XenDesktop 7.0 Delegated Administration: Automated Security Testing

12:31 PM
XenDesktop 7.0 Delegated Administration: Automated Security Testing -


Overview

For the latest XenDesktop Version 7 we introduced the delegated administration functionality for managing your Citrix administrators. This new feature allows the creation of Citrix site administrators or with a pre-configured or customized role, allowing you to specify exactly what you want your administrators to be able to do it and not do. Delegated administration is between the administrator and the task they wish to perform to ensure this function works exactly as planned is integral to the security of your site.


The Group

actions validating your administrator can perform both with and without the authorization of a product as flexible XenDesktop is a monumental task. An administrative role may consist of any combination of the 91 licenses available, which in turn map to a subset of the SDK applets 500+ XenDesktop. An administrator can perform actions using either Studio or Citrix XenDesktop through the SDK (Powershell command line). Citrix studio facilitates achieving your wishes administrators tasks by intelligently building the necessary statements PowerShell so that your administrator does not have to. Unlike Citrix studio, using the SDK, "the administrators manually construct PowerShell instructions for execution in order to perform tasks.

tasks related to the monolithic security require the utmost precision and require an approach little room for error man. Add to that the Citrix desire to validate your administrator could perform tasks after every change introduced in XenDesktop pre-release, and you can begin to appreciate the magnitude of the task in hand. Provide a solution to a repetitive task requiring this level of accuracy can be treated according to viable next-Automation method.


The solution

here in Citrix we have developed a series of PowerShell tests dedicated to actions having your administrator can both with and without permission (including other related tests). The test suite performs tests related to following-permissions: -

  • Detection of XenDesktop Setup / all cmdlets available XenDesktop
  • The analysis of site conditions (make sure there are no objects that could affect the validity of the current test)
  • prerequisites (object (s)) for creating the cmdlet-under-test in progress (eg a desktop group the user's session, the catalog)
  • Configuring a test administrator without permission to run the cmdlet-under-test current
  • running the cmdlet-under-test current
  • validation error message returned (format validation, message content validation)
  • analysis of site conditions (phase - ensures that no changes were made to the site where a director has not been allowed to do it - this is done regardless of whether the previous error message returned was correct or not)
  • configuration of a test administrator assigning permission to run the cmdlet-under-test current
  • running the cmdlet-under-test current
  • analysis of 'Site condition (ensure that expected changes were made to the site - it also gives confidence in the previous test where test administrator was not awarded permission to run the cmdlet under test )
  • cleaning phase


Other tests

the test suite also performs tests following related: -

  • adhesion tests naming conventions (these tests ensure that the cmdlets and their corresponding operations are named according to our strict naming convention for associations to be easily identified)
  • runtime tests (ensuring execution time of the task is registered / completed within a reasonable time)

Email us @ @ citrix DesignEngineering .com

Tweet Choose us @CitDesEngTest

Previous
Next Post »
0 Komentar