Set acls remotely to a VDI / RDSH Delivery Group 7 Comments

In the same way as the previous blog post, some more automation to maintain a VDI/RDSH environment, and get back to a controlled and clean environment. This blog is a follow up to Remotely clean up Virtual Machines drives – XenDesktop , Expand virtual machines hard disk – automation , XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync . I had to automate an action to place ACLs on the D: drive using Powershell and icacls. This script is using XenDesktop / XenApp command to list all the Virtual Machines with SessionSupport value equal to SingleSession, it means the VDI only in my case. If you want to check the list of Virtual Machines you targeted you can use this command : If you want to target a specific XenDesktop Delivery Group, then just adapt the previous line : Once you know the target, you can execute the following script. Using this script assume Virtual Machines are switched on. If you have suggestion, and/or comment, share your though !

Remotely clean up Virtual Machines drives – XenDesktop 10 Comments

Following up the previous blogs XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync and Expand virtual machines hard disk – automation and continue in automated task, I had to clean up the D: drive of different XenDesktop Delivery Group. As there was no security restriction on the D: drive some users used it as a repository for some of their project... That caused some issues : Users complain of losing their working data from a session to another (pooled VDI, new logon = new vm) Some disk space notification where displayed to random users... Calls where raise to the helpdesk support team Beside hiding the D: drive to avoid non necessary access (ie : non system access) check this blog to do so : Citrix XenApp – Hiding system drives part 1/2 an automated task had to be performed to "clean" this D: drive The variable $XDDC is the FQDN of a Delivery Controler, $Exclusion is the files and folder you want to exclude from being removed. For example : the directories "logs" "pvsvm" "System Volume Information" "$RECYCLE.BIN" and the files "dedicateddumpfile.sys" "pagefile.sys" and "vdiskdif.vhdx" will be ignore from the delete process. Most of these files and directory are system protected anyway it's more to avoir error during script execution. Once you have a clear list of what you need and want to keep you can proceed to the next step.   This script will clean everything which is not in the $Exclusion list so be careful when you run the script. This script assume all the targeted VM are switched ON of course. Leave a comment bellow if you have an idea how to improve this script !

Java Runtimes JRE7 – Your Java version is insecure popup 3 Comments

This one has been pain in the ass to find out... Since Java 7 (1.7_xx) the security and setting management is a total nightmare. This is so messy you can't find a reliable information on Oracle website... The worse thing is all the mechanism seems to change between versions... from 1.7_01 to _11 is one way to do thing and version after it's done another way... Here is the ugly pop up I want to eliminate from the user interface on the XenApp Desktop. To do so, I had to check every change within files, registry to finally find out everything was located in the registry for this version of java, JRE7 1.7_13... So I wanted to create a GPP to target user connected on the XenApp servers, here is my xml file created from a registry export : Next, I wanted to filter this GPP with a WMI filter, this WMI Query will look for locations of the JRE7 Folder on the System and if found it will apply the policy.   And this works ! I didn't need to do anything with deployment.properties and deployment.config as described everywhere on the Oracle website... (This website is really pain in the ass to find good documentation...) I hope it will help, and I hope Oracle will stop to change the way we need to use to manage Java configuration....

Citrix XenDesktop 7 – Create Persistent Hypervisor Connection and Hosting Unit, Unattended 13 Comments

I blogged about how to automate Citrix XenDesktop 7 deployment and database creation, and how to join and existing XenDesktop 7 site unattended, but now to continue and go a bit further in the automation process, I needed and wanted to know how to automate Hosting Configuration by Adding Connection and Resources to the DDC in an unattended way. This blog will cover creation process for XenServer 6.x and vCenter (vSphere) 5.1 since I don't have access to a Hyper-V (yet), I went over Citrix eDoc to check how I could do this and I found here : [link] Thanks to Livio for some PowerShell help :) It helps to understand whet need to be setup and after few tests I ended up writing this script to automate this part :   This script have been tested with Citrix XenDesktop7 and XenServer 6.2 and vSphere 5.1

Citrix XenDesktop 7 – Unattended from scratch 39 Comments

So auto-install and auto join an already XenDesktop 7 Site is cool but what if you need to automate the first DDC installation ? Here is how I did with help of a great blog (Timm Brochhaus) who made a script available for everyone, and I personally used it. Let's do it for a full automated installation, I will install all the components from XenDesktop 7. Timm Brochhaus wrote a very cool blog and give you the explanation about a script he wrote to automate this part with a very useful script. Juts don't forget to run this script in 32bit mode.... [link] I did use Timm's script and here is the result I got : 3 databases were created, one for the Site informations, one for the log informations and a last one for monitoring (edgesight-like) Now we are ready for the next step which is site creation with the command New-XDSite with the result : If I use the script Timm make available and use the same syntax, this is pretty easy to add this line and add what we need to automate DataBase creation + Site creation in one script : So now your XenDesktop 7 DDC is ready to work, you can launch the Desktop Studio console, you just need to create your Machine Catalogs and Delivery Groups etc... This next part of automation is in my next blog about XenDesktop 7  

Citrix XenDesktop 7 – VDA Installation 7 Comments

The VDA version delivered with XenDesktop 7 bits is 7.0.0.3018 The VDA can be deployed two ways, via the GUI setup and in an unattended way. Using the GUI is easy and can be done very quickly - but it remains manual deployment. Here are screenshot so for the one who won't have time to check it out, you can already know what you might face very soon.   Next blog will be about VDA installation for Desktop and Server OS

Citrix XenDesktop 7 – Unattended Installation + Site join 18 Comments

We all need to automate things, we need to fast deploy, fast provision and stay lazy, not doing the same thing every day... So let check how we can industrialize XenDesktop 7 deployment (the easy part) and configuration (I guess the tricky part). First to deploy XenDesktop 7 using command line is simple and very well documented [link] Installs XenDesktop Server Options can be (see documentation for further details): /COMPONENTS CONTROLLER, DESKTOPSTUDIO, DESKTOPDIRECTOR, LICENSESERVER, STOREFRONT /EXCLUDE <package> excludes a package from installation /HELP, /H, /? Shows this dialog /NOREBOOT Suppress reboot after installation (if needed) /PASSIVE, /QUIET Do not show UI during installation /REMOVE Remove components (instead of installing) /CONFIGURE_FIREWALL Configure Windows Firewall /NOSQL Do not install SQL Server Express 2012 /NO_REMOTE_ASSISTANCE Do not install Windows Remote Assistance when installing Director I will add a second server to my existing deployment (1 DDC, Windows 2012 XenDesktop 7) my command line to install components I need look like : The XenDesktop 7 "Framework" is now installed but the is still configuration an Site join to automate. Using Powershell this is an easy step as well : This command line will update the database automatically, if you do not wish to, you need to specify it : Note : if you had DesktopStudio open, to show the change on the new DDC, refreshing the mmc is not enough, you need to close and open it again. Last thing, to remove a DDC using command line, still with PowerShell : This command line will update the database automatically, if you do not wish to, you need to specify it : Note : You must execute this commend another DDC than the one you want to remove. So to sum-up, this is very easy to automate XenDesktop DDC deployment once the first DDC is set up. The next step will be to try to automate the first DDC installation and configuration.

Citrix XenDesktop 7 – Installation 14 Comments

XenDesktop 7 is now available with different features and entitlements (link) and yes there is a lot to read on this webpage but most of everything is already known features. So I will just write now what I read between the line : No more Citrix Streaming Application (RIP) in favor of Microsoft APP-V XenServer is now version 6.2 and Open Source ! http://www.xenserver.org/ Seamless Local Apps is now official and build-in. PVS is version 7 now and MCS continue its evolution. (I'll come back later on a blog post about that) Edgesight is included in XenDesktop 7 (Another blog post subject) Storefront is now version 2 Receiver for Windows is v4 Windows 8 and Windows 2012 supported Many other changes I need to cover later on Several editions are available today : Now this is time to show you how the installation process, pretty straight forward as I already mention and this is for those who are curious about this new version and don't have tie to POC it or try it right away.   To download Citrix XenDesktop 7, this is the way -> [link] XenDesktop 7 Edocs : [link] XenDesktop 7 Admin Guide : [link] XenDesktop 7 Upgrade Guide : [link] XenDesktop 7 Install Guide : [link]

Windows Server 2012 – Migrating FSMO Roles 6 Comments

I installed one AD when Microsoft Windows Server 2012 was still in Release Candidate with the Datacenter edition, of course since few days my DC was rebooting every hour, the trial licence did expire few days ago.. So I had to install a new DC and promote it the transfer all FSMO roles from my "old" server to the new one. First thing I had to do is to add this new server to the existing forest as a new domain controller : I did it using the gui but you can also use PowerShell to get the same result : Now the server has been added to the forest as a new domain controller, on the new server after launching PowerShell command line, i used the Move-ADDirectoryServerOperationMasterRole command to transfer all the FSMO roles. EAch role corresponding to a number :   Role Name Number PDCEmulator 0 RIDMaster 1 InfrastructureMaster 2 SchemaMaster 3 DomainNamingMaster 4 So my command line looked like that This is it ! Don't forget to demote the "old" domain controller before getting rid of it. I wanted to blog about that because I'm not manipulating Active Directory controller every day and here is my scratch notebook so, this is to keep track on what I'm doing and share information.