Set acls remotely to a VDI / RDSH Delivery Group 7 Comments

In the same way as the previous blog post, some more automation to maintain a VDI/RDSH environment, and get back to a controlled and clean environment. This blog is a follow up to Remotely clean up Virtual Machines drives – XenDesktop , Expand virtual machines hard disk – automation , XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync . I had to automate an action to place ACLs on the D: drive using Powershell and icacls. This script is using XenDesktop / XenApp command to list all the Virtual Machines with SessionSupport value equal to SingleSession, it means the VDI only in my case. If you want to check the list of Virtual Machines you targeted you can use this command : If you want to target a specific XenDesktop Delivery Group, then just adapt the previous line : Once you know the target, you can execute the following script. Using this script assume Virtual Machines are switched on. If you have suggestion, and/or comment, share your though !

Remotely clean up Virtual Machines drives – XenDesktop 10 Comments

Following up the previous blogs XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync and Expand virtual machines hard disk – automation and continue in automated task, I had to clean up the D: drive of different XenDesktop Delivery Group. As there was no security restriction on the D: drive some users used it as a repository for some of their project... That caused some issues : Users complain of losing their working data from a session to another (pooled VDI, new logon = new vm) Some disk space notification where displayed to random users... Calls where raise to the helpdesk support team Beside hiding the D: drive to avoid non necessary access (ie : non system access) check this blog to do so : Citrix XenApp – Hiding system drives part 1/2 an automated task had to be performed to "clean" this D: drive The variable $XDDC is the FQDN of a Delivery Controler, $Exclusion is the files and folder you want to exclude from being removed. For example : the directories "logs" "pvsvm" "System Volume Information" "$RECYCLE.BIN" and the files "dedicateddumpfile.sys" "pagefile.sys" and "vdiskdif.vhdx" will be ignore from the delete process. Most of these files and directory are system protected anyway it's more to avoir error during script execution. Once you have a clear list of what you need and want to keep you can proceed to the next step.   This script will clean everything which is not in the $Exclusion list so be careful when you run the script. This script assume all the targeted VM are switched ON of course. Leave a comment bellow if you have an idea how to improve this script !

Expand virtual machines hard disk – automation 7 Comments

Sometimes, at some customers's place, with an infrastructure already in place (XenApp with PVS or XenDesktop VDI pooled with PVS) the D: drive is too small. The drive where you redirect Windows Event Logs, Logs (UPM for example and/or other applications - services) This is a drive where page file is often redirected as well and even memory dump file generated. PVS cache can also be on this drive : Cache on device RAM with overflow on Hard Disk When RAM is zero, the target device write cache is only written to the local disk. When RAM is not zero, the target device write cache is written to RAM first. When RAM is full, the least recently used block of data is written to the local Write Cache disk to accommodate newer data on RAM. The amount of RAM specified is the non-paged kernel memory that the target device consumes. Cache on device Hard Disk The cache on local HD is stored in a file on a secondary local hard drive of the device. It gets created as an invisible file in the root folder of the secondary local HD. The cache file size grows, as needed, but never gets larger than the original vDisk, and often not larger than the free space on the original vDisk. It is slower than RAM cache, but faster than Server cache and works in a HA environment. The lack of space on this drive will bring some slowness in user's session and this drive needs to be expanded a bit to get back a normal user experience. To expand these disks two actions need to be done : Expand the Virtual Machine hard disk - in this example vmware Virtual Machines Expand the disk within the Operation System (Windows) In addition to the following script, psexec tool (Microsoft Sysinternal) is used to execute remotely the diskpart command listed in a text file (diskpart.txt) which is upload to the Virtual Machines. Targeted Virtual Machines need to be powered on. Psexec.exe and Diskpart.txt needs to be in the same folder as the Powershell script, of course you can specify their path as it suits your need.   This script is using XenDesktop / XenApp command to list all the Virtual Machines with SessionSupport value equal to SingleSession, it means the VDI only in my case. If you want to check the lust of Virtual Machines…

XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync 9 Comments

Several times i had the need to synchronise Virtual Machine notes (vmware) with Active Directory Computer description. As in big environment, different team are managing each of these components, the need to be able to link an Active Directory computer account to a vm with XenApp / XenDesktop delivery group has often been seen as useful. Delivery group name : Desktop123 Virtual Machine note (vmware) : Desktop123 Active Directory account Description : Desktop123 The idea is to simply synchronise the information through the platforms so everyone knows quickly what machine does what. In this particular example that was about XenApp Servers and XenDesktop VDI. You will need a machine where : XenDesktop 7.x SDK (Powershell is installed) vmware PowerCli installed RSAT role deployed as well Thank to Rodolphe Herpeux who simplified the first version of this script I wrote.

Java Runtimes JRE7 – Your Java version is insecure popup 3 Comments

This one has been pain in the ass to find out... Since Java 7 (1.7_xx) the security and setting management is a total nightmare. This is so messy you can't find a reliable information on Oracle website... The worse thing is all the mechanism seems to change between versions... from 1.7_01 to _11 is one way to do thing and version after it's done another way... Here is the ugly pop up I want to eliminate from the user interface on the XenApp Desktop. To do so, I had to check every change within files, registry to finally find out everything was located in the registry for this version of java, JRE7 1.7_13... So I wanted to create a GPP to target user connected on the XenApp servers, here is my xml file created from a registry export : Next, I wanted to filter this GPP with a WMI filter, this WMI Query will look for locations of the JRE7 Folder on the System and if found it will apply the policy.   And this works ! I didn't need to do anything with and deployment.config as described everywhere on the Oracle website... (This website is really pain in the ass to find good documentation...) I hope it will help, and I hope Oracle will stop to change the way we need to use to manage Java configuration....

Citrix XenDesktop 7 – VDA Installation 7 Comments

The VDA version delivered with XenDesktop 7 bits is The VDA can be deployed two ways, via the GUI setup and in an unattended way. Using the GUI is easy and can be done very quickly - but it remains manual deployment. Here are screenshot so for the one who won't have time to check it out, you can already know what you might face very soon.   Next blog will be about VDA installation for Desktop and Server OS

Citrix XenDesktop 7 – Installation 14 Comments

XenDesktop 7 is now available with different features and entitlements (link) and yes there is a lot to read on this webpage but most of everything is already known features. So I will just write now what I read between the line : No more Citrix Streaming Application (RIP) in favor of Microsoft APP-V XenServer is now version 6.2 and Open Source ! Seamless Local Apps is now official and build-in. PVS is version 7 now and MCS continue its evolution. (I'll come back later on a blog post about that) Edgesight is included in XenDesktop 7 (Another blog post subject) Storefront is now version 2 Receiver for Windows is v4 Windows 8 and Windows 2012 supported Many other changes I need to cover later on Several editions are available today : Now this is time to show you how the installation process, pretty straight forward as I already mention and this is for those who are curious about this new version and don't have tie to POC it or try it right away.   To download Citrix XenDesktop 7, this is the way -> [link] XenDesktop 7 Edocs : [link] XenDesktop 7 Admin Guide : [link] XenDesktop 7 Upgrade Guide : [link] XenDesktop 7 Install Guide : [link]

Citrix Excalibur Tech Preview 6 Comments

As many of you might know Citrix are kind of melting all there product in one, a Cloud product. The project name is Avalon, with two releases until next year named Excalibur (what we will speak about in this blog post) and Merlin coming later next year. First, I spoke with many customers and other partner, and Citrix one more time did confuse everyone with all those names... Avalon, Excalibur, Merlin, Thor etc etc Almost 90% of the people I spoke with though Avalon, Excalibur and Merlin are three different products. Maybe I'm wrong but as far s I can see thing, Avalon is the code name for the final project then Excalibur and Merlin are just timeline version release until the final release and then a final product name. I must admit this one is a bit confusing everyone... This is like Citrix wants to show the big picture but just give a tiny pieces of the puzzle. Citrix Avalon Excalibur Tech Preview is available for download here : [link] Project Avalon Excalibur Technology Preview is our next-generation, unified desktop and app virtualization technology that is reinventing the delivery of Windows apps and desktops for mobility in the cloud-era.  The availability of this tech preview will allow Citrix customers and partners to have a first-hand look at a new unified FlexCast infrastructure combining VDI and Hosted Shared desktops and apps from a single platform. New features include: Simplified, unified, and expanded FlexCast 2.0 architecture New unified FlexCast 2.0 architecture combines simplified and integrated provisioning and personalization tools for both desktops and apps, delivered from either a desktop-based or server-based operating system. Windows Server 2012 and Windows 8 Host Windows 8 VDI desktops or VM hosted applications in addition to Windows Server 2012 server-based desktops and applications. This tech preview also supports Windows 2008R2/SP1 and Windows 7. SuperCodec for Optimized Graphics New enhancements to HDX using Deep Compression Codec technology double the visual performance of desktops and apps to mobile devices dynamically adapting for device type, form factor and network connection while still leveraging the processing power of modern tablets and smartphones Storefront for apps & data Create centralized enterprise app stores to deliver desktops, applications, and other resources to users on any device, anywhere with the Citrix StoreFront. Intelligent configuration tools New intelligent configuration tools for deploying desktops and apps that proactively check configuration errors in real time while streamlining the…

This is the personalized installation I do when I deploy vmtools on the VMs with VDA to install on it. Don't forget to install vmtools before Citrix Virtual Desktop Agent ! It always good to have this information shared because I had a lot of question regarding vmware vmtools installation with Citrix XenDesktop VDAs. Toolbox – Enable – Used for functions like time synchronization and clean shutdown of guest. Memory Control Driver – Enable - Driver for improved memory management in the virtual machine. This driver is available and recommended if you use VMware vSphere. Excluding this driver hinders the memory management capabilities of the virtual machine in a vSphere deployment. Thin Print Driver – Disable - Handled by Citrix printing in VDA. Paravirtual SCSI – Disable – Used in high I/O operation with SAN and mostly is applicable to Server VMs and not VDA. This driver is for PVSCSI adapters, which enhance the performance of some virtualized applications. Mouse Driver – Enable – Needs the mouse driver as it improves fixes in glitches with the mouse. File System Sync Driver – Disable - Driver for the synchronization of the file system within the virtual machine. For example, for preparation of backups. Only used if you have dedicated VMs and used agents in VMs to backup VMs. In VDA environments most common settings is profile management in which data is moved to a share as opposed to being local on VMs. Shared Folders – Disable – Directory for data exchange between host system and guest system. Currently only works with VMware Workstation and have seen it cause a lot of synchronization issues. SCSI Driver – Enable – Installs and improves BusLogic SCSI driver. If you use LSI Logic this driver is not required. SVGA Driver – Disable – We want to use the Citrix VGA adapter and not the VMware VGA. Use CTX 123952 (below) as work around if using Windows 7. Audio Driver – Enable – Needs audio driver to playback sound. This sound driver is required for all 64-bit Windows guest operating systems and 32-bit Windows Server 2003, Windows Server 2008, and Windows Vista guest operating systems if you use the virtual machine with VMware Server, Workstation, or Fusion. VMXNet NIC Driver – Enable - Network card driver for the VMXNet VMware network card. Improves network performance of the virtual machine, especially in gigabit environments. Furthermore the CPU…