 1) I kept seeing more new technology that, due to my position, I'd never get to dig into, 2) getting passed over and put under a sales person for head of IT was just a bit much on top of everything else I'd had to deal with for 14 years.


Hey, don't get me wrong, I'm proud of all that I accomplished at CCB and I wish them all the best. I learned so much and had a great time building a thriving company. However after being instrumental in making the company what it is now I felt that it was obviously time to move on ... so I did.

It has been a hectic process and things are still in flux but I'm happier than I ever have been. I'm building something that I can once again really dig into and succeed or fail, it's all mine.

So check out our site, it's pretty bare bones right now. Just a matter of having time to get more out there. We are also on Facebook, Twitter, and LinkedIn. Give us a like or add us to your twitter feed. We will be posting more on them about cloud computing, virtualization, and related subject both from us and others in the industry.

Oh and check back too. I'll be re-posting some of my original blogs, some new stuff, and just a few rants on occasion. :D

Peace.

New Year, New Outlook

Ahhhh, just getting my head around the fact that it's 2011 now.

Some big things are coming but I'm not going to post any details here yet. I will say this ...

Stay tuned! :D

I'm back ... and just a small rant to start things off.

Like most people I've been thinking on politics. Not going to a debate on who is right or wrong but instead I'm wondering if any thing will change substantively.

Let me explain.

In the last two years we have seen unprecedented changes in the small business, and nonprofit, communities. The economy is in rough shape though it is slowly improving, but during all this the efforts to improve small business have failed. Why? Simple, even though there have been quite a few positive actions from the previous congress (and some real stinkers), small businesses are still hobbled. Not by government or any immediate actions by either party but instead the whole thing is held back by the banks. Yep, it's well documented that the same banks that our government helped out by dumping money into in the vain hope they would lend it back to the public instead have decided that it's makes more sense to simply hold on to it and use it to make more money abroad.

It is a shame really. We have seen that people are really PO'ed that there are no jobs. But maybe they should really look around. Stop being tools. Start really thinking for themselves and see that regardless of the rhetoric it's not one party or the other that is the problem but instead it is those that have the power AND the money and prefer to pad their own bottom line instead of doing what was expected of them.

In the mean time we look forward to total gridlock in Washington as the Republicans seemingly don't get why they were elected (i.e get jobs not revenge, oh and making sure a kid can go see a doctor is actually a good thing) and the Democrats are totally lost. I fear the next two years will be nothing but one party trying desperately to kill off the other. Compromise? Not likely from either side and it has been stated as an absolute "NO" from at least one. Wonderful.

Ah well enough non tech ranting. I'm back and I'll be posting more soon.

Peace.

This just in: NPs are hurting.

This from the "wow, really?!" file: charitable groups and private foundations are having a hard time finding donations.

Last year nonprofit groups and organizations were finding it hard to meet demands. Now comes a report that this year they are having an even harder time. Not really a surprise to be totally honest here. Neither was the claim that some were forced to cut services while others had to lay off people or the corollary claim of switching from pay based to volunteer staff (though not as many went that route that I would have expected).

You can get more details by reading the actual survey here. Be sure and read the full survey (linked on that page) as the summary is a bit to simple to be very useful.

It got me wondering though on just how many of those know what a dedicated IT solution provider can do for them. In the survey it highlighted that demand increased for 63% of those surveyed so that means that over all they had even more reason to maintain their tech edge. Hard to do when you're bringing in less ... unless you know how to leverage your advantages. Wink, wink, nudge, nudge.

Still the effect of the economy on NP's in general is sad. These are the people that you go to when all else fails. They fill the gaps left by state and federal cuts or just in areas that never got any coverage at all. Over 6,900 and if things keep going the way they are, we will see up to 547 disappear. I can only hope that I won't need one of those that end up fading away.

Back from Vacation and ... wth?

OK so here I am back from vacation and of course there is a bunch of things I need to resolve. While I did stay in the loop while I was gone it's never quite enough.

For those interested, I had a very relaxing vacation.

So on my return I meet with our Strategic Partner Manager (I think that's her title) and she tells me "kudos for squaring away VMware" (I'll post about that some other time ... maybe) but then goes on to tell me that we have a pita situation with McAfee. Seems they need over half a dozen people certified per company or they won't deal with us or give us the savings we need to help out nonprofits. My response was: really? What the heck?! (ok I PG'd that but you get the point)

This from McAfee, the "also ran" of AV solutions.

Look, I'm all for people getting certified. I mean it's only logical that they do it so they can truly know what it is they are actually selling. Considering that nonprofits need even more advice/information/hand-holding it's even more important for us. But really, do you need a cadre of people for a product that is basically considered by many to be on low end of the spectrum for anti virus solutions?!

To be totally honest I can't see any AV solution provider needing anywhere close to that. Anti-virus software is so "point-and-click" and generally automated that the only place I can see needing certified sales and support people is when dealing with enterprise level installations. Even then you really should have the person onsite (or contracted) to install/support the solution with the certification, for sales it's really just a matter of knowing what the best license cost level is the best fit. So there should be at least one (or 2-3 depending on the sales staff size) but what McAfee is asking for is a bit on the ludicrous side of things.

Needless to say we will go ahead and get things rolling so we can service our customers but the writing is on the wall. McAfee can only blame themselves for hurting their sales with draconian reseller requirements. Then again the question is: do they even care?

Somehow I doubt it.