Introduction:
Keeping up with business demand for adding new applications to the Enterprise can and should be a positive and efficient experience for IS and the business.
Resulting in increased business and I.T. efficiency.
This article will cover what it takes to bring new applications into the Enterprise faster and more efficiently, thus improving business efficiency and improving IT reputation, and providing better IS service management.
The Request:
Step one: There needs to be a process or method for the business to request new applications. A form to fill out that will act as the starting point to document and assess the new application the business is requesting.
This new application request form should be filled out by the business owner. And include information such as the application name, number of users, business importance (Critical, Non-Critical), Budget for servers and infrastructure, storage requirements, expected date for go live, remote access requirements, etc...
This information is essential for bringing any new application into the enterprise, and will allow IS to determine how much resources and necessary infrastructure to purchase.
Integration Testing:
Determining how well the new application integrates into your environment is a very important step. Obtaining and installing the new application in a QA environment will allow IS to document the installation and configuration processes. And determine all of the application dependencies. Many times this phase will be the most time consuming, depending on the application complexity.
An example of a complex application, would be an application that has a database backend and a client front end, where the client side must be installed manually on the Client PC or the Citrix Server, with manual ODBC configurations and specific INI file settings per user.
An example of a less complex application, would be an application that is easily installed and configured on a Client Workstation or Citrix Server using a Windows Installer MSI.
Application Integration Methodologies:
This section is focused on choosing the best method for users to access the new application/s.
- From a network location: If the application will install and run from a single network location, UNC preferred. Then consider yourself lucky, because it allows for easy publishing in Citrix and easy launching from a client PC.
- From Citrix: If the application will not run from a network UNC, but requires an installation on the Citrix Server or client PC, you can use Citrix Installation Manager to deploy the application to your Citrix Servers and Active Directory to deploy to Client PC's. We use Altiris for application deployments on Citrix and for client PC's.
Application Security:
For starters, I have found it is important to setup an administrative security model that the next person can easily follow after I am gone.
Defining a naming standard that works in your environment: What has worked well for me is including the application name in the group name, Example: "MS Office Word 2003" and the type of application Example: "Citrix", and what the group purpose is for application security, Example: "App".
Examples of a Group Naming Standard:
App Citrix MS Office
App Citrix Lotus Notes 6.51
App Citrix EMR
I'll bet your wondering why put the App and Citrix in the name of the group, and that it would be too redunant. The answer is, that more than likely there are alot of other groups already created in your Active Directory that are difficult to determine what they provide access to.
Creating an OU named Citrix Applications, or just Applications, then creating groups in the OU named "App Citrix AppName" will allow you to sort easily and differentiate from other group types.
The point I am trying to make here is, you should be able to look at the name of the group and tell what the purpose of the group is. Another advantage is when you need to add a user to a Citrix application group, you can simply type in App Citrix and receive a list of only Citrix application groups.
Integrating Different Types of Application Security into a centrally managed group standard:
Many applicatons you publish in Citrix may require access to a Database and/or a file system network share. By using a single group "App Citrix AppName" to provide security access to your Database and/or file system network share and Citrix published application, you are essentially simplifing the security management of your Citrix published applications.
An extreme example of this is a recent application I published in Citrix. The application was a Microsoft Access database that was located on a networked mapped drive in a sub folder. This MS Access database also requires access to a Microsoft SLQ database.
Here is what I did to setup the security for this new app.
1. Created an Active Directory Global Group named "App Citrix AppName" in the Citrix Applications OU.
2. Added this group to the \\servername\share\app_folder folder security with permissions to read/write.
3. Added the group to the MS SQL database on the SQL Server using Enterprise Manager.
4. Published the application in Citrix using the Citrix Management Console with a launch something like
"C:\Program Files\Microsoft Office\Office\MSACCESS.EXE" "\\servername\share\app_folder\access_database.mdb"
5. Added the "App Citrix AppName" group to the Citrix Published application.
Defining standards like the one above will provide an easy to manage security model that will be easy for someone to follow in your footsteps without reinventing the wheel.
Application Functional and QA Testing:
After installing the new application in a QA environment and having defined the application security model, configuration settings and dependencies on other applications, you are now ready to regression test the application.
Using a business partner to thoroughly regression test the application is a must. Using Citrix, publish the new application to your business testing partners, and let them have at it.
Once all of the kinks are worked out of the application you are ready to schedule the application GO LIVE.
Production Go Live:
After installing the application on production Citrix servers, a retest is recommeded to confirm production worthiness of the new application. It is also recommended to publish the application on a minimum of 2 Citrix Servers for redundency purposes.
