Release Notes for Build 58.30 of Citrix ADM 13.0 Release
June 19, 2020|Release notes version: 2.0
This release notes document describes the enhancements and changes, lists the issues that are fixed, and specifies the issues that exist, for the Citrix ADM release 13.0 Build 58.30. See Release history.
Notes
- This release notes document does not include security related fixes. For a list of security related fixes and advisories, see the Citrix security bulletin.
- This build includes fixes for the following 1 issues that existed in the previous Citrix ADM 13.0 release build: NSADM-34417.
- The known issues section is cumulative. It includes issues newly found in this release, and issues that were not fixed in previous Citrix ADM 13.0 releases.
- The [# XXXXXX] labels under the issue descriptions are internal tracking IDs used by the Citrix ADC team.
Additional Changes/Fixes Available in Versions
Version 2.0
- Known Issues: NSADM-51422
What's New?
The enhancements and changes that are available in Build 58.30.
Analytics
- Title: View reports for bot signature updatesIn Bot insight, you can now view the bot signature updates in the Events History, when:- New bot signatures are added in Citrix ADC instances.- Existing bot signatures are updated in Citrix ADC instances.Navigate to Analytics > Security > Bot Insight and view the signature update summary under Events History.[# NSADM-40228]
- Title: View honeytrap bot details in bot insightIn Bot insight, you can now view bot attacks reported for honeytrap bots. To view honeytrap bots in Citrix ADM, you must configure the Honeytrap bot in Citrix ADC instance.To identify the honeytrap bots, a honeypot form script is enabled in web page and this script is hidden from human, but not to bots. Citrix ADM identifies and reports the honeytrap bots, when this script is accessed by bots.Click the virtual server and select Zero Pixel Request.[# NSADM-40229]
- Title: View captcha reports in Bot insightIn Bot insight, you can now view bot traffic occurred through CAPTCHA activities. In web pages, CAPTCHAs are designed to identify if the incoming traffic is from a human or an automated bot. To view the CAPTCHA activities in Citrix ADM, you must configure CAPTCHA as a bot action for IP reputation and device fingerprint detection techniques in a Citrix ADC instance. For more information, see [Bot management|https://docs.citrix.com/en-us/citrix-adc/13/bot-management.html].The following are the CAPTCHA activities that Citrix ADM display in Bot insight:- Captcha attempts exceeded – Denotes the maximum number of CAPTCHA attempts made after login failures- Captcha client muted – Denotes the number of client requests are dropped or redirected because these requests were detected as bad bots earlier with the CAPTCHA challenge- Human – Denotes the captcha entries performed from the human users- Invalid captcha response – Denotes the number of incorrect CAPTCHA response received from the bot or human, when Citrix ADC sends a CAPTCHA challenge[# NSADM-40230]
- Title: View service details in Service GraphIn Service Graph, hover the mouse pointer on a service and click a service to view the following options:- View Details- Transaction Logs - Enables you to view the HTTP and SSL over HTTP transaction details. For more information, see View Web transaction logs.The View Details option enables you to view:- The cluster name where the service is hosted.- The namespace and service labels of the service.- All associated incoming and outgoing services connected with the selected service.- Service key metrics in a graph format such as Hits, Service response time, HTTP errors, Data Volume, SSL frontend errors, SSL backend errors, TCP frontend errors, and TCP backend errors.Using these key metrics trends, you can analyze how the service is performing for the selected time duration. For more information, see [https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/application-analytics-and-management/view-service-details-service-graph.html][# NSADM-41297]
- Web Citrix Web App Firewall support in Citrix ADMThe following new Web Citrix Web App Firewall (WAF) protection policies are enabled in Security Insight, which highlight violation patterns for WAF:- APPFW_BUFFEROVERFLOW_QUERY- APPFW_BUFFEROVERFLOW_TOTAL_HDR[# NSADM-43541]
- Title: View application security violation detailsWeb applications that are exposed to the internet have become vulnerable to attacks drastically. Citrix ADM enables you to visualize actionable violation details to protect applications from attacks. Navigate to Security > Security Violations for a single-pane solution to:- Access the application security violations (HTTP Slow Loris, DNS Slow Loris, HTTP Slow Post, and NXDomain Flood Attack)- Take corrective actions to secure the applications[# NSADM-43673]
- Title: View SSL metrics in Transaction Summary panelThe web transaction analytics Transaction Summary panel now enables you to view SSL Frontend and SSL Backend metrics. Using these metrics, you can filter results and see transactions that have SSL errors.[# NSADM-43841]
- Title: Save search option in Web transaction analytics advanced searchThe advanced search option in the web transaction analytics now enables you to save the search queries. You can then click the saved search query from the list, instead of using the suggestions and operators again. To save a search query, click the bookmark icon, specify a name of your choice, and click Save.[# NSADM-43843]
- Title: View SSL metrics in Web transaction analyticsWhen you click a transaction in web transaction analytics, you can now view additional metrics for SSL transactions. From these metrics, you can analyze if the SSL errors occur from client or server.[# NSADM-43844]
- Title: Distributed TracingIn service graph, you can now use the trace information to:- Analyze the overall service performance- Visualize the communication flow between the selected service and its inter-dependent services- Identify which service indicates errors and troubleshoot the erroneous service- View transaction details between the selected service and its each inter-dependent service.[# NSADM-43976]
Applications
- Title: View Service Graph for applications (GSLB)You can now view GSLB applications in Service Graph to view:- How the application is configured (with GSLB application, data center, ADC instance, CS, and LB virtual servers)- End-to-end views from client to services- The data center name where the client requests are processed and the associated data center Citrix ADC metrics- The GSLB virtual server status such as Critical, Review, and Good. Citrix ADM displays the virtual server status based on the app score.- Critical (red) - Indicates when app score < 40- Review (orange) - Indicates when app score is between 40 and 75- Good (green) - Indicates when app score is > 75[# NSADM-43967]
GUI
- Instances indicate the deployment type with a notationIn ADM GUI, the instance IP addresses now indicate the deployment type. The following notations describe the deployment type:- In high-availability pair, P – Primary server and S – Secondary server.- C-Cluster- A-Autoscale GroupIf an Instance has no notation it indicates standalone deployment.[# NSADM-41859]
- A new Help panelA Help panel is introduced in the Citrix ADM GUI to provide information about the features in a particular GUI window . When you log on to the ADM software, click the question mark (?) on the upper right-hand corner of the screen to launch the Help panel.This Help panel includes options to view the following information:- Contextual help: Launch content specific to the UI screen you are viewing. Currently, this opens in a new browser tab and shows you context-sensitive content from product documentation.- Documentation: Launch the ADM service documentation overview page and navigate to any content you want.- Discussions forum: Launch the forum site to view what our community of experts are discussing.- How to buy: Launch the citrix.com site from where you can purchase ADM service.- Customer support: Launch the support site to contact our support team.[# NSADM-47512]
- A progress window for upgrade statusWhen you upgrade an ADM appliance, a window appears showing the status of the upgrade and the time left to complete the upgrade.[# NSADM-50098]
Hybrid and Multi-Cloud
- The ADM Autoscale groups support C5, M5, and C5n AWS instance typesTo enable high performance ADM autoscaling, AWS instance types C5, M5, and C5n are now supported for creating ADM Autoscale groups on AWS cloud.The ADM GUI auto-populates the recommended AWS instance types for the selected ADC version. See, [https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/hybrid-multi-cloud-deployments/autoscale-for-aws/autoscale-for-aws-configuration.html#create-autoscale-groups]For more information on AWS instance types, see [https://aws.amazon.com/ec2/instance-types/][# NSADM-40089]
- Title: Deploy internal applications in an Autoscale groupYou can now deploy both internal and external applications in an Autoscale group to use ADM autoscaling solution. Earlier, you could deploy only external applications.For more information, see the following links:[# NSADM-47520]
Networks
- Title: Ability to view all applications but edit only a subset of applicationsWhen an administrator adds a user to a group that has different access policy settings, the user is mapped to more than one authorization scopes and access policies.In this case, the ADM grants the user access to the applications depending on the specific authorization scope.Consider a user who is assigned to a group that has two policies Policy-1 and Policy-2.- Policy-1 – View only permission to applications.- Policy-2 – View and Edit permission to applications.Now, the user can view applications specified in Policy-1. Also, this user can view and edit the applications specified in Policy-2. The edit access to Group-1 applications are restricted as it is not under Group-1 authorization scope.Earlier, the ADM considered the union of all group permissions to authorize a user. Based on the above mentioned example, the user could view and edit all the applications from Group-1 and Group-2. Because of this permission, the user could edit the resources that were not primarily authorized by the access policy.For more information, see https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/access-control/role-based-access-control/rbac-configuring-groups.html#how-user-access-changes-based-on-the-authorization-scope[# NSHELP-5854]
- New columns added in SSL DashboardNew columns are added to the following tabs in SSL Dashboard:- SSL Certificates – The Key Strength column is added. You can filter SSL certificates using the Key Strength value.- SSL Protocols – The Protocol Type column is added. You can filter SSL protocols using the protocol type.[# NSADM-42191]
- Title: Execute custom scripts before and after the upgrade maintenance jobWhen you upgrade your ADC instance by creating a maintenance job, ADM performs pre-validation check on the instances that you want to upgrade. The Pre-upgrade validation tab checks the following on the selected instances:- Checks for customization.- Checks the disk usage and displays an error if the disk space is low.- Checks for disk hardware issues.You can remove the failed instances and proceed to create an upgrade maintenance job.In Custom Scripts, specify custom scripts to execute before and after an instance upgrade.[# NSADM-43328]
- Title: Upload the upgrade image to an instance during job executionIf you schedule an upgrade maintenance job, you can decide when you want to upload an upgrade image to an ADC instance. In Create Job, choose one of the following:- Upload Now – This option uploads the image to an instance immediately.- Upload at the time of execution – This option uploads the image to an ADC instance when the ADM executes the scheduled upgrade maintenance job.[# NSADM-44855]
- Title: Support for IPAM in ADMADM supports IP address management (IPAM) to auto-assign and release IP addresses in ADM managed configurations. You can assign IPs from networks or IP ranges defined using the following IP providers:- ADM built-in IPAM provider.- Infoblox IPAM solution. For more information, see [https://www.infoblox.com/products/ddi/]Currently, you can use ADM IPAM in:- StyleBooks: Auto-Allocate IPs to virtual servers when you create configurations.- Kubernetes Ingress: Auto-assign a virtual IP address to an Ingress configuration in a Kubernetes cluster.You can also track the allocated and available IP addresses in each network or IP range managed by ADM.[# NSADM-48377]
- Title: View ADC capacity issues in ADMWhen an ADC instance has consumed most its available capacity, packet-drop may occur while processing the client traffic. This issue causes low performance in an ADC instance. By understanding such ADC capacity issues, you can allocate additional licenses proactively to steady the ADC performance.The ADM polls these events every five minutes from the ADC instance and displays the packet drops or rate-limit counter increments if exists. The issues are categorized on the following capacity parameters:- Throughput Limit Reached – The number of packets dropped in the instance after the throughput limit is reached.- PE CPU Limit Reached - The number of packets dropped on all NICs after the PE CPU limit is reached.- PPS Limit Reached – The number of packets dropped in the instance after PPS limit is reached.- SSL Throughput Rate Limit – The number of times the SSL throughput limit reached.- SSL TPS Rate Limit – The number of times the SSL TPS limit reached.When packets drop or rate-limit counter increments, an event is generated under the ADCCapacityBreach category. To view these events, navigate to Accounts > System Events.[# NSADM-40183]
Orchestration
- Title: Support for Citrix annotations to deploy an Ingress configurationWhen you add content routing rules to an Ingress Configuration, you can now include the following Citrix annotations in the ADM GUI:- LB Method – Select the preferred load-balancing method to the selected Kubernetes service.- Persistence Type – Select the preferred load-balancing persistence type to the selected Kubernetes service.After adding the content routing rules, you can view the selected LB method and persistence type in the Ingress specification. Review and deploy the Ingress YAML configuration.[# NSADM-48414]
StyleBooks
- New properties introduced to filter configuration packsIn *Applications > StyleBook> Configurations*, you can now filter configuration packs using the following properties:* ConfigPack ID* ConfigPack Key* Target Instances[# NSADM-42248]
- Tilte: Authorize specific configuration packs to a userAs a group administrator, you can now select specific configuration packs without selecting the corresponding Stylebook, to grant access to a user. Earlier, you must select a StyleBook to provide user authorization to configuration packs. And, the user could access all configuration packs that are part of the authorized StyleBook.[# NSADM-42515]
- Edit the deployment attributes in the StyleBooks configuration builderThe StyleBooks configuration builder helps you create an application configuration StyleBook and a configuration pack from an existing ADC configuration. The configuration builder also automates the migration of application configuration from one ADC instance to another instance.The configuration builder wizard now allows you to edit the deployment attributes of a selected application before creating a StyleBook and a configuration pack. You can edit attributes such as the IP address and port value of the virtual servers, services, and service group members.After the application is created and migrated, a configuration pack is created in Citrix ADM along with its corresponding StyleBook. This configuration pack has the new IP addresses and ports values. To view the created configuration pack, navigate to *Applications > StyleBooks > Configurations*.[# NSADM-44197]
- Improved StyleBooks error message displayThe ADM GUI displays an error message if you import a StyleBook that has StyleBook grammar errors. Some error messages are now better structured to display the error details. The error details now include Error, Fix, Code, Name, and more details depending on the error types. When the Fix field is present, it provides a hint on how to resolve the issue.[# NSADM-44274]
- Title: Validate the StyleBook contents before you import to ADMWhen you compose a StyleBook in ADM YAML editor, you can now continuously check for the StyleBook grammar errors without importing the StyleBook to ADM.If there are errors in the StyleBook content, the ADM GUI displays the error details. You can correct the indicated errors and continue editing. After the validation is successful, import the StyleBook to ADM.[# NSADM-47978]
- Title: Audit ADC configuration against ADM ConfigPackIn StyleBooks > Configurations, you can now explicitly compare the configuration created by the ConfigPack to the actual current ADC configuration. With this feature, you can do the following:- Detect any configuration drift between StyleBook configpack and ADC configuration..- In case of a drift, identify the specific ConfigPack configuration objects that have been modified or deleted on the ADC.To compare the configpack changes to the ADC configuration, click Configuration Audit on the desired configpack.[# NSADM-45866]
- StyleBooks configuration displays a new columnIn Applications > StyleBooks > Configurations, a StyleBook Configuration (configpack) now displays the last updated time of a ConfigPack.[# NSADM-45811]
System
- Title: Apply license to virtual servers using a policyIn Licensing and Analytics, you can now configure a policy to apply license to virtual servers. Earlier, you could only apply licenses to virtual servers either manually or automatically. You can now apply license by using a policy or manual or automatic.By using policy, you can control the number of virtual servers you want to auto-license. And, apply license to selected instances’ virtual servers only.When you edit a policy, you can specify the following:- Set virtual servers limit on CPX instances separately to apply licenses. The ADM applies license to virtual servers on CPX instances up to a specified limit.- Set virtual servers limit on selected ADC instances (MPX/VPX/BLX) to apply licenses. The ADM applies licenses to virtual servers on ADC instances up to a specified limit.- Select the priority ADC instances to apply virtual server licenses. Therefore, the ADM can apply license to selected instances’ virtual servers only.The Auto licensed virtual servers and Auto-select non addressable virtual servers options are now independent. Earlier, you could enable Auto-select non addressable virtual servers only if you enable Auto licensed virtual servers.[# NSADM-35724]
- Configure maintenance scriptsMaintenance scripts are used to resolve database-related issues on ADM on-premises deployments. With this new feature, the ADM software automatically downloads the database maintenance scripts from ADM service, providing faster resolution for database-related issues. Earlier, these issues were resolved by manually executing the scripts.Maintenance scripts execute on daily and weekly basis. Also, the scripts might create tables or add or remove columns to improve database performance.Note: Ensure to configure Customer Identity to use maintenance scripts. When you successfully configure Customer Identity, the cloud connect icon appears in green color. Otherwise, it appears in red color, click the cloud connect icon to configure Customer Identity.[# NSADM-44001]
- Customer User Experience Improvement Program (CUXIP)Customer User Experience Improvement Program (CUXIP) is enabled by default. This program collects the usage-data from Citrix ADM. This data allows optimizing the ADM experience through guided work flows, search articles, product notifications, feedback, surveys, and so on.[# NSADM-45421]
Fixed Issues
The issues that are addressed in Build 58.30.
Analytics
- HDX and Gateway active sessions data rarely displays inaccurate insights. This issue might occur for less than two minutes.[# NSADM-34417, NSADM-34496, NSADM-43169]
- When you disable analytics on all managed ADC instances, the ADM loses the logstream connection with the instances. As a result, the Application Dashboard might miss some information for a few seconds.[# NSADM-48387]
- If you enable Client Side Measurement on ADC instances AppFlow, the Citrix ADM afdecoder process fails.[# NSHELP-21462]
- In Analytics > Web Insight > Clients, the World tab displays no data. This issue occurs because geo_support flag is not enabled on cluster nodes. And, this flag is enabled only on the cluster IP address.[# NSHELP-21827]
- The mas_service process consumes high memory if the following conditions are met:- Enabled database cache.- Access high number of analytics reports.[# NSHELP-21930]
- The analytics data do not appear if the following conditions are met:- The hourly data is configured for 15 days.- Upgrade ADM to 12.1.53.12 version.[# NSHELP-21989]
- In Clients and Applications Web Insight, the filter does not apply the selected SSL details in the request parameter.[# NSHELP-22007]
- In HDX Insight, a duplicate region appears for the client IP records that have different case styles in the region name (example: camel case and upper case).[# NSHELP-22519]
High Availability
- After you break and rejoin an ADM high-availability pair, the SNMP and syslog configurations for the secondary ADM do not clear from the ADC instances. Therefore, ADC instances send traffic to the HA pair and separately to secondary ADM. As a result, the data duplicates appear in ADM.[# NSADM-46794]
Networks
- The scheduled configuration job executes at the scheduled time even if it is in the draft state.[# NSHELP-22004]
- The configuration job template process incorrectly if the possible values have comma in choice variables.[# NSHELP-21619]
- A maintenance job fails to convert an ADC high-availability pair to two-node cluster.[# NSADM-53528]
- When you export a CSV report for all performance reports including load balancing virtual servers report, the exported report appears blank.[# NSHELP-22465]
- When you export a CSV report from Networks > SSL Dashboard > SSL Certificates-Used, the report is missing the domain information.[# NSHELP-22259]
- In ADM, the applications are independent of their instances to grant user access. The ADM GUI doesn't alert when you grant access to applications without selecting their instances.[# NSHELP-22369]
- When you select the edit option in the Networks > Instance Groups page, the ADC high-availability pairs are missing.[# NSHELP-22056]
StyleBooks
- The StyleBook importing fails in ADM if the nodefaultbindings property is set on one of the following NITRO resources:- lbvserver- csvserver- crvserver- serviceThis issue occurs when the imported Nitro namespace in a StyleBook (netscaler.nitro.config) is set to 13.0.[# NSADM-50497]
System
- ADM fails to send SNMP traps to the external destination server.[# NSHELP-22085]
- When you attach a secondary disk to the ADM server, the ADM attempts to copy data from the primary to secondary disk even though it is empty.With this fix, the following message appears only when the secondary disk is attached:"Copying data to new disk /var/mps/"Therefore, the subsequent restarts do not fail.[# NSHELP-21844]
- Configuration Audit feature does not work if the admin partition name has spaces in it.[# NSHELP-22001]
- The connection times out between ADM and an instance if SSH login takes more than 15 seconds. Ensure to increase the timeout duration using the following command in the /mps/mas_config.properties file:ssh_connection_timeout = <timeout-duration>After you increase the timeout duration restart the masd process. You can set the timeout duration up to 60 seconds.[# NSADM-47590]
- When you attach a secondary disk, the following issues occur:* ADM displays an incorrect disk size.* Disk partition utility becomes unresponsive and a message appears: "Waiting for processes to stop."[# NSHELP-22403]
- When ADM polling fails to download the SSL certificate of an instance because of thread unavailability, the subsequent polling also fails to download the certificate.[# NSHELP-22726]
- An ADM server might crash if you enable Client Side Measurements in the managed ADC instance.[# NSHELP-22890]
Known Issues
The issues that exist in release 13.0.
Analytics
- In HDX Insight > Instances, the host name sometimes displays the secondary ADC node host name instead of primary ADC node.[# NSHELP-23211]
High Availability
- When the secondary node of a Citrix ADM high-availability pair is down, forced failover is allowed.[# NSADM-30424]
- Memory consumption of an ADM primary node crosses 80% because of the ADM high-availability monitoring process "mas_hb_monit".[# NSHELP-22071]
Orchestration
- If you are using OpenStack Queens for LBaas workflow, the Load Balancing virtual server is not bound to Content Switching virtual server. This issue impacts the traffic.Workaround:1. Create a pool with Load Balancing virtual server.2. Create a listener with the pool ID.If you already have a listener, update the listener with the pool ID.[# NSADM-36631]
- When you create a member on OpenStack Lbaas using ADM orchestration, the member creation fails on OpenStack intermittently. This issue happens when a proxy request from ADM to orchestration services times out after 30 seconds.With this fix, the request timeout for orchestration APIs has increased to 120 seconds.[# NSHELP-21490]
System
- The following error might appear when a user tries to access an instance:“Not authorized to access.”This error appears even if the user has permission to that instance.[# NSADM-10606, NSADM-12260, NSADM-12409, NSADM-14914]
- When you try to generate a tech support file from ADM GUI (System > Diagnostics), an error message appears and the file is not generated.Workaround: Log on to ADM CLI, switch to the shell prompt by running the "shell" command, and then run the following command to generate the tech support file:/mps/scripts/techsupport.pl[# NSADM-51422]
- The ADM GUI alerts you about misconfiguration in the VLAN tag. You can ignore this alert If the VLAN tag configuration is correct on both ADC and the peer device.[# NSHELP-22880]
What's New in Previous Citrix ADM 13.0 Releases
The enhancements and changes that were available in Citrix ADM 13.0 releases prior to Build 58.30. The build number provided below the issue description indicates the build in which this enhancement or change was provided.
Analytics
- Enhanced infrastructure analytics with new indicatorsUsing the Citrix ADM Infrastructure Analytics, you can:- View a new set of operational issues that occur in Citrix ADC instances.- View error messages and check recommendations to troubleshoot the issues.As an administrator, you can quickly analyze the root cause of issues. Navigate to Networks > Infrastructure Analytics to view the following issues:- Port allocation failure- No default route configuration- IP conflict- VRID conflict- VLAN mismatch- TCP small window attack- GSLB site name mismatch- Rate controlled threshold- Malformed IP header- Bad L4 checksums- Increased CPU usage due to IP move- Excessive packet steering- Layer 2 loop- Tagged VLAN mismatch[From Build 47.22][# NSADM-30188]
- Intelligent App AnalyticsIntelligent App Analytics enables you to identify application performance issues. As an administrator, you can analyze performance issues faster. When you double-click an application, you can now view Session build-up events in the App Activity Investigator:[From Build 47.22][# NSADM-33674]
- View analytics for bot attacksYou can now view insights for the bot detection settings configured on your Citrix ADC instances. To view bot insights, you must enable Bot Insight. Navigate to Analytics > Bot Insight to view bot attacks for your Citrix ADC instances.[From Build 47.22][# NSADM-36648]
- Highlight violation patterns for Web Citrix Web App Firewall (WAF)You can now get details of attacks such as http headers and http payload to troubleshoot or analyze the attacks. To get details of attacks, you must update the "VerboseLogLevel" in Citrix Web App Firewall profile, using the following command:"Set appfw profile <profile_name> -VerboseLogLevel (pattern|patternPayload|patternPayloadHdr)"- pattern - Only violation pattern is logged- patternPayload - Violation pattern + 150 bytes of payload are logged- patternPayloadHdr - Violation pattern + 150 bytes of payload + http request headers are loggedBased on the "VerboseLogLevel" configuration, Citrix ADM displays the detailed log expression records.For more information, see Highlight violation patterns for Web Citrix Web App Firewall (WAF) section in Security Insight topic.[From Build 41.28][# NSADM-37409]
- WAF JSON parse support in Citrix ADMYou can now view the following JSON protection policies in security insight, which highlight violation patterns for Web Citrix Web App Firewall (WAF):- APPFW_JSON_DOS_MAX_DOCUMENT_LENGTH,- APPFW_JSON_DOS_MAX_CONTAINER_DEPTH,- APPFW_JSON_DOS_MAX_OBJECT_KEY_COUNT- APPFW_JSON_DOS_MAX_OBJECT_KEY_LENGTH- APPFW_JSON_DOS_MAX_ARRAY_LENGTH- APPFW_JSON_DOS_MAX_STRING_LENGTH- APPFW_JSON_SQL- APPFW_JSON_XSS[From Build 47.22][# NSADM-37728]
Application
- Service Graph for cloud native (Kubernetes) appsUsing the ADM Service Graph feature in Citrix ADM, you can:- Observe your application overall performance end to end.- Identify bottlenecks created by inter-dependency of different components of your applications.- Gather insights into the dependencies of different components of your applications.- Monitor services within a Kubernetes cluster.- Monitor which service has issues.- Check the factors contributing to performance issues.- View detailed visibility of service HTTP transactions.- Analyze the following metrics:- Total number of hits- Service response time- Data volume- Errors[From Build 47.22][# NSADM-34753]
Applications
- An improved application dashboardUsing the application dashboard, you can now view the following new features:- Application status (Critical, Fair, Good, and Not Applicable)- Details of the application (load balancing or content switching) configuration- Details of services associated with the selected application- Metrics details for the selected application, such as application response time, throughput, requests per second, error percentage, total connections, and data volume in the form of graph- All issues applicable for the selected application[From Build 52.24][# NSADM-32894]
- Performance indicators in app analyticsCitrix ADM intelligent app analytics now shows the following new application performance indicators that occur in Citrix ADC web application:- Improper Persistence Type- Unstable Server (5xx)- Session Reuse Recommendation (SSL)- SSL Real Time Traffic- Unusually large HTTP headers- TCP reassembly queue limit hits- SurgeQueue BuildupYou can view these application issues by navigating to Applications > Dashboard and then by selecting an application.[From Build 52.24][# NSADM-39779]
- View ingress and client metrics in Service GraphIn Service Graph, the network map is now displayed with services connected through an Ingress. You can now view:- The average time taken by ADC instances (MPX, VPX, and CPX) to process the requests.- The client RTT for the communication between client and Ingress.[From Build 52.24][# NSADM-41287]
- Configure thresholds in Service GraphAs an administrator, you can now configure thresholds for Kubernetes services. Citrix ADM displays the service status (Critical, Review, and Good) based on the service response time and error count. By default, you can view the default threshold (service response time = 200 ms and error count = 0) applied to all services.[From Build 52.24][# NSADM-41290]
- View TCP metrics for services in Service GraphIn Service Graph, apart from HTTP transaction details, you can now view TCP services dependencies and metrics. In addition, Service Graph displays the protocol type used by the services. Using the TCP metrics, you can:- View TCP connection details between services- Determine if TCP-related issues are from the source or destination service[From Build 52.24][# NSADM-41295]
- View SSL metrics for services in Service GraphIn Service Graph, apart from HTTP transaction details, you can now view SSL services dependencies and metrics. In addition, Service Graph displays the protocol type used by the services. Using the SSL metrics, you can:- View if the SSL error is from the source or destination service- View the SSL protocol version used by SSL services[From Build 52.24][# NSADM-41296]
- Service Graph for applicationsUsing the Service Graph feature from the application dashboard, you can view:- Details on how the application is configured (with content switching virtual server and load balancing virtual server)- End-to-end transaction (from client to server/service)- The location from where the client is accessing the application- Metrics details for client, server/service, and virtual servers- If the errors are from the client or from the service- The service status such as Critical, Review, and Good. Citrix ADM displays the service status based on service response time and error count.[From Build 52.24][# NSADM-41898]
Citrix ADC pooled capacity licensing
- New values for SDX minimum bandwidth and minimum instancesThe minimum bandwidth and minimum instances values for SDX appliances that support Citrix ADC pooled capacity have changed. For more information, see:[From Build 41.28][# NSSVM-2770]
Deployment
- VMotion support for Citrix ADMCitrix ADM now supports VMware VMotion that enables you to migrate an active virtual machine from one server to another server.Follow these usage guidelines:- VMware does not support the vMotion feature on virtual machines configured with PCI Passthrough and SR-IOV interfaces.- Only ADM version 13.0 build 47.x or later are supported.- For more information about how to migrate an instance by using VMware vMotion, see VMware documentation.[From Build 47.22][# NSADM-31898]
High Availability
- A simplified option to create an ADC HA pairThe steps required to create an ADC HA pair from Citrix ADM has been reduced. You can quickly create an ADC HA pair by selecting an instance in the Networks > Instances > Citrix ADC page. Previously, you could create an ADC HA pair only by using a maintenance job. Now you can either select the instance or use a maintenance job to create an HA pair.[From Build 52.24][# NSADM-42947]
- Server statistics of the secondary ADM serverIn a Citrix ADM high-availability pair, like the primary server, now the secondary server also displays server statistics. You can monitor the CPU, memory, and disk usage of the secondary server. Navigate to System > Deployment to see the statistics of the high availability servers.[From Build 41.28][# NSHELP-18706]
Hybrid and Multi-Cloud
- Support for the autoscaling of Citrix ADC instances deployed in Microsoft AzureThe Citrix ADM autoscaling now supports scaling of Citrix ADC instances in Microsoft Azure. The Citrix ADM autoscaling adds or removes Citrix ADC cluster nodes deployed in Azure depending on the actual usage of network resources. The Citrix ADM collects statistics (CPU usage, memory usage, and throughput) from the autoscale provisioned clusters. These statistics are evaluated against the customer-configured threshold value. Depending on the statistics, scale out or scale in is triggered. Scale-out is triggered when the statistics exceed the maximum threshold. Scale-in is triggered when the statistics are operating below the minimum threshold.The advantages of the autoscaling features are:- Ensures that the application is up and running all the time irrespective of traffic demands.- Citrix ADC instances are added and removed dynamically making to a zero-touch manual configuration.- DNS management is automatic.- Enables better cost management.[From Build 41.28][# NSADM-24780]
- Azure Availability Set support for Citrix ADM autoscale groupsWhen you create an autoscale group on Citrix ADM to autoscale Citrix ADC VPX instances deployed on Azure cloud, now you can select either Availability Set or Availability Zone. Previously, Availability Zone was the only option.[From Build 52.24][# NSADM-36646]
Licensing
- Configure pooled capacity license on Citrix ADC FIPS instancesNow you can configure pooled capacity license on Citrix ADC MPX and VPX FIPS instances.[From Build 52.24][# NSADM-31742]
- Check out licenses from ADM for ADM autoscale groupsNow you can use the ADC licenses in the Citrix ADM software to the ADM autoscale groups provisioned Citrix ADC instances.A new License tab is available in the Create AutoScale Group page. This tab allows you to configure pooled capacity, VPX licenses, and virtual CPU licenses while creating the autoscale group. So, when a new instance is provisioned for autoscale group, the already configured license type is automatically applied to the provisioned instance.When the provisioned instances are destroyed or de-provisioned, the applied licenses are automatically returned to Citrix ADM.Earlier, you could only configure Citrix ADC licenses available in respective cloud marketplace while creating the autoscale group. So, when a new instance is provisioned for the autoscale group, the license is obtained from its cloud marketplace.For more information, see the below links:[From Build 47.22][# NSADM-33025]
- Name changes for license typesThe existing license names, Standard, Enterprise, and Platinum have been changed to Standard, Advanced, and Premium respectively.[From Build 41.28][# NSADM-36694]
- Bandwidth details in pooled capacity licensing notificationExpiry notification for ADM pooled capacity licensing now includes bandwidth details. You can see the bandwidth that is about to expire out of the total pool. Previously, the bandwidth details were available only in the GUI. Note that to get expiry notification, you must configure the ADM service. For more information, see:[From Build 52.24][# NSADM-39332]
- Expiry notification for check-in check-out licenseWhen you log on to the ADM service, a system alert message is displayed if your check-in check-out license is about to expire. To get the alert, you must configure license notification. For more information about how to configure, see:[From Build 52.24][# NSADM-42655]
- Update a licensing server IP addressYou can update the licensing server IP address in the VPX instance, without any impact on the allocated license bandwidth on the instance and data loss. For information, see https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/license-server/adc-vpx-check-in-check-out.html#update-a-licensing-server-ip-address[From Build 47.22][# NSCONFIG-1974]
Networks
- Automatic discovery of entitiesWhen you add an entity on a Citrix ADC instance configured on Citrix ADM, the entity is displayed on the ADM automatically within 10 minutes. And, any change in the entity is reflected on the ADM immediately.For this feature to work, SNMP must be enabled for the ADC instance through the ADM. To enable SNMP, from the ADM GUI, navigate to Networks > Instances > Citrix ADC. Select the instance, click the Select Action menu, and click Configure SNMP.Also, if you configure virtual servers in bulk on the Citrix ADC instance, some of the virtual servers appear automatically within 10 minutes. The other virtual servers might take longer time to appear (up to 20 mins).[From Build 41.28][# NSADM-23622]
- Support to add Citrix ADC BLX instances in Citrix ADMNow you can manage Citrix ADC BLX instances by using Citrix ADM. Citrix ADC BLX appliance is a lightweight software package, which runs on your preferred server hardware.[From Build 41.28][# NSADM-29983]
- Enable analytics in partitions through Logstream as Transport ModeWhen you create admin partitions on your managed instances, you might want to view analytics reports on Citrix ADM for each admin partition separately. Citrix ADM earlier displayed consolidated analytics reports based on the IP address of the instances and used IPFIX as the Transport Mode. You can now select Logstream as the Transport Mode to get analytics reports for admin partitions.[From Build 41.28][# NSADM-30252]
- GSLB Service Groups tabThe Citrix ADM GUI now displays the Service Groups tab under Networks > Network Functions > GSLB. Under this tab, you can see all the service groups for the discovered instances on the ADM. By using the Service Groups tab, you can perform tasks such as enabling and disabling a service group entity, and checking the members and virtual servers bound to that entity. Also, you can poll the entity to get its latest status.[From Build 41.28][# NSADM-31514]
- Customize rollback commands to create configuration jobsWhen you create a configuration job, you can now specify the desired rollback commands to execute on command failure. You can enable the customize rollback option by navigating to Networks > Configuration Jobs.[From Build 47.22][# NSADM-31710]
- Apply virtual server licenses and enable analytics in a single workflowThe process of licensing virtual servers and then enabling analytics on the licensed virtual servers has been simplified. Earlier, to enable analytics for any virtual server, you must navigate to Networks > Instances > Citrix ADC, and then select the virtual server to enable analytics. If virtual servers are not licensed for an instance:- You must first license the virtual server by navigating to Licenses > System Licenses.- Then, again navigate to Networks > Instances > Citrix ADC to enable analytics for the virtual server.Citrix ADM now eliminates this dual process and enables you to license virtual servers and apply analytics in a single workflow. For more information, see Enable analytics in Virtual Servers in documentation.[From Build 41.28][# NSADM-32893]
- Signature rule notification in Citrix ADMSignature-based threat indicates the detection of known threats based on the signature assigned. Whenever you add a signature object to the Citrix ADC Web AppFirewall, Citrix ADM sends notifications through email, slack, PagerDuty, event message, and security insight.When you create an event rule in Citrix ADM, you can now view a new category called appFwNewSignatureAdded. To enable notifications for new signature objects added to Citrix ADC Web AppFirewall, create an event rule by selecting appFwNewSignatureAdded as Category.[From Build 41.28][# NSADM-34153]
- Schedule autoscale group upgradeYou can schedule upgrade of ADC instances that are part of the ADM autoscale group, in Azure and AWS cloud.[From Build 47.22][# NSADM-34285]
- View the file status audit reportsUsing the Citrix ADC File Status chart, you can monitor whether any files are added, modified or removed in the nsconfig folder. For example, if the license file is updated on an ADC instance, you can check when this file was last updated and take actions appropriately.[From Build 47.22][# NSADM-36469]
- Support for TLS 1.3Citrix ADM software now supports the TLS 1.3 protocol, protocol under SSL Dashboard. In the ADM GUI, the new protocol appears under Networks > SSL Dashboard > SSL Protocols. Also, TLS 1.3 is listed in “Recommended SSL Protocols”, under SSL Dashboard > Settings > Enterprise Policy. For information, see https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/analytics/ssl-insight.html[From Build 52.24][# NSADM-42205]
- View instance details in Infrastructure AnalyticsIn infrastructure analytics, when you click an instance IP address, you can now view the following details in the Overview tab:- Instance score, issue categories affecting the instance score, and other instance details.- Key metrics of the instance such as CPU usage, memory usage, throughput, HTTPs requests/sec, TCP connections, and SSL transactions.- Details of all issues that affect the instance score.[From Build 52.24][# NSADM-42276]
- Rename configuration templatesYou can now rename custom audit templates in Citrix ADM.[From Build 52.24][# NSADM-42945]
- New default polling time for network function entitiesThe default polling time of network function entities has changed from 30 to 60 minutes. Now, Citrix ADM automatically polls configured network function entities every 60 minutes.[From Build 52.24][# NSADM-44078]
- Generate network reports for load balancing servicesYou can now create a network reporting dashboard for load balancing services. This dashboard can display the following reports for the selected services:- Connections: for the client and server connections counters.- Throughput: for request and response bytes counters.- Time to First Byte (TTFB): for average time taken to send a request packet to a service and receive the first packet from the service. This response time is called as TTFB.[From Build 47.22][# NSHELP-18228, NSADM-39859]
- Search audit log messages by using filtersNow you can use filters to search syslog messages and audit log messages to narrow down your results and find exactly what you are looking for and in real time.To search syslog messages for all ADC instances present in the ADM software, from the ADM GUI, navigate to Networks > Events > Syslog Messages. The new filter categories are instance, module, event, severity, and message.To search all ADM system audit log messages present in the ADM software, from the ADM GUI, navigate to navigate to Account > Audit Log Messages. The new filter categories are instance, module, event, severity, and message.To search audit log messages for all applications present in the ADM software, from the ADM GUI, navigate to Networks > Network Functions > Auditing. The new filter categories are source, event, severity, and message.To search audit log messages for the a specific application in the ADM, from the ADM GUI, navigate to navigate to Application >Dashboard and select the virtual server for which you want search the audit log messages. Next, click the Audit Log tab. The new filter categories are source, event, severity, and message.[From Build 41.28][# NSHELP-18369]
- Authorize network function entities to a userAs an administrator, you can select specific network function entities and grant access to a user. With this option, you can manage the user access at an individual level of network function entities. You can dynamically assign specific permissions to the user or group at the entity level.Citrix ADM treats virtual server, services, service groups, and servers as network function entities.- Virtual server (Applications) - Load Balancing(lb), GSLB, Context Switching (CS), Cache Redirection (CR), Authentication (Auth), and Citrix Gateway (vpn)- Services - Load balancing and GSLB services- Service Group - Load balancing and GSLB Service groups- Servers - Load balancing Servers[From Build 47.22][# NSHELP-6078]
- New optional fields to view Citrix ADC instances from Citrix ADM.The following new optional fields are added for viewing Citrix ADC instances from Citrix ADM. To select these fields, go to Citrix ADM GUI > Networks > Instances > Citrix ADC, and click the settings icon.- HA Master State- HA Sync Status- Admin Profile- Health- Uptime- Model ID- Packet Engines- SSL Cards- CPU- Hardware Version- LOM Version- Host ID- Serial Number- Encoded Serial Number- UUID[From Build 41.28][# NSHELP-6170]
- A new column for secondary instance statusIn the Citrix ADM GUI, now you can check the status of the secondary instance of a high-availability pair, under Networks > Instances. For example, when you click Citrix ADC, you see a new column for secondary instance status. The Citrix ADM GUI displays the secondary instance status on the instance overview page. You can view the status both under the Secondary Node State column and the Dashboard page.[From Build 52.24][# NSHELP-6236]
- View Citrix ADC configuration drift in two modesIn the Citrix ADM GUI, you can now view the configuration drift in two modes.Template vs. Running: The ADM software compares the audit template configuration with the running configuration on the instance.Template vs. Running and Running vs. Template: The ADM software compares the configuration from both ways.- Compares the audit template configuration with the running configuration on the instance.- Compares the running configuration on the instance with the audit template.After comparison, the Citrix ADM GUI displays the difference between the audit template and the running configuration. Also, the GUI displays the commands to correct the running configuration to the audit template.By default, the Template vs. running drift setting is selected.[From Build 52.24][# NSHELP-6463]
- Rename configuration jobsYou can now rename custom configuration jobs in Citrix ADM.[From Build 52.24][# NSHELP-6488]
- View and download Citrix ADC SSL certificatesThe Citrix ADM GUI displays all SSL certificates of the discovered Citrix ADC instances. To view and download SSL certificates of ADC instances, navigate to the Networks > SSL Dashboard > SSL Certificate files on Citrix ADC page.[From Build 52.24][# NSHELP-6556]
- Execute a configuration job on a Citrix ADC secondary nodeIn a Citrix ADC high-availability pair, now you can select either the primary node or the secondary node or both the nodes to execute a configuration job. If you don’t specify the node, the configuration job executes automatically on the primary node.Earlier, you could execute configuration jobs only on the primary node.[From Build 52.24][# NSHELP-6567]
- Support for new Citrix ADC SDX hardware platformsThis release now supports the following new platforms:- Citrix ADC SDX 15000. For more information, see https://docs.citrix.com/en-us/citrix-hardware-platforms/sdx/hardware-platforms/sdx-15000.html- Citrix ADC SDX 26000. For more information, see https://docs.citrix.com/en-us/citrix-hardware-platforms/sdx/hardware-platforms/sdx-26000.html- Citrix ADC SDX 26000-50S. For more information, see https://docs.citrix.com/en-us/citrix-hardware-platforms/sdx/hardware-platforms/sdx-26000-50s.html[From Build 51.10][From Build 52.24][# NSPLAT-12815]
Orchestration
- Manage Kubernetes Ingress configurations on multiple clustersKubernetes uses the Ingress feature through which the client traffic accesses the microservices of an application. The Citrix ADC instances can act as Ingress to the applications running inside a Kubernetes cluster. The Citrix ADC instances become load balancer and proxy to the (North-South) traffic from the clients to the microservices inside the Kubernetes cluster. And, the instances update the endpoints for the microservices as and when they change in the Kubernetes environment.[From Build 47.22][# NSADM-40847]
StyleBooks
- Support for adding labels to StyleBooksYou can now add labels to any StyleBook in Citrix ADM. Labels are key-value pairs that allow you to group StyleBooks using different criteria. You can use these labels while searching or filtering StyleBooks in Citrix ADM.[From Build 41.28][# NSADM-34877]
- Create Citrix ADC configurations using Citrix StoreFront StyleBookThis StyleBook helps you create and manage Citrix ADC configurations for Citrix StoreFront applications.[From Build 41.28][# NSADM-36094]
- Migrate an application configuration to a different StyleBook on App DashboardYou can now migrate a configpack from the existing StyleBook to another StyleBook on the App Dashboard page. This feature is applicable only for the applications created using a StyleBook.[From Build 41.28][# NSADM-37996]
- Simplified migration of Citrix ADC application configuration using StyleBooksNote: This feature is in tech preview.The StyleBooks Configuration Builder helps you create a Citrix ADC application configuration StyleBook from an existing ADC configuration. This feature also automates the application configuration migration from one Citrix ADC instance to another instance. You start the migration by specifying one of the following configuration sources:- A Citrix ADC instance – This option discovers the active applications on the selected ADC instance.- A set of CLI commands – This option analyses the CLI commands and extracts the applications within.After the source is specified, ADM discovers all the applications found in the source. You can then select the application configuration that you want to migrate to the target ADC instance. For more information, see https://docs.citrix.com/en-us/citrix-application-delivery-management-software/13/stylebooks/migrate-citirx-adc-application-configuration-using-stylebooks.htmlAfter migration, a ConfigPack is created in Citrix ADM along with its corresponding StyleBook. To view the ConfigPack, navigate to Applications > StyleBooks > Configurations.[From Build 47.22][# NSADM-39471]
System
- Renamed GUI labelsOn the Citrix ADM GUI, under System, GUI labels are reorganized and renamed to improve navigation and usability:- Statics is renamed as Performance- System Administration is renamed as Administration- Under Administration, similar settings are categorized into single groups- Sessions is moved under User Administration- User Administration and Notifications have tab views[From Build 41.28][# NSADM-33545]
- Option to enable or disable scheduling jobsNow you can enable or disable scheduling jobs such as instance backup, instance configuration audit, instance network reporting, and instance SSL certificates. Previously, these jobs were enabled by default, without any option to disable them.To enable or disable a scheduling job, from the Citrix ADM GUI, navigate to System > Administration > Configurable Features.[From Build 41.28][# NSADM-36650]
- Group information of external usersWhen an external user, who is a member of a configured user group, accesses the Citrix ADM GUI, the user group information is captured in the system audit log.To capture the user group information, select the “Log external group information” check box in the Authentication Settings page. To see audit logs in the Citrix ADM service, navigate to System > Audit Log Messages.[From Build 41.28][# NSADM-36651]
- Citrix ADM generates performance data and stores in a local file. The performance data is also collected as part of tech-support file. You can view this data using admconmsg.py script. This data helps you determine the system state and debug issues.[From Build 47.22][# NSADM-36800]
- Simplified application-based authorization for RBAC usersIn Citrix ADM, as an administrator, you can now authorize other administrators for the required applications without necessarily having to select instances. Previously, you must select the instances and then select the applications from those instances. And there might be cases where an administrator is not needed to know which Citrix ADC instance the application is hosted. With this feature, you can directly select the applications.[From Build 41.28][# NSADM-37213]
- Revert configurations from disaster recovery site to the original primary siteWhen your original primary site is free from disaster and you decide to move all operations to the primary site, reconfigure the original primary site to match the configurations from the DR node.By using Citrix ADM, you can reconfigure the original primary site. Run the “sync_adm_node.py” script to synchronize the changes between the DR site and the original primary site.[From Build 47.22][# NSADM-39647]
- Improvements to disaster recovery settings in the Citrix ADM GUICitrix ADM now displays the status of Disaster Recovery (DR) node deployment. Also, you can monitor the health of the DR node with improved UI. The Citrix ADM GUI display the database state, memory, CPU, and disk usage of the DR node.You can now change the password of the DR node using the following script:./mps/change_freebsd_password.sh <username> <password>[From Build 47.22][# NSADM-39728]
- Auto-generate ServiceNow incidentsYou can auto-generate ServiceNow incidents for Citrix ADC events, SSL certificate events, and Citrix ADM license events.- Citrix ADC events: Citrix ADM can generate ServiceNow incidents for selected Citrix ADC events from selected managed Citrix ADC instances- SSL certificate and ADM license events: Citrix ADM can generate ServiceNow incidents for SSL certificate expiry and ADM license expiry events.Important: This feature is supported only on ServiceNow Cloud.[From Build 47.22][# NSADM-41209]
- View and edit feature-specific export reportsCitrix ADM displays feature-specific scheduled export reports under individual ADM features, which you can view, edit, or delete. For example, to view the export reports of Citrix ADC instances, navigate to Network > Instances > Citrix ADC and click the export icon. The Export Reports page displays all the export reports of ADC instances. Earlier, ADM scheduled export reports were listed under System > Export Schedules.[From Build 52.24][# NSADM-43329]
- Dual NIC support in Citrix ADMYou can configure a second NIC for isolating management access to Citrix ADM. Using this second NIC feature, depending upon your requirement, you can choose how to want to isolate the traffic that is received and sent through the Citrix ADM.[From Build 47.22][# NSHELP-18149]
- Grant Enable-Disable permissions to usersIn this release, the Enable-Disable option is added only to the Network Functions features that allow enable or disable action. User can enable or disable the feature. And, user can also perform the Poll Now action.When you grant Enable-Disable permission to a user, the View permission is also granted. You cannot deselect this option.Note: Before upgrade, if you have granted Edit permission for a feature, then Enable-Disable and View permissions are also granted. You cannot deselect the auto-selected options.[From Build 41.28][# NSHELP-18635]
Fixed Issues in Previous Citrix ADM 13.0 Releases
The issues that were addressed in Citrix ADM 13.0 releases prior to Build 58.30. The build number provided below the issue description indicates the build in which this issue was addressed.
ADM GUI
- If you log in to the ADM GUI by using Internet Explorer, the following error message pops up:Object doesn't support property or method ‘includes’[From Build 52.24][# NSHELP-21121]
Analytics
- If you set data persistence values for storing hourly data for more than 14 days, the data for daily, weekly, and monthly reports might not appear in the Citrix ADM.[From Build 41.28][# NSADM-36541]
- If you upgrade or restart the Citrix ADC instances that are managed in a Citrix ADM, the Logstream data does not appear in the Citrix ADM.[From Build 41.28][# NSADM-37039]
- When you enable analytics, Geo data collection is also enabled by default, but Geo maps were not displayed in Citrix ADM.[From Build 47.22][# NSADM-39543]
- When you enable analytics, Geo data collection is also enabled by default, but Geo maps were not displayed in Citrix ADM.[From Build 41.28][# NSADM-39543]
- In Bot Insight, you can view only the latest 1 million detailed transactions for bot attacks. The Bot Insight dashboard and Application Summary might not match the total transactions details.[From Build 47.22][# NSADM-41092]
- In Bot Insight, you can view only the latest 1 million detailed transactions for bot attacks. The Bot Insight dashboard and Application Summary might not match the total transactions details.[From Build 52.24][# NSADM-41092]
- In Security Insight, when you click on any violation (for example, StartURL), the detailed violation logs are not displayed on the page.This issue is now fixed.[From Build 52.24][# NSADM-44613]
- When you select the Show Diagnostics icon in the Analytics > Web Insight page, the SSL and SSL_TCP virtual server types are displayed along with the HTTP type.[From Build 41.28][# NSHELP-19607]
- The Web Insight report might miss some data in Citrix ADM. This issue occurs when Citrix ADM fails to insert the Citrix ADC metrics into the database that exceeds the limit of the long integer data type.[From Build 41.28][# NSHELP-20053]
- When you create CSV export reports for Gateway Insight and HDX Insight, by using the Schedule Export option, the ADM software generates blank reports.[From Build 47.22][# NSHELP-20311]
- Sometimes Citrix ADM fails to display analytics data on the ADM GUI. This issue occurs when the mas_afdecoder process becomes unresponsive.[From Build 47.22][# NSHELP-20621]
- The Citrix ADM server restarts if the following conditions are met:- Client Side Measurement (CLM) is enabled on ADC instances AppFlow.- Citrix ADM receives AppFlow records from CLM enabled ADC instances.[From Build 52.24][# NSHELP-20746]
- In Gateway Insight, when you export CSV format report, the authentication_state displays incorrect value.[From Build 47.22][# NSHELP-20916]
- In Gateway Insight, when you export CSV format report, authentication_state displays incorrect value.[From Build 52.24][# NSHELP-20916]
- When you configure threshold in Analytics > Settings > Thresholds for Web insight, Citrix ADM does not send email notification even after the threshold value has exceeded.[From Build 47.22][# NSHELP-21024]
- When you configure threshold in Analytics > Settings > Thresholds for Web insight, Citrix ADM does not send email notification even after the threshold value has exceeded.[From Build 52.24][# NSHELP-21024]
- The Citrix ADM GUI does not display the Security Insight data when you log in using nsroot credentials.[From Build 52.24][# NSHELP-21064]
- In Citrix ADM, the Security Insight data is not displayed, when logged in using nsroot credentials.[From Build 47.22][# NSHELP-21064]
- When you enable analytics for Web Insight, the Client Side Measurement option is not displayed.[From Build 47.22][# NSHELP-21078]
- When you enable analytics for Web Insight, the Client Side Measurement option is not displayed.[From Build 52.24][# NSHELP-21078]
- Under HDX Insight > Related Sessions, when you select Common Citrix ADC from the Filter By list, the details are not displayed.This issue is now fixed.[From Build 52.24][# NSHELP-21493]
- If you enable Web Insight analytics on an instance, the following issues might occur when the ADC traffic is high:- ADM login fails.- Database streaming channel breaks in high-availability deployment.These issues occur because mas_afdecoder process consumes high memory.[From Build 52.24][# NSHELP-21851]
- Threshold Email Notification template had limited information on the breach. This release the Email Notification template includes the breach location information with the breach value.[From Build 41.28][# NSHELP-6093, NSADM-15511, NSHELP-18719]
Application
- In the App Dashboard page, the data volume appears incorrectly for some applications.[From Build 41.28][# NSHELP-20033]
- In the App Dashboard page, the data volume appears incorrectly for some applications.[From Build 47.22][# NSHELP-20033]
Applications
- Citrix ADM now allows you to include special characters in the application name while defining an application. To define an application:1. Navigate to Applications > App Dashboard.2. Click Define Custom App.[From Build 41.28][# NSADM-36834]
- When you try to enable AppFlow configuration for the Citrix ADC instance using the Citrix ADM agent, the AppFlow configuration might appear as disabled in Citrix ADM.[From Build 41.28][# NSHELP-18656]
- The App Dashboard in Citrix ADM and the command line of the Citrix ADC instance display different memory usage values.[From Build 41.28][# NSHELP-19627]
- The Application Dashboard page displays incorrect information for external users.[From Build 41.28][# NSHELP-19690]
- In App Summary Panel, under Applications > App Dashboard, the application metrics graphs appear distorted on the browser. This issue occurs when you resize the browser window.[From Build 47.22][# NSHELP-20500]
- In Applications > Dashboard, when you click an application, the following error intermittently appears:“Either Application is deleted or no virtual servers are bound to this app".[From Build 41.28][# NSHELP-6402, NSADM-20206]
High Availability
- If you manually break high availability on the Citrix ADM servers, the configuration on the managed instances is not sent to the IP address of the primary node.[From Build 41.28][# NSADM-34478]
- If you shut down the Citrix ADM high availability server during FileSync process, the synchronization job is aborted. The job does not resume even after the server has restarted.[From Build 41.28][# NSHELP-19455]
- Both the nodes of a Citrix ADM high-availability pair running on VMware ESXi hypervisor might not work.[From Build 41.28][# NSHELP-19635]
- If a Citrix ADC HA pair is added in Citrix ADM through NAT (public IP) and http/https of ADC are accessible through non-default ports, the secondary instance is not accessible because Citrix ADM use the default port(80/443) for communication.[From Build 47.22][# NSHELP-20225]
- After a Citrix ADM high-availability failover, the communication between the high-availability nodes fail. This issue causes split-brain and recovery in the high-availability deployment. As a result, the Citrix ADM software fails to check-out ADC licenses.[From Build 47.22][# NSHELP-20631]
- In ADM high-availability deployment, the System > Deployment page displays the secondary node status as “Out of Service”. This issue occurs when you scan primary or secondary node using the Nmap security tool.[From Build 52.24][# NSHELP-21059]
Hybrid Multi-Cloud
- When you are creating an autoscale group if provisioning fails for one of the availability zones, the activity progress window might become unresponsive.[From Build 41.28][# NSADM-37255]
- Citrix ADM fails to trigger scale-out or scale-in action even after the configured-threshold values for Citrix ADC instances are breached.[From Build 41.28][# NSADM-37655]
Licenses
- License status does not update in the ADM GUI for a few devices even after synchronization is successful between ADM and the instance. This issue occurs if a third-party messaging library becomes unresponsive.[From Build 52.24][# NSHELP-21211]
Licensing
- When you change the time zone in License Usage from local to GMT, it does not change the custom time to GMT. And, the License Usage report is not generated.[From Build 41.28][# NSADM-17670]
- When you change the time zone in License Usage from local to GMT, it does not change the custom time to GMT. And, the License Usage report is not generated.[From Build 47.22][# NSADM-17670]
- When auto licensing is off, and when you try to manually remove the license from some of the virtual servers, the warning message might not indicate the correct number of virtual servers that are not licensed.[From Build 41.28][# NSADM-34767]
- The incorrect pooled license information is displayed in Citrix ADM if the Citrix ADC instance uses a different Citrix ADM as a license server.[From Build 41.28][# NSHELP-19788]
- In the Pooled Capacity page, Citrix ADM might display incorrect license allocation values intermittently if the page is refreshed multiple times continuously.[From Build 41.28][# NSHELP-19789]
Networks
- When you try to export the logs in CSV format, Citrix ADM exports all command logs, irrespective of the selected ADC instances.[From Build 41.28][# NSADM-32733]
- When you try to execute an aborted config job, you might see an "Invalid Request" error.[From Build 41.28][# NSADM-34242]
- In Citrix ADM, when a non-nsroot user navigates to the Networks > Agents page and clicks View Details for the selected agent, the instances list might display the instances to which the user does not have access. However, when the user tries to access the instances, an error is displayed.[From Build 41.28][# NSADM-34794]
- When you import audit log data in CSV format, instead of the filter-specific search results, all search results are captured in the CSV report. With this fix, you can import filter-specific search results in CSV format. By default, the timeline for the report is 30 days, and it is not customizable.[From Build 47.22][# NSADM-37581]
- When you import audit log data in CSV format, instead of the filter-specific search results, all search results are captured in the CSV report. With this fix, you can import filter-specific search results in CSV format. By default, the timeline for the report is 30 days, and it is not customizable.[From Build 41.28][# NSADM-37581]
- When a non nsroot user accesses the NITRO API call to ‘ns_lbvserver_service_binding’, the call fails to return the data.[From Build 41.28][# NSADM-37621]
- The Citrix ADC CPX instances of the version 13.0 are discovered as Citrix ADC MPX instances in Citrix ADM.[From Build 41.28][# NSADM-37725]
- Citrix ADM Event subsystem crashes due to high memory usage.[From Build 41.28][# NSADM-38264]
- The ADM GUI displays Analytics as Disabled even if it’s enabled on the Citrix ADC appliance.[From Build 41.28][# NSADM-38905]
- The Citrix ADM GUI displays the following error if you add an ADC instance in Citrix ADM with the help of existing ADC instances:“Resource does not exist.”[From Build 47.22][# NSADM-39750]
- If an ADC instance is managed through an ADM agent, the "Rediscover" option does not work.[From Build 47.22][# NSADM-39911]
- If an ADC instance is managed through an ADM agent, the "Rediscover" option does not work.[From Build 41.28][# NSADM-39911]
- When you export an Audit Log report in CSV format, the report appears blank.[From Build 52.24][# NSADM-40389]
- The Citrix ADM software does not show virtual servers and applications for a managed ADC instance when both the following conditions are met:The ADC instance has partitions.The ADC instance is managed through an ADM agent.[From Build 41.28][# NSADM-41742, NSADM-41663]
- The Citrix ADM software does not show virtual servers and applications for a managed ADC instance when both the following conditions are met:- The ADC instance has partitions.- The ADC instance is managed through an ADM agent.[From Build 47.22][# NSADM-41742, NSADM-41663]
- If an ADC pair deployed in high-availability mode has admin partitions, the ADM analytics data is not displayed for traffic on admin partition virtual server.[From Build 47.22][# NSADM-41750]
- If an ADC pair deployed in high-availability mode has admin partitions, the ADM analytics data is not displayed for traffic on admin partition virtual server.[From Build 41.28][# NSADM-41750]
- After an ADM agent fails over, AppFlow is not automatically reconfigured to send traffic to the new agent.[From Build 41.28][# NSADM-41842]
- After an ADM agent fails over, AppFlow is not automatically reconfigured to send traffic to the new agent.[From Build 47.22][# NSADM-41842]
- If a Citrix ADC instance is managed through an agent, the ADM software does not generate threshold notifications (email, slack, and PagerDuty notifications) for that instance.[From Build 47.22][# NSADM-42153]
- If a Citrix ADC instance is managed through an agent, the ADM software does not generate threshold notifications (email, slack, and PagerDuty notifications) for that instance.[From Build 52.24][# NSADM-42153]
- In the Citrix ADM GUI, the Citrix ADC instances that are managed by a Citrix ADM agent display an incorrect status.[From Build 47.22][# NSADM-42160]
- In the Citrix ADM GUI, the Citrix ADC instances that are managed by a Citrix ADM agent display an incorrect status.[From Build 41.28][# NSADM-42160]
- When you delete a partition from a managed Citrix ADC instance, the corresponding partition entities, under Network Functions, are not removed from the ADM software. This issue occurs if the ADC instance is added to the ADM through an agent.[From Build 41.28][# NSADM-42281]
- When you delete a partition from a managed Citrix ADC instance, the corresponding partition entities, under Network Functions, are not removed from the ADM software. This issue occurs if the ADC instance is added to the ADM through an agent.[From Build 47.22][# NSADM-42281]
- The Citrix ADM GUI displays an incorrect status of the GSLB service group. This issue occurs because there are no events on the GSLB service group trap. The Citrix ADM software uses this trap to record the changes on the GSLB service group.[From Build 41.28][# NSADM-42747]
- The Citrix ADM GUI displays an incorrect status of the GSLB service group. This issue occurs if the GSLB service group trap has no events. The Citrix ADM software uses this trap to record the changes on the GSLB service group.[From Build 47.22][# NSADM-42747]
- After you remove a VPX instance from the SDX appliance, the network functions of the VPX instances are not cleared in the Citrix ADM GUI. This issue persists even after removing the VPX instance from Citrix ADM.[From Build 41.28][# NSADM-42782]
- After you remove a VPX instance from the SDX appliance, the network functions of the VPX instances are not cleared in the Citrix ADM GUI. This issue persists even after removing the VPX instance from Citrix ADM.[From Build 47.22][# NSADM-42782]
- If a Citrix ADC instance is managed through an agent, the ADM software does not generate events and syslogs for that instance.[From Build 47.22][# NSADM-42865]
- If a Citrix ADC instance is managed through an agent, the ADM software does not generate events and syslogs for that instance.[From Build 52.24][# NSADM-42865]
- On the Infrastructure Analytics page under the Networks section, the Circle Pack View and Tabular View visualizations are not displayed correctly on Firefox browser.[From Build 52.24][# NSADM-43759]
- When an ADM agent goes down, though you can reassign the ADC instances to other agents, the reconfiguration of policies on the instances might fail intermittently. ADM will generate notification under System events for such cases.[From Build 41.28][# NSHELP-18760]
- In configuration audit, ADM is unable to create a configuration audit report and send through email.[From Build 41.28][# NSHELP-19089]
- While creating or configuring an instance group, GUI might display the IP addresses of high availability Citrix ADC instances twice. Selecting any one IP address adds both the instances to the instance group.This fix applies for creating a new instance group. For the groups that are created before upgrading, you must remove the duplicate entries from the group.[From Build 41.28][# NSHELP-19176]
- When you restore a standalone ADM or HA pair ADM, the SSL ciphers are not getting restored as expected.[From Build 41.28][# NSHELP-19284]
- Citrix ADM polls SSL certificate and configuration audit twice. This issue is fixed and now polls once for every cycle.[From Build 41.28][# NSHELP-19377]
- When the SNMP option is enabled on the partition of an instance and the Citrix ADC configuration is not saved, the SNMP configuration is lost and SNMP traps in Citrix ADM will disappear after restarting the instance.The fix applies only for the newly added instances or partitions. Ensure you have executed the “set snmp option -partitionNameINTrap ENABLED” command on all Citrix ADC partitions and the configuration is saved.[From Build 41.28][# NSHELP-19384]
- The Citrix ADM event subsystem crashes if the following conditions are met:- You delete the instance or device partition from which an event is received.- The event is configured to send a repeat email notification for a specified interval.[From Build 41.28][# NSHELP-19401]
- The temporary folders created to maintain the difference between configuration audit reports are not cleared from Citrix ADM regularly.[From Build 41.28][# NSHELP-19436]
- When a scheduled configuration audit and “Poll Now” action is triggered at the same time, the polling might fail because of a shortage of threads to complete the action.[From Build 41.28][# NSHELP-19454]
- If you modify the “event_filter” API using the Citrix ADM NITRO API, it resets the name of the event rule to empty or null.[From Build 41.28][# NSHELP-19474]
- When you restore the Citrix ADM server using the backup of a different Citrix ADM server, the restored Citrix ADM server displays an invalid “Host ID” in the Networks > License page.[From Build 41.28][# NSHELP-19485]
- While creating a configuration template, Citrix ADM does not check for the invalid characters given in the template name.[From Build 41.28][# NSHELP-19507]
- When you want to install an SSL certificate in the Citrix ADC appliance using the Import Certificate option from the Citrix ADM GUI, the "ns_ssl_keys" file is created instead of "ns_ssl_keys" directory. As a result, the installation fails in the Citrix ADC appliance.[From Build 41.28][# NSHELP-19525]
- An authorization error appears when the following conditions are met:- A user fetches and deletes configuration templates- The user belongs both to an admin group and a non-admin group without configuration templates.[From Build 41.28][# NSHELP-19622]
- The following error appears when you are saving a configuration template that contains a ‘$’ character in the command text:“Invalid Token Error.”[From Build 41.28][# NSHELP-19689]
- When an external user receive the scheduled report from the Citrix ADM GUI, the report might show the following error:“No views are available to show.”[From Build 41.28][# NSHELP-19995]
- When an external user receives a scheduled report from the Citrix ADM GUI, the report might show the following error:“No views are available to show.”[From Build 47.22][# NSHELP-19995]
- When you schedule a filter to trigger the event rule with comma separated continuous ranges (for example: 19-21,21-23), the scheduled effect does not work as expected.[From Build 47.22][# NSHELP-20016]
- When you schedule a filter to trigger the event rule with comma separated continuous ranges (for example: 19-21,21-23), then the scheduled effect does not work as expected.[From Build 41.28][# NSHELP-20016]
- When you enable or disable the entities under the Network Functions tab, the “Not authorized to access <PartitionName>” error is displayed. This issue occurs only when the selected partition for an entity has hyphen (-) in its name.[From Build 41.28][# NSHELP-20018]
- Citrix ADM does not allow whitespaces in the event rule name while creating an event rule.[From Build 41.28][# NSHELP-20035]
- In Networks >Network Functions > Load Balancing, the Citrix ADM GUI takes longer time to display the virtual servers.[From Build 47.22][# NSHELP-20050]
- In Networks >Network Functions > Load Balancing, the Citrix ADM GUI takes longer time to display the virtual servers.[From Build 41.28][# NSHELP-20050]
- When you configure the Scheduled Time Interval (in the range X-Y and when X>Y) for an event rule, the configuration is displayed with an error and is not working as expected.[From Build 41.28][# NSHELP-20094]
- When you configure the Scheduled Time Interval (in the range X-Y and when X>Y) for an event rule, the configuration is displayed with an error and does not work as expected.[From Build 47.22][# NSHELP-20094]
- When you navigate to the Network Functions > Poll Now page, the Citrix ADM GUI becomes unresponsive. This issue occurs if the Citrix ADM server has discovered a large number of load balancing virtual servers.[From Build 47.22][# NSHELP-20143, NSHELP-20204]
- Citrix ADM reports high CPU usage due to an SQL Query execution shown in mps_service log files.[From Build 41.28][# NSHELP-20178]
- Citrix ADM reports high CPU usage due to an SQL Query execution shown in mps_service log files.[From Build 47.22][# NSHELP-20178]
- The Citrix ADM agent registration fails if the “Secure Access Only” option is enabled on the Citrix ADM GUI,[From Build 41.28][# NSHELP-20260]
- The Citrix ADM agent registration fails if the “Secure Access Only” option is enabled on the Citrix ADM GUI,[From Build 47.22][# NSHELP-20260]
- When Citrix ADC status is DOWN, an event is generated in Citrix ADM. When Citrix ADC status is back to UP, the clear event in Citrix ADM is not generated.[From Build 47.22][# NSHELP-20327]
- In Citrix ADM software, when you restore the Citrix ADC backup file, the files are not restored to a correct location.[From Build 47.22][# NSHELP-20372]
- When a non-nsroot user accesses the Citrix ADC HA instances, the virtual servers report is not generated as expected.[From Build 47.22][# NSHELP-20403]
- When you restore or upgrade a Citrix ADC SDX instance, Citrix ADM does an inventory during the restore or upgrade process. This results in loss of data in Citrix ADM.[From Build 47.22][# NSHELP-20405]
- When an RBAC user logs on to the ADM GUI, an error message appears if the user has access to any child menu but no to its parent.[From Build 47.22][# NSHELP-20409]
- In the Network Functions > Load Balancing page, the following issues occur on the Virtual Server tab for a user with limited permissions:- If a user has view-only permission to a service and full permission to a virtual server, the virtual server fails to bind with a service.- If a user has full permission to a service and view-only permission to a virtual server, the user is allowed to create a service. This action is allowed when a user is binding a service to a virtual server using the Configure option.[From Build 47.22][# NSHELP-20437]
- In Citrix ADM, the event rule does not apply if the length of <ip_address-partition_name> is greater than 32 characters.[From Build 47.22][# NSHELP-20451]
- When a user exports the Virtual Servers CSV report on the Network Functions > Load Balancing page, the report displays the virtual servers details that the user has no view or edit permission.[From Build 47.22][# NSHELP-20457]
- After you add a VPX instance running on an SDX appliance on the ADM software, some operations might fail. For example:- The instance does not appear under under Infrastructure Analytics Dashboard and App Dashboard.- You are unable to delete the instance from the ADM software.This issue occurs if you use an ADM agent to discover the instance.[From Build 41.28][# NSHELP-20539]
- After you add a VPX instance running on an SDX appliance on the ADM software, some operations might fail. For example:- The instance does not appear under under Infrastructure Analytics Dashboard and App Dashboard.- You are unable to delete the instance from the ADM software.This issue occurs if you use an ADM agent to discover the instance.[From Build 47.22][# NSHELP-20539]
- You cannot remove the configuration template that contains the asterisk (*) symbol in its name. The Citrix ADM software allows only the following characters in the configuration template name:- Alphabets A-Z and a-z- Numbers 0-9- Special characters _ # @ = -[From Build 47.22][# NSHELP-20643]
- In Network Reporting dashboard, the slider used for customizing the duration has no impact on the graph.[From Build 47.22][# NSHELP-20772]
- In Network Reporting dashboard, the slider used for customizing the duration has no impact on the graph.[From Build 41.28][# NSHELP-20772]
- When you export syslog message in CSV format, only the current messages (5000 messages) get exported.[From Build 47.22][# NSHELP-20805]
- When you export syslog message in CSV format, only the current messages (5000 messages) get exported.[From Build 52.24][# NSHELP-20805]
- After you upgrade Citrix ADM, the Export Schedule option does not work for the pre-existing jobs in Citrix ADM.[From Build 52.24][# NSHELP-20908]
- After you upgrade Citrix ADM, the Export Schedule option does not work for the pre-existing jobs in Citrix ADM.[From Build 47.22][# NSHELP-20908]
- The Networks > Network Functions > Content Switching Virtual Servers page only displays the default load-balancing virtual server bound to a content-switching virtual server. This page does not display the load-balancing virtual servers bound by a content switching policy or an action.[From Build 52.24][# NSHELP-21174]
- If you create an event rule with the send trap action, the event subsystem fails. This issue occurs when ADM receives the events that match the event rule.[From Build 52.24][# NSHELP-21302]
- In the Configuration Jobs page, if you do the following actions:1. Select Instance from the Configuration Source list.2. Select the configuration by time duration option.The blank spaces in the configuration commands incorrectly appear as “%20”.[From Build 52.24][# NSHELP-21306]
- The Citrix ADM GUI displays “Not authorized to access: <virtual server name>” when you do the following actions on the network function pages:1. Specify key and value to filter virtual servers.2. Click the refresh icon.The network function pages can be Load Balancing, Content Switching, and more.[From Build 52.24][# NSHELP-21307]
- You if use jobs to upgrade instances, you can perform prevalidation checks on instances before upgrade. After you've removed the instances that have failed the prevalidation check, and if no other instances are left, when you click Next, ADM continues to upgrade the removed instances. After some time, ADM reports upgrade failure with an error message.With this fix, when you click Next, the following message appears:“All instances have been removed. Please add instance to proceed.”For more information about using jobs to upgrade Citrix ADC instances, see:[From Build 52.24][# NSHELP-21314]
- In the ADM GUI, in Networks > Events > Rules > Add, under Advanced Filters, when you select Filter by Message, the command mentioned on the helptip is incorrect.[From Build 52.24][# NSHELP-21366]
- The configuration subsystem crashes rarely when the ADM database is accessed during the configuration audit.[From Build 52.24][# NSHELP-21622]
Orchestration
- If you add a service package and the Shared Citrix ADC instance allocation option is selected, the Least Configured placement method does not work.[From Build 47.22][# NSADM-36818]
- If ADM orchestration fails, Citrix ADM executes the netstat command to check the status of the orchestration services infinitely. As a result, the startup script consumes high CPU memory to run the netstat command. With this fix, the netstat command check for the status only for 10 minutes.[From Build 47.22][# NSADM-43643]
- If ADM orchestration fails, Citrix ADM executes the netstat command to check the status of the orchestration services infinitely. As a result, the startup script consumes high CPU memory to run the netstat command. With this fix, the netstat command check for the status only for 10 minutes.[From Build 52.24][# NSADM-43643]
StyleBooks
- From this release, StyleBooks support “nodefaultbindings” for load-balancing, content-switching, and authentication virtual servers.[From Build 47.22][# NSADM-42723]
System
- If you create an application using an instance that is not in the scope of your authentication, the Citrix ADM does not display any error message.[From Build 41.28][# NSADM-17877]
- Change in system default settingsFrom this release, the following system settings have changed:- All the ADM system events are enabled by default. This change helps you avoid missing out enabling any required events.- Citrix ADM recommends you to configure system notifications. If there are no system notifications configured, Citrix ADM displays a warning message on the home screen.The system notifications help you to receive alerts on email, SMS, or Slack channel for system events. To configure the system notification, click Configure Now on the warning message.- The diskUtilizationHigh alarm default is set to 50. The changed threshold gives you more time to address the high disk usage issue. Previously, the default threshold was 80. Navigate to System > Alarms to view and edit the system alarms.- Citrix ADM stops processing the Citrix ADC traffic if the disk usage reaches 80% and above. In Citrix ADM, Syslog servers, SNMP, and analytics stop working. This change is made to avoid system failures. After you resolve the disk usage issue, ADM resumes to process the ADC traffic.Note: After the upgrade, all previously configured settings change to the default settings; however, you can reconfigure them if needed.[From Build 41.28][# NSADM-37407]
- When the Citrix ADM software discovers an instance with the agent, the NITRO request uses HTTP protocol instead of the protocol configured in the profile. This NITRO communication occurs during scheduled inventory, statistics, or entity monitoring.[From Build 47.22][# NSADM-39555]
- When the Citrix ADM service discovers an instance with the agent, the NITRO request uses HTTP protocol instead of the protocol configured in the profile. This NITRO communication occurs during scheduled inventory, statistics, or entity monitoring.[From Build 41.28][# NSADM-39555]
- After upgrading to ADM 12.1 53.x, the value for automated data pruning changes to default 50.The value changes, because with this release, the diskUtilizationHigh alarm default value is set to 50 from previous 80. And both diskUtilizationHigh and data pruning are controlled internally by a single entity. As a result, the value for automated data pruning is also automatically adjusted to 50. The Citrix ADM software starts pruning data when the new threshold is met (50), therefore, you might lose data.[From Build 41.28][# NSADM-40698]
- After upgrading to ADM 12.1 53.x, the value for automated data pruning changes to default 50.The value changes, because with this release, the diskUtilizationHigh alarm default value is set to 50 from previous 80. And both diskUtilizationHigh and data pruning are controlled internally by a single entity. As a result, the value for automated data pruning is also automatically adjusted to 50. The Citrix ADM software starts pruning data when the new threshold is met (50), therefore, you might lose data.[From Build 47.22][# NSADM-40698]
- If you install ADM 12.1.52.15 or later, the afdecoder process fails in Citrix ADM.[From Build 52.24][# NSADM-42715]
- If you attach an ADM agent to the managed ADC instances, SNMP trap destination does not change from ADM to agent.[From Build 52.24][# NSADM-43344]
- When Citrix ADM receives many ADC instance traps, the event subsystem’s memory increases. As a result, the following issues occur:- The ADM GUI becomes inaccessible.- The ADM high-availability hypervisor console do not work. The hypervisor can be a Citrix Hypervisor, Microsoft Hyper-V, VMware ESXI, or Linux KVM server.[From Build 52.24][# NSADM-46551]
- Citrix ADM service subsystem crashes after you upgrade to 12.1-50.30. This issue occurs intermittently when there are many concurrent requests.[From Build 41.28][# NSHELP-18595]
- As a Citrix ADM user with view/edit permissions for Network functions, you are able to modify global poll interval settings.[From Build 41.28][# NSHELP-18688]
- You might intermittently see that the mas_inventory subsystem core dumps due to multithreading scenarios in libssh2 client.[From Build 41.28][# NSHELP-19042, NSHELP-20067]
- As a non-nsroot user, you might see an error when you try to retrieve client-side details in HDX Insight when you are not authorized to perform this action.[From Build 41.28][# NSHELP-19087]
- The temporary files created during Configuration Audit of templates were earlier stored in /tmp folder of the Citrix ADC file system. The files are now stored in /var/tmp folder.[From Build 41.28][# NSHELP-19346]
- When you upgrade Citrix ADM, the upgrade images are not cleaned up from the system even if you select the option to clean the images.[From Build 41.28][# NSHELP-19365]
- After restoring the backup of the Citrix ADM high availability server on to the standalone Citrix ADM server, the System > System Events page displays the loopback IP address as the source IP address.[From Build 41.28][# NSHELP-19465]
- The Citrix ADM configuration subsystem might crash because of an incorrect file permission given to the "/mpsconfig/cipher_settings.conf" file.[From Build 41.28][# NSHELP-19497]
- In the Citrix ADM, the registration of disaster recovery node fails with an error message "untar command failed".[From Build 41.28][# NSHELP-19623]
- During the Citrix ADM upgrade the migration subsystem might crash. This issue does not cause any functionality loss.[From Build 41.28][# NSHELP-19637]
- Citrix ADM reports the start-up errors “mas_hb_monit failed to start” in the logs repeatedly.[From Build 41.28][# NSHELP-19644]
- The Citrix ADM GUI takes longer time to display groups when a logged-in user is assigned to more than 200 groups in Citrix ADM[From Build 41.28][# NSHELP-19757]
- If the Client Side Measurements are enabled in Appflow on a Citrix ADC instance, the afdecoder process in Citrix ADM might crash for large transaction records.[From Build 41.28][# NSHELP-19791]
- In Citrix ADM with disaster recovery deployment, a false notification is generated for a database delay. This notification is generated even if the databases are synchronized.[From Build 41.28][# NSHELP-19876]
- In Citrix ADM, the Configuration subsystem crashes intermittently.[From Build 47.22][# NSHELP-20067]
- An SDX appliance fails to restore when you use the backed-up file from Citrix ADM. With this fix, the Repackage status is displayed on the Execution History page.[From Build 52.24][# NSHELP-20148]
- An SDX appliance fails to restore when you use the backed-up file from Citrix ADM. With this fix, the Repackage status is displayed on the Execution History page.[From Build 47.22][# NSHELP-20148]
- When you access ADM from Citrix Director in a browser and if you access a new ADM session in a different tab of the same browser, Citrix ADM in Director is displayed as session expired.[From Build 47.22][# NSHELP-20340]
- The Citrix ADM GUI allows a user who has read-only permission to update ADC SSO.[From Build 41.28][# NSHELP-20378]
- In Citrix ADM, the Sysop subsystem might crash if the incoming threads in the queue become unresponsive. This issue occurs if Citrix ADM has many managed instances.[From Build 47.22][# NSHELP-20397]
- When the ADM software processes AppFirewall related syslogs, the event subsystem crashes.[From Build 41.28][# NSHELP-20484]
- When the ADM software processes AppFirewall related syslogs, the event subsystem crashes.[From Build 47.22][# NSHELP-20484]
- When you repackage an SDX backup on the Citrix ADM GUI, the repackaged file size appears in a negative value.[From Build 47.22][# NSHELP-20486]
- In Citrix ADM, the Service subsystem crashes intermittently.[From Build 47.22][# NSHELP-20623]
- SSO login from Citrix ADM to Citrix ADC does not work as expected.[From Build 52.24][# NSHELP-20734]
- After you specify correct login credentials, the Citrix ADM login fails and displays “Done” on the GUI.[From Build 52.24][# NSHELP-20819]
- The GUI message "Done" is due to redis server got crashed. This crash was due to inconsistency caused in system due to mas_service crash, which got fixed now. Also control center code made more robust to avoid any future netstat issue.[From Build 47.22][# NSHELP-20819]
- After you upgrade Citrix ADM to 12.1.13.54, the Citrix Director integration with Citrix ADM fails.[From Build 47.22][# NSHELP-20889]
- The ADC instance backups do not synchronize with ADM disaster recovery site.[From Build 52.24][# NSHELP-20902]
- The clear event notifications for streaming of Citrix ADM disaster recovery database are auto-generated for every five minutes until you delete the event in Citrix ADM.[From Build 47.22][# NSHELP-20924]
- The clear event notifications for streaming of Citrix ADM disaster recovery database are auto-generated for every five minutes until you delete the event in Citrix ADM.[From Build 52.24][# NSHELP-20924]
- The event subsystem fails when ADM sends many email notifications.[From Build 52.24][# NSHELP-21198]
- When you use Citrix ADM to back up an SDX appliance, ADM does not back up the SDX XVA images.[From Build 52.24][# NSHELP-21208]
- If you stop the daemon process of an ADM agent, or you shut the agent down, the agent failover occurs immediately.[From Build 52.24][# NSHELP-21617]
- When you log in to the Citrix ADM GUI, a blank screen appears. This happens when event subsystem fails.[From Build 52.24][# NSHELP-21684]
Release history
For details of a specific release, see the corresponding release notes.
- Build 58.30 (2020-06-08) (Current build)
- Build 52.24 (2020-03-23)
- Build 47.22 (2020-01-06)
- Build 41.28 (2019-09-13) Replaces: 41.22