Set acls remotely to a VDI / RDSH Delivery Group 7 Comments

In the same way as the previous blog post, some more automation to maintain a VDI/RDSH environment, and get back to a controlled and clean environment. This blog is a follow up to Remotely clean up Virtual Machines drives – XenDesktop , Expand virtual machines hard disk – automation , XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync . I had to automate an action to place ACLs on the D: drive using Powershell and icacls. This script is using XenDesktop / XenApp command to list all the Virtual Machines with SessionSupport value equal to SingleSession, it means the VDI only in my case. If you want to check the list of Virtual Machines you targeted you can use this command : If you want to target a specific XenDesktop Delivery Group, then just adapt the previous line : Once you know the target, you can execute the following script. Using this script assume Virtual Machines are switched on. If you have suggestion, and/or comment, share your though !

Remotely clean up Virtual Machines drives – XenDesktop 10 Comments

Following up the previous blogs XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync and Expand virtual machines hard disk – automation and continue in automated task, I had to clean up the D: drive of different XenDesktop Delivery Group. As there was no security restriction on the D: drive some users used it as a repository for some of their project... That caused some issues : Users complain of losing their working data from a session to another (pooled VDI, new logon = new vm) Some disk space notification where displayed to random users... Calls where raise to the helpdesk support team Beside hiding the D: drive to avoid non necessary access (ie : non system access) check this blog to do so : Citrix XenApp – Hiding system drives part 1/2 an automated task had to be performed to "clean" this D: drive The variable $XDDC is the FQDN of a Delivery Controler, $Exclusion is the files and folder you want to exclude from being removed. For example : the directories "logs" "pvsvm" "System Volume Information" "$RECYCLE.BIN" and the files "dedicateddumpfile.sys" "pagefile.sys" and "vdiskdif.vhdx" will be ignore from the delete process. Most of these files and directory are system protected anyway it's more to avoir error during script execution. Once you have a clear list of what you need and want to keep you can proceed to the next step.   This script will clean everything which is not in the $Exclusion list so be careful when you run the script. This script assume all the targeted VM are switched ON of course. Leave a comment bellow if you have an idea how to improve this script !

Expand virtual machines hard disk – automation 7 Comments

Sometimes, at some customers's place, with an infrastructure already in place (XenApp with PVS or XenDesktop VDI pooled with PVS) the D: drive is too small. The drive where you redirect Windows Event Logs, Logs (UPM for example and/or other applications - services) This is a drive where page file is often redirected as well and even memory dump file generated. PVS cache can also be on this drive : Cache on device RAM with overflow on Hard Disk When RAM is zero, the target device write cache is only written to the local disk. When RAM is not zero, the target device write cache is written to RAM first. When RAM is full, the least recently used block of data is written to the local Write Cache disk to accommodate newer data on RAM. The amount of RAM specified is the non-paged kernel memory that the target device consumes. Cache on device Hard Disk The cache on local HD is stored in a file on a secondary local hard drive of the device. It gets created as an invisible file in the root folder of the secondary local HD. The cache file size grows, as needed, but never gets larger than the original vDisk, and often not larger than the free space on the original vDisk. It is slower than RAM cache, but faster than Server cache and works in a HA environment. The lack of space on this drive will bring some slowness in user's session and this drive needs to be expanded a bit to get back a normal user experience. To expand these disks two actions need to be done : Expand the Virtual Machine hard disk - in this example vmware Virtual Machines Expand the disk within the Operation System (Windows) In addition to the following script, psexec tool (Microsoft Sysinternal) is used to execute remotely the diskpart command listed in a text file (diskpart.txt) which is upload to the Virtual Machines. Targeted Virtual Machines need to be powered on. Psexec.exe and Diskpart.txt needs to be in the same folder as the Powershell script, of course you can specify their path as it suits your need.   This script is using XenDesktop / XenApp command to list all the Virtual Machines with SessionSupport value equal to SingleSession, it means the VDI only in my case. If you want to check the lust of Virtual Machines…

XenDesktop XenApp 7.x – vmware / ad / delivery group notes and descriptions sync 9 Comments

Several times i had the need to synchronise Virtual Machine notes (vmware) with Active Directory Computer description. As in big environment, different team are managing each of these components, the need to be able to link an Active Directory computer account to a vm with XenApp / XenDesktop delivery group has often been seen as useful. Delivery group name : Desktop123 Virtual Machine note (vmware) : Desktop123 Active Directory account Description : Desktop123 The idea is to simply synchronise the information through the platforms so everyone knows quickly what machine does what. In this particular example that was about XenApp Servers and XenDesktop VDI. You will need a machine where : XenDesktop 7.x SDK (Powershell is installed) vmware PowerCli installed RSAT role deployed as well Thank to Rodolphe Herpeux who simplified the first version of this script I wrote.

XenApp 6.5 to XenApp 7.5 Migration (Machine) 24 Comments

Citrix will very soon offer a lot of scripts and tools to give the ability to migrate policies from a XenApp 6.5 farm to a XenApp 7.5, I'm currently testing all these Powershell script to check it out and maybe use it by including it in our migration process. What Citrix haven't give us yet is a tool to move an existing XenApp 6.5 server to a XenApp 7.5 Site, steps are fairly simple and can be automatize : Leave XenApp 6.5 Farm **Reboot** Uninstall XenApp 6.5 **Reboot** Install XenApp 7.5 VDA This is not what I recommend to do because removing a piece of software to replace by another always leave some dirty little things everywhere... This is the reason I prefer to start from scratch and migrate application; sometime it's not possible and we need to go fast, so these few steps are easy to customize and integrate in every deployment system in place. The first step is to leave the XenApp 6.5 farm : To complete this farm leave script, you need to reboot the XenApp server. The second step is to uninstall XenApp 6.5 using this command line : To complete this step the XenApp server needs to reboot again. The last step is to deploy the new VDA (XenApp / XenDesktop 7.5) using this command line : Update 25 April 2014 If you plan to move your XenApp 6.5 servers to XenApp 7.5 you need to clean a bit more than simply XenApp, I had a lot of comments about Edgesight agent, Citrix Profile Management etc... and my answer if yes you need to uninstall each of these component to avoid any conflict with the VDA. For example Esgesight can be uninstall using the following command line : This is it ! I think Citrix will offer a "graphic" tool in some point, but I needed to have that ready now, so I share it ! Resources : XenApp and XenDesktop 7.5 edocs XenApp Uninstallation Best Practices

Citrix XenDesktop 7 – Create Persistent Hypervisor Connection and Hosting Unit, Unattended 13 Comments

I blogged about how to automate Citrix XenDesktop 7 deployment and database creation, and how to join and existing XenDesktop 7 site unattended, but now to continue and go a bit further in the automation process, I needed and wanted to know how to automate Hosting Configuration by Adding Connection and Resources to the DDC in an unattended way. This blog will cover creation process for XenServer 6.x and vCenter (vSphere) 5.1 since I don't have access to a Hyper-V (yet), I went over Citrix eDoc to check how I could do this and I found here : [link] Thanks to Livio for some PowerShell help :) It helps to understand whet need to be setup and after few tests I ended up writing this script to automate this part :   This script have been tested with Citrix XenDesktop7 and XenServer 6.2 and vSphere 5.1

Citrix XenDesktop 7 – Unattended from scratch 39 Comments

So auto-install and auto join an already XenDesktop 7 Site is cool but what if you need to automate the first DDC installation ? Here is how I did with help of a great blog (Timm Brochhaus) who made a script available for everyone, and I personally used it. Let's do it for a full automated installation, I will install all the components from XenDesktop 7. Timm Brochhaus wrote a very cool blog and give you the explanation about a script he wrote to automate this part with a very useful script. Juts don't forget to run this script in 32bit mode.... [link] I did use Timm's script and here is the result I got : 3 databases were created, one for the Site informations, one for the log informations and a last one for monitoring (edgesight-like) Now we are ready for the next step which is site creation with the command New-XDSite with the result : If I use the script Timm make available and use the same syntax, this is pretty easy to add this line and add what we need to automate DataBase creation + Site creation in one script : So now your XenDesktop 7 DDC is ready to work, you can launch the Desktop Studio console, you just need to create your Machine Catalogs and Delivery Groups etc... This next part of automation is in my next blog about XenDesktop 7  

Citrix XenDesktop 7 – Unattended Installation + Site join 18 Comments

We all need to automate things, we need to fast deploy, fast provision and stay lazy, not doing the same thing every day... So let check how we can industrialize XenDesktop 7 deployment (the easy part) and configuration (I guess the tricky part). First to deploy XenDesktop 7 using command line is simple and very well documented [link] Installs XenDesktop Server Options can be (see documentation for further details): /COMPONENTS CONTROLLER, DESKTOPSTUDIO, DESKTOPDIRECTOR, LICENSESERVER, STOREFRONT /EXCLUDE <package> excludes a package from installation /HELP, /H, /? Shows this dialog /NOREBOOT Suppress reboot after installation (if needed) /PASSIVE, /QUIET Do not show UI during installation /REMOVE Remove components (instead of installing) /CONFIGURE_FIREWALL Configure Windows Firewall /NOSQL Do not install SQL Server Express 2012 /NO_REMOTE_ASSISTANCE Do not install Windows Remote Assistance when installing Director I will add a second server to my existing deployment (1 DDC, Windows 2012 XenDesktop 7) my command line to install components I need look like : The XenDesktop 7 "Framework" is now installed but the is still configuration an Site join to automate. Using Powershell this is an easy step as well : This command line will update the database automatically, if you do not wish to, you need to specify it : Note : if you had DesktopStudio open, to show the change on the new DDC, refreshing the mmc is not enough, you need to close and open it again. Last thing, to remove a DDC using command line, still with PowerShell : This command line will update the database automatically, if you do not wish to, you need to specify it : Note : You must execute this commend another DDC than the one you want to remove. So to sum-up, this is very easy to automate XenDesktop DDC deployment once the first DDC is set up. The next step will be to try to automate the first DDC installation and configuration.

VDI Project – Not only a XenDesktop project (part.1) VDI Project - The framework (part.2) VDI Project - Hypervisor war (part.3) VDI Project - Desktops and applications delivery (part.4) VDI Project - User Environment Manager (part.5) Designing the architecture for such a big and complex environment is a challenge. To do so I needed to think about all the possibilities of desktop / application delivery process and mechanism AND the technology I would have to use to give as much flexibility as possible while keeping in mind the existing layers. To automate and industrialize, I needed to find a software like Microsoft SCCM to deploy the operating systems, software and handling inventory. My customer had this ancient software named Radia and wanted to continue to use it since HP bought this company and renamed the product to HP Client Automation. So I didn't really had the choice on this one and I had to make sure this software will be able to bring all the automation I was looking for. After a certain number of meeting with HP, the software was good for OS deployment, Inventory management but had some lake of features in the software deployment. As my customer already bought the licenses (In fact they bought it before the beginning of the project...) I had to manage with that. Then I needed to chose the hypervisor, the connection broker, the application virtualization solution, the profile management solution and make sure everything would fit in a 3 level down architecture (Datacenter --- First Level --- Second Level --- Third Level) To make the choice I had to find all the software technology able to answer each need and compare it to another one. I also introduce the User Environment Management concept into the discussion. Here is the list of solutions I chose to work with / compare : Hypervisor : vmware vSphere vs Citrix XenServer vs Microsoft Hyper-V Automation & OS Deployment : Altiris vs HP Client Automation Application virtualisation : Citrix XenApp vs vmware ThinApp Desktop broker : vmware View vs Citrix XenDestop User Environment Manager : RES vs AppSense But this "fair" way to chose the best product by testing, evaluate it wasn't in everyone's mind and I have to front choices already made before the beginning of the project. This is the "forced" list I had few days after the project kick off : Hypervisor :…

VDI Project – Not only a XenDesktop project (part.1) VDI Project - The framework (part.2) VDI Project - Hypervisor war (part.3) VDI Project - Desktops and applications delivery (part.4) VDI Project - User Environment Manager (part.5) Beginning a new project is every time a new challenge, new team, new processes and new environment. Each customer have its own past IT history and,  depend of the size, different IT, politics and complexity. This time I'm a desktop architect and I've been hired mostly for my Citrix skills. The challenge is the size of this new project, I will design for sure some Citrix architectures, XenDesktop, XenApp, PVS, maybe Access Gateway or Netscaler on a very large scale but I'm also responsible to design a complete workstation delivery service (automation / industrialization) and address all kind of endpoints, from the "classic" workstation to the well known iPad. This is my largest XenDesktop 5 project, I will use XenDesktop to bring flexibility and mobility to users. I will write some blogs along the project because I think this will be a great experience to share, technical and not technical. I can't wait to post some very technical stuff about IOPS with Citrix Provisioning Services, XenDesktop and Machine Creation Service related with storage. I will post every major subject for ex : The Software Framework, The Hypervisor War (these two blogs are almost finished) etc etc... I also want to share the non technical subjects because this is how a project live... Changing the way people are working in a company can be very painful, first you need to bring the idea of a change in their everyday life and then prove them they will have more time to work on more important project. Then you show they can save some money within 3 or 5 years. I can tell you this is the big part of a project and the less fun (for me) but this is a mandatory part of every project : Show the company board and managers how much they can save and explain to the IT staff they will be able to spend more time on larger scale issue and project, work more efficiently. This is a lot of work, first administrative / politics, then technical (POC) and very technical (Global Architecture) And I always I will learn so many thing, and I'm sure it will be a great…