MFCOM to PowerShell: How to Make the Transition

MFCOM has been the de facto standard for programmatically interfacing with Citrix XenApp. Whether you wanted to write a simple script or develop an application that interfaced with XenApp, MFCOM was the answer. Now, Citrix is committed to building their management architecture on PowerShell–not just for XenApp, but for all Citrix products. That’s great news for standardization across platforms and aligning with Microsoft on using PowerShell for management architectures. Now, the question is how do you take what you know about MFCOM and translate that to PowerShell?

As you may of may not already know, Citrix has committed to building their management architecture (and SDK) on PowerShell – not just for XenApp, but for all Citrix products.

In XenApp 6.0, MFCOM is not available anymore. The underlying architecture has changed dramatically enough to make backward compatibility with MFCOM impossible. The replacement for MFCOM is PowerShell. MFCOM-based scripts need to be completely re-written in XenApp cmdlets. In most cases, the conversion should be simple and most MFCOM scripts can be replaced with one-liner PowerShell commands.

Source: Citrix XenApp 6 PowerShell SDK reference manual.

That’s great news for standardization across platforms and aligning with Microsoft on using PowerShell for management architectures.  But, that begs the question – what do you do about all those scripts and applications that leverage MFCOM going forward?  I’ll be presenting a session at BriForum 2010 with Brandon Shell about this very topic.  The session will cover:

  • General Object Orientation
  • Specific Citrix XenApp objects
  • Examples of how scripts and applications were done with MFCOM
  • Converting scripts and applications to use PowerShell
  • PowerShell remoting
  • Availability of PowerShell cmdlets on XenApp 5 and XenApp 6
  • C# applications leveraging the PowerShell command wrapper

BriForum takes place from June 15th to June 17th at the Hilton Chicago Hotel.  There is still time to register.

How to get the Username AND Password of a user in Citrix Web Interface 4.0

Have you ever wanted to get the username and password from an authenticated user in Citrix Web Interface? This article tells you exactly how to do just that.

Have you ever wanted to get the username and password from an authenticated user in Citrix Web Interface? I was once tasked to grab the username and password of the authenticated Citrix Web Interface user and pass those credentials along to a custom Lotus Notes web application. Using the Web Interface SDK (available at http://apps.citrix.com/cdn/sdk/webinterface_sdk.asp), I was able to get just what I needed. Here is how it’s done:

The down and dirty explanation
The first thing you’ll need to understand is the object model Citrix uses in Web Interface. Citrix provides you with a lot of base classes you can use to programmatically get the information you need. All these classes are documented in the SDK. The class we’re interested in for this example is the AccessToken class. The AccessToken class allows you to get the user’s username (but not the user’s password). To get the user’s password, you’ll need to use the PasswordBasedToken Interface. The AccessToken class implements the PasswordBasedToken interface which exposes a method called getPassword(). This method returns a string that is the user’s password. Check out the code below:

The code
<%
PasswordBasedToken pbt = null;
AccessToken ac = authGetPrimaryAccessToken();
pbt = (PasswordBasedToken)ac;

string strUsername = ac.getShortUserName();
string strPassword = pbt.getPassword();
%>

That was easy (almost too easy).
Notice the use of the authGetPrimaryAccessToken(). This is a function that Citrix gives you to get the primary access token holding the credentials the user used to authenticate to Web Interface. This function can be found at path_to_your_wi_server\site\serverscripts\authentication.cs and path_to_your_wi_server\auth\serverscripts\authentication.cs

The code placement
Ok, now you know the down and dirty explanation and the code used to get the username and password. So, where do you put this code? One place you could use is the layout.ascx file located at path_to_your_wi_server\site\include. Layout.ascx is a user control that constructs the look and feel of the Web interface page after authentication (see this article for more information). Just place the code before the tag. Now you can use the variables strUsername and strPassword wherever you like in the code.

Putting it all together
Here is the final product

Layout.ascx

<%

PasswordBasedToken pbt = null;
AccessToken ac = authGetPrimaryAccessToken();
pbt = (PasswordBasedToken)ac;
string strUsername = ac.getShortUserName();
string strPassword = pbt.getPassword();
%>

<html>
<head>
  <meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8">
  <meta NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW, NOARCHIVE">
  <title><%=PageTitle%></title>
. . .

I hope this helps some of you out there trying to bring together disparate systems.