Professional Documents
Culture Documents
Administrator's Guide
This product includes code licenced from RSA Data Security. RSA Encryption RSA Security Inc., All Rights Reserved.
This product includes software developed by The Apache Software Foundation (http://www.apache.org/).
This product includes software developed by Adventnet, Inc. (http://www.adventnet.com) Adventnet, Inc. All rights
reserved.
Trademark Acknowledgements
Citrix NetScaler, Citrix Branch Repeater, Citrix Access Gateway, and Citrix Command Center are registered trademarks
of Citrix Systems, Inc. in the United States and other countries.
Java, Sun, and SunOS are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other
countries. Sun Microsystems, Inc has not tested or approved this product.
Portions of this software are based in part on the work of the Independent JPEG Group.
Microsoft, MS-DOS, Windows, Windows Media, Windows Server, Windows NT, Windows XP, Win32, Outlook, ActiveX,
Active Directory, and DirectShow are either registered trademarks or trademarks of Microsoft Corporation in the United
States and/or other countries.
Copyright 2001, Thai Open Source Software Center Ltd, Sun Microsystems. All Rights Reserved.
All other trademarks and registered trademarks are the property of their respective owners.
Release: 5.0
Document code: December 14 2011 02:53:26
Contents
Preface....................................................................................................7
Formatting Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Related Documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Getting Service and Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Documentation Feedback. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
Contents
iv
Contents
vi
Preface
Learn about the Command Center documentation, including information about support
options and ways to send us feedback.
For information about new features and enhancements for this release, see the Citrix
Command Center 5.0 Release Notes.
Formatting Conventions
This documentation uses the following formatting conventions.
Convention
Meaning
Boldface
Italics
Monospace
Related Documentation
Citrix documentation is available at http://support.citrix.com/.
For information about Citrix Command Center, the following guides are available:
w Citrix Command Center Installation Guide. Installation instructions for installing
Command Center on Windows and Linux platforms.
w Citrix Command Center Administrator's Guide. Conceptual reference and
instructions for administering, securing, and backing up the CommandCenter server.
w Citrix Command Center User's Guide. Conceptual reference for managing
andmonitoring NetScaler and WANScaler devices using Command Center.
7
Preface
w Citrix Command Center Release Notes. Up-to-date information about new features
and known issues.
Note: Citrix Command Center documentation is also available at: http://
docs.citrix.com.
For information about the Citrix NetScaler, the following guides are available:
w Citrix NetScaler Quick Start Guide. Quick reference for basic hardware and software
installation.
w Citrix Hardware Installation and Setup Guide. Hardware installation and initial
configuration information for all hardware models and platforms.
w Citrix NetScaler Getting Started Guide. Core concepts, installation, and
configuration instructions for setting up a NetScaler for the first time. Includes handson labs that covers commonly used features.
w Citrix NetScaler Migration Guide. Migration instructions for setting up a new version
of a NetScaler with a list of all new and deprecated commands, parameters, and
SNMP OIDs.
w Citrix NetScaler Administration Guide. Manage and monitor the NetScaler using builtin features, such as AAA policies, role-based authorization, SNMP, and statistical
counters.
w Citrix NetScaler Traffic Management Guide. Configuration and installation
information for traffic management features, such as load balancing, content
switching, and DNS.
w Citrix NetScaler Application Optimization Guide. Configuration and installation
information for optimization features, such as integrated caching and TCP buffering.
Most optimization features are policy-based.
w Citrix NetScaler Application Security Guide. Configuration and installation
information for security features, such as Denial of Service (DoS) protection,
content filtering, and rewrite.
w Citrix NetScaler Networking Guide. Configuration information for networking
features with an emphasis on dynamic routing.
w Citrix NetScaler Policy Configuration and Reference Guide. Configuration and
reference information for controlling the behavior of NetScaler functions by using
advanced policies and expressions, classic policies and expressions, and HTTP callouts.
w Citrix Application Firewall Guide. Installation and configuration instructions for a
standalone Citrix Application Firewall and the integrated Citrix NetScaler
Application Firewall feature.
w Citrix NetScaler Developers Guide. A guide for application developers who use XML
API.
w Citrix NetScaler API Reference. A reference guide for application developers.
w Citrix NetScaler Command Reference Guide. A reference that includes all NetScaler
commands.
8
Preface
w A knowledge base containing thousands of technical solutions to support your Citrix
environment
w An online product documentation library
w Interactive support forums for every Citrix product
w Access to the latest hotfixes and service packs
w Knowledge Center Alerts that notify you when a topic is updated
Note: To set up an alert, sign in at http://support.citrix.com/ and, under Products,
select a specific product. In the upper-right section of the screen, under Tools, click
Add to your Hotfix Alerts. To remove an alert, go to the Knowledge Center
product and, under Tools, click Remove from your Hotfix Alerts.
w Security bulletins
w Online problem reporting and tracking (for organizations with valid support contracts)
Education and Training
Citrix offers a variety of instructor-led and Web-based training solutions. Instructor-led
courses are offered through Citrix Authorized Learning Centers (CALCs). CALCs provide
high-quality classroom learning using professional courseware developed by Citrix.
Many of these courses lead to certification.
Web-based training courses are available through CALCs, resellers, and from the Citrix
Web site.
Information about programs and courseware for Citrix training and certification is
available at http://www.citrixtraining.com.
Documentation Feedback
You are encouraged to provide feedback and suggestions so that we can enhance the
documentation. You can provide feedback by sending email to
ccdocs_feedback@citrix.com with the subject line "Documentation Feedback". Be sure
to include the following information in your email: title of the guide, page number, and
Command Center release version.
You can also provide feedback from the Knowledge Center at http://
support.citrix.com/.
To provide feedback from the Knowledge Center home page
1. Go to the Knowledge Center home page at http://support.citrix.com/.
2. On the Knowledge Center home page, in the left pane, under Products, click
View All Products.
3. On the All Products page, under Command Center, click the version of Command
Center that has the documentation for which you want to provide feedback.
10
11
Preface
12
Chapter 1
13
Chapter 1
Chapter 1
16
Chapter 1
18
19
Chapter 1
Chapter 1
22
Chapter 1
24
Configuring Logs
The Command Center server implicitly generates server logs that you can use to
analyze the server activity and debug any issues. You can configure the log settings to
specify the number of lines each log file should contain and the log level for which you
want to use the log file. You can also generate support logs for analysis.
In this section:
w Generating Support Logs on page 25
w Viewing Server Logs on page 26
w Configuring Server Log Settings on page 26
25
Chapter 1
26
27
Chapter 1
28
Chapter 2
Configuring Groups
Configuring Users
Viewing Audit Logs for All
Users
29
Chapter 2
30
Configuring Groups
Groups are logical sets of users that need to access common information or perform
similar kinds of tasks. You can organize users into groups defined by a set of common
operations. By providing specific permissions to groups rather than individual users, you
can save time when creating new users.
If you are using an Active Directory server for authentication, groups in the Command
Center can be configured to match groups configured on Active Directory servers. When
a user belonging to a group whose name matches a group on an authentication server,
logs on and is authenticated, the user inherits the settings for the group in the
Command Center.
In this section:
w Adding Groups on page 31
w Assigning Users to Groups on page 32
w Modifying Groups on page 32
w Deleting Groups on page 33
Adding Groups
You can add groups and assign permissions to the groups.
To add groups
1. On the Administration tab, under Security, click Groups.
2. Under Groups, click Add Group.
3. Under Add Group, in Group Name, type the name of the new group or multiple
comma-delimited groups that you want to create. In case you have enabled group
extraction from Active Directory, you can browse and add groups extracted from
the Active Directory server after you have configured Active Directory settings
under Authentication settings. Click on the Browse button to select the group
name from the retrieved Active Directory group names.
Note: The Browse button is available only if you have enabled group extraction
and provided the Active Directory group attributes.
Important: When creating groups in the Command Center for group extraction
from Active Directory, group names must be the same as those defined in Active
Directory. Group names are also case-sensitive and must match those in Active
Directory. Special characters are supported in group names.
4. Under Delegated Administration, select the check boxes against the permissions
you want to assign for each feature. Note that selecting Grant administrative
31
Chapter 2
Note: To remove a selected user, click the user you want to remove in Enrolled
Users, and then click the left arrow.
Modifying Groups
After you have added a group, you can modify the permissions assigned to that group.
You can also add or remove users assigned to a group.
You can also modify a group to provide fine-grained authorization support. You can
ensure that the user performs operations only on those devices or data defined by the
authorization settings assigned to his or her account or group. For example, if you want
to restrict any operations that the user performs to a specific set of devices (for
example, NetScaler VPX), then you must set the authorization criteria with the
relevant property values as described in the following procedure.
To modify groups
1. On the Administration tab, under Security, click Groups.
2. Under Groups, click the group you want to modify.
3. To add or remove a user, under Modify Group profile, under Members, click Assign
User.
4. To change the permissions assigned to a group, under Delegated Administration,
make changes to the permissions you want to assign for each feature.
5. To configure authorization settings, click Advanced Settings.
6. Under Advanced Settings, in Property Name, select the property for which you
want to add the authorization settings (for example, Device Type), and in
32
Deleting Groups
You can delete groups that you no longer want to use from the database. Ensure that
all the users assigned to the group are removed from the group before deleting the group.
To delete groups
1. On the Administration tab, under Security, click Groups.
2. Under Groups, select the groups that you want to remove, and then click Delete.
Configuring Users
A user is an individual entity that logs on to Command Center to perform a set of
device management tasks. To allow someone access to Command Center, you must
create a user account for that user. After you create a user account, you can associate
the user with groups and set permissions according to the group requirements.
From the Command Center interface, you can seamlessly specify local or external as
the authenticaiton type for a user. You can specify the authentication type when adding
the user to Command Center, or you can edit the user's settings later.
Importanat: The external authentication type is supported only when you set up one of
the authentication servers: Radius, Active Directory or TACACS+.
In this section:
w Adding Users on page 33
w Assigning Groups to a User on page 34
w Viewing Permissions Assigned to Users
w Modifying User Profiles on page 34
w Changing the Root User Password on page 35
w Deleting Users on page 35
Adding Users
You can add new users whenever you need to provide a user access to Command
Center. By default, a new user has only log on permission. You can provide access to
various modules by making the user a member of pre-configured groups that contain
those modules.
To add users
1. On the Administration tab, under Security, click Users.
33
Chapter 2
Deleting Users
You can remove user accounts you do not want to use.
To delete users
1. On the Administration tab, under Security, click Users.
2. Under Users, click the Delete User icon next to the user name you want to delete.
Chapter 2
36