[00:09:04] *** IcePee has joined #Citrix
[00:09:12] *** KimJong-Il_Racoo has quit IRC
[00:09:15] <IcePee> hello
[00:09:37] <IcePee> Anyone know how to use Xenclient?
[00:09:56] <IcePee> well, xenconverter
[00:10:22] <IcePee> I keep getting open files and registry problems.
[00:17:05] *** Xago__ has joined #Citrix
[00:20:49] *** Xago_ has quit IRC
[00:29:22] *** Xago__ has quit IRC
[00:47:04] *** KidCrims has joined #Citrix
[01:34:34] *** waynerr__ is now known as waynerr
[02:04:35] *** Xago__ has joined #Citrix
[02:41:41] *** Xago__ has quit IRC
[02:55:15] *** Xago__ has joined #Citrix
[02:55:55] *** [M]ax has quit IRC
[03:00:55] *** [M]ax has joined #Citrix
[03:20:42] *** Xago__ has quit IRC
[03:33:44] *** Xago__ has joined #Citrix
[03:56:12] *** waynerr__ has joined #Citrix
[03:58:00] *** waynerr has quit IRC
[04:30:27] *** Xago_ has joined #Citrix
[04:34:11] *** Xago__ has quit IRC
[04:47:34] *** Xago_ has quit IRC
[05:05:46] *** ScottCochran has joined #Citrix
[05:06:27] *** Xago_ has joined #Citrix
[05:16:42] *** HyperJohnGraham has quit IRC
[05:21:25] *** HyperJohnGraham has joined #Citrix
[05:36:54] *** lesrar has joined #Citrix
[05:39:43] *** waynerr__ has quit IRC
[06:34:21] *** Xago_ has quit IRC
[07:39:37] *** KidCrims has quit IRC
[07:43:15] *** KidCrims has joined #Citrix
[08:33:49] *** Jenius has quit IRC
[08:35:29] *** _bugz_ has quit IRC
[09:52:26] *** HyperJohnGraham has quit IRC
[10:20:49] *** _bugz_ has joined #Citrix
[10:20:55] *** _bradk has quit IRC
[12:16:20] *** BWMerlin has joined #Citrix
[12:49:28] *** unop has joined #Citrix
[12:59:49] *** unop has quit IRC
[13:02:47] *** unop has joined #Citrix
[13:06:42] *** unop has quit IRC
[13:09:47] *** unop has joined #Citrix
[13:12:31] <Splatone> yall see this thing about RSA being hacked?
[13:19:18] *** KidCrims has quit IRC
[13:21:05] *** unop has quit IRC
[13:22:43] *** unop has joined #Citrix
[13:23:58] *** unop has quit IRC
[13:24:42] *** unop has joined #Citrix
[13:25:46] *** unop has quit IRC
[13:27:30] <tabularasa> Splatone: heh, no.. link?
[13:27:37] *** unop has joined #Citrix
[13:27:58] <tabularasa> unop: having some networking issues?
[13:28:47] <unop> tabularasa, apologies .. not a network issue, it's a desktop env issue .. i'll disable xchat until that's sorted
[13:29:40] <tabularasa> oh, i'm not worried about it.. just commenting
[13:29:46] <tabularasa> how are you doing?
[13:32:54] <tabularasa> you work for citrix?
[14:08:36] *** KaiForce has joined #Citrix
[14:18:46] *** Trixboxer has joined #Citrix
[14:25:36] <tabularasa> kdavy / gladier - around?
[14:29:09] <tabularasa> JarianGibson?
[14:29:29] <tabularasa> Trying to get windows password changes working on AGEE.. when I change to TLS auth, like KB says, auth breaks totally... what am i missing?
[14:34:11] <gladier> tabularasa: i'm around
[14:34:23] <gladier> TLS auth?
[14:34:25] <gladier> link to kb?
[14:34:39] <tabularasa> http://support.citrix.com/article/CTX122972
[14:34:47] <tabularasa> in a nutshell, users can't change their passwords in AGEE
[14:36:08] <gladier> im assuming windows dc as the backend server... what ports are you using with TLS?
[14:36:08] <tabularasa> ok good, it at least gives me an event log
[14:36:12] <tabularasa> 389
[14:36:33] <gladier> should work fine unless you have some screwy security policy
[14:36:58] <tabularasa> looks like i need some kind of certificate?  wtf
[14:37:17] <gladier> TLS still uses certificates
[14:37:21] *** unop has quit IRC
[14:37:34] <tabularasa> but what certificate... :-/
[14:37:39] <tabularasa> AD needs the AGEE certificate?
[14:37:59] <gladier> lemme find a link
[14:38:08] <gladier> havne't screwed with this in ages
[14:39:33] <gladier> http://support.microsoft.com/kb/321051
[14:40:09] <gladier> also - LDAPS communication to a global catalog server occurs over TCP 3269.
[14:40:36] <tabularasa> the cert goes where?
[14:40:42] <gladier> onto the ag
[14:41:22] <gladier> https://knowledgebase.citrix.com/article/CTX114146
[14:41:50] <gladier> close enough ... theory should be the same for root ca
[14:41:54] <tabularasa> holy annoying
[14:41:57] <gladier> yea
[14:42:04] <tabularasa> i have to do this for each damn customer?  wow
[14:42:41] <tabularasa> I don't have a CA though
[14:43:25] <gladier> im pretty sure ad has a built in self signed cert
[14:43:32] <gladier> trying to remember how to export that
[14:43:37] <tabularasa> ahhh
[14:44:11] <gladier> can you ADSIedit on 636 atm?
[14:44:47] <gladier> also is there anything specical in the AG log?
[14:45:03] <gladier> http://support.microsoft.com/kb/938703/ may also be relevant
[14:46:53] <gladier> hav eyou tried just using ssl instead of tls?
[14:46:59] <tabularasa> yeah, they both fail
[14:47:04] <tabularasa> i'm downloading adsiedit now
[14:47:10] <tabularasa> it says to use 389 though
[14:47:10] <gladier> downloading?!
[14:47:16] <tabularasa> oh, its built in now?
[14:47:30] *** KidCrims has joined #Citrix
[14:47:57] <gladier> built in with 2k8
[14:48:05] <gladier> when you have ad-ds installed
[14:48:26] <tabularasa> yeah, fails on 636
[14:49:19] <gladier> kind of annoying
[14:49:26] <tabularasa> works on 389 though
[14:49:52] <gladier> yea .. 389 will do both plaintest and starttls
[14:51:08] <tabularasa> so, basically i need to export the AD cert and import it into the AG and set to TLS and it should work
[14:51:41] <gladier> there likely isn't a cert atm
[14:51:59] <tabularasa> I have a Remote Desktop certificate with fqdn
[14:52:01] <tabularasa> :)
[14:52:16] <tabularasa> Its a Server Authentication Cert too
[14:52:27] <gladier> which probably isn't signed for the use we want :P
[14:53:09] <tabularasa> yeah...
[14:55:15] <gladier> you can probably setup a standalone ca and just use that to generate certificates
[14:55:27] <tabularasa> how did you do all of this?
[14:55:29] <tabularasa> have a CA ?
[14:55:44] <gladier> it wont affect any application other than ones that talk directly to ad and try to use starttls if the option is enabled
[14:55:48] <gladier> i'm using advanced edition ;)
[14:55:56] <gladier> tighter ad integration :P
[14:55:59] <tabularasa> i thought you were on AGEE
[14:56:01] <gladier> the access controller is on the domain
[14:56:03] <gladier> nah
[14:56:06] <gladier> but i'm playing with agee
[14:56:09] <tabularasa> interesting
[14:57:43] *** Tenju has joined #Citrix
[14:58:15] <gladier> haha http://justgeeks.blogspot.com/2009/05/using-wireshark-to-sniff-active.html the dude who commented on the post is the microsoft tech who helped sort out my issue with webclient/webdav
[15:04:40] <tabularasa> nice
[15:04:41] <tabularasa> heh
[15:09:48] <tabularasa> gladier: this blows
[15:10:49] *** ScottCochran has quit IRC
[15:11:28] <gladier> 4nod
[15:11:33] <gladier> sigh
[15:11:36] <gladier> wtf can't i sleep
[15:11:56] <gladier> gotta be up in 5 hours to pick up gf from airport
[15:12:29] <tabularasa> anyone have a CA i can borrow?
[15:13:57] *** CUGNorway has joined #Citrix
[15:14:42] <CUGNorway> OMG...there's ppl in here....hehe.....FB, Twitter, MySpace, LinkedIn and now IRC (back to the roots...hehe)
[15:14:54] <tabularasa> welcome
[15:15:05] <tabularasa> this channel was started before FB...
[15:15:11] <tabularasa> :)
[15:15:13] <CUGNorway> hehe.....awesome...
[15:15:17] <CUGNorway> no pictures in here, though
[15:17:11] <tabularasa> Whats yer skills?
[15:25:38] <Tenju> IRC is where it all goes down :)
[15:25:45] <Tenju> oh the days of XDCC
[15:29:55] *** CUGNorway has quit IRC
[15:35:03] <makson> tabularasa: I think that was the Citrix user group guys from norway!
[15:35:13] <tabularasa> makes sense
[15:36:02] *** ScottCochran has joined #Citrix
[15:38:15] *** Xago_ has joined #Citrix
[15:40:05] <tabularasa> This AGEE thing blows
[15:42:18] <makson> tabularasa:  what's the issue/
[15:42:37] <tabularasa> password changes on the AGEE
[15:43:25] <tabularasa> neeeding TLS on the AD controller, importing the cert on the AGEE... wtf
[15:45:31] <makson> huh.. I haven't done to much with AGEE but haven't heard of the neeting TLS on AD? JarianGibson might be able to help ya there
[15:45:53] <tabularasa> yeah, gladier was helping too
[15:46:28] <tabularasa> JarianGibson: hit me up when you get around, please
[15:50:20] <kreign> yay... "tag, you're it"
[16:01:05] *** Tenju has quit IRC
[16:06:18] *** BWMerlin has quit IRC
[16:09:46] <JarianGibson> tabularasa: tls or ssl needed for change password option
[16:10:03] <JarianGibson> tls 389 with cert on dc or ssl 636 with cert on ad
[16:10:29] <JarianGibson> also if you don't want auth/passwords in plain text
[16:12:00] <JarianGibson> http://support.citrix.com/article/CTX122972
[16:12:26] <tabularasa> yeah, i'm trying to figure out the cert thing
[16:12:30] <JarianGibson> http://support.citrix.com/proddocs/index.jsp?topic=/access-gateway-92/agee-ldap-authen-configure-tsk.html
[16:12:31] <tabularasa> i think we have another issue anyway
[16:12:38] <tabularasa> dude just told me that you can't change passwords in windows
[16:12:55] <JarianGibson> what dude?
[16:14:04] <tabularasa> my colleuge
[16:14:05] <tabularasa> one sec
[16:15:11] <tabularasa> ok, nm, hes an idiot
[16:15:43] <tabularasa> JarianGibson: yeah, i'm just trying to figure out the cert thing
[16:15:45] <tabularasa> did you do this?
[16:15:50] *** TuxOtaku has joined #Citrix
[16:15:51] <JarianGibson> yes
[16:15:57] <tabularasa> i don't have a CA
[16:16:00] <TuxOtaku> hey, any XenServer users here?
[16:16:04] <JarianGibson> if you setup ad cert services it will enable it
[16:16:12] <JarianGibson> just make sure to upload root cert to netscaler
[16:16:53] <tabularasa> is enabling ad cert services an invasive thing?
[16:17:31] <JarianGibson> not really
[16:17:37] <JarianGibson> it shouldn't harm anything
[16:17:40] <JarianGibson> there is another way
[16:19:04] <tabularasa> then i jsut do a certreq -new, then certreq -submit, certreq -accept
[16:19:10] <JarianGibson> http://support.microsoft.com/kb/321051
[16:19:16] <tabularasa> yeah, thats what i'm looking at
[16:19:34] <tabularasa> Then upload that cert in AGEE and link it... link it to what?
[16:19:57] <JarianGibson> just upload root cert to agee
[16:20:07] <JarianGibson> so it trusts it
[16:20:14] *** kdavy_ has joined #Citrix
[16:20:17] <JarianGibson> der format
[16:20:17] <tabularasa> so, upload the .crt thats created with the submit?
[16:20:31] <kdavy_> morning
[16:20:35] <tabularasa> morning
[16:20:39] <JarianGibson> morning
[16:20:51] <kdavy_> what'd i miss?
[16:20:54] <JarianGibson> root/issuer cert
[16:21:01] <JarianGibson> ca
[16:21:09] <tabularasa> i'm cert dense, sorry
[16:21:09] <JarianGibson> ca > cert
[16:21:18] <JarianGibson> netscaler needs ca
[16:21:21] <JarianGibson> cert is on dc
[16:21:28] <JarianGibson> no worries
[16:21:41] <tabularasa> is that cert created when i enable ad cert services?
[16:22:02] <JarianGibson> if you enable ca services you dcs will get certs and then you will have a root cert for your ca
[16:22:33] <JarianGibson> the root cert for ca is what is needed for ns to trust communication with dc
[16:22:39] <tabularasa> ok, so, after that, i jsut upload that cert to the AGEE and thats it?
[16:22:43] <JarianGibson> yep
[16:22:48] <tabularasa> that sounds too easy
[16:22:54] <JarianGibson> then change auth use tls or ssl
[16:23:00] <JarianGibson> depending on what ports you have open
[16:23:09] <tabularasa> 389 will be fine over tls
[16:23:11] <tabularasa> i'll try it
[16:23:19] <JarianGibson> yep
[16:24:38] <tabularasa> which section of the certificates console will that cert be?
[16:24:58] <JarianGibson> on dc?
[16:25:07] <tabularasa> yeah
[16:25:40] <JarianGibson> if you just open up the cert on your dc that is issued to it it should show cert path and with root. just double click on root and export it as der format
[16:26:13] <JarianGibson> if you open mmc with computer as the target you should see ad cert under personal
[16:26:17] <JarianGibson> for dc
[16:26:27] <JarianGibson> mmc snaping with certificates
[16:26:37] <tabularasa> gotcha
[16:26:40] <tabularasa> that was my question
[16:27:04] <tabularasa> http://i55.tinypic.com/2wlv6mg.png
[16:27:06] <tabularasa> ?
[16:27:27] <JarianGibson> yep
[16:27:34] <tabularasa> just that 1?
[16:27:47] <JarianGibson> you could web enrollment if you want to use it for other things
[16:27:56] <tabularasa> nah
[16:28:00] <JarianGibson> usually just the top two i do
[16:28:02] <tabularasa> enterprise or standalone ?
[16:28:14] <JarianGibson> either is fine
[16:28:23] <JarianGibson> since on dc can do enteprrise
[16:28:52] <JarianGibson> http://technet.microsoft.com/en-us/library/cc772393(WS.10).aspx
[16:28:55] <JarianGibson> shows differences
[16:29:06] <tabularasa> here goes nothing
[16:29:33] <JarianGibson> setup steps as well
[16:30:24] <tabularasa> export the private key?
[16:31:05] <JarianGibson> yes for backup
[16:31:15] <tabularasa> i mean to upload to AGEE
[16:31:36] <JarianGibson> you don't need to upload that. just upload the ca cert
[16:31:53] <tabularasa> yeah, i went to personal, double clicked on cert, copied to file
[16:31:56] <tabularasa> doing DER format
[16:32:01] <tabularasa> just wanted to know if i needed to export the key
[16:32:06] <TuxOtaku> hey I'm trying to allow my XenServer VMs to access the outside world
[16:32:08] <TuxOtaku> but
[16:32:24] <JarianGibson> not the cert itself but root cert at the top of cert path.
[16:32:35] <TuxOtaku> the NIC I have assigned as a public interface is non-pingable
[16:32:47] <TuxOtaku> there's no firewalls in place or anything
[16:32:49] <tabularasa> JarianGibson: huh?  :)
[16:32:54] <JarianGibson> open that cert and go to certificatino path tab
[16:33:03] <JarianGibson> you should have your cert for dc and then a cert for the ca
[16:33:26] <JarianGibson> click ca cert, view certficate, and export that cert in der format
[16:34:27] <tabularasa> http://i55.tinypic.com/hwafl0.png
[16:35:04] <JarianGibson> that is it since you have only that in the path
[16:35:20] <JarianGibson> sometimes you will have a cert above that
[16:36:19] <tabularasa> so, what am i mising here?
[16:37:22] <JarianGibson> nothing
[16:37:26] <JarianGibson> just export that as der and upload
[16:38:06] <tabularasa> oh, cool
[16:44:12] <tabularasa> well, that didn't work.  Auth is broken when i select TLS...
[16:45:53] *** Jenius has joined #Citrix
[16:48:07] *** Xago__ has joined #Citrix
[16:50:54] *** Xago_ has quit IRC
[16:51:02] <tabularasa> JarianGibson: suggestions?
[16:53:54] *** Richard has joined #Citrix
[16:54:15] *** Richard is now known as RichardA2
[16:55:41] <JarianGibson> hmm
[16:55:52] <JarianGibson> can use cat aaad.debug from ssh to troubleshoot
[16:57:01] <RichardA2> hello all, we develop software and want to know more about testing it under Citrix (which we dont really use, and don't have xenapp) what are the options available? I was not sure where on the Citrix site to gather information regarding this, so thought asking the experts on the ground would be better :)
[16:57:23] <tabularasa> recieve_ldap_connect_event ldap_start_tls_s :Server is unavailable
[16:57:53] <tabularasa> do i need to do some -accept command on the DC ?
[16:58:06] <JarianGibson> shouldn't have to
[16:58:32] <JarianGibson> i just sent this up and all i had to was have cert on ad, upload cert to ns, and change to tls
[16:58:49] <JarianGibson> try 636 and see if that works
[16:58:50] <JarianGibson> ssl
[16:58:55] <tabularasa> yeah, i uploaded the .cer file as DER format
[16:59:07] <tabularasa> just to the regular Certificates section on the NS
[16:59:13] <tabularasa> ssl fails top
[16:59:14] <tabularasa> too
[16:59:17] <JarianGibson> yep
[17:00:31] <tabularasa>  recieve_ldap_connect_event ldap_start_tls_s :Connect error
[17:02:03] <JarianGibson> check this http://support.microsoft.com/kb/938703/
[17:02:43] *** KaiForce has quit IRC
[17:03:12] <JarianGibson> what version of cag software?
[17:03:16] <JarianGibson> 9.1, 9.2
[17:03:55] <tabularasa> 9.2 netscaler
[17:04:05] <JarianGibson> RichardA2: you can get eval lics or download developer edition
[17:04:09] <JarianGibson> in mycitrix
[17:05:12] <tabularasa> JarianGibson: it passed all of the server authentication checks
[17:06:05] <JarianGibson> hmm
[17:06:15] *** Tenju has joined #Citrix
[17:06:30] <Tenju> Is it just me or did citrix leave the "Start From" out of XenDesktop Setup Wizard
[17:06:38] <Tenju> for XenDesktop 5
[17:09:44] <RichardA2> JarianGibson, many thanks.
[17:13:10] <TuxOtaku> no XenServer users in here??
[17:13:40] <kdavy_> TuxOtaku, i'm a XenServer abuser
[17:14:03] <TuxOtaku> kdavy_, care to help with a little problem I'm having?
[17:14:12] <kdavy_> sure, go ahead
[17:14:19] <TuxOtaku> I have VMs that have public IPs...no firewalls on any of them...
[17:14:35] <TuxOtaku> they need to allow inbound traffic
[17:14:41] <TuxOtaku> however
[17:14:45] <TuxOtaku> none of them are pingable
[17:14:55] <TuxOtaku> I have two nics on the host
[17:14:58] <TuxOtaku> one has a public IP
[17:15:00] <TuxOtaku> however
[17:15:12] <TuxOtaku> that NIC can't ping outside either
[17:15:22] <TuxOtaku> even if I give it a gateway
[17:16:14] *** Xago__ has quit IRC
[17:18:35] <kdavy_> hmm. is this at a colo?
[17:19:04] <kdavy_> you may have a MAC address block imposed by the hoster
[17:22:39] <TuxOtaku> no
[17:22:43] <TuxOtaku> no blocks or anything
[17:22:50] <TuxOtaku> we have tons of other IPs
[17:22:58] <TuxOtaku> *active IPs
[17:23:19] <TuxOtaku> let's just assume there's nothing at the ISP level blocking me
[17:23:26] <TuxOtaku> what else could it be?
[17:25:24] <kdavy_> incorrect vlan?
[17:26:02] <TuxOtaku> no vlans
[17:26:15] <TuxOtaku> just a raw connection to a router
[17:26:32] *** Tenju has quit IRC
[17:26:36] <TuxOtaku> this is definitely something WITHIN xenserver
[17:27:29] <kdavy_> TuxOtaku, could be a faulty NIC too
[17:27:47] <TuxOtaku> nope, I've swapped out NICs
[17:27:57] <kdavy_> xenserver doesn't really have anything specific - it's just linux...
[17:28:05] <TuxOtaku> that's what I figured.
[17:28:16] <kdavy_> if you boot the host from a LiveCD and assign it the same IP, will it work?
[17:28:39] <TuxOtaku> likely
[17:28:43] <TuxOtaku> brb
[17:33:52] *** RichardA2 has quit IRC
[17:57:52] <kreign> any of you know of a manufacturer who makes a decent 1U server/server chassis with dual PSUs?
[17:58:10] <kreign> and/or a specific model
[17:59:09] <tabularasa> Splatone uses some supermicro box
[18:01:47] <Rienzilla> supermicro
[18:01:54] <Rienzilla> is nice and not very expensive
[18:02:28] <jduggan> depends what spec you want but the dell r200 and r400 range are decent IMO
[18:03:03] <Rienzilla> I have these: http://www.supermicro.com/products/system/1U/6016/SYS-6016T-NTRF.cfm
[18:03:06] <Splatone> kreign: ill get a model number.
[18:04:15] <kdavy_> Rienzilla, yeah the X8DTU is a nice board too
[18:04:27] <Rienzilla> yeah I'm very happy with them
[18:04:28] <Splatone> kreign: http://www.supermicro.com/products/system/1U/1026/SYS-1026T-URF4_.cfm?UIO=Y
[18:04:33] <Rienzilla> awesome remote managament features
[18:04:49] <kdavy_> Rienzilla, do you have the onboard SAS version? saves you a PCIe slot :)
[18:04:50] <Splatone> Reinzilla: I wouldnt say awsome.
[18:05:03] <Rienzilla> mine don't have disks
[18:05:09] <kdavy_> ah
[18:05:24] <Rienzilla> Splatone: why not?
[18:05:24] <Splatone> I have two of the 1026T-URF4+
[18:05:40] <Rienzilla> It does everything that I normally would need to go on site for,except actual patching
[18:06:18] <Splatone> Reinzilla: Ive got some fujitsu's that Im comparing them to.  The Out of band features are much better on the fujitsu.
[18:06:24] <Splatone> Not bad though.
[18:06:54] <kdavy_> Splatone, I'm using these for my Nexenta head nodes: http://www.supermicro.com/products/chassis/2U/823/SC823T-R500LP.cfm
[18:07:08] <kdavy_> the black ones, though. beige is fugly
[18:07:29] <Splatone> kdavy_: I would have gone with the fujitsu for a 2u.
[18:07:57] <kdavy_> Splatone, when i bought them i didnt know Fujitsu made such good 2U boxes
[18:08:07] <Splatone> Pricing was about +1g for the fujitsu compared to the super.  The differences in the rails/management/support alone I think would be worth it.
[18:08:25] <tabularasa> JarianGibson: a @#$@#$%@ reboot fixed it
[18:08:27] <tabularasa> oh my gay
[18:08:28] <Splatone> I had to have 1u density for my project.
[18:08:35] <kdavy_> 1g per box is a fairly big difference, too
[18:08:37] <kreign> kreign, hmm thanks.
[18:09:06] <Splatone> kdavy_: Basically the support contract.
[18:09:21] <kdavy_> Splatone, yeah i get it
[18:09:23] <Splatone> I was not impressed with supermicro's rails..
[18:09:32] <kreign> kreign, I was looking at one the other day that had redundant PSUs and was geared more towards an atom type setup... 2 drive bays only, IIRC. $250ish...
[18:10:03] <kdavy_> hmm i wonder how much an RX900 S1 would cost, fully pimped out
[18:10:35] <Splatone> kdavy_: hmm.. no idea I can probably get a quote fairly quickly..
[18:11:08] <kdavy_> Splatone, nah it's overkill even by my standards
[18:11:24] <kdavy_> why would i need 64 cores in a single system?
[18:11:42] <kdavy_> and 128 memory sockets
[18:12:10] <Splatone> kdavy_: I think bill gates said we wouldnt need more than 640k way back when.
[18:12:17] <Splatone> Will need the cores.. Just a matter of when.
[18:12:17] <kdavy_> yeah yeah
[18:12:35] <kdavy_> i'd rather scale out rather than up
[18:12:44] <Splatone> kdavy_: Ibm has some neat scaling chassis's as well.
[18:13:06] <kdavy_> Splatone, yea i saw. even the HX5 blades offer some amazing scalability
[18:13:29] <Splatone> kdavy_: assuming you dont get a processor tax I dont see a problem with large quad+ socket servers.
[18:13:32] <kdavy_> they're unsupported in my BladeCenters though, so I'll stick with HS22
[18:13:43] <Splatone> although I think the 7500 series proc's are pretty salty.
[18:14:37] <kdavy_> did you see that the HS22V blade now supports 288Gb RAM in a single width blade?
[18:14:39] <Splatone> kdavy_: did you see how many slots that rx900 has on the back.
[18:14:43] <Splatone> check the data sheet.
[18:14:51] <kdavy_> Splatone, a fuck ton, yea i saw
[18:15:23] <Splatone> 14 pci-e x8
[18:15:42] <kdavy_> but will it run Crysis?
[18:16:08] <Splatone> kdavy_: you know Ill have to check for sli support.
[18:16:13] <kdavy_> :D
[18:16:36] <Splatone> Think I should quote one of those with 2tb of memory.
[18:16:57] <kdavy_> with some single-slot Quadros, you could build a pretty mean CUDA box out of it, probably could hit 28 TFLops
[18:17:07] <kreign> Splatone, supermicro cases look like they were made from the shitty extrusions left over from China's toy manufacturing.
[18:17:29] <kdavy_> kreign, yeah, just like Chevy hatchbacks (like the Aveo)
[18:17:49] <Splatone> kreign: The chassis's arent that bad the guys that designed the rails need to shoot themselves though.
[18:18:11] <kreign> kdavy, huh i'm not familiar with that vehicle but it looks pretty sharp according to a GIS
[18:18:17] <kreign> Splatone, yes
[18:18:28] <kreign> Splatone, was mainly thinking of the face plates + drive caddies as well
[18:18:59] <Splatone> kreign: Yea my super chassis's I have at my house have some shitty shitty hotswap bays.
[18:20:01] <kreign> Splatone, I've got a friend who bought a dozen of their biggest chassis (he's got something like 72Tb in them, think they're 4U) and the rails will. not. line. up.
[18:20:30] <kreign> Splatone, he and a coworker ended up fabricating new rails (both grew up on a ranch/know how to weld)
[18:20:41] <kreign> because it was almost impossible to get anything useful out of supermicro :|
[18:21:51] <kdavy_> I'm somewhat happy with the SMC rails, maybe i just got lucky
[18:22:32] <Splatone> yea unfortunately the whitebox manufactures have decreased over the years.
[18:22:39] <Splatone> anyone remember IWILL.
[18:25:56] <kreign> Splatone, hmm no
[18:26:42] <kreign> Splatone, I prefer getting a decent Intel server board + a cheap case w/ generic server PSU support (if possible) and a cheap server case over smc.
[18:26:45] <Splatone> they used to make server boards.
[18:26:51] <kreign> Splatone, maybe if I saw a logo.
[18:26:58] <kreign> how long ago is 'used to'?
[18:27:09] <Splatone> 4 years ago..
[18:27:15] <Splatone> Not sure what happened to the company.
[18:28:25] <Splatone> I have a asus xeon board at my house but Im not sure i would buy from them again.
[18:33:10] <kdavy_> i have a twin-socket Asus board with two P2-based Celerons at home :)
[18:33:26] <kdavy_> back when they allowed to run Celerons on two sockets
[18:33:48] <Splatone> kdavy_: I have a abit dual socket board thats probably very similar.
[18:33:57] <Splatone> abit bp6
[18:34:35] <kdavy_> yep
[18:42:31] <kdavy_> wow someone got the BP6 to work with Windows 7 even
[18:42:43] <kdavy_> according to wiki article about it
[18:43:15] *** Elias_Rus has joined #Citrix
[18:43:32] <Elias_Rus> hi folks
[18:49:56] <tabularasa> blah
[18:50:01] <tabularasa> howdy Elias_Rus
[18:51:58] <tabularasa> Hmmm.. anyone havea copy of 9.2 build 48.6.cl vSphere pacakge?
[18:52:03] <tabularasa> i hate how shit dissapears
[18:54:02] <Elias_Rus> tabularasa,u mean netscaler?
[18:54:11] <tabularasa> yeah
[18:54:34] <Elias_Rus> it works without problems
[18:55:40] <Elias_Rus> wait a sec I'll provide u an article how to setup it
[18:55:55] <tabularasa> i know how to set it up
[18:55:58] <tabularasa> i need the file
[18:56:06] <tabularasa> build 50 is only on the site now
[18:56:15] <Elias_Rus> 5sec
[18:57:18] <TuxOtaku> kdavy_, you still around?
[18:58:08] <Elias_Rus> tabularasa, I see only Release 9.2 Build 48.600102.e
[18:58:31] <Elias_Rus> tabularasa, NetScaler VPX for XenServer 9.2 Build 48.600102.e
[18:59:31] <Elias_Rus> so I used Appliance Firmware Release 9.2.nc (nCore) Build 48.600102.e for vSphere
[18:59:32] <tabularasa> NS9.2: Build 48.6.cl, Date: Sep 23 2010, 08:17:54
[18:59:36] <tabularasa> not ncore
[18:59:39] <tabularasa> classic
[19:00:33] <Elias_Rus> right
[19:00:41] <Elias_Rus> you can install classic
[19:00:54] <Elias_Rus> and then install the firmware
[19:01:02] <tabularasa> i gotcha
[19:01:08] <tabularasa> i think its on my laptop...
[19:01:13] <tabularasa> i'm gonna look real quick
[19:01:36] <Elias_Rus> I know it looks complex
[19:01:47] <tabularasa> its not
[19:02:02] <tabularasa> i'm just busy atm...  i had the damn file... sigh..
[19:02:05] <tabularasa> thanks though. :)
[19:03:23] <Elias_Rus> i mean a number of VPX versions and builds on citrix.com
[19:07:11] <Elias_Rus> tabularasa,  BTW howdy?  :)
[19:07:18] <tabularasa> they supply all the firware, but limit the appliance downloads to 1
[19:08:12] <makson> Do you guys sync outlook cache as part of app data? Under temp internet files the content.outlook folder?
[19:08:15] <tabularasa> whats up with 5.0 wanting like 2 cores and 4 gigs of ram ?
[19:08:21] <makson> I don't think this should be syncing with the UPM profile.
[19:08:33] <tabularasa> makson: ours is still default
[19:08:40] <makson> tabularasa: default UPM config?
[19:08:47] <makson> how big are your users profiles?
[19:09:16] <Elias_Rus> makson, we use lotus :)
[19:09:51] <kdavy_> makson, we don't run outlook in cached mode
[19:10:00] <tabularasa> we do, but move that to H:
[19:10:10] <kreign> kdavy, do you recall if there are any issues with nexenta and sata/sas backplanes and/or SFF-8087?
[19:10:15] <tabularasa> how do you find network performance not using cached mode, kdavy_ ?
[19:10:37] <Elias_Rus> tabularasa, just change your VM hardware, the limitation is in the LAN speed
[19:10:57] <kdavy_> tabularasa, good performance with Exchange 2010 - though with XenApp everything connects to Exchange over gigabit
[19:11:01] <makson> Elias_Rus: Nice! my pops was VP of the team that wrote lotus 1-2-3 back in the 80s so im always a fan of lotus hehe
[19:11:15] <tabularasa> sorry, i'm stupid... we are hosting Exchange at RackSpace
[19:11:18] <tabularasa> you aren't
[19:11:20] <kdavy_> disk I/O on exchange server is the main bottleneck to watch out for still
[19:11:24] <tabularasa> performance isn't an issue
[19:11:30] <tabularasa> network performance
[19:11:34] <kreign> makson, cool, do you have an original box set sitting around somewhere? :P
[19:11:41] <makson> kreign: sure do
[19:11:43] <makson> bunch of stuff
[19:11:54] <makson> wonder what that's worth, i would never sell it though.
[19:12:06] <Elias_Rus> makson, lotus is a nighmare and it is a peace of shit, slow and not user friendly at all :(
[19:12:14] <makson> he pased away when I was 8 so kept it around ever since.
[19:12:17] <tabularasa> makson: profiles are like 30 meg
[19:12:18] <kreign> kdavy, how's e10k compare to, say, sharepoint, as it regards disk use?
[19:12:30] <makson> ha, Elias_Rus never worked with it actually lol
[19:12:32] <kreign> makson, yep, know what you mean
[19:12:46] <makson> tabularasa: so your in exchange cached mode?
[19:12:49] <tabularasa> yeah
[19:12:54] <tabularasa> but, we host rackspace offsite
[19:12:55] <kdavy_> kreign, e2k10 has been designed for slow sata drives specifically - disk use much less of an issue than with sharepoint etc
[19:12:58] <tabularasa> if onsite, we wouldn't
[19:13:13] <TuxOtaku> sometimes, I hate XenServer.
[19:13:31] <kdavy_> kreign, no issues with nexenta and backplanes that i'm aware of
[19:13:37] <TuxOtaku> Why can I not just simply assign public IPs to virtual machines and have them just work????
[19:13:59] <kreign> makson, my pappy passed away about 8 years ago... he was under Hoover in the FBI, and lived in NY... when he passed, he had a first generation Colt Woodsman .22 and his service revolver still (as well as his badge)... freaking gun-grabbing aunt had them destroyed by the fucking state. :|
[19:14:33] <kreign> kdavy, you're using a pure sas setup though, right?
[19:14:48] <kreign> TuxOtaku, um incorrect subnet?
[19:14:57] <TuxOtaku> nope
[19:15:01] <kreign> can you ping local iface and/or loopback?
[19:15:08] <kreign> TuxOtaku, new provisioning or just a new server?
[19:15:10] <makson> kdavy_: so with outlook cached mode, would it make sense that UPM in steaming mode would pull down that cache every time profile loads?
[19:15:25] <TuxOtaku> kreign, brand new server
[19:15:33] <TuxOtaku> only a few VMs on it
[19:15:37] <makson> kreign: that's real crappy... sorry to hear that! Would have been something to keep for sure.
[19:15:42] <TuxOtaku> their private IPs work fine
[19:15:45] <makson> hopefully she didn't take the badge.
[19:15:46] <kreign> TuxOtaku, had an issue a couple weeks back where the *#$ provider provisioned the trunk wrong, so my actual broadcast and gateway were outside the subnet... that made me real happy, trying to figure it out...
[19:15:55] <TuxOtaku> nah
[19:15:58] <TuxOtaku> this is in house
[19:16:03] <kreign> makson, yep...
[19:16:13] <kreign> TuxOtaku, so you know the IP space is "good"?
[19:16:17] <TuxOtaku> yup
[19:16:21] <TuxOtaku> connected up a laptop
[19:16:35] <kreign> ok thought I'd just pass it by for consideration :)
[19:16:36] <TuxOtaku> tried the same IP I've been trying to assign to one of my VMs
[19:16:41] <TuxOtaku> worked fine
[19:16:44] <TuxOtaku> NICs are fine
[19:16:50] <TuxOtaku> swapped them out just to test
[19:16:54] <kreign> TuxOtaku, XS host can use proper IPs?
[19:17:13] <TuxOtaku> well kinda sorta
[19:17:25] <TuxOtaku> the private IP on the management interface works just fine
[19:17:35] <kreign> correct default gateway configured and netstat -rn shows happiness?
[19:17:35] <TuxOtaku> I tried to assign a public IP to xenbr0
[19:18:19] <TuxOtaku> kreign, actually, clarify something for me....which interface should have a default gateway, the public or the management interface?
[19:19:15] <kreign> um it shouldn't matter for your VMs
[19:19:22] <kreign> pretty sure the ifaces get bridged
[19:19:37] <kreign> so they'll have their own OS-level routing
[19:19:40] <kreign> (I think)
[19:20:25] <TuxOtaku> you'd think so wouldn't you
[19:20:47] <TuxOtaku> no matter what I try, nothing is working though
[19:21:38] <TuxOtaku> I tried going into /etc/sysctl.conf, turning on packet forwarding to the public xenbr interface
[19:22:26] <TuxOtaku> then adding firewall rules accepting all traffic to that interface
[19:25:53] <tabularasa> I found it on my old hard drive... woot
[19:36:34] <Splatone> tabularasa: are you using citrix UPM and doing the streaming profiles?
[19:41:56] <tabularasa> yes
[19:44:20] <Splatone> Would that be faster than manditory profile?
[19:44:32] <tabularasa> probably not
[19:44:35] <kdavy_> Splatone, nope, mandatory is faster
[19:44:52] <Splatone> I might be able to get away with manditory.
[19:45:02] <Splatone> can you still do citrix printer mapping with manditory?
[19:45:16] <kdavy_> no idea, you should be able to
[19:52:11] <makson> found one issue VIClient log files in app data are huge!
[19:52:26] <makson> not ure why it's making .lop files, guess that's on by default. I'll just exclude those from syncing.
[19:54:02] <kdavy_> ah, thinapp sequencer also writes a whole bunch of shit to the profile
[19:54:17] <kdavy_> my roaming profile is like 600Mb because of it
[19:54:46] <kdavy_> but i dont care since login takes under a minute still
[20:00:54] <tabularasa> i'm having a bitch of a time with this netscaler failover
[20:00:58] <tabularasa> i can't get the SSL certs working on the failover node
[20:02:34] <makson> kdavy_: yah, UPM has nice exclusion options but what sucks is it's only global options... should gve you ability to filter by user or atleast group.
[20:02:43] <makson> otherwise were making multiple UPM GPOs
[20:06:44] <kreign> kdavy, you have an informix guy?
[20:20:26] <kdavy_> kreign, nope
[20:20:37] <kdavy_> btw just snapped a picture of my desk: http://i54.tinypic.com/2dca79d.jpg
[20:20:56] <kdavy_> what do you think?
[20:22:53] <Rienzilla> not bad :)
[20:22:58] <kdavy_> thx :)
[20:23:03] <Rienzilla> maybe I should try portrait
[20:23:10] <Rienzilla> I have 2 24" hd panels now
[20:23:13] <kdavy_> Rienzilla, it's super convenient
[20:23:15] <Rienzilla> otoh, it's enough for me really
[20:23:27] <Rienzilla> yeah it's nice for reading
[20:24:44] <kreign> kdavy, is that a glass of beer on your desk?
[20:24:47] <kdavy_> makson, you can use chained group policies for UPM exclusions
[20:25:21] <kdavy_> kreign, cup of coffee on the left; Baltika beer glass behind the phone (empty)
[20:25:28] <kreign> oh damn
[20:25:37] <Rienzilla> I am OUT OF BEER!!!
[20:25:40] <kreign> kdavy, it's been a long time since i've had a baltika.. you like it?
[20:25:40] <Rienzilla> *meinleben*
[20:25:47] *** KimJong-Il_Racoo has joined #Citrix
[20:25:50] * kreign feels like a baltika
[20:25:53] <kreign> almost a year I think
[20:25:59] <kdavy_> kreign, yeah, i like the #6 and #7
[20:26:03] *** KimJong-Il_Racoo has quit IRC
[20:26:53] *** OmNomDePlume has joined #Citrix
[20:27:11] <kreign> #4 and #6 I think?
[20:27:16] <kreign> i can't recall which are which, i recall by the bottle
[20:27:20] <kreign> and/or beer color
[20:27:35] <kdavy_> kreign, #4 and #6 are both the dark ones - stout and porter
[20:27:36] *** OmNomDePlume is now known as MugabeOtter
[20:28:43] <kreign> heh yeah it's the 6 and 7 i like (or have had the most of) though I think I like 3 and 9 as well.
[20:28:51] <kreign> they're a bit pricey for regular consumption around here.
[20:29:16] <kreign> as a beer brand they're one of the best all around though
[20:33:54] <makson> kdavy_: how do you force disconnected sessions to logoff in 2003 XA5, i used the registry key to force it and it doesn't appear to be working it's under the ICA settings lemme lookup key.
[20:35:28] <tabularasa> GPO
[20:36:23] <makson> tabularasa: that's for TS setting's isn't it?
[20:36:24] <makson> MaxDisconnectionTime
[20:36:33] <makson> that's the reg key I added with the number of milliseconds
[20:36:47] <makson> i'm assuming what that means is after x time log off the session.
[20:37:00] <makson> and idle means after x number of time disconenct?
[20:38:13] <tabularasa> Yeah, it has settings for... idle--> Disconnected.... Disconnected-->BuhBye
[20:38:59] <tabularasa> we basically set disconnected-->buhbye and thats it
[21:33:18] *** Elias_Rus has quit IRC
[21:53:05] <TuxOtaku> ugh, there's gotta be a way to give my VMs public IPs
[21:53:13] <TuxOtaku> this is just bloody stupid
[21:57:35] <proprietarysucks> what are you on about?
[21:57:41] <kreign> kdavy, hey, what's your blog URL agian?
[22:18:17] *** MugabeOtter is now known as OmNomSequitur
[22:22:12] *** TuxOtaku has quit IRC
[22:32:42] *** OmNomSequitur is now known as RaycisCharles
[22:42:37] *** ScottCochran_ has joined #Citrix
[22:45:51] *** ScottCochran has quit IRC
[22:47:36] *** ScottCochran_ has quit IRC
[22:47:44] <Trixboxer> Hi,
[22:48:05] <Trixboxer> any idea why local storage is not mounted in df -h for a clean installation of xenserver ?
[22:55:47] <kdavy_> any idea if XenApp 5 supports USB device redirection for USB Headsets (to talk to software VoIP apps)?
[22:55:48] *** panthersGM has quit IRC
[22:57:54] <proprietarysucks> Trixboxer: doesn't mount it that way
[22:58:07] <proprietarysucks> you don't directly access the files
[22:58:43] <kreign> kdavy, hmm is there an HCL for that?
[22:58:50] <Trixboxer> yeah but the local storage which is blank is usually get mounted itself at /var/run/sr
[23:00:17] <Trixboxer> proprietarysucks: I have a 4 GB ram server which got its local disk attached automatically and now I installed a new one on 2 GIG ram and local disk is not there... I know that there is no ram relation but cant see any other reason
[23:01:03] <proprietarysucks> you misunderstood that
[23:01:22] <proprietarysucks> and now you're comparing today's layout with a false previous layout, is my guess
[23:01:32] <proprietarysucks> you don't see the local storage in the mount command
[23:01:41] <Trixboxer> nah not mount
[23:01:48] <Trixboxer> in the df -h
[23:03:13] <proprietarysucks> so, again
[23:03:17] <proprietarysucks> you won't see the mount
[23:03:20] <proprietarysucks> in df, or mount
[23:03:24] <proprietarysucks> nor should you
[23:03:46] <proprietarysucks> mine only shows: /dev/sda1             4.0G  2.3G  1.6G  60% /
[23:04:08] <proprietarysucks> and an shm mount, a xenserver.iso mount, and an nfs mount
[23:04:26] <Trixboxer> Filesystem            Size  Used Avail Use% Mounted on
[23:04:26] <Trixboxer> /dev/sda1             4.0G  1.5G  2.3G  40% /
[23:04:26] <Trixboxer> none                  380M     0  380M   0% /dev/shm
[23:04:26] <Trixboxer> /dev/mapper/XSLocalEXT--b7a0e2f8--b7df--d5d4--7a87--e75ec8612f8e-b7a0e2f8--b7df--d5d4--7a87--e75ec8612f8e
[23:04:26] <Trixboxer>                       451G   23G  405G   6% /var/run/sr-mount/b7a0e2f8-b7df-d5d4-7a87-e75ec8612f8e
[23:04:33] <Trixboxer> this is server 1
[23:04:39] <proprietarysucks> xe sr-list
[23:04:42] <proprietarysucks> also use pastebin
[23:04:54] <Trixboxer> sry
[23:05:48] <proprietarysucks> yeah, so that's xs 5.6 fp1, sorry I was looking at 5.5
[23:05:55] <proprietarysucks> you are right, it does show it
[23:06:13] <Trixboxer> http://pastebin.com/gEeDvtst
[23:06:16] <Trixboxer> hmm
[23:06:30] <proprietarysucks> that's not the same
[23:06:37] <proprietarysucks> type ( RO): ext
[23:06:46] <proprietarysucks> on mine it's
[23:06:47] <proprietarysucks> type ( RO): lvm
[23:06:56] <proprietarysucks> did you make a custom ext repository?
[23:07:00] <Trixboxer> XSLocalEXT
[23:07:02] <Trixboxer> nah
[23:07:08] <Trixboxer> nothing custom
[23:07:34] <Trixboxer> ok now on new server I created a vdi of 100gb and a vbd with vdi uuid and dom0 uuid
[23:07:39] <proprietarysucks> damnit was looking on 5.5 again =]
[23:07:43] <proprietarysucks> ok I'm on 5.6 for sure
[23:07:56] <proprietarysucks> what's the issue again? you don't see it where?
[23:07:59] <Trixboxer> xencenter shows its there but nothing in dmesg neither in fdisl -l
[23:08:25] <proprietarysucks> and?
[23:08:41] <proprietarysucks> what is the problem you're having I'm lost right now
[23:08:43] <Trixboxer> and Im thinking a way to let dom0 access its HDD
[23:08:49] <proprietarysucks> ok
[23:08:55] <Trixboxer> of size 150GB
[23:09:04] <Trixboxer> to copy the templates :)
[23:09:12] <proprietarysucks> there's a page for that
[23:09:23] <proprietarysucks> basically your options are an nfs share from within a vm
[23:09:31] <proprietarysucks> or to make a new local sr as ext
[23:09:35] <proprietarysucks> as I understand it
[23:10:40] <proprietarysucks> here's an example: http://ranash.com/?p=7
[23:11:32] <Trixboxer> k checking it
[23:11:59] <proprietarysucks> this looks interesting, though I've never done it this way: http://linuxnet.ch/groups/linuxnet/wiki/28e6d/XenServer_create_local_ISO_Repository_LVM.html
[23:16:15] <Trixboxer> ok
[23:16:20] <Trixboxer> created ISO
[23:16:28] <Trixboxer> not able to mount.. FS error
[23:16:32] <Trixboxer> making ext3 on it
[23:16:40] <Trixboxer> done
[23:16:52] <Trixboxer> got /disk :)
[23:16:58] <Trixboxer> proprietarysucks: thanks for the link
[23:19:22] <Trixboxer> gn
[23:19:24] *** Trixboxer has quit IRC
[23:27:36] <proprietarysucks> night
[23:51:33] <tabularasa> kdavy_: you around?
[23:51:38] <tabularasa> JarianGibson: you around?
[23:51:48] <tabularasa> How do you get iPads to work with AGEE using the SSL vpn?





top