Release Notes for Build 50.33 of Citrix ADM 12.1 Release
March 11, 2019|Release notes version: 1.0
Note
Build 50.33 replaces Build 50.30
This release notes document describes the enhancements and changes, lists the issues that are fixed, and specifies the issues that exist, for the Citrix ADM release 12.1 Build 50.33. See Release history.
Notes
- This release notes document does not include security related fixes. For a list of security related fixes and advisories, see the Citrix security bulletin.
- This build includes fixes for the following 2 issues that existed in the previous Citrix ADM 12.1 release build: 696616, 717069.
- The known issues section is cumulative. It includes issues newly found in this release, and issues that were not fixed in previous Citrix ADM 12.1 releases.
- The [# XXXXXX] labels under the issue descriptions are internal tracking IDs used by the Citrix ADC team.
Additional Changes/Fixes Available in Replacement Builds
Build 50.33: NSADM-29892, NSHELP-5680, NSADM-24940, NSADM-20017, NSADM-29891, NSADM-30009, NSHELP-5880
Points to Note
Some important aspects to keep in mind while using Build 50.33.
Security fix in this release
- Citrix ADM Agent Release 12.1 Build 50.33:This build addresses a security vulnerability and its applicable only for Citrix ADM Agent. For more information, see https://support.citrix.com/article/CTX247738.
Changes in Citrix product names
- You might notice new names in our products and product documentation. This is a result of the expansion of the Citrix portfolio and cloud strategy. NetScaler Management and Analytics System (MAS) is now renamed to Citrix Application Delivery Management (ADM). This is part of the Citrix unified product portfolio. Implementing this transition in our products and their documentation is an ongoing process. For more details about the Citrix unified portfolio, see https://www.citrix.com/about/citrix-product-guide/.In-product content and documentation might still contain former names. For example, you might see instances of earlier names in console text, messages, directory/file names, screenshots, and diagrams. It is also possible that some items (such as commands) might continue to retain their former names to prevent breaking existing customer scripts. Related product documentation and other resources (such as videos and blog posts) that are linked from this product’s documentation might still contain former names.[# 718794]
What's New?
The enhancements and changes that are available in Build 50.33.
Analytics
- Including aggregated attack time in Security Insight reportsThe Total Violations report in Security Insight displayed the attack time as “NA” if the selected duration is more than one hour. Now, if you select “1 Day” from the list, the report displays all attacks that are aggregated and the attack time is displayed in one-hour range. If you choose “1 Week” or “1 Month,” all attacks are aggregated and the attack time is displayed in one-day range.[# 686874]
- Support for EDT sessions in HDX Insight reportsThe HDX Insight displays now displays the number of EDT sessions and non-EDT sessions as part of the active sessions report. The Users table displays a detailed report of all the users in the system. Also, a new donut chart has been introduced to allow you to see bandwidth consumed by the user and also the total number of bytes based on the type of protocol used by the users.[# 709971]
- Support for displaying Citrix ADC instances in high availability and cluster mode in Web Insight reportsThe Citrix ADM analytics reports now display reports for ADC instances that are deployed in high availability mode and in clutser mode. Aggregated reports for instances in high availability mode and in cluster is supported in all Citrix ADM analytics. For example, in HDX insight reports, both total session launch count and total application count is displayed as a combined report instead of individual reports for each instance in the group.Note:All data previously collected before you upgraded to Citrix ADM 12.1 build 50.x continues to be displayed as independent reports for the period of time until the data persists.For ADC instances deployed in cluster mode, Observation Domain ID/Observation Domain Name are replaced by CLIP host name and CLIP. All data previously collected continues to report Observation Domain ID/Observation Domain Name. For more details, see Citrix ADC instances deployed in high availability mode and cluster mode.[#710913][# 714281, 716600]
- Support for displaying both load balancing and content switching virtual servers in Web Insight reportThe Web Insight reports now displays data from load balancing virtual servers that are bound to content switching virtual servers, you can view data for both virtual servers separately. For more details, see Load balancing servers bound to content switching servers.[# NSHELP-4263, ENH0660553]
Hybrid and Multi-cloud
- Support for provisioning and autoscaling of Citrix ADC instances deployed in AWSThe Citrix ADM supports provisioning and autoscaling of Citrix ADC instances in AWS. The Citrix ADM collects statistics of the threshold parameters (CPU usage, memory usage, throughput) from the autoscale provisioned clusters. These values are evaluated against the customer-configured value. If the threshold parameter values exceed the maximum limit, scale-out is triggered. Similarly, if the threshold parameter values operate below the minimum limit, scale-in is triggered.The advantages of the Citrix ADM autoscaling features are:• Ensures that the application is up and running all the time irrespective of traffic demands.• Citrix ADC instances are added and removed dynamically making it a zero-touch manual configuration.• Domain names are updated automatically whenever new Citrix ADC instances are added.• Enables better cost management.[# 708449]
Licensing
- Support for pooled licensing for Citrix ADM license servers deployed in high availabilityYou can now assign the same license to both Citrix ADM license servers that are deployed in high availability. This is possible because the host id of the primary server is configured as the virtual host id of the secondary server whenever failover happens. Therefore, the license recognizes the same host id on both servers and gets assigned to both servers.[# 707979, 716634]
- Support to view the bandwidth license usage report on Citrix ADMYou can now view the usage report of the bandwidth licenses that you have uploaded in Citrix ADM, by navigating to Networks > Licenses > Bandwidth > Pooled. You can also view the usage reports for virtual CPU licenses by navigating to Networks > Licenses > Virtual CPU licenses.[# NSHELP-5342, NSADM-14321, ENH0695874]
Orchestration
- Registering Citrix ADM with OpenStack in FQDN formatYou can now register Citrix ADM with OpenStack by providing OpenStack details in FQDN format.[# NSHELP-5689, ENH0708840]
StyleBooks
- GitHub import and sync for StyleBooksYou can now use the “Repositories” feature in Citrix ADM to directly import and sync StyleBooks from GitHub repositories. You can sync StyleBooks from multiple GitHub repositories. StyleBooks that are created in GitHub and imported from GitHub repositories are still dependent on Citrix ADM RBAC policies in the same way as StyleBooks imported manually. You can configure a GitHub repository using either GitHub username and password or an API token.[# 699790, 674634]
System
- Support for message for the dayYou can now create a welcome message that is displayed when you logon to Citrix ADM. You can use this feature to set reminder messages for yourself or the user who logs on to Citrix ADM.[NSHELP-5454][# 695996, 671209]
- Ability to upload MAS collector bundle to CIS directlyYou can now upload the technical support files to Citrix Insight Services (CIS) website by running a script on the ADM console.[# 707188]
- Configuring customer identity on Citrix ADMCitrix proactively collects statistics on your ADM deployments to understand your deployment usage and deployment scale. The statistics collected on health, status, and usage pattern of the ADM deployment on your premises allows Citrix to provide an enhanced user experience. To utilize this feature, create a customer identity on Citrix Cloud and provide the user details on ADM.[# 710005]
- Support to shut down Citrix ADM from the user interfaceYou can navigate to System > System Administration and click on Shut Down Citrix ADM to completely shut down Citrix ADM. Note: Once you shut down Citrix ADM, be aware that you can start Citrix ADM again only from the hypervisor where you have installed it.[# 715121]
Fixed Issues
The issues that are addressed in Build 50.33.
Analytics
- If Citrix ADM is configured to receive traffic from ADC instance through the IPFIX protocol, then there is memory leak observed in mas_afdecoder process. If the mas_afdecoder process memory consumption continues for a longer period of time, it might affect the overall system performance.[# 714125, 714383]
- If you are a user with "read-only" permissions, you cannot see the diagnostic related icons in any of the analytics pages.[# 715785]
- When you configure AppFlow by adding an HTTP expression rule and launch the application, the Citrix ADC cluster might fail.[# 717448]
- In Citrix ADM, the application dashboard historical report displays more data volume than the Web Insight bandwidth values. This release includes the fix for this issue.[# 718359]
- Citrix ADM now periodically runs AppFlowParamConfig and EnableFeatureAppFlow commands for each partition on the ADC instances, if the ADC instances are deployed in high availability mode.[# NSADM-29892]
Applications
- If a GSLB virtual server is part of any custom application, Citrix ADM doesn't display the statistics correctly for the newly added GSLB server.[# 715639]
High Availability
- Citrix ADM in high availability goes to split-brain state intermittently after upgrade from 12.1 48.18 build to 12.1 49.23 build.During upgrade, if the ADM subsystems do not start within three minutes, failover occurs, and this might lead to split-brain state.[# NSHELP-5680, 715802]
Licensing
- The virtual IP addresses are now referred as licensed or unlicensed rather than basic or advanced.[NSADM-30153][# NSADM-24940]
- When you log on, Citrix ADM displays alerts for licensing of those virtual servers that are discovered in Citrix ADM, but are not managed.Note: Citrix ADM displays alerts only when auto selection of virtual servers is enabled and only if the number of discovered virtual servers is more than 30.[# NSHELP-5614, NSADM-15893, 713763]
Networks
- When you are creating an event rule, you can add new trap destinations. But if you modify the newly added trap destination, it might get removed from the list.[# 715024]
- Statistics of virtual servers are not displayed if the virtual servers are part of Citrix ADC instances that are deployed in high availability.[# 715243]
- By default, Citrix ADM displays 50 Syslog messages in each page. You can now display more messages in one page by choosing 100, 250, 500, or 1,000 messages per page.[# 715260]
- Citrix ADM performance subsystem crashes every few hours and this has an impact on the network reporting.[# 715483, 715393, 716079, 712975]
- Syslog messages are displayed in multiple pages in Citrix ADM. When you search for Syslog messages in one page by entering a keyword, the same search results are not retained when you move to another page. You have to search again by entering the same keyword. With this fix, Citrix ADM displays the result of the search in all pages.[# 715671]
- Though you can upload any certificate or certificate key file from your local storage system to Citrix ADM, the “read” permissions for such files are not retained by ADM. When such files are uploaded by ADM to respective ADC instances, ADC displays such files as invalid files.[# 716691]
- Intermittently, Citrix ADM might miss collecting data points. This might affect the daily, weekly or monthly reports.[# 716778]
- When you configure two event rules that corresponds to the same event, but have different event ages, Citrix ADM considers only the rule that has a lesser event age configured on it. With this fix, Citrix ADM considers both event rules.[# 716930]
- When you export a dashboard or schedule report on the Network Reporting Dashboard page, the report is generated based on the duration and not the start and end time.[# NSADM-20017]
- The default task log is sorted in the descending order based on the start time column.[# NSADM-29891]
- Citrix ADM fails to upload a file in Config Job or Audit template if the filename is same as the one which is already uploaded. This failure may occur if you don't have write permission for the file.[# NSADM-30009]
- Citrix ADM fails to process any SNMPv3 packets received from the ADC instance intermittently after upgrading the Citrix ADC instance or Citrix ADM itself, or rebooting the ADC instance. Such failures may occur because invalid memory (freed memory) is used for some other memory allocation.[# NSHELP-5880, 717857]
Orchestration
- OpenStack does not concurrently process multiple requests from multiple tenants.[# 715153, 715004]
- When you add an extra management IP (floating public IP) address during Citrix ADC VPX high availability deployment, you had to perform a forced failover and then rediscover the instances from Citrix ADM. With this fix, a forced failover and rediscovering the instances is not necessary and you can deploy configurations on OpenStack.[# NSHELP-5686, 715363]
StyleBooks
- End of line characters appearing at the end of string values are incorrectly stripped. For example "\\r\\n".[# 709094]
- Citrix ADM displays an error message that says "Invalid format found. Upload .yaml files" when you earlier tried to upload a valid .yaml file using Chrome or Firefox browser. This issue is fixed, and now you can upload valid .yaml files from Chrome or Firefox browser.[# 716670, 716466, 716693]
- Citrix ADM displayed an error message that says "No JSON Object Decoded" when an externally authenticated user creates a custom application using StyleBooks. This issue is fixed, and an external user can now create custom applications using StyleBooks.[# 716793]
System
- You cannot perform a global poll on all virtual servers and services when you have "read-only" access permission. But, Citrix ADM doesn't display any error message that says you are not authorized to perform this action until the last step in that task.[# 696616]
- Sometimes, you might not be able to restart Citrix ADC instances from Citrix ADM. This is because some instances require more than ten minutes to restart and Citrix ADM waits only for ten minutes for the instances to restart. With this fix, you can now configure the Citrix ADM reboot time up to 30 minutes.[# 716178, 716156]
- If you are authorized to view only certain applications in an ADC instance, Citrix ADM should display only those servers, service groups, and domains that belong to that application.Citrix ADM currently displays all servers, service groups, and domains present in that instance.[# 717069]
Known Issues
The issues that exist in Build 50.33.
Applications
- When you try to change the name of the application that you own, a false warning message is displayed that says an empty application is created.Workaround: Select 'Yes.' Navigate to Network Functions and click "Poll Now." You can now see the change in the name of the application.[# 717063]
Networks
- Any SSH command issued from Citrix ADM to a Citrix ADC instance fails, if the CLI prompt configured on the instance contains the ">" character.Workaround: Remove any ">" character from the CLI prompt in the instance.[# 713740]
- Citrix ADM does not display any error message when you delete a DNS domain that is used in an application.[# 717071]
- DNS domain names are not visible in Citrix ADM GUI immediately after an external user or a local user configures it through API.Workaround: Log out and log on again.[# 717081]
StyleBooks
- Occasionally, the creation of an application using StyleBooks might fail when basic authentication is performed through API.This issue is not seen when the Session ID is used instead of basic authentication.[# 717096]
System
- Citrix ADM might fail to create or edit a user group when you try add more than 500 applications in the group. This is specifically noticed when the name of the application is more than 65536 characters.[# 716102]
- If you create an application using an instance that is not in the scope of your authentication, Citrix ADM does not display any error message.[# 717080]
What's New in Previous NetScaler MAS 12.1 Releases
The enhancements and changes that were available in NetScaler MAS 12.1 releases prior to Build 50.33. The build number provided below the issue description indicates the build in which this enhancement or change was provided.
Analytics
- Web Insight now identifies and displays the following user agents (browsers) and the operating systems that are used to perform web transaction.• User Agents: IE, Chrome, Firefox, IE 11, Opera, Safari, Blackberry, SeaMonkey, Camino, NetFront, Microsoft Edge, Citrix Receiver, Opera 15, or later.• Operating Systems: Windows 7, Windows 8, Windows 8.1, Windows XP, Mac OS X on Intel, Windows Vista, Windows 2003, Windows 2000, Mac OS X on PPC, iPad, iPhone, Android, Windows 10, Citrix Receiver, Ubuntu, and Linux.[From Build 49.37][# 653420]
- Ability to view client reports based on receivers in HDX InsightUser agents represent the overall bandwidth/total bytes consumed by each receiver client in the form of a doughnut chart. Each colored segment in the chart represents one receiver client. You can click on each segment to view the details of the users using that receiver client. For more information, see https://docs.citrix.com/en-us/netscaler-mas/12-1/analytics/hdx-insight/view-reports-metrics.html#user-view-reports-and-metrics[From Build 49.37][# 702268]
- Viewing security insight for Citrix ADC instances with an application firewallNetScaler MAS now supports security insight from all Citrix ADC instances that have application firewall configured on them. For more information, see https://docs.citrix.com/en-us/netscaler-mas/12-1/analytics/security-insight.html[From Build 49.37][# 708013]
- Self-diagnostic check for analyticsNetScaler MAS performs self-service diagnostic check every 12 hours to identify any license issues or configuration issues on the managed instances that are associated with the following analytics features:• Web Insight• HDX Insight• Gateway Insight• Security Insight• Secure Web Gateway AnalyticsThe self-service diagnostic generates a diagnostic report if issues are found. For more information, see https://docs.citrix.com/en-us/netscaler-mas/12-1/analytics/self-service-diagnostic.html[From Build 49.37][# 709970]
Networks
- Ability to send event notifications to SlackEarlier, in NetScaler MAS GUI you had an option to send email notifications for events. You can now send an event notification to Slack channel also.Configure the required Slack channel by providing the profile name and the webhook URL in NetScaler MAS GUI. The event notifications are then sent to this channel. For more details, see Adding event rule actions section in https://docs.citrix.com/en-us/citrix-application-delivery-management-service/networks/events/create-event-rules.html[From Build 49.37][# 656472]
- Test button for email configuration for NetScaler MAS event notificationsWhile sending emails for event notifications, you might want to send a test email to test the configured settings. The “Test” button now allows you to send a test email after configuring an email server, associated distributed lists and other settings. This feature ensures that settings are working fine. For more details, see Create event rules. For more details, see Adding event rule actions section in https://docs.citrix.com/en-us/citrix-application-delivery-management-service/networks/events/create-event-rules.html[From Build 49.37][# 684948]
- Customization of event notification email subject lineIn a large network that has many virtual servers configured, you as an admin might receive a high number of emails every day. But you might want to see the name of the affected entity in the mail popup when the mail is received so that you can determine the affected entity without having to open the email. Under Networks > Event > Rules, when you create a rule and set email notification rules, you now have an option to include some additional information such as the name of the affected entity (failure object.) For more details, see Adding event rule actions section in https://docs.citrix.com/en-us/citrix-application-delivery-management-service/networks/events/create-event-rules.html[From Build 49.37][# 705142]
- Customizing the Subject while scheduling the export of network reportsWhile scheduling network reports, you can customize the heading of the report by entering a text string in the Subject field. The report created at the scheduled time will have this string as its name. For example, for network reports originating from a particular virtual server, you can type in the subject as "authentication-reports-10.106.118.120," where 10.106.118.120 is the IP address of the monitored virtual server. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/networks/network-reporting.html[From Build 49.37][# 705515]
- Role Based Access Control on GSLB domainsYou can now allow only authorized users to perform GSLB configuration using StyleBooks as RBAC is currently supported on GSLB domains also.NetScaler MAS now supports a new entity called “DNS Domain Name.” In NetScaler MAS, navigate to Networks > DNS Domain Name and add the DNS domain names entries. Navigate to System > User Administration > Groups. Define RBAC settings for a user group on selected domain names from the available list of domain names.This RBAC setting applies to your users when they are trying to configure GSLB using StyleBooks. The users can use only one or more DNS Domain Names that they are authorized to use.[From Build 49.37][# 706988, 708419]
- Configurable auto license support for non-addressable virtual serversNetScaler MAS, by default, does not automatically apply licenses to non-addressable virtual servers. For licensing non-addressable virtual servers, you must disable the auto-license option and manually select the non-addressable virtual servers. This increases your effort to manually select the non-addressable servers initially when you apply the licenses, and also when you need to select the new non-addressable virtual servers whenever they are added to your network.The new option in NetScaler MAS under Networks > Licenses > System Licenses is “Auto-select non-addressable Virtual Servers.” Enabling this option now allows you to explicitly specify that the licensing should include non-addressable virtual servers also. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/licensing.htmlNote:NetScaler MAS, by default, still does not auto select non-addressable virtual servers for licensing.Application analytics (App Dashboard) is the only analytics supported currently on licensed non-addressable virtual servers.[From Build 49.37][# 707843]
- Support for HTTP and HTTPS port customizationYou can now specify non-default ports in NetScaler MAS to send HTTP and HTTPS requests to a Citrix ADC CPX instance. The non-default HTTP and HTTPS ports are configured while creating a Citrix ADC Profile. For more details, see How to create a Citrix ADC Profile section in https://docs.citrix.com/en-us/netscaler-mas/12-1/configure/add-instances.html[From Build 49.37][# 708213]
- Ability to tag Citrix ADC instancesTags are terms or keywords that you can assign to a Citrix ADC instance to associate some additional description about the Citrix ADC instance. NetScaler MAS now allows you to associate your Citrix ADC instances with tags. These tags allow you to group, identify, and search for the Citrix ADC instances. For more details, see Create tags and assign to instances. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/networks/instance-management/create-tags.html[From Build 49.37][# 708603]
- Improvements in Citrix ADC pooled capacity featureA few modifications have been made in the pooled licenses page in NetScaler MAS for Citrix ADC VPX instances. A new set of states have been introduced while you allocate licenses in the license pool to Citrix ADC instances on demand. The states are as follows:-Allocated-Grace-Sync in progress-Partially allocated-Device not managed-Allocated. Not applied to the device-Connection lostAlso, a few more details about the state of license allocation have been added to NetScaler MAS. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/license-server/netscaler-pooled-capacity/configuring-netscaler-pooled-capacity.html[From Build 49.37][# 709975, 711457]
- Improved functionality to search Citrix ADC instancesConsider a scenario where NetScaler MAS is managing many Citrix ADC instances. You might want the flexibility to search the inventory of instances based on some search parameters. NetScaler MAS now offers two search criteria - tags and properties to search efficiently for a subset of Citrix ADC instances that qualifies the search parameters.Example: Consider you want to search all Citrix ADC instances that are on version 12.1 and are in the UP state. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/networks/instance-management/create-tags.html[From Build 49.37][# 709997]
Orchestration
- Deploying OpenStack LBaaS configurations through StyleBooksIn the OpenStack orchestration workflow, NetScaler MAS now uses the "os-cs-lb-mon" StyleBook to deploy LBaaS configurations on Citrix ADC instances allotted to the OpenStack tenant. Using StyleBooks for configuration in OpenStack workflow provides the following benefits:• better visualization by providing the ability to view all the configuration objects• reliability through rollback• support for various Citrix ADC instance types (Citrix ADC HA, partitions, VPX, MPX, and others)• customization by using your own StyleBooks to deploy configuration for OpenStack tenantsFor more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/orchestration/integrate-with-openstack-platform/provisioning-adc-vpx-instance-on-openstack-using-stylebooks.html[From Build 49.37][# 702345, 702340]
- Ability to enable CICO and pooled license support for OpenStack environmentThe service package page in the Orchestration feature in NetScaler MAS is enhanced to provide the license that is required to be installed on the Citrix ADC instances that are created on demand. The licenses provided can be either CICO or pooled capacity license. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/orchestration/integrate-with-openstack-platform/license-support-for-openstack-environment.html[From Build 49.37][# 709181]
- Ability to route traffic from Citrix ADC to back-end servers through the client networkIn the OpenStack orchestration workflow, Citrix ADC instances are dynamically bound to the load balancer or client networks and member or server networks. In certain deployments servers are also reachable through client networks and can be routed through the client gateway. In such cases, the Citrix ADC instances need not be bound to server networks, but they need to be bound only to client networks. NetScaler MAS then configures the Citrix ADC instance to client networks by adding a SNIP in that network, and will further add a default route to the client network gateway. This enables the instance to reach the servers through the client gateway. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/orchestration/integrate-with-openstack-platform/preconfiguration-tasks-mas-openstack.html#enabling-traffic-from-citrix-adc-instances-to-backend-servers-through-client-network[From Build 49.37][# 709950]
StyleBooks
- Back-end SSL Protocol support by SharePoint StyleBookSharePoint StyleBook now supports SSL to bind service groups (SharePoint application servers) to the target load balancing virtual servers. For more details, see https://docs.citrix.com/en-us/netscaler-mas/12-1/stylebooks/business-application-stylebooks/microsoft-sharepoint-stylebook.html[From Build 49.37][# 706507]
- Using StyleBooks to create load balancing virtual servers with an application firewallYou can now automate the configuration of Citrix ADC WAF (Web Citrix Web App Firewall) feature using the new default WAF StyleBook in NetScaler MAS. This StyleBook allows users to create a load balancing virtual server with associated App Firewall policies and settings.Note: Before you can configure App Firewall signatures, you must create the signatures objects in the Citrix ADC instance from the appropriate default signatures object template. You cannot configure or modify the default signatures objects through the WAF StyleBook.[From Build 49.37][# 708597]
- Ability to migrate existing config packs created through application dashboard to a different StyleBookNetScaler MAS now allows you to migrate (or upgrade) an existing configpack to a new StyleBook for all applications created using StyleBooks in application dashboard. Click "Define Custom App" to view the configpacks created. Click "Migrate Configpack" and select the new StyleBook from the "Choose target StyleBook for migration" page. For more information on how to migrate configpacks, see https://docs.citrix.com/en-us/citrix-application-delivery-management-service/stylebooks/how-to-create-custom-stylebooks/migrate-configpack.html[From Build 49.37][# 717133]
System
- Improvements to NetScaler MAS user interfaceNetScaler MAS user interface has been updated to help you accomplish your tasks more easily and conveniently. Some of the major changes that you will see are as follows:• Some of the action buttons have been repositioned.• The instances overview page is removed. Citrix ADC VPX, MPX, CPX, SDX instances are now grouped under Citrix ADC page, and you can access them as different tabs. Similarly, Citrix ADC SD-WAN WO and SE/EE instances are grouped.• On SSL Dashboard page, SSL Audit trails has been renamed as "SSL Audit Logs."• On Network Functions page, "virtual servers, services, service groups, and servers" sub nodes now appear as tabs for each selected network functions such as Load Balancing, Content Switching, Cache Redirection, Global Server Load Balancing (GSLB), Authentication, and Citrix Gateway.• You can now create IP blocks by navigating to Analytics > Settings > IP Blocks.• A table can spill over to multiple pages because NetScaler MAS displays only a definite number of row entries that you have selected in one page. Earlier you were able to sort row entries only on the current page. The other pages never displayed sorted entries. You can now sort the table in any page, and all the pages of that table will display the sorted results.[From Build 49.37][# 710010]
Fixed Issues in Previous NetScaler MAS 12.1 Releases
The issues that were addressed in NetScaler MAS 12.1 releases prior to Build 50.33. The build number provided below the issue description indicates the build in which this issue was addressed.
Analytics
- In Security Insight, the Search functionality in the application summary table does not work.[From Build 49.37][# 630276, 685673]
- Citrix ADC instance might occasionally crash when there is a toggle between enabling/disabling AppFlow configuration.[From Build 49.37][# 702155]
- The combined graphical view in HDX insight shows incorrect time zone.[From Build 49.37][# 703906]
- Aggregation of Gateway Insight fails if HDX Insight is not enabled, because the the report time was not getting set as required. This build fixes this issue.[From Build 49.37][# 709233]
- NetScaler MAS upgrade from 12.0 to 12.1 fails for this scenario: the database summarization configuration (days to persist hourly data) is set for more than ten days (default is one day) for Analytics.[From Build 49.37][# 710501]
- Agent registration fails because of the Unicode characters seen in the location details.[From Build 49.37][# 711737]
- When you edit a previously created IP block in the Configure IP Blocks page under Analytics > Settings by changing the city, region, and country, and when you try to edit the settings again, the Configure IP Blocks page displayed the name of the previous city. This build fixes this issue.[From Build 49.37][# 712110]
- In some cases, the Citrix Gateway appliance dumps core during the authentication if the following conditions are met:- The Citrix ADC appliance is configured for nFactor authentication.- The Gateway Insight feature is enabled for the appliance.[From Build 49.37][# 713011, 713168]
- You cannot configure AppFlow on Citrix ADC instances when the virtual server name has "blank" spaces.[From Build 49.37][# 713133]
- It is not possible to see information in Web insight when you access NetScaler MAS with “read-only” privileges.[From Build 49.37][# 713404]
- NetScaler MAS analytics might not show web insight reports consistently. Delay in accessing GeoMap location sometimes delays the aggregation of analytics reports for web insight.[From Build 49.37][# 713648]
Applications
- Citrix ADC exports "multiple application terminate" records for the same application. This causes NetScaler MAS afdecoder process to crash.[From Build 49.37][# 709462]
- If a GSLB virtual server is part of any custom application, NetScaler MAS doesn't display the statistics correctly for the newly added GSLB server.[From Build 49.37][# 715639]
- NetScaler MAS does not display the number of transactions and the data flow volume for GSLB applications on the application dashboard.[From Build 49.37][# 716878]
- NetScaler MAS doesn't display any information for virtual servers related to applications created on ADC instances deployed in high availability.[From Build 49.37][# 716906]
High Availability
- When a Citrix ADC instance in high availability mode is assigned to a user group, and if the instance pair fails over, the instance is no longer assigned to the user group.[From Build 49.37][# 709202, 709126]
- When there is no communication between both the nodes due to downtime in the network link, the primary node continues to operate as primary. But the secondary node takes over as primary because of the failure to receive heartbeats, and both the nodes would run their database instances. As there is no heartbeat exchange for over 180 seconds, both the nodes consider themselves to be the primary node. Both nodes act as active nodes and run their instances of the database. This is known as a split-brain scenario.[From Build 49.37][# 709770, 709768]
- After a manual failover, NetScaler MAS doesn't receive SNMP v3 traps. This is because, the configuration changes in the Citrix ADC instance are not complete for the new primary node in the high availability, and the Citrix ADC instance is not sending the traps to NetScaler MAS after a failover.[From Build 49.37][# 709802]
- If you configure one node in a pair of Citrix ADC instances in high availability mode with the IP address in the range 171.31.200.x, this pair of Citrix ADC instances is not discovered by NetScaler MAS.[From Build 49.37][# 710589]
High availability
- When you upgrade NetScaler MAS from 12.1 release 49.31 build to 49.34 build, database streaming might stop syncing between the NetScaler MAS nodes that are deployed in high availability.[From Build 49.37][# 717049]
Networks
- There might be a situation where a table spills over to multiple pages because NetScaler MAS displays only 25 row entries in one page. Earlier you were able to sort row entries only on the current page. The other pages never displayed sorted entries. You can now sort the table in any page, and all the pages of that table will display the sorted results.Note: This feature works only if the number of records in a table is less than 25,000.[From Build 49.37][# 689564, 688717, 686689, 708454]
- If a Citrix ADC VPX instances on the Citrix ADC SDX platform is discovered independently of the SDX, and if you later configure the Citrix ADC SDX platform, the already discovered VPX should be correctly linked to the SDX.[From Build 49.37][# 699718]
- Reports are not visible after NetScaler MAS fails to respond when the EventFilterManager::execute_action command is run.[From Build 49.37][# 701430, 710050]
- Duplicate entries are displayed when you filter all listed entries in network function such as load balancing, content switching, cache redirection, and others.[From Build 49.37][# 704095]
- Though you can see system notifications about "userlogout," you might not receive any email notifications.[From Build 49.37][# 704344]
- The Networks event digest report data is getting truncated due to formatting issues.[From Build 49.37][# 704980]
- You cannot configure AppFlow on virtual servers if NetScaler MAS is configured with any interface other then 0/1.[From Build 49.37][# 705330]
- Consider a scenario where you have RBAC access to only Networks, Analytics, and System nodes. The default behavior is that the first node in the navigation pane, that is, Networks should be the landing page when you access NetScaler MAS. But now the Analytics node is the landing page.[From Build 49.37][# 705347]
- Do not include white spaces in configuration audit template names.[From Build 49.37][# 708003]
- When you select a CB5000 Citrix ADC SD-WAN instance and click Current Configuration, NetScaler MAS displays a message that says there is an error in retrieving CloudBridge Current Config. This build fixes this issue.[From Build 49.37][# 708771]
- When you add Citrix ADC SD WAN WO instance to NetScaler MAS, SNMP connection is not successful, and the GUI becomes unresponsive.[From Build 49.37][# 709146]
- Though you disable the auto selection of virtual servers for licensing feature, it is enabled by default after upgrading to 12.1[From Build 49.37][# 710490]
- SNMP v3 based event reporting does not work after upgrading NetScaler MAS to version 12.1. Citrix recommends the following workaround for the Citrix ADC instances in version 12.1 build 48.13 added in NetScaler MAS.[From Build 49.37][# 710564, 673744]
- You cannot schedule exporting of reports in Network Reporting because the export input parameter for the external user list exceeds the limit of 4096 chars.[From Build 49.37][# 710872]
- In accordance with the new naming conventions, VPN in Configure Analytics view is renamed as "Citrix Gateway" as seen in the NetScaler MAS user interface.[From Build 49.37][# 711012]
- While creating configuration jobs using the master config template, you might have to upload the same config file multiple times after editing the file. You can successfully upload the file the first time. Later uploads fail without any user notification.[From Build 49.37][# 711593]
- Consider a situation when you configure an event rule with the action as "send trap." If there are multiple events that match the above rule, and when NetScaler MAS attempts to send multiple traps at the same time, the event crashes. This is due to multithreading process failure.[From Build 49.37][# 712016]
- NetScaler MAS does not discover the service group members when the server members are configured with same server name but different port numbers.[From Build 49.37][# 712022]
- Auto-rollback in NetScaler MAS doesn't happen when you run wrong commands. For example, "rm" commands. You get a "null" if rollback command is not available.[From Build 49.37][# 713923]
- If you use the name of an existing configuration template as the name of the configuration job, you might not be able to edit the job later.[From Build 49.37][# 713926, 713927]
- If you add a Citrix ADC SDX of version that is of 11.0 or lesser release in NetScaler MAS, then the dashboard of SDX from NetScaler MAS UI displays an error.[From Build 49.37][# 715803]
- NetScaler MAS performance subsystem reports high CPU utilization that might impact the data points in network reporting dashboard.[From Build 49.37][# 716235, 716602, 716917, 717603]
- When you navigate to Networks > Events, the events are not displayed in the order for the first time. If you click the Date column header, the events appear chronologically sorted.[From Build 49.37][# 716615]
Orchestration
- NetScaler MAS displays an unknown system error when a service package is created for the first time for OpenStack. This error occurs when tenants are being assigned to the service package.[From Build 49.37][# 709947]
StyleBooks
- If there is an error while importing a StyleBook in 'raw' format, the scroll bar in the StyleBook editor stops working. Sometimes, the scroll bar doesn't work after deleting a StyleBook.[From Build 49.37][# 710372]
- NetScaler MAS displays an error message that says "Invalid format found. Upload .yaml files" when you earlier tried to upload a valid .yaml file using Chrome or Firefox browser. This issue is fixed, and now you can upload valid .yaml files from Chrome or Firefox browser.[From Build 49.37][# 716670, 716466, 716693]
- NetScaler MAS displayed an error message that says "No JSON Object Decoded" when an externally authenticated user creates a custom application using StyleBooks. This issue is fixed, and an external user can now create custom applications using StyleBooks.[From Build 49.37][# 716793]
System
- When you attempt to restore NetScaler MAS, it may fail to respond, and the following error is displayed: "Restore exception: File access error: directory not empty: /var/mps/tenants/root/device_backup" when restore is attempted.[From Build 49.37][# 705132]
- To defend against ClickJacking attacks, configure a list of allowed hosts. The content security policy (CSP) frame-ancestors and X-Frame-Options are not included in the whitelist. Add them explicitly to the whitelist.[From Build 49.37][# 706431, 705731]
- When you try to connect to Citrix ADC instances using SSH, the NetScaler MAS subsystem crashes. This is fixed in this build.[From Build 49.37][# 707100]
- NetScaler MAS fails to prevalidate the Citrix ADC instance if the NTP details are added in rc.netscaler file. You can now select those Citrix ADC instances and remove them while upgrading the instances.[From Build 49.37][# 708466]
- When you upgrade NetScaler MAS from 12.0 to 12.1, only one non-default site is preserved, and the rest are deleted. You must create the sites again. There is no workaround for this issue.[From Build 49.37][# 710509]
- Certificates that have passphrase in them have difficulty connecting to the database.[From Build 49.37][# 710876]
- When a Citrix ADC instance is removed from NetScaler MAS, the backup files associated with the instance are not removed.[From Build 49.37][# 711302]
- In NetScaler MAS, auto purging of data in the database does not free up disk space.[From Build 49.37][# 711405]
- While upgrading NetScaler MAS to 12.1-48.18, the tenant_id in some of the entries in a job_schedule table in the database does not get updated. The jobs in this job_schedule table also include a job with job name -> "DeviceBackupSchedule" which is responsible for performing the automatic back up from NS instances. As the tenant_id is not present against this job in the table, the automatic back up is not working.[From Build 49.37][# 712073, 714304]
- NetScaler MAS might fail to create or edit a user group when you try add more than 500 applications in the group. This is specifically noticed when the name of the application is more than 65536 characters.[From Build 49.37][# 716102]
Release history
For details of a specific release, see the corresponding release notes.
- Build 50.33 (2019-03-11) (Current build) Replaces: 50.30
- Build 49.37 (2019-01-14) Replaces: 49.23