Featured post


Welcome to the IT Store Guru website.
The main purpose of this site is to share RES ONE Identity Director (formerly known as RES ONE Service Store & RES IT Store) knowledge and resources with the vast and growing RES community. Since the RES ONE Identity Director is relatively new, there is not much information widely available yet. Luckily Identity Director resources are easily shared so hopefully this website will jumpstart the information sharing for this excellent product.

If you would like to add content to this site (in the form of blogposts, building blocks or anything like that) please let me know and I will make you sure you receive the credit for it.

Deploy Intel Meltdown-Spectre patches with Ivanti Automation

The beginning of 2018 has been all about the Intel Meltdown and Spectre vulnerabilities…….and cryptocurrency. These vulnerabilities take advantages of features that modern processors have to operate more efficiently. These features are ‘out-of-order execution’ (Intel Meltdown) and ‘branch prediction’ (Spectre).

Out-of-order execution allows a processor to execute instructions in a non-sequential manner, which will result in less time spent idle. Branch prediction is a feature that predicts what instructions will be executed and where. So in a way it will execute some instructions before they even are received from the running application.

There are several patches/updates that need to be done to mitigate these vulnerabilities. These range from new BIOS/UEFI updates, Firmware updates, driver updates and of course: patches.
There are patches from Microsoft, Red Hat, CentOS, VMware, etc. Basically just about every IT administrator has some work ahead of him/her (or he/she is already done and drinking his/her earned beer). The focus of this blogpost is the patches from Microsoft.

Continue reading

522 total views, 1 views today

Unattended Virtual Delivery Agent 7.x deployment with RES ONE Automation

In previous posts I, have already provided instructions and building blocks to automate the deployment of Citrix StoreFront and the XenDesktop Delivery Controller. While the automation of the deployment of Citrix Director is still in the planning stages, someone requested a building block for the deployment of the Citrix Virtual Delivery Agent. I started looking around other Ivanti/RES ONE Automation resources and I noticed that there isn’t much available. Sure, the unattended deployment is described very well in the Citrix Product Documentation. But ROA building blocks for VDA deployment aren’t too common. Reason enough for me to create them.

I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them.
You can find the download link for the Ivanti/RES ONE Automation building block here and also at the bottom of this blog post.
These modules have been tested on Windows Server 2016 and Windows 10 Enterprise (version 1703) and you can use the same module for the Desktop OS installation of the VDA and the Server OS installation.

Continue reading

2,083 total views, 1 views today

Unattended StoreFront 3.x deployment with RES ONE Automation

A while back I needed to automate the deployment of Citrix StoreFront 3.x for a customer I was working for at the time. However it wasn’t perfect. It only did the installation of the software and didn’t do anything with stores, server groups and certificates. Since time was scarce these items were put on hold. However, I put them on my own ToDo-list with the goal to automate an (almost) complete deployment of StoreFront with RES ONE Automation and share it with anyone who would like to use it.

I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them.
You can find the download link for the RES ONE Automation building blocks here and also at the bottom of this blog post.

These modules have been tested on Windows Server 2012 R2 and 2016 (with User Experience enabled).

Continue reading

1,484 total views, 1 views today

The Workspace Toolkit by Workspace Guru

While the current RES ONE Workspace management console is very feature rich, there is always room for improvement. There is often a task that you might want to automate or at the very least make it a bit easier. Now my fellow RES aficionado Chris Twiest (@TwiestChris) did exactly that. He had a solid business case for a couple of RES ONE Workspace related tasks, automated them and bundled them into a neat and easy to understand toolkit. Read on for all the tasks that are included in this toolkit (and for the download link of course).

Continue reading

793 total views, 1 views today

Self-service password reset with SMS verification with RES ONE Identity Director


The Self-Service Password Reset has got to be one of the most used features of RES ONE Identity Director (previously RES ONE Service Store/RES IT Store). It allows a user to reset his/her Active Directory user account password without assistance from the IT organization. This is possible on a 24/7 basis, so even in the evening or the weekends the user can use this service.

While this is very useful service, you should think about the security implications. Since the user apparently cannot login the RES ONE Identity Director site he/she should be to open the site from an untrusted network like the internet. But this would imply that everyone with internet-access can change the password of a user account as long as the username is known. So how to verify that the user requesting the service is actually the user in question?

Continue reading

1,921 total views, no views today

Logging off Citrix XenDesktop sessions with RES ONE Service Store

Picture the following setting: A rainy Sunday afternoon. You need to prepare some presentation slides for a sales pitch the following day. You are working from home and are logged in on the company’s virtual desktop (running Citrix XenDesktop). Everything is fine and you are almost done. Suddenly the screen freezes, everything is locked and you are unable to continue your preparation. You disconnect your session and try a reconnect, which is not successful.
Sadly the support desk is only available during business hours.

What should you do?
A. Cry
B. Scream
C. Start all over again on your local machine
D. All of the above

Now this is a pretty specific setting, but a customer sometimes had similar issues. Users are working in the weekend and need to contact an administrator just to logoff their session. How can you solve this with RES ONE Service Store?

Continue reading

2,573 total views, no views today

Managing published XenDesktop applications with RES ONE Workspace

For a while now RES has supported the management of published applications from Citrix XenApp. This was quite easy to do. Before the release of XenDesktop 7 there wasn’t really a difference between a Data Collector and a Session Host. Both had the same XenApp installation and if was just a matter of configuration as to which role the server had. You would need the RES Workspace Manager Console on one of the XenApp servers and you could simply select Enable Citrix XenApp Application Publishing, define your preferred options and servers and you were good to go.

In XenApp/XenDesktop 7.x this is a bit different. Since the session hosts only contain the Virtual Delivery Agent the requirements are a bit different. You need a machine with the full installation of RES ONE Workspace (Agent + Console) and the Citrix Studio. I will try to define and explain each step from the publishing to the application shortcuts.

Continue reading

4,241 total views, no views today

Unattended XenDesktop 7.x Delivery Controller deployment with RES ONE Automation

I am working on the automation of a Citrix XenDesktop 7.9 deployment for a large customer with RES ONE Automation. Since the created modules work pretty good I would like to share them with the rest of the community.

Larger customers, like the one I created these modules for, usually have dedicated database administrators. Normally only they have SQL dbcreator and security admin rights on the SQL environment. This means that you can’t create the database directly from your automation. So you need to create the XenDesktop database scripts and send them to the DBA’s.

I have created building blocks of the modules for which you can download here. I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them.

Continue reading

802 total views, no views today

Saving Internet Explorer cookies with RES ONE Workspace

Since the release of Microsoft Internet Explorer 10, Microsoft has changed the way they handle cookies. In older versions your user profile just had a folder named Cookies that contained them all. When using RES ONE Workspace, you just needed to make sure that the folder was included in the user settings.

Capturing the history was also easy. The only difference was that it was located in the local part of the profile and not the roaming part.

However, when IE 10 was released, everything changed. They started using a webcache database that’s located in the local part of the user profile. It gets locked after logon and simply adding it to the user settings in ROW apparently isn’t enough.

Check the following excellent blogs by Rory de Leur for more information:

Continue reading

4,620 total views, no views today

Manage RES ONE Workspace database connections with GPO’s

Featured image


When implementing software, an organization usually wants to go for the DTAP approach (Development, Testing, Acceptance and Production). An application gets developed for the specific organization in the Development environment. The version is then tested in the Testing environment. After that de customer/(key-)users can approve of it in the Acceptance environment and when successful it can be deployed in de Production environment.
This method defines specific steps in the development of a new application or an update of a current one. It also reduces the risk of downtime when developing or testing the new application.

Can you use this approach in combination with RES ONE Workspace?
Continue reading

745 total views, no views today