Citrix

Create vmware service account for MCS Citrix

Stephane Thirion
· 2 min read
Create vmware service account for MCS Citrix

Creating this service account to allow certain action to be performed by the DaaS or Citrix Virtual Apps and Desktops infrastructure can take a long time if you can’t do it yourself or if you need to do it every week on different project. Often, a check box have been forgotten and everything needs to be checked again and again.

Citrix do have a good documentation of what needs to be done here : https://docs.citrix.com/en-us/citrix-daas/install-configure/connections/connection-vmware-virtualization-environments.html

Using powershell with powercli will allow you to speed up this process and avoir any mistake. Be warae that this configuration is for MCS, some more options need to be set for PVS.

First thing we need powercli : https://www.powershellgallery.com/packages/VMware.PowerCLI/13.0.0.20829139

Install-Module -Name VMware.PowerCLI

one this is done, here is the script you need to execute :

# Change the value to match your environement
# $vcenter is the fqdn of your vcenter
# $mcsrole is the name you want to give to the create role in vSphere roles
 
$vcenter = vcenter.fqdn.local
$mcsrole = "Citrix MCS"
 
# Connection to vSphere you'll be prompted to enter your credentials
Connect-VIServer $vcenter
 
 
$ctxmcs = Get-VIPrivilege –ID System.Anonymous,System.Read,System.View,VirtualMachine.Interact.PowerOff,VirtualMachine.Interact.PowerOn,VirtualMachine.Interact.Reset,VirtualMachine.Interact.Suspend,Datastore.AllocateSpace,Datastore.Browse,Datastore.FileManagement,Network.Assign,Resource.AssignVMToPool,VirtualMachine.Config.AddExistingDisk,VirtualMachine.Config.AddNewDisk,VirtualMachine.Config.AdvancedConfig,VirtualMachine.Config.RemoveDisk,VirtualMachine.Config.CPUCount,VirtualMachine.Config.Memory,VirtualMachine.Config.Settings,VirtualMachine.Inventory.CreateFromExisting,VirtualMachine.Inventory.Create,VirtualMachine.Inventory.Delete,VirtualMachine.Provisioning.Clone,VirtualMachine.State.CreateSnapshot,Global.SystemTag,Global.ManageCustomFields,Global.SetCustomField
 
# Disconnect from vSphere
Disconnect-VIServer -Confirm

At the end you just need to map your service account to this new created role and make the appropriate change in your Studio console to use this new service account.

Related Articles

Ansible Playbook for Creating Multiple VMs with Sequential Naming in vCenter

Ansible Playbook for Creating Multiple VMs with Sequential Naming in vCenter

· 5 min read
Docker Swarm on Ubuntu

Docker Swarm on Ubuntu

· 4 min read
Busy Light with ESP8266 mini D1 and Home Assistant

Busy Light with ESP8266 mini D1 and Home Assistant

· 3 min read
Citrix Adaptive Authentication (Netscaler) SAML Assertion verification failed

Citrix Adaptive Authentication (Netscaler) SAML Assertion verification failed

· 1 min read
Synchronizing Disabled User Accounts Between Active Directory Domains (forest) Using PowerShell

Synchronizing Disabled User Accounts Between Active Directory Domains (forest) Using PowerShell

· 3 min read
Automated Random User Creation Script for Active Directory

Automated Random User Creation Script for Active Directory

· 2 min read