Citrix announced today an update to their Xenmobile platform. 8.6 has some very nice feature enhancements and bug fixes. This feature includes updates for the Netscaler to 10.1, Build 120.1316.e:, App Controller and MDM updates. it also includes updated versions of the Worx suite of applications.
In this post I’m going to go though updating the Netscaler and the Device manager. In part 2 I’ll be going over the upgrade of the app controller and the worx suite of applications.
A real quick rundown of some of the highlights of the update are listed below:
- Client certificate authentication. Users can now authenticate their devices to XenMobile using client certificates for worx enabled apps.
- Multiple Active Directory domains support.
- You can now configure internal and external beacons in App Controller 2.9.
- Support for more than one NetScaler Gateway appliance in App Controller 2.9.
- ShareFile Setup Wizard on the Netscaler
- XenMobile Deployment Page on the Netscaler Gateway
- New MDM policy and VPP support for iOS 7.
- Geo-fencing on Android.
Netscaler Upgrade to 10.1, build 120.1316.e
The first step in upgrading XenMobile Enterprise 8.5 to 8.6 is to update the Netscaler. Start by downloading the new .e release build. You will need this build in order to use some of the enhacned features of 8.6 like client cert auth.
In this guide we’ll be upgrading a VPX. You should always take a snapshot of you Netscaler before and upgrade. If you have a HA pair of VPX’s you should start with the secondary node and update it first. It’s also a good idea to save and take a backup of your ns.conf file before you start the process. For this guide I’m going to be using WinSCP and Putty for shell and SFTP access to the Netscaler console.
1) Download the nscore package from citrix.com
2) Use putty or another SSH program to log into the Netscaler, save the current config and backup your ns.conf. In order to do this you will need to login to the netscaler and drop into the shell prompt. Note: some of the commands are in the shell others are at the netscaler prompt. Shell command are noted by the root@NSVPX-ESX# prompt and the Netscaler console is shown with just the >.
To access the shell use the command “shell“. To Exit the shell just type “exit”
root@NSVPX-ESX# cp /nsconfig/ns.conf /nsconfig/ns.conf-backup
3) Use SFTP or SCP and copy .tgz file you downloaded to new directory under /var/nsinstall, then login to the shell and extract it.
root@NSVPX-ESX# cd /var/nsinstall/10-1-120e
root@NSVPX-ESX# tar zxvf build-10.1-120.1216.e_nc.tgz
4) Execute the install script from the folder. it will ask you to reboot when finished.
5) Restart the device, log on to the web interface and verify all is good with your config.
6) If you are running an HA Pair the device will notice it’s no longer the same version as it’s partner and will shut off the propagation and sync for the config. You can verify this with the “show ha node” command.
Once you verify the upgrade and that the config is correct, fail over to the secondary node (the one we just upgraded) by exiting the shell and issuing the forcefailover command. NOTE: Schedule this for a maintenance window, slow or non-production hours. This will dump current user sessions.
7) Repeat steps 1-5 on the primary node.
8) Once you upgrade the primary verify the sync is working again. If you wish fail it back over to the primary do so by issueing the forcefailover command from the primary.
> show ha node
Upgrade Device manager to 8.6
Upgrading the MDM/Device manager to 8.6 is pretty straight forward. It’s an in place upgrade and as long as you are on version 8.0.1 or newer you should have all the correct version’s of Java in place. Also, take a snapshot of your device manager server before you upgrade (assuming it’s in a virtual environment) and backup the database if it’s hosted on a remote SQL server.
In this guide we are upgrading from 8.5 -> 8.6. I have not tested with upgrading from older versions of Device Manager.
1) log into the console of the device manager windows server.
2) Download the 8.6 Device manager from citrix.com
3) Run the setup wizard as an administrator and follow the prompts. You will get a notice about upgrading.
4) Log into the web interface of the Device Manager and verify the upgrade.
NOTE: If you have installed a 3rd Party SSL Cert Xenmobile will fail to bring up the web based admin console after the upgrade. The upgrade process removes it. During the install the device manager installer will create a backup of tomcat. The default location is “C:\Program Files (x86)\Citrix\XenMobile Device Manager\backup\”
The config will still look for the cert but won’t find it and fail because the installer deletes it after moving it to the backup folder. Here is an example from the log file (logs are found at “C:\Program Files (x86)\Citrix\XenMobile Device Manager\tomcat\logs” by default)
SEVERE: Failed to initialize connector [Connector[org.apache.coyote.http11.Http11NioProtocol-8443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[org.apache.coyote.http11.Http11NioProtocol-8443]]
Caused by: java.io.FileNotFoundException: C:\Program Files (x86)\Citrix\XenMobile Device Manager\tomcat\webapps\zdm\WEB-INF\Wildcard.p12 (The system cannot find the file specified)
Go to the backup folder and get your SSL file and move it to the correct location. Stop and start the Xenmobile Device Manager Service and the admin web console will come up. The default if you did not change it during your first install of Device Manager is http://hostname/zda
Part 2 will be posted shortly and is going to go over how to upgrade the app controller from 2.8 -> 2.9 and deploy the updated worx mail and worx web applications for android and iOS.