- Release notes
- All how to articles
- Overview
- Licensing
- System requirements
- Get started
-
Deploy
- Citrix ADM with Citrix XenServer
- Citrix ADM with Microsoft Hyper-V
- Citrix ADM with VMware ESXi
- Citrix ADM with Linux KVM server
- Configure high availability deployment
- Configure disaster recovery for high availability
- Configure on-prem agents for multisite deployment
- Migrate Citrix ADM single-server deployment to a high availability deployment
- Migrate from NetScaler Insight Center to Citrix ADM
- Migrate Command Center configurations to Citrix ADM
- Integrate Citrix ADM with Citrix XenDesktop Director
- Attach an additional disk to Citrix ADM
- Configure
- Upgrade
- Authentication
- Access control
- Applications
-
StyleBooks
- StyleBook groups
- Importing and synchronizing StyleBooks from GitHub repository
- Use default StyleBooks
- Business application StyleBooks
-
Create and use custom StyleBooks
- StyleBook to create a load balancing virtual server
- StyleBook to create a basic load balancing configuration
- Create a composite StyleBook
- Use GUI attributes in a custom StyleBook
- Use custom StyleBooks
- Create a StyleBook to upload files to Citrix ADM
- Create a StyleBook to upload SSL certificate and certificate key files to Citrix ADM
- Enable analytics and configure alarms on a virtual server defined in a StyleBook
- Create a Stylebook to perform non-CRUD operations
- Use API to create configurations from StyleBooks
-
StyleBooks grammar
- Header
- Import StyleBooks
- Parameters
- Parameters-default-sources construct
- Substitutions
- Components
- Helper components
- Optional properties
- Properties-default-sources construct
- Nested components
- Condition construct
- Repeat construct
- Repeat-condition construct
- Nested repeats
- Outputs
- Parameter reference
- Parent reference
- Components reference
- Substitutions reference
- Variable reference
- Operations
- Analytics
- Alarms
- Expressions
- In-place interpolations
- Built-in functions
- Dependency detection
-
Networks
-
Instance management
- Monitor globally distributed sites
- How to create tags and assign to instances
- How to search instances using values of tags and properties
- Manage admin partitions of NetScaler instances
- Back up and restore NetScaler instances
- Force a failover to the secondary NetScaler instance
- Force a secondary NetScaler instance to stay secondary
- Create instance groups
- Rediscover multiple NetScaler VPX instances
- Poll NetScaler instances and entities
- Unmanage an instance
- Trace the route to an instance
-
Events
- Use events dashboard
- Set event age for events
- Schedule an event filter
- Set repeated email notifications for events
- Suppress events
- Create event rules
- Modify the reported severity of events that occur on NetScaler instances
- View events summary
- Display event severities and SNMP trap details
- Export syslog messages
- Suppress syslog messages
- Configure prune settings for instance events
-
SSL Dashboard
- Use the SSL dashboard
- Set up notifications for SSL certificate expiry
- Update an installed certificate
- Install SSL certificates on a NetScaler instance
- Create a Certificate Signing Request (CSR)
- Link and unlink SSL certificates
- Configure an enterprise policy
- Poll SSL certificates from NetScaler instances
-
Configuration jobs
- Create a configuration job
- Use record-and-play to create configuration jobs
- Use configuration jobs to replicate configuration from one instance to multiple instances
- Use variables in configuration jobs
- Create configuration jobs from corrective commands
- Replicate running and saved configuration from one NetScaler instance to another
- Reuse executed configuration jobs
- Schedule jobs created by using built in templates
- Use maintenance jobs to upgrade NetScaler SDX instances
- Create configuration jobs for NetScaler SD-WAN WO instances
- Use the master configuration template
- Use jobs to upgrade NetScaler instances
- Use configuration templates to create audit templates
- Use SCP (put) command in configuration jobs
- Reschedule jobs configured by using built in templates
- Reuse configuration audit templates in configuration jobs
- Import and export configuration templates
- Maintenance jobs
- Configuration audit
- Network functions
- Network reporting
-
Instance management
-
Analytics
- License requirements
- Logstream overview
- Settings
- Self-service diagnostics for Analytics
- Web Insight
- HDX Insight
- Gateway Insight
- Security Insight
- SSL Insight
- TCP Insight
- WAN Insight
-
Video Insight
- View network efficiency
- Compare the data volume used by optimized and unoptimized ABR videos
- View the type of videos streamed and data volume consumed from your network
- Compare optimized and unoptimized play time of ABR videos
- Compare bandwidth consumption of optimized and unoptimized ABR videos
- Compare optimized and unoptimized number of plays of ABR videos
- View peak data rate for a specific time frame
- Secure Web Gateway Analytics
-
Orchestration
-
OpenStack - integrating Citrix ADC instances
- Prerequisites
- Pre-configuration tasks in Citrix ADM and OpenStack
- Configure LBaaS V1 using Horizon
- Configure LBaaS V2 using command line
- Configure layer 7 content switching
- Manual provisioning of Citrix ADC VPX instance on OpenStack
- Provisioning of Citrix ADM VPX instance on OpenStack using StyleBooks
- Citrix ADC VPX check-in and check-out license and pooled license support for OpenStack environment
- Shared VLAN support for admin partitions
- Trial licensing workflow
- Integrate with OpenStack Heat services
- Service package isolation policies
- Flexible policy-based device allotment
- NSX Manager - manual provisioning of Citrix ADC instances
- NSX Manager - auto provisioning of Citrix ADC instances
- Citrix ADC automation using Citrix ADM in Cisco ACI hybrid mode
- Citrix ADC device package in Cisco ACI's cloud orchestrator mode
-
OpenStack - integrating Citrix ADC instances
-
Manage licenses
- Licenses for Citrix ADM License server in high availability
-
Citrix ADC pooled capacity
- Configure Citrix ADC pooled capacity
- Upgrade a perpetual license in ADC VPX to ADC pooled capacity
- Upgrading a Perpetual License in ADC MPX to ADC Pooled Capacity
- Upgrade a perpetual license in ADC SDX to ADC pooled capacity
- Citrix ADC pooled capacity on ADC instances in cluster mode
- Health monitoring
- Expected behaviors when issues arise
- Configure expiry checks for pooled capacity licenses
- Citrix ADC VPX check-in and check-out licensing
- Citrix ADC virtual CPU licensing
- Manage NetScaler SD-WAN instances
-
Manage HAProxy instances
- Add HAProxy instances to Citrix ADM
- HAProxy app dashboard
- Third-party licensing
- Role-based access control for HAProxy instances
- Monitor HAProxy instances
- View the details of frontends configured on HAProxy instances
- View the details of backends configured on HAProxy instances
- View the details of servers configured on HAProxy instances
- View the HAProxy Instances with the highest number of frontends or servers
- Restart an HAProxy instance
- Back up and restore an HAProxy instance
- Edit the HAProxy configuration file
-
Manage system settings
- Configure system backup settings
- Configure a NTP Server
- Upgrade Citrix ADM
- Configure syslog purging interval
- Configure system prune settings
- Enable shell access for non-default users
- Recover inaccessible Citrix ADM servers
- Assign a host name to a Citrix ADM server
- Back up and restore your Citrix ADM server in a single-server deployment
- View auditing information
- Configure SSL settings
- Monitor CPU, memory, and disk usage
- Configure system notification settings
- Generate a tech support file
- Diagnose and troubleshoot NetScaler instances
- Back Up and restore a Citrix ADM configuration in an HA pair
- Configure a cipher group
- Create SNMP traps, managers, and users
- Configure and view system alarms
- Citrix ADM as an API proxy server
- Hybrid and Multi-cloud Deployments
- FAQs
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
Translation failed!
Configure groups
In Citrix Application Delivery Management (ADM), a group can have both feature-level and resource-level access. For example, one group of users might have access to only selected Citrix ADC instances; another group to only a selected few applications, and so on. When you create a group, you can assign roles to the group, provide application-level access to the group, and assign users to the group. All users in that group are assigned the same access rights in Citrix ADM.
To create user groups and assign roles to user groups:
-
In Citrix ADM, navigate to System > User Administration > Groups.
-
Click Add.
-
In the Group Name field, enter the name of the group.
-
In the Group Description field, type in a description of your group. Providing a good description of the group helps you to understand the role and function of the group in a better way at a later point.
-
In the Roles section, add or move one or more roles to the Configured list.
Note: Under the Available list, you can click New or Edit and create or modify roles. Alternatively, you can navigate to System > User Administration > Users and create or modify users.
Note
You can create a new role by clicking New, or you can navigate to System > User Administration > Users and create new users from this screen.
-
Click Next. On the Authorization Settings tab, you can provide authorization settings for the following four groups:
-
Instances
-
Applications
-
Configuration Templates
-
StyleBooks
By default, your user can access all the above groups. You can clear the check boxes and provide selective access for each of these groups.
For example:
-
You can clear Instances check box and select only the required instances that you want to provide access to your users.
-
Clear All Applications check box and select only the required applications and templates. When you add applications to a group in Citrix ADM, you can use regex to search and add the applications that meet the regex criteria for the groups. The users who are bound to these groups can access only those specific applications. The regex expression specified is persisted in Citrix ADM. That is, Citrix ADM allows the regex provided in the Add Regular Expression text box to be stored in the system and dynamically updates the authorization scope whenever new applications meet this regex expression. When new applications are added to the system, Citrix ADM applies the search criteria to the new applications, and the application that meets the criteria is dynamically added to the group. You do not have to manually add the new applications to the group. The applications are updated dynamically in the system, and the respective group users can see the applications under appropriate modules in Citrix ADM.
When you add applications to a group in Citrix ADM, you can use regex to search and add the applications that meet the regex criteria to the groups. The users who are bound to these groups can access only those specific applications. The regex expression specified is persisted in Citrix ADM. That is, Citrix ADM allows the regex provided in the Add Regular Expression text box to be stored in the system and dynamically updates the authorization scope whenever new applications meet this regex expression. When new applications are added to the system, Citrix ADM applies the search criteria to the new applications, and the application that meets the criteria is dynamically added to the group. You do not have to manually add the new applications to the group. The applications are updated dynamically in the system, and the respective group users can see the applications under appropriate modules in Citrix ADM.
-
Clear All Configuration templates check box to allow access to only the required templates.
-
Clear All StyleBooks check box and select the required StyleBooks that your user can access.
You can select the required StyleBooks when you create groups and add users to that group. When your user selects the permitted StyleBook, all dependent StyleBooks are also selected. The config packs of that StyleBook are also included in what the user has access to.
-
Clear All DNS Domain Names check box and add the domain names from the list that you want your users to access.
-
-
Click Create Group.
-
In the Assign Users tab, select the user from the Available list and add the user to the Configured list. For example, “dadmin”.
Note: You can also add new users by clicking New.
-
Click Finish.
Note
As a Citrix ADM admin, you can provide either “view-only” permission or “view and edit” permission to your users for individual ADM module UIs based on access policy settings in RBAC. If the user is assigned to two or more groups, that is, if the user is internally mapped to more than one authorization scope and more than one access policy, ADM takes a union of all those groups’ permissions and authorizes the user accordingly.
For example, consider that User1 is assigned to a group that has two access policies, P1 and P2. Each policy has a different type of permission. P1 has “read-only” permission, while P2 has “view and edit” permission. You want your user to view a set of applications as part of the P1 policy, and edit a different set of applications as part of the P2 policy. But as a default behavior, Citrix ADM combines the two permission types and assigns the “view and edit” permission to the user. So your user will now be able to view and edit all the applications.
ADM doesn’t support such use cases where you can assign different types of permissions to the same user. You can assign only one type of permission to your users. ADM can either allow User1 to view all apps or a selected set of apps, or allow User1 to view and edit all apps or selected set of apps.
Mapping of RBAC when upgrading Citrix ADM from 12.0 to 12.1
When you upgrade Citrix ADM from 12.0 to 12.1, you do not see the options to provide “read-write” or “read” permissions while creating groups. These permissions have been replaced by “roles and access policies,” which give you more flexibility to provide role-based permissions to the users. The following table shows how the permissions in release 12.0 are mapped to release 12.1:
| 12.0 | Allow Applications Only | 12.1 |
|---|---|---|
| admin read-write | False | admin |
| admin read-write | True | appAdmin |
| admin read-only | False | readonly |
| admin read-only | True | appReadonly |