CCitrix recently released Cloud Network Locations to give customers back some of the „SmartAccess“ options they had with Netscaler ADC. With the discontinued Network Locations, you can use tags to enable or disable policies, among other things. That’s great for a company with static public IP addresses, but what if you have a dynamic IP address that changes occasionally? Here’s a solution I use myself.
Cloud Network Locations are brand new, so everything works… or maybe not, as in my case. To change network locations, you need the NLS2.psm1 PowerShell module on GitHub – NLS2.psm1. I used the module, but I kept getting the „403 Forbidden“ error message! I double-checked everything but couldn’t find any issues with the script. So I checked the module, and the base URL for the REST call was https://trust.citrixworkspacesapi.net . I entered the URL in a browser and was surprised by the message:
„message“: „Invalid request to endpoint ‚https://trust-westeurope-release-b.citrixworkspacesapi.net/root/tokens/clients‘.". Endpoint is not globally scoped. The caller must use geo-specific address. The requested address was ‚https://trust.citrixworkspacesapi.net/root/tokens/clients‘
In the NLS2.psm1 module, I have set the base URL to https://trust-westeurope-release-b.citrixworkspacesapi.net I made the change, and the script worked!
Here is a brief overview of the PowerShell script:
$CurrentPubIP = (Invoke-WebRequest ifconfig.me/ip).Content.Trim()Import-Module c:\path\nls2.psm1 -Force$clientId = "<Citrix Cloud client ID"$customer = "<Citrix customer ID"$clientSecret = ""Connect-NLS -clientId $clientId -clientSecret $clientSecret -customer $customer -Verbose(Get-NLSSite)[0] | Set-NLSSite -ipv4Ranges @("$CurrentPubIP/32")
Full script on GitHub
https://github.com/Koetzing/Powershell-Scripts/blob/main/update-citrix-nls.ps1
