N

ot
fo
rr
es
al
e
or
di

Managing App and Desktop

s
tri

Solutions with Citrix XenApp

bu

and XenDesktop 7.6

t
io
n

Citrix Course CXD-203-I

 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

2 © Copyright 2016 Citrix Systems, Inc.

Managing App and Desktop
N

Solutions with Citrix XenApp

ot
fo

and XenDesktop 7.6

rr
es

Citrix Course CXD-203-I

al

August 2016
e
or

Version 6.2
di
s
tri
bu
tio
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

4 © Copyright 2016 Citrix Systems, Inc.

Table of Contents
Module 1: Understanding the Architecture of a XenApp and XenDesktop
Solution ........................................................................................................ 15
Understanding the Architecture of a XenApp and XenDesktop Solution ................................ 17
Overview ........................................................................................................................... 17
XenApp or XenDesktop .................................................................................................... 17
XenApp and XenDesktop Architecture Overview ............................................................... 19
User Layer ........................................................................................................................ 19
Citrix Receiver ................................................................................................................... 20
Access Layer .................................................................................................................... 20
Citrix NetScaler ................................................................................................................. 21
Citrix StoreFront ................................................................................................................ 21
N

Discussion Question ......................................................................................................... 22

ot

Resource Layer ................................................................................................................ 22

Applications ...................................................................................................................... 22
fo

Operating System Image .................................................................................................. 22

rr

Citrix Profile Management ................................................................................................. 23

Policies ............................................................................................................................. 23
es

Personal vDisk .................................................................................................................. 23

Control Layer .................................................................................................................... 24
al

Delivery Controller ............................................................................................................. 24

e

Machine Creation Services ............................................................................................... 25

or

Citrix Provisioning Services ............................................................................................... 25

Virtual Delivery Agent ........................................................................................................ 25
di

Management Layer ........................................................................................................... 26

Citrix Studio ...................................................................................................................... 26
s

Citrix Director .................................................................................................................... 27

tri

Discussion Question ......................................................................................................... 28

bu

Hardware Layer ................................................................................................................ 28

Hypervisor ......................................................................................................................... 28
t io

Discussion Question ......................................................................................................... 29

XenApp and XenDesktop Sites ......................................................................................... 29
n

Ports ................................................................................................................................. 29
New Features ................................................................................................................... 30
Deprecated Features ........................................................................................................ 32
Discussion Question ......................................................................................................... 34
Reinforcement Exercise: XenApp and XenDesktop Components ...................................... 34
Definition Matching ........................................................................................................... 34

Module 2: Managing Licenses and Delegating Administration ...................... 37

Managing Licenses and Delegating Administration ............................................................... 39
Overview ........................................................................................................................... 39

© Copyright 2016 Citrix Systems, Inc. 5

 Managing Licenses in Studio ............................................................................................ 40
Discussion Question ......................................................................................................... 41
License Editions ................................................................................................................ 41
Types of Licenses ............................................................................................................. 41
Downloading, Allocating, and Importing a License File ...................................................... 42
To Allocate, Download, and Import a License File ............................................................. 42
Discussion Question ......................................................................................................... 44
To Add a License Administrator ........................................................................................ 45
Managing Delegated Administration .................................................................................. 45
Administrators ................................................................................................................... 46
Roles ................................................................................................................................ 47
Scopes ............................................................................................................................. 48
To Add an Administrator ................................................................................................... 48
To Create a Custom Scope Using Studio ......................................................................... 49
To Edit a Custom Scope .................................................................................................. 49
To Create a Custom Role ................................................................................................. 50
N

To Edit a Custom Role ...................................................................................................... 51

ot

To Edit an Administrator's Permissions ............................................................................. 51

Running a Delegated Administration Report ...................................................................... 52
fo

To Run a Delegated Administration Report ....................................................................... 52

rr

Discussion Question ......................................................................................................... 53

Using PowerShell .............................................................................................................. 53
es

Discussion Question ......................................................................................................... 53

Monitoring Configuration Logs .......................................................................................... 54
al

To Display Configuration Log Content .............................................................................. 54

e

To Generate Configuration Log Reports ........................................................................... 55

or

To Change the Configuration Log Settings ....................................................................... 55

Discussion Question ......................................................................................................... 56
di

Moving from XenApp 7.6 to XenDesktop 7.6 .................................................................... 56

Troubleshooting: Managing Licenses and Delegated Administration ................................. 57
s

Reinforcement Exercise: Configuring Roles and Scopes ................................................... 58

tri
bu

Module 3: Managing and Monitoring the Hypervisor ..................................... 61

t io

Managing and Monitoring the Hypervisor .............................................................................. 63

Overview ........................................................................................................................... 63
n

Architecture Overview ....................................................................................................... 65

Managing Virtual Machines within a Hypervisor ................................................................. 67
To Create a Virtual Machine Using an ISO ........................................................................ 67
To Create a New Virtual Machine Using a Template ......................................................... 68
To Complete the Windows Setup Process ....................................................................... 69
Installing XenServer Tools ................................................................................................. 69
To Install XenServer Tools on a Virtual Machine ................................................................ 70
Taking a Snapshot ............................................................................................................ 71
To Take a Snapshot in XenCenter .................................................................................... 71
Reverting to a Snapshot ................................................................................................... 71
To Revert to a Snapshot in XenCenter .............................................................................. 71

6 © Copyright 2016 Citrix Systems, Inc.

 Discussion Question ......................................................................................................... 72
Generalizing the Virtual Machine ....................................................................................... 72
To Generalize the Virtual Machine ..................................................................................... 72
Copying a Virtual Machine ................................................................................................ 72
To Copy a Virtual Machine Using XenCenter ..................................................................... 73
Discussion Question ......................................................................................................... 73
Creating a Template ......................................................................................................... 73
To Create a Template from a Virtual Machine ................................................................... 73
Adjusting Virtual Machine or Template Resources ............................................................ 74
Adding Storage to a Virtual Machine or Template ............................................................. 74
To Add Storage to a Virtual Machine or Template in XenCenter ........................................ 74
Adjusting the Storage Allocated to a Virtual Machine ........................................................ 75
To Adjust the Storage Allocated to a Virtual Machine in XenCenter ................................... 76
Adjusting the Memory Allocated to a Virtual Machine or Template .................................... 76
To Adjust Virtual Machine or Template Memory Allocations in XenCenter ......................... 77
Adjusting vCPUs Allocated to a Virtual Machine or Template ............................................ 77
N

To Adjust the vCPUs Allocated to a Virtual Machine or Template in XenCenter ................ 77

ot

Managing a Virtual NIC ..................................................................................................... 78

To Remove a Virtual NIC in XenCenter .............................................................................. 78
fo

To Add a Virtual NIC in XenCenter .................................................................................... 78

rr

To Adjust a Virtual NIC in XenCenter ................................................................................. 79

Discussion Question ......................................................................................................... 79
es

Configuring and Customizing Alerts .................................................................................. 79

To Configure and Customize Alerts in XenCenter ............................................................. 79
al

Discussion Question ......................................................................................................... 80

e

Troubleshooting: Managing and Monitoring Hypervisors ................................................... 80

or

Module 4: Managing Desktops and Applications .......................................... 81

di

Managing Desktops and Applications ................................................................................... 83

s

Overview ........................................................................................................................... 83
tri

Architecture Overview ....................................................................................................... 84

bu

Connecting to Resources ................................................................................................. 86

Managing Machine Catalogs ............................................................................................. 87
t io

To Create New Resource Settings .................................................................................... 88

Using Machine Creation Services ...................................................................................... 90
n

Discussion Question ......................................................................................................... 90

Creating a Machine Catalog for Server Desktops and Hosted Applications ...................... 91
Installing the Virtual Delivery Agent .................................................................................... 91
To Install and Configure the VDA on a Server OS ............................................................. 91
To Install and Configure the VDA on a Desktop OS .......................................................... 93
Creating a Machine Catalog for Windows Server .............................................................. 95
Using a Virtual IP Address ................................................................................................ 96
To Create a Server OS Machine Catalog .......................................................................... 96
Creating a Machine Catalog for Windows Desktop ........................................................... 98
To Create a Desktop OS Machine Catalog ....................................................................... 98
Discussion Question ....................................................................................................... 100

© Copyright 2016 Citrix Systems, Inc. 7

 Managing Delivery Groups .............................................................................................. 100
To Create a Delivery Group for Application Delivery ........................................................ 102
Discussion Question ....................................................................................................... 104
To Create a Delivery Group for Anonymous User Access ............................................... 104
To Create a Delivery Group for User Desktops ............................................................... 106
Organizing Applications in Folders .................................................................................. 107
To Organize Applications in Folders ................................................................................ 107
Securing Connections ..................................................................................................... 108
Managing Resources ...................................................................................................... 109
To Add Machines to a Machine Catalog ......................................................................... 109
To Perform an Update to the Master Image Virtual Machine ........................................... 110
To Update the Desktops in a Machine Catalog ............................................................... 110
Managing Active Directory Accounts .............................................................................. 111
To Manage Active Directory Accounts ............................................................................ 111
Managing Power for Machines in a Desktop OS Delivery Group ..................................... 112
To Manage Power for Machines in a Desktop OS Delivery Group .................................. 112
N

To Reallocate Machines in a Delivery Group ................................................................... 113

ot

Discussion Question ....................................................................................................... 113

To Shut Down and Restart Desktops ............................................................................. 114
fo

Enabling and Disabling Maintenance Mode ..................................................................... 114

rr

To Enable and Disable Maintenance Mode ..................................................................... 115

Removing Desktops from Delivery Groups ...................................................................... 115
es

To Remove Desktops from Delivery Groups ................................................................... 115

Deleting a Delivery Group ............................................................................................... 116
al

To Delete a Delivery Group ............................................................................................. 116

e

Deleting Machines from a Machine Catalog .................................................................... 116

or

To Delete Machines from a Machine Catalog .................................................................. 117

To Delete a Machine Catalog .......................................................................................... 118
di

Troubleshooting: Managing Desktops and Applications .................................................. 118

Reinforcement Exercise: Delivering Server Desktops ...................................................... 119
s tri
bu

Module 5: Managing StoreFront ................................................................. 121

Managing StoreFront .......................................................................................................... 123
t io

Overview ......................................................................................................................... 123

StoreFront Architectural Overview ................................................................................... 124
n

StoreFront Components ................................................................................................. 125

StoreFront Communication ............................................................................................. 126
Discussion Question ....................................................................................................... 127
StoreFront Management Console ................................................................................... 127
Creating a New Store ..................................................................................................... 127
To Create and Add a New Store ..................................................................................... 127
Creating Anonymous User Stores ................................................................................... 129
To Create a Store for Anonymous User Access .............................................................. 129
Hiding a Store ................................................................................................................. 130
To Hide a Store .............................................................................................................. 130
Discussion Question ....................................................................................................... 130

8 © Copyright 2016 Citrix Systems, Inc.

 Managing Authentication ................................................................................................ 131
Configuring Authentication .............................................................................................. 131
To Configure Authentication Methods ............................................................................. 131
Discussion Question ....................................................................................................... 131
Enabling End Users to Change Their Passwords ............................................................ 131
To Enable End Users to Change Their Passwords At Any Time ...................................... 132
Managing Delivery Controllers ......................................................................................... 132
Adding Delivery Controllers ............................................................................................. 132
To Add Delivery Controllers ............................................................................................ 132
To Remove Delivery Controllers ...................................................................................... 133
Discussion Question ....................................................................................................... 134
Removing a Store ........................................................................................................... 134
To Remove a Store ......................................................................................................... 134
Discussion Question ....................................................................................................... 135
Troubleshooting: Managing StoreFront ........................................................................... 135
Reinforcement Exercise: Creating and Configuring a New Store ..................................... 136
N
ot

Module 6: Managing Policies and Profiles .................................................. 139

fo

Managing Policies and Profiles ........................................................................................... 141

rr

Overview ......................................................................................................................... 141

Policy Precedence (Studio vs. Group Policy Objects) ...................................................... 142
es

Creating Policies Using Studio ........................................................................................ 143

Unfiltered Policy .............................................................................................................. 143
al

Using a Policy Template in Studio ................................................................................... 144

e

To Create a Policy from a Template ................................................................................ 144

or

To Create a Policy Using Studio ..................................................................................... 145

Applying a Policy Using Studio ....................................................................................... 145
di

To Apply a Policy ............................................................................................................ 146

Editing a Policy Using Studio .......................................................................................... 146
s

To Edit a Policy ............................................................................................................... 147

tri

Prioritizing Policies Using Studio ..................................................................................... 147

bu

To Prioritize a Policy ....................................................................................................... 148

Discussion Question ....................................................................................................... 148
t io

To Create a Computer Template in Studio ...................................................................... 148

Exporting a Policy Template Using Studio ....................................................................... 149
n

To Export a Policy Template ........................................................................................... 149

Importing a Policy Template Using Studio ....................................................................... 150
To Import a Policy Template ........................................................................................... 150
Running the Resultant Set of Policy ................................................................................ 150
To Create a Resultant Set of Policy Using the Group Policy Management Console ........ 151
Creating Policies Using Group Policy .............................................................................. 153
Discussion Question ....................................................................................................... 154
Creating and Applying a Group Policy Object ................................................................. 154
To Create a GPO ............................................................................................................ 154
Editing a Group Policy Object ......................................................................................... 154
To Edit a Policy ............................................................................................................... 155

© Copyright 2016 Citrix Systems, Inc. 9

 Using a User Template with Group Policy ....................................................................... 155
To Use a User Template ................................................................................................. 156
Importing a Policy Template with Group Policy ............................................................... 157
To Import a Policy Template ........................................................................................... 157
Exporting a Policy Template with Group Policy ............................................................... 158
To Export a Policy Template ........................................................................................... 158
Prioritizing a Policy Using Group Policy ........................................................................... 159
To Change the Priority of a Policy ................................................................................... 159
Discussion Question ....................................................................................................... 159
Troubleshooting: Managing Policies ................................................................................ 160
Managing End-User Profiles ............................................................................................ 161
Configuring Folder Redirection ........................................................................................ 162
To Configure Folder Redirection ..................................................................................... 162
Managing Profile Settings Using Citrix Policies ................................................................ 163
To Manage Profile Settings Using Citrix Policies ............................................................. 163
Resolving Conflicting Profiles .......................................................................................... 164
N

To Resolve Conflicting Profiles ........................................................................................ 164

ot

Streaming End-User Profiles ........................................................................................... 165

To Stream End-User Profiles .......................................................................................... 165
fo

Discussion Question ....................................................................................................... 166

rr

Troubleshooting: Profile Management ............................................................................. 166

Reinforcement Exercise 1: Working with Policies ............................................................ 167
es

Reinforcement Exercise 2: Working with Profiles ............................................................. 168

al
e

Module 7: Managing and Monitoring Sessions, Sites, and End Users with
or

Director ...................................................................................................... 169

Managing and Monitoring Sessions, Sites, and End Users with Director ............................. 171
di

Overview ......................................................................................................................... 171

s

Director Overview ........................................................................................................... 172

tri

To Monitor an End-User Session .................................................................................... 173

To Access Director ......................................................................................................... 174
bu

Monitoring within the Director Dashboard ....................................................................... 174

Monitoring Infrastructure ................................................................................................. 174
t io

To Monitor the Infrastructure ........................................................................................... 175

n

Monitoring Connected Sessions ..................................................................................... 175

To Monitor Connected Sessions ..................................................................................... 175
Monitoring Logon Duration Averages .............................................................................. 176
To Monitor Logon Duration Averages ............................................................................. 176
Monitoring Machine and End-User Connection Failures .................................................. 177
Monitoring and Managing End-User Sessions ................................................................ 177
Viewing End-User Sessions ............................................................................................ 178
To View End-User Sessions ............................................................................................ 178
Searching for an End User .............................................................................................. 178
To Search for an End User ............................................................................................. 178
Monitoring End-User Applications ................................................................................... 179
To Monitor End-User Applications .................................................................................. 179

10 © Copyright 2016 Citrix Systems, Inc.

 Monitoring End-User Machine Processes ....................................................................... 180
To Monitor End-User Machine Processes ....................................................................... 180
Managing an End User's Machine Power Status ............................................................ 181
To Manage an End User's Machine Power Status .......................................................... 181
Enabling or Disabling Maintenance Mode ....................................................................... 182
To Enable or Disable Maintenance Mode ........................................................................ 182
Resetting an End-User Profile ......................................................................................... 182
Discussion Question ....................................................................................................... 183
Monitoring HDX Channels ............................................................................................... 183
To Monitor HDX Channels .............................................................................................. 183
Sending a Message to an End User ................................................................................ 184
To Send a Message to an End User ............................................................................... 184
Shadowing an End-User Session .................................................................................... 185
To Shadow an End-User Session ................................................................................... 186
Disconnecting an End-User Session ............................................................................... 187
To Disconnect an End-User Session .............................................................................. 187
N

Logging an End User Off ................................................................................................ 188

ot

To Log an End User Off .................................................................................................. 188

Discussion Question ....................................................................................................... 189
fo

Monitoring Historical Trends ........................................................................................... 189

rr

To Monitor Historical Trends ........................................................................................... 190

Troubleshooting: Managing Sites, Sessions, and End Users with Director ...................... 191
es

Reinforcement Exercise: Using Director .......................................................................... 192

al
e

Module 8: Managing Printing ...................................................................... 193

or

Managing Printing ............................................................................................................... 195

Overview ......................................................................................................................... 195
di

Print Management Process ............................................................................................. 196

Default Printing Behavior ................................................................................................. 196
s

Configuring Client Printing ............................................................................................... 197

tri

Modifying Client Printer Auto-Creation ............................................................................ 197

bu

To Modify Client Printer Auto-Creation Behavior ............................................................. 198

Discussion Question ....................................................................................................... 199
t io

Adding Session Printers .................................................................................................. 199

To Add Session Printers ................................................................................................. 200
n

Managing Printer Drivers ................................................................................................. 201

Automatic Installation of In-Box Printer Drivers ................................................................ 202
To Configure the Automatic Installation of Printer Drivers ................................................ 202
Configuring Printer Driver Mapping and Compatibility ..................................................... 203
To Configure Printer Driver Mapping and Compatibility .................................................. 203
Universal Printer Driver .................................................................................................... 204
Controlling Universal Printing Behavior ............................................................................ 205
Optimizing Printing Performance ..................................................................................... 205
To Configure Printing Optimization .................................................................................. 206
Discussion Question ....................................................................................................... 207
Setting Up and Managing the Universal Print Server ....................................................... 207

© Copyright 2016 Citrix Systems, Inc. 11

 To Set Up and Manage the Universal Print Server .......................................................... 208
Troubleshooting: Managing Printing ................................................................................ 210
Reinforcement Exercise: Managing Printing .................................................................... 210

Module 9: Managing Provisioning Services ................................................. 213

Managing Provisioning Services .......................................................................................... 215
Overview ......................................................................................................................... 215
Citrix Provisioning Services ............................................................................................. 216
Machine Creation Services or Provisioning Services ....................................................... 216
Provisioning Services Overview and Architecture ............................................................ 217
Discussion Question ....................................................................................................... 217
Navigating the Provisioning Services Console ................................................................. 218
To Navigate the Provisioning Services Console ............................................................... 218
To Create a Provisioning Services Master Virtual Machine .............................................. 219
To Install the Virtual Delivery Agent (VDA) ........................................................................ 221
N

Creating the vDisk .......................................................................................................... 222

ot

To Convert the Hard Drive of the Master Target Device to a vDisk ................................. 223
Setting the vDisk Mode ................................................................................................... 226
fo

To Set the vDisk Mode ................................................................................................... 228

rr

Creating the Machine Catalog ......................................................................................... 228

To Create a Target Device Template ............................................................................... 229
es

To Create the Machine Catalog ...................................................................................... 230

Discussion Question ....................................................................................................... 232
al

To Assign a Machine Catalog to a Delivery Group .......................................................... 232

e

Discussion Question ....................................................................................................... 233

or

To Update a vDisk .......................................................................................................... 233

Promoting Updated Versions .......................................................................................... 235
di

To Promote Updated vDisk Versions .............................................................................. 235

Discussion Question ....................................................................................................... 236
s

VHD Chain of Differencing Disks ..................................................................................... 236

tri

Merging VHD Differencing Disks ..................................................................................... 237

bu

To Merge VHD Differencing Disks ................................................................................... 238

Troubleshooting: Provisioning Services ........................................................................... 238
t io

Reinforcement Exercise: Using Provisioning Services ...................................................... 239

n

12 © Copyright 2016 Citrix Systems, Inc.

Course Notices
Citrix Systems, Inc. (Citrix) makes no representations or warranties with respect to the content or
use of this publication. Citrix specifically disclaims any expressed or implied warranties,
merchantability or fitness for any particular purpose. Citrix reserves the right to make any changes
in specifications and other information contained in this publication without prior notice and
without obligation to notify any person or entity of such revisions or changes.
© Copyright 2016 Citrix Systems, Inc., All Rights Reserved.
No part of this publication may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording or information storage and retrieval
systems, for any purpose other than the purchaser's personal use, without express written
permission of:
Citrix Systems, Inc.
N

851 West Cypress Creek Road

ot

Fort Lauderdale, FL 33309 USA

fo

http://www.citrix.com
rr

Other product and company names mentioned herein might be the service marks, trademarks or
registered trademarks of their respective owners in the United States and other countries.
es
al
e
or
di
s tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

14 © Copyright 2016 Citrix Systems, Inc.

 1
Module 1

Understanding the
Architecture of a
XenApp and
N

XenDesktop
ot

Solution
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

16 © Copyright 2016 Citrix Systems, Inc.

Understanding the Architecture of a XenApp
and XenDesktop Solution
Overview
Citrix XenApp and XenDesktop deliver Windows applications and desktops as secure mobile
services. With XenApp and XenDesktop, IT can mobilize the business, while reducing costs by
centralizing control and security for intellectual property. Users can self-select applications from an
easy-to-use application store that is accessible from tablets, smartphones, PCs, Macs, and thin
clients.
HDX technologies enable XenApp and XenDesktop to deliver a user experience that is optimized
for different user devices, as well as network conditions. XenApp and XenDesktop are built on an
N

architecture that offers simple yet powerful configuration options, along with operations
ot

management and cloud-style automation and scalability.

At the end of this module you will be able to:
fo

• Identify the architecture and components of a XenApp and XenDesktop solution.

rr

• Explain the role of:

es

• Citrix Receiver
al

• Citrix NetScaler
e

• Citrix StoreFront
or

• Delivery Controller
• Machine Creation Services (MCS)
di

• Citrix Provisioning Services (PVS)

s tri

• Hypervisor
bu

• Virtual Delivery Agent (VDA)

• Citrix Profile management
t io

• Discuss the responsibilities of the different XenApp and XenDesktop components.

n

• Identify new and deprecated features.

Module timing: Approximately 2 hours

XenApp or XenDesktop
XenApp and XenDesktop share a common architecture; where one or more Delivery Controllers
are used to broker user connections to sessions. Users connect to XenApp and XenDesktop sessions
using the Citrix HDX protocol (formerly known as ICA).

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 17
Sessions are hosted on physical or virtual machines running the Citrix Virtual Delivery Agent
(VDA). The VDA can be installed on both Server OS and Desktop OS machines. The operating
system on which you can run the VDA and the type of sessions supported is dependent upon
whether you bought XenApp or XenDesktop. The following table identifies the type of machines
and sessions available per product edition.

VDA XenApp XenApp XenApp XenDeskt XenDeskt XenDeskt

Chart Advanced Enterprise Platinum op VDI op op
Enterprise Platinum
Server OS X X X X X
Machines

Desktop OS X X X
N

Machines
ot
fo

Sessions XenApp XenApp XenApp XenDeskt XenDeskt XenDeskt

Chart Advanced Enterprise Platinum op VDI op op
rr

Enterprise Platinum
es

Server OS X X X X X
al

Hosted
e

Desktop
or

Server OS X X X X X
di

Hosted
Applications
s tri

Desktop OS X X X
bu

Desktop
t

Desktop OS X X X X
io

Applications
n

*XenDesktop VDI does not support the use of physical machines.

Additional features and FlexCast models become available in the editions as you move from left to
right in the table. For a complete list of features, see the XenDesktop 7.6 and XenApp 7.6 Features
and Entitlement document at http://www.citrix.com/go/products/xendesktop/feature-matrix.html.

18 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
XenApp and XenDesktop Architecture Overview
During this module we will explore the components that comprise a XenApp and XenDesktop
solution. The following diagram depicts a XenApp and XenDesktop solution and the associated
components. This means that customers who purchase only XenApp will not have all of the
features presented in this course, such as for example in this graphic, the VDI Hosts.

N
ot
fo
rr
es
al
e
or
di

User Layer
s tri

The User Layer focuses on the unique qualities of each user group such as their network
bu

connectivity to the datacenter, endpoint devices, or other unique requirements. One of the primary
components of the User Layer is Citrix Receiver, regardless of whether the end user is connecting
t

from an internal or external device.

io
n

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 19
 N
ot
fo
rr
es

Citrix Receiver
al

Citrix Receiver is installed on end-user devices to provide end users with quick, secure, self-service
e

access to documents, applications, and desktops from any end-user device, including smartphones,
or

tablets, and PCs. Receiver provides on-demand access to Windows, Web, and Software as a Service
(SaaS) applications.
di
s

Access Layer
tri
bu

The Access Layer focuses on the method and process users follow in order to establish and
maintain a connection to their resources. There are two primary components that provide end-user
t io

access to the environment: Citrix NetScaler and StoreFront. NetScaler provides secure access and
intelligent load balancing for StoreFront, Delivery Controller, and other infrastructure components.
n

Internal end-user devices connect from the User Layer to the Access Layer using Citrix StoreFront.
In a Citrix-recommended implementation, external end-user devices connect first through Citrix
NetScaler - and often a firewall and perimeter network - and then through StoreFront to access
resources.

20 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
 N
ot
fo
rr
es

Citrix NetScaler
al

NetScaler is an integrated Web application delivery controller that slashes server and bandwidth
e

requirements, while cutting the cost of delivering enterprise applications. NetScaler functions as an
or

application accelerator through caching and HTTP compression. It also provides advanced
management using layer-4 through layer-7 load balancing and content switching functions.
di

NetScaler also includes application security using a Web application firewall. NetScaler offloads
applications and Web servers to ensure application availability, increased security through SSL, and
s

server consolidation. It reduces the cost of ownership of Web application delivery and optimizes the
tri

end-user experience.
bu
t io

Citrix StoreFront
n

Citrix StoreFront delivers a powerful, self-service Windows applications store to provide a single,
simple, and consistent aggregation point for all IT user services. Users may subscribe to
applications, desktops, or data services from multiple devices and have access to those services from
all devices for a seamless and simple experience.

StoreFront requires 2 GB of memory. StoreFront 2.0 is the minimum version supported by

XenApp and XenDesktop. For more information about StoreFront requirements, see Citrix
Support at http://www.citrix.com/support.

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 21
Discussion Question
What type of solution are you using for external access?

Resource Layer
The Resource Layer of a solution focuses on applications, image design, and personalization. The
Resource Layer is where users will interact with desktops and applications and is most visible to the
end users. The personalization component contains the user profile, policies, and for specific use
cases, personal vDisk.
N
ot
fo
rr
es
al
e
or
di
s tri
bu
t

Applications
io
n

You can install applications on Server OS or Desktop OS machines in your XenApp and
XenDesktop environment. Once installed, these applications can be made available and delivered to
end users.

Operating System Image

Each group of Citrix desktop or application servers are based on an underlying master image. The
master image is defined by an operating system, image size and a set of applications that are
installed into the base image. As the number of images increase, the time spent maintaining the

22 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
images also increase. Most organizations try to consolidate images into as few as possible while still
providing a desktop environment that is not bloated with applications most users do not use.
Virtual desktop delivery with XenApp and XenDesktop involves the delivery of an operating system
image such as Server 2012 R2 and Windows 8.1 (XenDesktop only) to the end user.

Citrix Profile Management

Citrix Profile management provides an easy, reliable, and high-performance way to manage end-
user personalization settings in virtualized or physical Windows environments. Citrix Profile
management allows end users to customize and retain their virtual and physical desktops,
applications, and server settings. Managed through Citrix policies or GPOs, Profile management
can provide a central point of configuration and control to give a consistent experience regardless
of which machine hosts the end-user session.
N
ot

Policies
fo

Citrix policies are the most efficient method of controlling connection, security, and bandwidth
rr

settings. You can create policies for specific groups of end users, devices, or connection types. Each
policy can contain multiple settings and different settings from policies can be merged. Any
es

conflicts between settings are resolved using a system of priorities.

al
e

Personal vDisk
or

With the personal vDisk feature, you can manage pooled and streamed desktops from a single
di

image while offering end users the flexibility to install applications and change personal settings.
This feature is available on XenDesktop only.
s tri

Unlike traditional Virtual Desktop Infrastructure (VDI) deployments involving pooled desktops,
where end users lose their customizations and personal applications when the administrator alters
bu

the base virtual machine, deployments using personal vDisks retain those changes. This means
t

administrators can easily and centrally manage their base virtual machines while providing end
io

users with a customized and personalized desktop experience.

n

Personal vDisks provide this separation by redirecting all changes made on the end user's virtual
machine to a separate disk - the personal vDisk - attached to the end user's virtual machine. The
content of the personal vDisk is blended at runtime with the content from the base virtual machine
to provide a unified experience. In this way, end users can still access applications provisioned by
their administrator in the base virtual machine.
Personal vDisks have two parts, which use different drive letters and are by default equally sized.
The first part comprises C:\Users, which contains the end user's data, documents, and profile. By
default this uses drive P: but you can choose a different drive letter when you use Studio to create a
catalog with personal vDisks. The second part is comprised of a Virtual Hard Disk (.vhd) file,
which contains all other user items, for example applications that are installed in C:\Program Files.

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 23
 If you would like to discuss best practices for setting up personal vDisks for use with other
Citrix products, make sure to read about the best practices at http://docs.citrix.com/en-
us/xenapp-and-xendesktop/7/cds-manage-wrapper-rho/cds-about-personal-vdisks.html.

Control Layer
The Control Layer includes all infrastructure related components supporting the overall solution.
This includes the Delivery Controller, image management through MCS or PVS, and the creation
and publication of hosted resources. The management and maintenance of the overall solution
occurs within the Control Layer. Once an end-user connection moves past the Access Layer, Citrix
StoreFront communicates with the Delivery Controller in the Control Layer.
N
ot
fo
rr
es
al
e
or
di
s tri
bu
t io

Delivery Controller
n

Delivery Controllers are responsible for enumerating, allocating, assigning and maintaining desktop
and application resources. Delivery Controllers within a single datacenter are grouped together to
form a Citrix site, which allows for a single console for administration. The Controller manages the
state of the desktops, starting and stopping them based on demand and administrative
configuration. Each site has one or more delivery controllers.
Supported operating systems for the Delivery Controller include:
• Windows Server 2012 R2, Standard, and Datacenter Editions.
• Windows Server 2012, Standard, and Datacenter Editions.

24 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
• Windows Server 2008 R2 SP1, Standard, Enterprise, and Datacenter Editions.
Requirements for the Delivery Controller include:
• 100 MB of disk space.
• Microsoft .NET Framework 3.5 SP1 (required on Windows Server 2008 R2 only).
• Microsoft .NET 4.0.
• Windows PowerShell 2.0 or 3.0.
• Visual C++ 2005, 2008 SP1, and 2010 Redistributable packages. The installer deploys these
automatically.

Machine Creation Services

Machine Creation Services (MCS) is a collection of services that run on the Delivery Controller to
N

generate multiple clone-like machines from a single virtual machine serving as the primary image.
ot

The Machine Creation Service communicates with the hypervisor and creates the desired number
of machines using storage-based snapshot technologies, while the Citrix AD Identity Service
fo

generates the computer accounts within Active Directory.

rr

MCS can create machines based on a Server OS and Desktop OS.

es

Citrix Provisioning Services

al
e

Citrix Provisioning Services (PVS) uses network-based streaming technology to deliver the
or

operating system for both single-user virtual-desktops and multi-user, server-based resources. Citrix
Provisioning Services allows a single vDisk to be used to deliver a consistent virtual desktop across
di

the environment and to simplify image management and maintenance.

s

The Provisioning Services component allows a single image to be utilized for multiple servers. All
tri

changes are captured and placed in a write cache file. When a server reboots, the write cache is
bu

deleted and the server starts with a clean image.

t

XenApp and XenDesktop require PVS version 7.0 or later. Provisioning Services for Server
io

OS is included with XenApp and XenDesktop Enterprise and Platinum editions.

n

Provisioning Services for Desktop OS is included with XenDesktop VDI (not including
physical desktops), Enterprise and Platinum editions.

Virtual Delivery Agent

The Virtual Delivery Agent (VDA) must be installed on any server or desktop-based operating
system that will be used to deliver applications or desktops to the user. The VDA enables end user
connections to the desktops and applications, installs software for profile management and printing
services, and extends the applicable group policy settings.

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 25
The VDA for Windows Desktop OS supports Windows 8, Windows 8.1, and Windows 7 SP1
machines.
The VDA for Windows Server OS supports Windows 2012, Windows 2012 R2 and Windows 2008
R2 SP1 machines.

Management Layer
The management layer contains all of the consoles and utilities used to configure and manage the
XenApp and XenDesktop components.
• Studio
• Director
• StoreFront Console
• Provisioning Services Console
N
ot

• Hypervisor console
• License Administration Console
fo

• Optional third-party consoles

rr
es
al
e
or
di
s tri
bu
t io
n

Citrix Studio
Citrix Studio is the management console that enables you to configure and manage your
deployment, eliminating the need for separate management consoles for managing delivery of
applications and desktops. Studio provides various wizards to guide you through the process of

26 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
setting up your environment, creating your workloads to host applications and desktops, and
assigning applications and desktops to end users.
Supported operating systems for Studio include:
• Windows 8.1 Professional and Enterprise Editions.
• Windows 8 Professional and Enterprise Editions.
• Windows 7 Professional, Enterprise, and Ultimate Editions.
• Windows Server 2012 R2, Standard and Datacenter Editions.
• Windows Server 2012, Standard and Datacenter Editions.
• Windows Server 2008 R2 SP1, Standard, Enterprise, and Datacenter Editions.
Requirements for Studio include:
• 75 MB of disk space.
• Microsoft .NET Framework 3.5 SP1 (required on Windows Server 2008 R2 only).
N

• Microsoft Management Console 3.0.

ot

• Windows PowerShell 2.0 or 3.0.

fo
rr

Citrix Director
es

Citrix Director is a web-based tool that enables IT support and Help Desk teams to monitor a
al

XenApp and XenDesktop environment, troubleshoot issues before they become system critical, and
e

perform support tasks for end users.

or

Supported operating systems for Director include:

• Windows Server 2012 R2, Standard and Datacenter Editions.
di

• Windows Server 2012, Standard and Datacenter Editions.

s tri

• Windows Server 2008 R2 SP1, Standard, Enterprise, and Datacenter Editions.

bu

Requirements for Director include:

t

• 50 MB of disk space.
io

• Microsoft .NET Framework 4.0.

n

• Microsoft Internet Information Services (IIS) 7.0 and ASP.NET 2.0. If these are not already
installed, you are prompted for the Windows Server installation media, then they are installed
for you.
Supported browsers for viewing Director include:
• Internet Explorer 9 and 10

Compatibility mode in Internet Explorer 10 is not supported.

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 27
• Firefox
• Chrome

Discussion Question
Which tools does your organization use (or plan to use) for monitoring your XenApp and
XenDesktop environment?

Hardware Layer
The Hardware Layer is responsible for the physical devices required to support the entire solution
including servers, and storage devices. A key component of the Hardware Layer is the hypervisor.
N
ot
fo
rr
es
al
e
or
di
s tri
bu
t io
n

Hypervisor
A hypervisor is a thin layer of software that allows you to share physical resources of a device
amongst multiple virtual machines. XenApp and XenDesktop supports several hypervisors,
including:
• Citrix XenServer using Citrix XenCenter
• Microsoft Hyper-V using Microsoft System Center Virtual Machine Manager (SCVMM)

28 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
• VMware ESX using VMware vCenter
After the authentication process is completed, the Delivery Controller contacts the Microsoft SQL
database to discover the machines and applications available to the user.
The available machines and applications can be hosted on either physical or virtual machines. If the
machines are virtual, then they reside within the hypervisor. Every machine -- physical or virtual --
must have the Virtual Delivery Agent installed.

Discussion Question
What are the benefits of hosting virtual machines within a hypervisor as opposed to physical
machines? What hypervisor does your organization use?

XenApp and XenDesktop Sites

N
ot

In XenApp and XenDesktop, the Delivery Site is the highest level item in the configuration. The
fo

Delivery Site is comprised of the Controller and other core management components, the virtual
delivery agents, host connections, (if used), plus the machine catalogs and any Delivery Catalogs
rr

you create and manage. Sites make applications and desktops available to groups of users. A Site
does not necessarily correspond to geographical location, although it can. The Site is defined in a
es

SQL database that needs to be available at all times to each Delivery Controller within the
al

deployment.
e
or

Ports
di

The following is a summary of the ports used by the components we have discussed throughout
s

this module.
tri

For more information about the ports used in a XenApp and XenDesktop environment,
bu

see Citrix article CTX101810 at http://support.citrix.com.

t io
n

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 29
 N
ot

New Features
fo

This release of XenApp and XenDesktop includes the following new features:
rr

• Session prelaunch and session linger - These features enhance the user experience by starting
sessions before they are requested (session prelaunch) and keeping sessions active for a period
es

of time after users close the applications (session linger). These features are supported on
al

Server OS machines only.

e

• Support for unauthenticated users - This feature (formerly known as anonymous users in
XenApp) supports administrators granting access to sessions on Server OS machines to users
or

with no credentials.
• Connection leasing - This feature extends the Delivery Site database connection requirements
di

beyond platform redundancy by enabling Delivery Controllers to continue to broker users to

s

the resources the users most often request even when the site database is unavailable.
tri

• Application folders - This feature allows administrators to organize the applications created by
bu

Delivery Groups within Citrix Studio. Using the Applications tab administrators can nest
organization applications into multiple tiers.
t io

• XenApp 6.5 migration - This feature enables administrators currently supporting a XenApp
n

6.5 farm to move to a XenApp 7.6 site with a quick and efficient transition. Migration allows
administrators to perform in place upgrades of existing XenApp 6.5 workers to XenApp 7.6
Server OS machines running the VDA. For more information, see http://docs.citrix.com/en-
us/xenapp-and-xendesktop/7-6/xad-upgrade-existing-environment/xad-xamigrate.html.
• Citrix Customer Experience Improvement Program - This program allows administrators to
work directly with Citrix in design and development contributions. Enrollment allows Citrix to
collect anonymous information about the deployment. For more information, see
http://www.citrix.com/cms/ws/ceip/.
• Enhanced connection throttling settings - This feature optimizes the virtual machine
performance for a site by limiting actions, inventory updates, and other occurrences over the
host connection to the hypervisor.

30 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
• Enhanced reporting in Studio - This feature adds additional details about the action status,
error reporting, licensing and more to Studio.
• SSL/TLS - This feature enables administrators to configure these secure protocols on the
machines running the VDA.
• Virtual IP and virtual loopback - This feature enables administrators to centralize applications
that require unique IP addresses on XenApp and XenDesktop servers running a server OS and
VDA.
• Remote PC Access - This feature has been optimized to enable administrators to prevent local
users from disconnecting a remote session without the permission of the remote user.
• Citrix Director - This tool has been expanded to include clickable navigation between User
Details, Machine Details, Endpoint Details and Anonymous Sessions. In addition, it has been
optimized to further assist support staff in gathering detailed information about a user session
when opening support tickets. Optimizations includes:
• Licensing alerts to assist support staff in further awareness of issues that impact user
N

connections.
ot

• View hosted application usage to allow support staff to view per Delivery Group lists of
users who have access to applications and view who is currently using an application.
fo

• Monitor hotfixes to allow support staff to view specific hotfixes per machine with the
rr

VDA installed.
es

This release of Citrix Director cannot be used to support sessions on versions of

al

XenApp older than XenApp 6.5.

e
or

• AppDNA 7.6 - This tool assists administrators in the migration of applications to new
implementations through rapid analysis, automated application remediation and packaging,
di

and daily application management.

s

• Citrix StoreFront 2.6 - This component has been updated to include the following
tri

optimizations:
bu

• My Apps Folder View in Receiver for Web - This feature assists users during the
transition from Web Interface to StoreFront by allowing applications to be organized into
t

folders.
io

• Kerberos constrained delegation for XenApp 6.5 - This feature enables pass-through
n

authentication and eliminates the need for endpoints to run Windows with Receiver.
• Single Fully Qualified Domain Name (FQDN) access - This feature gives administrators
the ability to give resource access internally and externally with a single FQDN.
• XenApp Services Support smart card authentication - This feature enables
administrators to provide support for smart card access without requiring specific versions
of Receiver and operating systems.
• Receiver for Android, iOS, and Linux smart card authentication - This feature enables
local and remote use of smart cards for access to applications and desktops.

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 31
 • Extensible authentication - This feature provides a single customization point to be used
with Worx Home and Receiver for Web to authenticate with XenMobile, XenApp and
XenDesktop for internal and external access scenarios.
• Citrix Connector 7.5 - This feature provides a bridge between Microsoft System Center
Configuration Manager and XenApp or XenDesktop to extend the use of Configuration
Manager to Citrix environments.
• Receiver for Chrome and Receiver for HTML5 - These components were updated to
include the ability to:
• Convert documents to PDF, view them on a local device, and print them to locally
attached printers.
• Provide end-user metrics.
• Track license usage for hosted applications.
• Utilize additional clipboard operations.
N

• HDX Real-Time Optimization Pack 1.5 for Microsoft Lync - This feature enables
administrators to support Lync certified USB phones, mixed Lync 2010 clients and Lync
ot

Server 2013 configuration, and asynchronous upgrades.

fo
rr

Deprecated Features
es

Some functionality that was available in previous releases of XenApp and XenDesktop is not
al

available in this release. The deprecated features include:

e

• Secure ICA encryption below 128-bit - HDX (formerly known as ICA) has always supported
or

encryption, but this minimum level of encryption is no longer sufficient.

• Legacy printing - Operating system incompatibilities make the following printing features
di

unavailable:
s

• DOS clients, 16-bit printers, and legacy client printer names.

tri

• Printers connected to Windows 95 and NT operating systems, enhanced and extended

bu

printer properties, and Win32FavorRetainedSetting.

• Ability to enable or disable auto-retained and auto-restored printers.
t io

• The DefaultPrnFlag registry setting for Server OS.

n

• Secure Gateway - This component served releases of XenApp and XenDesktop prior to 7.x as a
means of a secure software HDX (ICA) secure proxy. This functionality is now available in
NetScaler Gateway, which can be implemented as a VPX.
• Shadowing users - This functionality is now provided using Windows Remote Assistance and
can be initiated from Citrix Director.
• Power and Capacity Management - This feature used to power manage virtual machines to
lower the power costs during off-peak usage times. This functionality is now available through
Microsoft Configuration Manager.

32 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
• Flash v1 Redirection - This feature allowed devices to render client-side flash, locally when
possible. Version 1 has been replaced by version 2 which provides the same functionality and
supports second generation Flash.
• Local Text Echo - This feature was used with earlier Windows application technologies as a
session optimization feature when user sessions were impacted by latency. Because of the
graphic subsystem and HDX Super Codec included with the VDA, this feature is no longer
needed.
• Smart Auditor - This feature enabled the recording of user sessions to video files for viewing
later. This feature was removed due to lack of demand.
• Single Sign-On (Password Manager) - This feature supports single sign on to Windows, Web,
and Terminal-emulated applications. This feature still works with Windows Server 2008 R2 and
Windows 7 implementations, but is not available for Windows Server 2012 and Windows 8
implementations due to dependencies on the operating systems.
• Oracle database support for XenApp and XenDesktop databases has been removed. Citrix
N

chose to simplify the platform by consolidating all Citrix database requirements for XenApp,
XenDesktop and their supporting features to one platform, Microsoft SQL.
ot

• Health Monitoring and Recovery (HMR) was a built-in feature designed to assist
fo

administrators in monitoring mission critical Citrix services running on machines hosting user
sessions. This was in lieu of having a central means of managing farms and sites. Citrix
rr

Director now provides insight into the entire infrastructure from a central console.
es

• Custom ICA files enabled administrators to give users direct access to applications and
desktops by bypassing both Web Interface and the Zone Data Collector. This feature is still
al

available in XenApp 7.x, but is disabled by default. A custom ICA file can still be used for
e

troubleshooting and for direct user connections when the Delivery Controller is unavailable.
or

Citrix recommends that you direct all user connections through StoreFront.
• Management Pack for System Center Operations Manager (SCOM) 2007 is not supported
di

on 7.x releases.
s

• CNAME function was enabled, by default, prior to XenApp 7 and XenDesktop 7 to assist with
tri

FQDN re-routing. In subsequent versions of XenApp and XenDesktop, 7.x, the Delivery
bu

Controller auto-update replaced the CNAME function because it can dynamically update the
list of Delivery Controllers and notify the distributed VDAs when Delivery Controllers both
t

join and leave the Delivery Site. Some administrators prefer to use the CNAME function.
io

Those administrators can use a Citrix policy to disable the dynamic updates and can re-enable
n

the CNAME functions in the registry.

• Quick Deploy wizard was a XenDesktop 5.x feature designed to quickly create a Delivery Site
and all of the server components, including the catalog, Delivery Groups and more using one
wizard. This wizard was created to enable administrators to quickly setup a proof of concept
deployment. Quick Deploy Delivery Sites had limitations and could not be scaled. The refined
configuration and workflow in XenDesktop 7.x renders this legacy deployment wizard
unnecessary.
• Remote PC Service configuration file and PowerShell script for automatic administration
was deprecated because Remote PC is now integrated into Studio and the Delivery Controller
with support for Wake-on-LAN.

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 33
• Workflow Studio was a management feature that allowed administrators to manage multiple
workflows (also known as sets of code or scripts) from a Windows Server management console.
This feature was removed due to lack of demand.

Discussion Question
An administrator at a local company was tasked with implementing a Citrix solution to host user
resources centrally and securely in the datacenter, enabling users to access resources from any user
device over any Internet connection. The users’ require access to the Microsoft Office Suite and a
Windows 8.1 desktop. Which Citrix products and editions can the administrator purchase and
implement to meet the needs of this scenario?

Reinforcement Exercise: XenApp and XenDesktop

N

Components
ot

In this module, you learned how to

fo

• Identify the architecture and components of a XenApp and XenDesktop solution.

rr

• Explain the role of:

es

• Citrix Receiver
al

• Citrix StoreFront
e

• Citrix NetScaler
or

• Delivery Controller
• Machine Creation Services
di

• Citrix Provisioning Services

s

• Hypervisor
tri

• Virtual Delivery Agent

bu

• Citrix Profile management

t io

• Describe the responsibilities of the different XenApp and XenDesktop management consoles.
n

Definition Matching
Match each of the following terms with its correct description.
Time to complete: Approximately 5 minutes
• Citrix Receiver
• Citrix NetScaler
• Hypervisor
• Personal vDisk

34 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
• Citrix StoreFront
• Delivery Controller

Term Description

Provides end users with quick, secure, self-

service access to documents, applications, and
desktops from any end-user device.

Functions as an application accelerator and also

provides advanced management using load
balancing, content switching, and application
security.
N
ot

A thin layer of software that allows you to share

physical resources of a device amongst several
fo

virtual machines.
rr

A feature in XenDesktop that allows end users

es

to install applications and change their desktop

al

settings, while retaining the single image

management of pooled and streamed desktops.
e
or

A self-service, Windows application store that

provides a single aggregation point for all IT
di

user services.
s tri

Communicates with the hypervisor to distribute

bu

applications and desktops, authenticates and

manages end-user access, and brokers
t io

connections between end users and their virtual

desktops and applications.
n

• Citrix Director
• Citrix Profile management
• Machine Creation Services
• Citrix Provisioning Services
• Citrix Studio
• Virtual Delivery Agent

© Copyright 2016 Citrix Systems, Inc. Module 1: Understanding the Architecture of a XenApp and
XenDesktop Solution 35
 Term Description

A Web-based tool that enabled IT support to

monitor a XenApp and XenDesktop
environment, troubleshoot issues, and perform
support tasks for end users.

Allows you to manage end-user personalization

settings in a virtualized or physical Windows
environment.

A collection of services that run on the Delivery

Controller to generate clone-like machines from
N

a single virtual machine serving as the primary

image.
ot
fo

Uses a vDisk image to provision virtual

machines.
rr
es

A management console that enables you to

configure and manage your XenApp and
al

XenDesktop implementation.
e
or

Enables virtual machines to register with a

Delivery Controller.
di
s tri
bu
t io
n

36 Module 1: Understanding the Architecture of a XenApp and XenDesktop Solution © Copyright

2016 Citrix Systems, Inc.
 2
Module 2

Managing Licenses
and Delegating
Administration
N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

38 © Copyright 2016 Citrix Systems, Inc.

Managing Licenses and Delegating
Administration
Overview
Citrix XenApp and XenDesktop each offer three editions. Similar to previous releases of
XenDesktop, this release includes Platinum, Enterprise, and VDI edition licenses that may be
purchased as user/device, or concurrent licenses. XenApp offers an Advanced, Enterprise, and
Platinum editions for all hosted shared application and desktop workloads.
Delegated administration in XenApp and XenDesktop consists of administrators, roles, and scopes.
Administrators are individual Active Directory users or groups. Each administrator can have one or
more roles assigned. The role outlines the permissions granted to the administrator. Roles can be
N

customized, which allows for a detailed view of specific actions and tasks that an administrator can
ot

complete within the Studio console. Scopes represent collections of objects such as Delivery Groups.
Objects can belong to multiple scopes and administrators can be assigned to multiple scopes as
fo

well.
rr

After completing this module you will be able to:

es

• Describe how Citrix Studio is used to manage licensing.

• Manage licensing.
al

• Manage delegated administration.

e

• Monitor configuration logs.

or

• Generate configuration log reports.

di

• Upgrade to XenDesktop 7.6.

s

Module timing: Approximately 2.5 hours

tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 39
 The lab environment Student Desktop has two management consoles. You will use both
interchangeably throughout this course. Microsoft Remote Desktop Connection Manager
is the preferred method to logging in and interacting with your virtual machines. Citrix
XenCenter is the preferred method to managing power tasks, mounting and un-mounting
ISO's.
Before you begin, you must ensure these following lab environment core virtual machines
are powered on:
• Controller-1
• DomainController-1
• SQLServer-1
• StudentManagementConsole-1
To conserve resources all other core lab environment virtual machines that are not a part
of a machine catalog may be powered down. Powering down machine catalog virtual
N

machines is not favored as it could impact future session launch times.

ot

All lab environment virtual machines are power managed through XenCenter. To change
the power state of a lab environment virtual machine, complete the following steps:
fo

1. Select the virtual machine within XenCenter.

rr

2. Click on either the Start or Shutdown button on the top-right of the XenCenter.
es
al

Managing Licenses in Studio

e
or

Studio is the primary management console for XenApp and XenDesktop that enables you to
configure and manage your deployment, eliminating the need for separate management consoles
di

for managing delivery of applications and desktops. Studio provides various wizards to guide you
through the process of setting up your environment, creating your workloads to host applications
s

and desktops, and assigning applications and desktops to end users. The console also includes
tri

PowerShell functionality. Most administration tasks can be completed within the console, while
bu

only some advanced configuration tasks require the explicit use of PowerShell.
t

The console can be used to configure machine catalogs, Delivery Groups, policies (including HDX
io

policies), logging, administrators, delegated administration, licensing, and profile management.

n

You can use Studio to manage and track licensing, provided the license server is in the same
domain as Studio, or in a trusted domain. You must possess full-administrative permissions on the
licensing server to carry out the tasks described below, except for viewing license information. To
only view license information, a XenApp and XenDesktop administrator needs the read-only
permission.

40 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
Discussion Question
Which licensing model are you currently using? What would you require in a XenApp and
XenDesktop environment? How would your licenses be consumed if you switched from named to
concurrent?

License Editions
XenDesktop offers three license editions:
• Platinum
• Enterprise
• VDI
XenApp offers three license editions:
N
ot

• Platinum
• Enterprise
fo

• Advanced
rr

For more information about the features and entitlements of each edition, visit
es

https://www.citrix.com/go/products/xendesktop/feature-matrix This website is updated

regularly with the latest features.
al
e
or

Types of Licenses
di
s

Device License A device license requires the connecting device to have a unique
tri

device ID and allows XenDesktop access to any user from that

bu

device. Use this type of license for shared devices, such as

classroom, hospital, or clinical workstations.
t io
n

User License A user license allows the user to connect to their desktops and
applications with multiple devices, such as desktop computer,
laptop, netbook, smartphone, or thin client. A licensed user can
connect to multiple instances of XenDesktop concurrently from
different devices, if necessary.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 41
Concurrent License A concurrent license is not tied to a specific user. When a user
launches a product, the product requests the license and it is
checked out to the specific computer or device that the user is
using. Wen the user logs off or disconnects from the session, the
license is checked back in and is once again available for
reassignment.

Downloading, Allocating, and Importing a License File

Although you can use Studio for license administration, Citrix also provides a Web-based License
Administration Console. These consoles can be used interchangeably; however, the License
Administration Console is used during the deployment of XenApp and XenDesktop, prior to the
installation of Studio. This exercise will show you an example of the License Administration
Console.
N
ot

To Allocate, Download, and Import a License File

fo
rr

The license server is pre-installed and configured in the XenApp and XenDesktop lab
es

environment. To experience downloading, allocating, and importing a license file, we have

provided a licensing simulation below. Click the following link and use the steps in this
al

course to complete the exercise:

e

• Downloading, Allocating, and Importing License Files Exercise

or

You can access a list of all simulated exercises from the Student Resource Kit module
located in this course.
di

1. Click My Account (Log in) in the upper-right corner of the www.citrix.com Web site page.
s tri

2. Click Create Account.

bu

Use the mouse to move between fields in this exercise.

t io
n

3. Click Create Customer Account.

If your company already has an account, you would use the existing account rather
than create a new one.

4. Complete the form to create an account and then click Continue.

The form has been completed with generic information. Click Continue.

42 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
5. Create a new Login ID and password and then click Continue.
Verify that CitrixStudent is in the Login ID field, type Password1 in the New Password and
Confirm Password fields, and then click Continue.

6. Click Activate and Allocate Licenses under the Licensing heading on the page.
7. Click the Single Allocation tab.

If you currently have available licenses, they will appear within the Activate and
Allocate Licenses tab.

8. Type the license code into the Enter license code field and then click Continue.
Type CTXLF-12345-67890-12345-67890 and then click Continue.

9. Click Continue on the Host Name Warning Page.

N
ot

Not all licenses for Citrix products are allocated based on the host name of the license
server.
fo
rr

10. Type the case-sensitive name of the Citrix License Server that will host the license in the Host
es

ID field.
al

Type LS-1 into the Host ID field.

e

11. Click the Quantity/Available field, type the license quantity, and then click Continue.
or

Click the Quantity/Available field, type 5, and then click Continue.

di
s

You can always come back to reallocate and re-download your licenses should they
tri

become corrupt, lost, or you need to specify a different allocation of your licenses
using the Reallocate and Redownload tabs from My Account on the www.citrix.com
bu

Web site.
t io

12. Verify that the information is correct and then click Confirm.
n

13. Click OK in the message stating that the allocation was successful.
14. Click Download.
15. Click the down arrow next to Save and then click Save as.

The name of the license file can be changed, but the contents within the file cannot be
changed without corrupting the license file.

16. Click Save in the Save As window to download the license file to the Downloads folder.
17. Click Log Out in the upper-right corner of the window.
18. Close the browser window.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 43
19. Click the Start button on the bottom-left corner of the screen.
20. Type Citrix License and then click the Search icon.
21. Click Citrix License Administration Console.
22. Click Administration in the upper-right corner of the License Administration Console.
23. Logon as a license administrator.
Type Training\Administrator in the User Name field, Password1 in the Password field,
and then click Submit.

24. Click Vendor Daemon Configuration in the lower-left corner of the License Administration
Console.
25. Click Import License.
26. Click Browse to the right of the License File from Your Local Machine field to browse to the
recently downloaded license file.
N

27. Select the recently downloaded license file and then click Open.
ot

Select FID_15.lic in the Downloads folder and then click Open.

fo

28. Click Import License.

rr

29. Click OK.

es

In order to view the active licenses within the dashboard, you must restart the license
al

server or reread the license file.

e
or

30. Verify that the licenses have been allocated.

Click Dashboard and then click Citrix XenDesktop Enterprise|Concurrent.
di
s

31. View the allocated licenses and then click X in the upper-right corner of the window to close
tri

the dashboard.
bu
t

Discussion Question
io
n

What are some of the different ways you can download, allocate, and monitor a Citrix license file?

44 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
To Add a License Administrator
The license server is pre-configured in the lab environment. To experience adding a
license administrator, we have provided an Adding a License Administrator exercise
below. Click the following link and use the steps in this course to complete the exercise:
• Adding a License Administrator Exercise
You can access a list of all simulated exercises from the Student Resource Kit module
located in this course.

1. Logon to your licensing server as an administrator.

Click the Play button and proceed to the next step.

2. Click Start on the bottom left hand corner of Windows.

3. Type Citrix License Administration at the Windows Start screen and press Enter.
N

4. Click Citrix License Administration to open the license console.

ot

5. Click Administration to logon.

fo

6. Type your username and password and click Submit.

rr

Type Training\Admin1 into the User Name field and Password1 into the password field
es

and click Submit.

al

7. Click User Configuration and then click New User.

e

8. Select the role of the new user.

or

Select Domain Administrator.

di

9. Specify the user name of the user you would like to add as a license administrator and click
Save.
s tri

Type Training\Admin2 and then click Save.

bu

10. Click Log Out.

t io
n

Managing Delegated Administration

The delegated administration model offers the flexibility to match how your organization wants to
delegate administration activities, using role- and object-based control. Delegated administration
accommodates deployments of all sizes and allows you to configure more permission detail as your
deployment grows in complexity. Delegated administration uses three concepts: administrators,
roles, and scopes.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 45
 N
ot

No specific Active Directory permissions are required for delegated administration.

Standard domain users will work fine.
fo
rr
es

Administrators
al
e

An administrator represents an individual person or a group of people identified by their Active

Directory account. Each administrator is associated with one or more role and scope pairs, which
or

allows organizations to delegate responsibility based on the administrator's role and function.
di
s tri
bu
t io
n

46 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
Roles

N
ot
fo
rr
es
al
e
or
di
s tri
bu
t

Roles represent a job function with defined permissions. XenApp and XenDesktop have the
io

following built-in roles:

n

• Full administrator: Can perform all tasks and operations. A Full Administrator is always
combined with the All scope.
• Machine Catalog administrator: Can create and manage machine catalogs and provision the
machines into them. This role can manage base images and install software, but cannot assign
applications or desktops to end users.
• Delivery Group administrator: Can deliver applications, desktops, and machines; can also
manage the associated sessions and application and desktop configurations such as policies and
power management settings.
• Host administrator: Can manage host connections and their associated resource settings. This
role cannot deliver machines, applications, or desktops to end users.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 47
• Help Desk administrator: Can view Delivery Groups and manage their sessions and machines.
Can see the machine catalog and host information for the Delivery Groups being monitored,
and can also perform session management and machine power management operations for the
machines in those Delivery Groups.
• Read-only administrator: Can read all objects in specified scopes as well as global information,
but cannot change anything.

Scopes
Scopes represent a collection of objects. Scopes are used to group objects in a way that is relevant to
your organization. Objects can be in more than one scope; you can think of objects being labeled
with one or more scopes. There is one built-in scope: 'All,' which always contains all objects. The
Full Administrator role is always paired with the All scope.
N

To Add an Administrator
ot
fo

1. Logon to a machine that has Citrix Studio installed on it.

rr

a. Logon to the StudentManagementConsole-1 virtual machine using the

es

TRAINING\Admin1 and Password1 credentials.

al

2. Double-click Citrix Studio on the desktop to open it.

e

If you receive a message that the snap-in is not responding, click Cancel.
or
di

3. Select Administrators in the left pane under the Configuration node.

s tri

If Studio does not automatically connect to the Delivery Controller, type c-1.Training.lab
bu

and then click Connect.

t

4. Verify that the Administrators tab in the middle pane is selected to view a list of existing
io

administrators.
n

5. Click Create Administrator in the Actions pane.

6. Click Browse and type the name of the administrator that you would like to add.
Click Browse and then enter Admin2.

7. Click Check Names to validate the administrator name and then click OK.
8. Select a scope to specify the objects the administrator can access and click Next.
Select All in the scope field and then click Next.

48 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
9. Select a role for the new administrator and then click Next.
Select Full Administrator and click Next.

10. Verify that the configuration is correct and that Enable Administrator is selected.
11. Click Finish to create the administrator.

To Create a Custom Scope Using Studio

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

N

If you receive a message that the snap-in is not responding, click Cancel.
ot
fo
rr

3. Select Administrators in the left pane under the Configuration node.

es

4. Select the Scopes tab in the middle pane to view a list of existing scopes.
5. Click Create Scope in the Actions pane.
al

6. Type a name and description for the scope.

e
or

a. Type Notepad App Administrators for the name of the scope.

b. Type Able to support the Notepad App for the description of the scope.
di

7. Select the objects you want to add to the new scope.

s tri

a. Expand Delivery Groups and select Notepad Application Servers.

bu

b. Select Machine Catalogs.

t io

8. Click Save.
n

To Edit a Custom Scope

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 49
 If you receive a message that the snap-in is not responding, click Cancel.

3. Select Administrators in the left pane.

4. Select the Scopes tab in the middle pane to view a list of existing scopes.
5. Select the scope that you would like to edit.
Select Notepad App Administrators.

6. Click Edit Scope in the Actions pane. The Edit Scope window appears.
7. Make the necessary changes to the scope.
Deselect Machine Catalogs from the objects list.

8. Click Save.
N
ot

To Create a Custom Role

fo
rr

1. Logon to a machine that has Citrix Studio installed on it.

es

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
al
e

2. Double-click Citrix Studio on the desktop to open it.

3. Select Administrators in the left pane.
or

4. Select the Roles tab in the middle pane to view a list of existing roles.
di

5. Click Create Role in the Actions pane.

s

6. Type a name and description for the role.

tri
bu

a. Type Hosted Application Administrator for the name of the role.

b. Type Can Add, Edit, and Delete Hosted Applications for the description
t io

7. Select the object type, and then select the permissions that you want the role to have.
n

a. Expand Delivery Groups and select Manage.

b. Select the following options:
• Add Application to Delivery Group
• Create Application
• Delete Application
• Edit Application Properties
• Enable/disable maintenance mode of an Application
• Remove Application from Delivery Group

50 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
8. Click Save.
9. Verify that you have created the role with appropriate permissions.
Select Hosted Application Administrator and expand Delivery Groups to look over the
details at the bottom of the pane. In addition to the options you selected above, you will also
see View Applications and View Delivery Groups.

To Edit a Custom Role

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

N
ot

If you receive a message that the snap-in is not responding, click Cancel.
fo
rr

3. Select Administrators in the left pane.

es

4. Select the Roles tab in the middle pane.

al

5. Select the role you would like to edit.

e

Select Hosted Application Administrator.

or

6. Click Edit Role in the Actions pane.

di

7. Edit the permissions as needed.

s

a. Expand Delivery Groups.

tri

b. Select Change users assigned to an application.

bu

8. Click Save.
t io
n

To Edit an Administrator's Permissions

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 51
 If you receive a message that the snap-in is not responding, click Cancel.

3. Select Administrators in the left pane.

4. Select the Administrators tab in the middle pane.
5. Select the administrator you want to edit.
Select the NotepadAdmin administrator account to edit.

6. Click Edit Administrator in the Actions pane. The details of that administrator appear.
7. Select the scope and role that you would like to edit.
Click the All scope/Read Only Administrator role.

8. Click Edit.
N

9. Select the appropriate scope.

ot

Select the Notepad App Administrators scope.

fo
rr

10. Select the Role tab and then select the appropriate role.
Select the Hosted Application Administrator role.
es
al

11. Click OK to save the changes.

e

12. Click OK to finalize the administrator edits.

or

Running a Delegated Administration Report

di
s

The resultant set of permissions (RSOP) HTML report shows the role/scope pairs associated with
tri

an administrator and lists the individual permissions for each type of object - Delivery Groups and
bu

Machine Catalogs, for example.

t io

To Run a Delegated Administration Report

n

1. Logon to a machine that has Citrix Studio installed on it.

Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Click Administrators in the left pane.
4. Click Create Report.

52 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
5. Type the user or group name you want to select.
Type TRAINING\NotepadAdmin.

6. Click Check Names and then click OK.

7. Type a file name for the report and then click Save.

a. Click Desktop.
b. Type RSOP_NotepadAdmin as the report name and then click Save.

8. Open the report to view the delegated administration rights.

Double-click the RSOP_NotepadAdmin report on the Desktop and select Internet
Explorer to view the report. If a Java Plugin SSV Helper prompt appears, select Enable.
N

Discussion Question
ot

When would you typically run a delegated administration report? Why?

fo
rr

Using PowerShell
es
al

Everything that is accomplished in the Studio console can also be accomplished using PowerShell.
As such, you can use PowerShell cmdlets to create new administrators, apply roles and scopes, and
e

track the rights and status of each administrator.

or

Every action performed within Studio is launched as a PowerShell statement in the background.
You can see the actions that you have performed by clicking the top node labeled Citrix Studio
di

(Training) in the left pane of Studio, and selecting the PowerShell tab in the middle pane. To use
s

Citrix-specific commands on your own, either start PowerShell and add the required snap-ins or
tri

click Launch PowerShell in the bottom right corner of the middle pane of Studio to start a
bu

PowerShell console with pre-loaded Citrix snap-ins.

For example, to add a new administrator, you can use the New-AdminAdministrator cmdlet. To
t io

apply a role and scope to the new administrator, you can use the Add-AdminRight cmdlet. If you
would like to get a list of the rights and status of each administrator account in the site, you can
n

use the Get-AdminAdministrator.

For more information about the available PowerShell cmdlets, see Citrix Support at
http://www.citrix.com/support.

Discussion Question
How would the use of delegated administration change with the size of your XenApp or
XenDesktop deployment?

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 53
Monitoring Configuration Logs
Configuration logging captures Site configuration changes and administrative activities to the
database. You can use the logged content to:
• Diagnose and troubleshoot problems after configuration changes have been made.
• Assist change management and track configuration changes.
• Report administrative activities.
More specifically, configuration logging tracks configuration changes and administrative activities
initiated from Studio, Director, and PowerShell scripts. A few examples include:
• Creating or editing a host
• Adding an end user to a Delivery Group
• Adding an administrator
N

• Changing delegated administrator roles

ot

Changes made through the registry, direct access of the database, or from sources other
than Studio, Director, or PowerShell are not logged.
fo
rr

By default, the Configuration Logging feature is enabled and uses the database that is created when
es

you create the Site (the Site Configuration Database). Citrix strongly recommends that you change
al

the location of the database used for Configuration Logging as soon as possible after creating a Site
for three reasons:
e

1. The backup strategy for the Configuration Logging Database is likely to differ from the backup
or

strategy for the Site Configuration Database.

di

2. The volume of data collected for Configuration Logging could adversely affect the space
available to the Site Configuration database.
s tri

3. Having a separate database for each one splits the single point of failure for the databases.
bu

To Display Configuration Log Content

t io
n

1. Logon to a machine that has Citrix Studio installed on it.

Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

If you receive a message that the snap-in is not responding, click Cancel.

3. Select Logging in the left pane.

54 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
4. Click the drop-down menu next to the Search text box to view the different options available
for filtering by time.

To Generate Configuration Log Reports

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Select Logging in the left pane.
4. Click Create Custom Report in the Actions pane.
5. Select a date range for the report by selecting a predefined interval or specifying a custom time
N

frame.
ot

Select Last 7 days and click Next.

fo

6. Select the report format.

rr

Select HTML.
es

7. Browse to the location where the report should be saved.

al

Click Browse, select Desktop as the location and click OK.

e

8. Click Next.
or

9. Review your selections on the Summary page and click Finish.

di

10. Open the reports and review the changes that have been made over the last seven days.
s

Double-click the Details and Summary report on the Desktop and select Internet Explorer
tri

to view the report.

bu
t io

To Change the Configuration Log Settings

n

1. Logon to a machine that has Citrix Studio installed on it.

Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

If you receive a message that the snap-in is not responding, click Cancel.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 55
3. Select Logging in the left pane.
4. Click Preferences in the Action pane.
5. Ensure that Enable is selected and edit the settings as necessary.

An important option available in the Logging Preferences window is the ability to

change the logging database or the location of the database. For more information
about changing the logging database and its location, see Citrix Support at
http://www.citrix.com/support.

6. Click OK to finish changing the settings.

Discussion Question
What are some use cases for the CSV output of the configuration logs?
N
ot

Moving from XenApp 7.6 to XenDesktop 7.6

fo

XenApp and XenDesktop now share a unified architecture. This makes it possible to simply upload
rr

a license to move an implementation from:

es

• An edition of XenApp 7.6 to another.

al

• An edition of XenDesktop 7.6 to another.

e

• An edition of XenApp 7.6 to an edition of XenDesktop 7.6.

or

Once the license is uploaded and the edition is selected, all of the features available in the edition
become available to the administrator.
di
s tri
bu
t io
n

56 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
Troubleshooting: Managing Licenses and Delegated
Administration

Issue Resolution
An administrator account that was created does Verify what role was assigned and reassign a
not have the appropriate authority. new role with the correct permissions.
1. Open Studio.
2. Expand the Configuration node.
3. Click Administrators.
4. Click the Administrators tab in the center
pane.
N

5. Choose the administrator name that does

ot

not have the correct authority.

6. Click Edit Administrator in the right pane.
fo

7. Choose a role that appears in the details

rr

pane and click Edit.

es

8. In the Edit Administrator window, click

Role.
al

9. Click the role name next to the selected

e

option to view permissions.

or

10. Verify that these are the correct

permissions.
di

11. Click Cancel.

s

12. If the permissions were incorrect, choose

tri

the appropriate role and click Apply.

bu

13. If the permissions were correct, click

Cancel and click Add to add an additional
t io

role to this administrator.

n

• Verify that the administrator is not set for

read-only access.

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 57
Issue Resolution
An administrator is unable to access Studio. Verify that the Administrator is enabled.
1. Open Studio.
2. Click Configuration.
3. Click Administrators.
4. Click the Administrators tab in the center
pane.
5. Choose the administrator name that cannot
access Studio.
6. Click Edit Administrator in the right pane.
• Ensure the Enable Administrator checkbox
is checked.
N
ot

A delegated administrator cannot shadow an Verify the following:

end user. • Remote assistance is enabled on the virtual
fo

desktop.
rr

• The administrator is authorized to launch a

es

remote assistance session on the virtual

desktop.
al

• The Microsoft Remote Assistance client is

e

installed on the system running Director.

or

• Director is accessed through Internet

Explorer 7 or 8 and ActiveX is enabled.
di
s tri

Reinforcement Exercise: Configuring Roles and Scopes

bu

During this exercise, you will not be given step-by-step instructions for performing the
t io

task. Instead, you are asked to use what you have learned to complete it. This exercise is
designed to take your newly gained knowledge and determine if you can apply it to
n

perform a task you have never done before. In most instances the default value/choice will
be the best choice, but we encourage you to explore and try different options. If you have
a question or need help, ask the instructor or a fellow student for assistance.

In this module, you learned how to:

• Describe how Citrix Studio is used to manage licensing.
• Manage licensing.
• Manage delegated administration.
• Monitor configuration logs.
• Generate configuration log reports.

58 Module 2: Managing Licenses and Delegating Administration © Copyright 2016 Citrix Systems, Inc.
Time to complete: Approximately 10 minutes
Your team wants you to implement a design for their HelpDesk organization. The design calls for
level 1 support to be able to manage requests regarding the hosted applications. They want the level
2 staff to be able to handle requests for all types of company resources due to their additional
experience and training.
Your objective is to configure the appropriate roles and scopes in order to achieve the following
delegation:

AD Group Scope Role

Helpdesk All Read Only Administrator

Helpdesk-Apps Notepad App Administrators Help Desk Administrator

N

Helpdesk-Tier2 All Help Desk Administrator

ot
fo
rr
es
al
e
or
di
s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 2: Managing Licenses and Delegating Administration 59
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

60 © Copyright 2016 Citrix Systems, Inc.

 3
Module 3

Managing and
Monitoring the
Hypervisor
N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

62 © Copyright 2016 Citrix Systems, Inc.

Managing and Monitoring the Hypervisor
Overview
Virtualization enables multiple virtual machines to run on a single physical server. Each virtual
machine is completely isolated from other virtual machines and is decoupled from the underlying
host by a thin layer of software known as a hypervisor.
XenApp and XenDesktop have an open architecture, which allows you to manage virtual desktops
and applications hosted on several different hypervisors. This module will discuss tasks that can be
done with each hypervisor that are supported by XenApp and XenDesktop. However, the tasks will
be described using Citrix XenServer. Although the steps may differ within each hypervisor, the
overall task will have the same end result.
N

After completing this module, you will be able to:

ot

• Describe the communication process between the host hardware, hypervisor, control domain,
and virtual machine.
fo

• Create, copy, and manage virtual machines.

rr

• Create snapshots and revert virtual machines to prior states.

es

• Manage resources allocated to virtual machines and templates.

• Configure and customize alerts within the hypervisor.
al
e

Module timing: Approximately 3 hours

or
di
s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 63
 The lab environment Student Desktop has two management consoles. You will use both
interchangeably throughout this course. Microsoft Remote Desktop Connection Manager
is the preferred method to logging in and interacting with your virtual machines. Citrix
XenCenter is the preferred method to managing power tasks, mounting and un-mounting
ISO's.
Before you begin, you must ensure these following lab environment core virtual machines
are powered on:
• Controller-1
• DomainController-1
• SQLServer-1
• StudentManagementConsole-1
To conserve resources all other core lab environment virtual machines that are not a part
of a machine catalog may be powered down. Powering down machine catalog virtual
N

machines is not favored as it could impact future session launch times.

ot

All lab environment virtual machines are power managed through XenCenter. To change
the power state of a lab environment virtual machine, complete the following steps:
fo

1. Select the virtual machine within XenCenter.

rr

2. Click on either the Start or Shutdown button on the top-right of the XenCenter.
es
al
e
or
di
s tri
bu
t io
n

64 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
Architecture Overview

N
ot
fo
rr
es
al
e
or

The following components are combined to virtualize server and desktop hardware so that multiple
di

operating systems can share devices like hard drives and network cards.
s

• Host Hardware - The bare-metal machine in which the hypervisor lays and whose resources
tri

are used and distributed throughout a virtualized environment. This hardware contains the
bu

physical server components including memory, CPU, and disk drives.

• Hypervisor - A thin layer of software that gives each virtual machine a dedicated view of the
t

hardware. The hypervisor provides an abstraction layer that allows each physical server to run
io

one or more virtual machines, effectively decoupling the operating system and its applications
n

from the underlying hardware.

• Control Domain - Manages the network, and storage I/O of all virtual machines.
• Virtual Machines - Virtual machines that appear to end users as separate computers, each with
its own network identity, user authorization, authentication capabilities, operating system
version, configuration, applications, and data. The machine shares physical resources with
other virtual machines and is portable because the virtual machine is abstracted from physical
hardware.
• Guest Operating System - The operating system that is installed on a virtual machine.
• Physical Interface (PIF) - A driver-like representation within the control domain that
corresponds to an actual network interface card in the host machine.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 65
• Virtual Interface (VIF) - A virtualized representation of a computer network interface. A
virtual machine connects to a virtual interface to provide network connectivity to other virtual
machines and the physical network.
• Virtual Network Interface Card (Virtual NIC) - A driver-like program that allows a virtual
machine's guest OS to connect to a virtual network.
• Physical Network Interface Card (Physical NIC) - A physical network card that is installed on
the host hardware.
• Virtual Network - The software representation of a network switch within the control domain.
Virtual machines communicate with other network nodes using the virtual network to which
they are connected.
The hypervisor works by virtualizing the hardware. Hardware virtualization abstracts system
components, such as hard drives, resources, and ports, and allocates them to the virtualized servers
running on the system. These virtualized servers are known as virtual machines, which run
operating systems and applications that are known as guest software.
N

The hypervisors that are supported by XenApp and XenDesktop are:

ot

• XenServer
fo

• XenServer 6.5
rr

• XenServer 6.2
es

• XenServer 6.1
• XenServer 6.0.2
al

• Hyper-V and System Center Virtual Machine Manager (SCVMM)

e

• Any version of Hyper-V that can register with SCVMM 2012 and SCVMM 2012 SP1,
or

including Microsoft Hyper-V Server 2008 R2 SP1 and Microsoft Hyper-V Server 2012
• VMware vSphere
di

• VMware vSphere 5.1 Update 1

s tri

• VMware vSphere 5.0 Update 2

bu

When using a hypervisor to host your XenApp and XenDesktop virtual machines, ensure that the
proper tools are installed. For example, XenServer tools must be installed in order to properly
t io

manage virtual machines within XenServer and to gain maximum performance from the virtual
machines. Without XenServer Tools, you cannot:
n

• Restart a virtual machine.

• Suspend a virtual machine.
• Migrate a running virtual machine using XenMotion.
• Adjust dynamically the number of virtual CPUs assigned to a running Linux virtual machine;
Windows virtual machines require a restart for this to take effect.
• Dynamically adjust the memory of the virtual machines to compensate for overload situations.
• View virtual machine performance data in XenCenter.
• Create quiesced snapshots or snapshots with memory.

66 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
• Revert to snapshots.

Managing Virtual Machines within a Hypervisor

Virtual machines are used for many reasons including proper allocation of resources, replacing
physical machines, hosting different operating systems on the same hardware, and end-of-life
replacement. Virtual machines also never leave the datacenter, which offers a much higher level of
security and simplifies administration and management.
Virtual machines can be created by building an image or using a template that contains all the
configured settings necessary to create a specific instance of a machine.

To Create a Virtual Machine Using an ISO

N

The following steps are provided for informational purposes only and are not to be
ot

performed in the lab environment. Students will perform the following exercises using a
virtual machine created from a template.
fo
rr

1. Open the XenCenter console.

2. Select the server which you would like to add the virtual machine to.
es

3. Click the New VM button at the top of the console.

al

4. Select a template, operating system, or snapshot for the new virtual machine.
e

5. Click Next.
or

6. Name the virtual machine and click Next.

di

7. Select the ISO to use to perform the initial installation of the operating system and then click
Next.
s tri

8. Select the server you would like to create the VM on and then click Next.
bu

9. Select the number of vCPUs and memory to allocate to the virtual machine and then click
Next.
t io

10. Select the storage to be allocated to the virtual machine and add additional storage if necessary.
n

11. Configure networking on the new virtual machine and then click Next.
12. Verify the configuration settings for the new virtual machine and that Start the new VM
automatically is selected.
13. Click Create Now.
14. Verify that the virtual machine appears in XenCenter.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 67
To Create a New Virtual Machine Using a Template
1. Open the XenCenter console.
Double-click Citrix XenCenter from the desktop of the StudentDesktop machine. Use
Citrix XenCenter for all labs in Module 3.

2. Select the server which you would like to add the virtual machine to.
Select the XenServer host.

3. Click the New VM button at the top of the console.

4. Select a template, operating system, or snapshot for the new virtual machine and then click
Next.
Select Windows_7_64-bit and then click Next.
N

5. Name the virtual machine and then click Next.

ot

Type Win7 and then click Next.

fo

6. Select an ISO within the DVD drive if you are not using a template that is configured with an
rr

operating system.
es

Verify that the DVD drive is empty and then click Next.
al

7. Select the server you want to place the new VM on and then click Next.
e

Verify that the XenServer host is selected and then click Next.
or

8. Specify the number of vCPUs and memory to allocate to the virtual machine and then click
di

Next.
s

Verify that there are 1 vCPU and 1024 MB for memory and then click Next twice.
tri

9. Select the storage to be allocated to the virtual machine and then add additional storage, if
bu

necessary and then click Next.

t io

Verify the Local Storage and Use storage-level fast disk clone are both selected and then
click Next.
n

10. Configure the networking on the new virtual machine and then click Next.
Verify that Internal is selected and then click Next.

11. Verify the configuration settings for the new virtual machine and that Start the new VM
automatically is selected.
12. Click Create Now.
13. Verify that the virtual machine appears in XenCenter.

68 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
To Complete the Windows Setup Process
1. Select the virtual machine in the XenCenter console and then click Console.
Select the Win7 virtual machine and then click Console.

2. Select the language, time and currency format and keyboard settings for your area and then
click Next.
3. Type a user name in the "Type a user name field" and a computer name in the "Type a
computer name" field then click Next.
Type TempUser as the user name and Win7 as the computer name then click Next.

4. Specify a password and hint for your account and then click Next.

a. Type Password1 in the Type a password and Retype your password fields.
N

b. Type First Password in the Type a password hint field and then click Next.
ot

5. Read and respond to the licensing terms.

fo

Select I accept the license terms and then click Next.

rr

6. Select the desired update settings.

es

Select Ask me later.

al

7. Review your time and date settings to ensure that they are correct and then click Next.
e

Click Next.
or

8. Select the current location of the computer.

di

Click Work network.

s tri

9. Allow Windows to finalize your settings and then logon with the TempUser account you
bu

created.
t io

Installing XenServer Tools

n

XenServer Tools provide high performance Windows drivers and a management agent, enhancing
disk and network performance for XenServer virtual machines. XenServer Tools must be installed
for each virtual machine in order to be able to use the xe CLI or XenCenter. Virtual machine
performance will be significantly lowered unless the tools are installed.

Running a virtual machine without installing the XenServer Tools is not a supported
configuration.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 69
To Install XenServer Tools on a Virtual Machine
1. Logon to the virtual machine that you will install XenServer Tools on.
Logon to the Win7 virtual machine using the TempUser and Password1 credentials.

2. Select xs-tools.iso in the DVD Drive 1 field at the top of the console screen.

Performance of the console will be slow until XenServer tools has been installed and
RDP can be used from XenCenter

3. Wait a few moments for the AutoPlay screen to appear and then click Run installwizard.msi.
4. Click Next on the welcome screen of the wizard.
5. Read and respond to the license agreement terms.
N

Select I accept the terms of the License Agreement and then click Next.
ot

6. Select the path where you would like to install XenServer tools and then click Next.
fo

Leave the default path and then click Next.

rr

7. Click Install.
es

8. Select Yes in the User Account Control screen, if it appears.

al

9. Wait while the installation completes.

e

10. Click Install Tools and then click Restart Now.

or

11. Select Yes in the User Account Control screen, if it appears.

12. Wait while the virtual machine restarts.
di

13. Logon to complete the installation.

s tri

Logon to the Win7 virtual machine using the TempUser and Password1 credentials.
bu

An additional reboot may occur automatically after logon. If this occurs logon again
t

after the restart is complete.

io
n

14. Click Done.

15. Select Yes in the User Account Control screen, if it appears.
16. Click Restart Now.
17. Click Eject to eject the ISO from the virtual machine.
Click Eject on the top right of Console window next to the DVD Drive drop down menu.

70 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
Taking a Snapshot
A snapshot is an image of a virtual machine that preserves the current settings and data at the
point in time in which the snapshot is taken. Taking snapshots allows an administrator to restore a
virtual machine if for any reason it fails.

To Take a Snapshot in XenCenter

1. Select the virtual machine of which you would like to take a snapshot.
Select the Win7 virtual machine.

2. Select the Snapshots tab.

3. Click Take Snapshot.
N

4. Type a name for the snapshot.

ot

Type After XenServer tools install in the Name field.

fo

5. Click Take Snapshot. The new snapshot will appear in seconds.

rr
es

Reverting to a Snapshot
al

If a snapshot has been taken, you can easily revert to the snapshot, which will return the virtual
e

machine to the particular state at the time the snapshot was taken. You also have the option to take
or

a new snapshot of the current virtual machine state before reverting back to the earlier snapshot,
allowing you to easily restore the virtual machine to its current state if needed.
di
s

To Revert to a Snapshot in XenCenter

tri
bu

The following steps are provided for informational purposes only and are not to be
performed in the lab environment.
t io
n

1. Select the virtual machine that you would like to revert to an earlier version.
2. Select the Snapshots tab.
3. Select the snapshot to which you would like to revert.
4. Click Revert To.
5. Verify that Take a snapshot of the VM's current state and then revert checkbox is selected if
you would like a snapshot of the current state.
6. Click Yes to revert to the earlier snapshot.
7. Start the virtual machine.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 71
Discussion Question
What are some of the concerns associated with having too many snapshots in your environment?

Generalizing the Virtual Machine

Citrix recommends that you generalize a virtual machine before creating a template from it. The
benefit of creating your own customized templates is the ability to configure them with the
appropriate guest operating system, memory, CPU, storage and network settings, and using them to
create new VMs. This eliminates the possibility of conflicts between virtual machines created from
the same template. On a Windows operating system, the tool to do this is called Sysprep and is
bundled with all versions of Windows from Vista forward.

This process is only required if you plan to make a template from the virtual machine.
N

When virtual machines are generalized by Sysprep, they are not usable until they are
brought out of the generalized state.
ot
fo

To Generalize the Virtual Machine

rr
es

1. Logon to the virtual machine that will be generalized.

al

Logon to the Win7 virtual machine using the TempUser and Password1 credentials.
e

2. Click the Windows Explorer icon in the taskbar and then click Computer.
or

3. Browse to C:\Windows\System32\sysprep and then double-click sysprep.

4. Verify that Enter System Out-of-Box Experience (OOBE) is selected.
di

5. Select Generalize.
s tri

6. Select Shutdown from the Shutdown Options and click OK.

bu

7. Wait while the Sysprep process completes and the virtual machine shuts down.
t io

Copying a Virtual Machine

n

One of the benefits of creating virtual machines is that they can be easily copied. You will do this at
times to have a complete backup of a virtual machine or for troubleshooting and testing
applications prior to installing them on the live machine. Virtual machine copies can also be used
for fault tolerance and providing the ability to roll back in the event of problems, or to repurpose
the machine for other needs within the environment.

72 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
To Copy a Virtual Machine Using XenCenter
1. Shut down the virtual machine you would like to copy.
Verify Win7 is shutdown.

2. Right-click the virtual machine you would like to copy and then select Copy VM.
Right-click Win7 and then select Copy VM.

3. Type a name in the Name field for the copied virtual machine.
Type Win7-Copy.

4. Verify that Fast clone is selected and then click Copy.

5. Ensure that the machine is powered off before continuing.
N
ot

Discussion Question
fo

What would happen if you power on both the copied and the original virtual machines without
rr

performing a sysprep?
es

Creating a Template
al
e

With the virtual machine properly prepared and generalized, the template can be created in
or

XenServer.
di

Converting a virtual machine to a template in XenServer cannot be undone.

s tri
bu

To Create a Template from a Virtual Machine

t io
n

1. Select the virtual machine that will be converted to a template.

Select the Win7-Copy virtual machine in XenCenter.

2. Right-click the virtual machine, click Convert to Template, and then click Convert.

a. Right-click Win7-Copy and then click Convert to Template.

b. Click Convert.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 73
3. Rename the virtual machine to fit with your naming scheme.

a. Right-click the template Win7-Copy and then select Properties.

b. Type Win7_Master in the Name field.
c. Type Windows 7 SP1 with XenServer tools installed in the Description field and
then click OK.

Adjusting Virtual Machine or Template Resources

When managing a virtualized environment, it is important to use and allocate your resources wisely
to maximize efficiency. Administrators who create virtual machines and templates within a
hypervisor must be aware of storage capacity, available memory, network resources, and processing
power.
N
ot

Adding Storage to a Virtual Machine or Template

fo

As with managing memory, occasionally end users require additional storage. With the appropriate
rr

resources available on the host, you can easily add storage to a virtual machine or a template.
es
al

To Add Storage to a Virtual Machine or Template in

e

XenCenter
or

1. Select the virtual machine or template to which you would like to add storage and logon with
di

administrator credentials.
s

a. Select the Win2012-Master virtual machine.

tri

b. Click Start.
bu

c. Click the Console tab and allow the virtual machine to start.
t

d. Click Send Ctrl+Alt+Del.

io

e. Click Connect on the Remote Desktop Connection window.

n

f. Logon using TRAINING\Admin1 and Password1 credentials.

g. Select Don't ask me again for connections to this computer on the Remote
Desktop Connection and then click Yes.

2. Select the Storage tab.

3. Click Add.
4. Type a name for the new virtual disk in the Name field.
Type Storage.

74 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
5. Select the size of the disk.
Type 10 and then select GB.

6. Select the location of the storage.

Select Local Storage.

7. Click Add and then click Console.

8. Click Tools within Server Manager and then select Computer Management.
9. Select Disk Management in the left pane.
10. Click OK on the Initialize Disk window, if it appears. The new disk will appear.
11. Right-click Unallocated next to Disk 1.
12. Select New Simple Volume.
13. Click Next in the New Simple Volume Wizard.
N

14. Select the volume size.

ot

Use the default settings and click Next.

fo

15. Assign a drive letter or path to the disk.

rr

Verify that E is selected in the Assign the following drive letter field and then click Next.
es

16. Specify the format partition information.

al
e

Type Storage in the Volume label field and verify that Perform a quick format is selected.
or

A quick format removes files from the partition, but does not scan the disk for bad
di

sectors. Only use this option if your hard disk has been previously formatted and you
are sure that your hard disk is not damaged. During a regular format, files are
s

removed from the volume and the hard disk is scanned for bad sectors.
tri
bu

17. Click Next and then click Finish.

t io

Adjusting the Storage Allocated to a Virtual Machine

n

You may find at times that your environment is running low on storage. Before deciding to
purchase additional storage hardware, check whether storage allocations are appropriate for end-
user needs in the environment. For example, if some of your power users need additional hard disk
space to store their files or if your file server needs additional space than originally planned, you
can easily adjust your disks.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 75
To Adjust the Storage Allocated to a Virtual Machine in
XenCenter
1. Shut down the virtual machine or template to which you would like to make changes.

a. Select the Win2012-Master virtual machine and then click Shut Down.
b. Click Yes and wait for the virtual machine to shut down.

2. Select the Storage tab in XenCenter.

3. Double-click the storage device that you would like to adjust.
Double-click Storage.

4. Click Size and Location in the left pane.

5. Specify a size for the storage you would like to allocate to this disk.
N

Type 15 GB in the Size field.

ot

6. Click OK.
fo

7. Verify that the size of the storage has increased on the Storage tab in XenCenter.
rr

8. Logon to the virtual machine using your domain administrator credentials.

es

a. Select the Win2012-Master virtual machine and then click Start.

al

b. Select the Console tab and wait while the virtual machine starts.
e

c. Logon using the TRAINING\Admin1 and Password1 credentials.

or

9. Launch Server Manager and select Computer Management from the Tools menu.
di

10. Select Disk Management in the left pane.

s

11. Right-click Storage and select Extend Volume.

tri

12. Click Next twice in the Extend Volume Wizard and then click Finish.
bu

13. Verify that Storage (E:) has increased to 15 GB and then close the Computer Management
t

window.
io
n

Adjusting the Memory Allocated to a Virtual Machine or

Template
Your hypervisor gives you the ability to manage your memory allocation appropriately, allowing
you to assign additional memory to a virtual machine when it is running low on resources or if the
end users require more memory to use resource intensive applications.

76 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
To Adjust Virtual Machine or Template Memory Allocations
in XenCenter
1. Shut down the virtual machine on which you would like to reallocate memory. Skip this step if
you are adjusting a template.
Right-click Win2012-Master and select Shutdown, click Yes when prompted.

2. Select the virtual machine or template that you would like to make changes to.
Select the Win2012-Master virtual machine.

3. Select the Memory tab.

4. Click Edit.
5. Verify the appropriate memory has been allocated for the virtual machine.
N

Verify Set a fixed memory of is selected and 1024 is set in the MB field.
ot

6. Click OK.
fo
rr

Adjusting vCPUs Allocated to a Virtual Machine or

es

Template
al

Another resource that can be a limiting factor within an environment is the processing power
e

available to virtual machines. XenCenter allows you to distribute virtual processors across the
or

environment.
di

For more information about how to configure XenServer virtual CPU management, see
Citrix article CTX117960 at http://support.citrix.com.
s tri
bu

To Adjust the vCPUs Allocated to a Virtual Machine or

t io

Template in XenCenter
n

1. Shut down the virtual machine you would like to allocate or reallocate vCPUs. Skip this step if
you are adjusting a template.
The Win2012-Master virtual machine should already be shut down.

2. Select the virtual machine or template that you would like to make changes to.
Select the Win2012-Master virtual machine.

3. Select the General tab.

4. Click Properties.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 77
5. Select CPU in the left pane.
6. Type the number of vCPUs for this virtual machine or template.
Type 2 and verify 2 sockets with 1 core per socket is selected.

7. Click OK.

Managing a Virtual NIC

Additional NICs are needed to associate virtual machines with networks they are not currently
associated with. When you install an interface into the virtual machine, you can link it to the
relevant network, assign it a MAC address either manually or an auto-generated one as well as
enable Quality of Service (QoS) settings for it.
N

To Remove a Virtual NIC in XenCenter

ot

The following steps are provided for informational purposes only and are not to be
fo

performed in the lab environment.

rr
es

1. Select the virtual machine or template on which you would like to add a virtual NIC and
al

ensure it is shut down.

e

2. Select the Networking tab.

3. Select the virtual NIC you would like to remove.
or

4. Click Remove.
di

5. Click Yes in the Delete Network Interface message.

s tri

To Add a Virtual NIC in XenCenter

bu
t io

The following steps are provided for informational purposes only and are not to be
performed in the lab environment.
n

1. Select the virtual machine or template on which you would like to add a virtual NIC and
ensure it is shut down.
2. Select the Networking tab.
3. Click Add Interface.
4. Select the network to be added.
5. Select Auto-generate a MAC address or type a specific address in the Use this MAC address
field.
6. Click Add.

78 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
To Adjust a Virtual NIC in XenCenter
The following steps are provided for informational purposes only and are not to be
performed in the lab environment.

1. Select the virtual machine or template on which you would like to adjust the virtual NIC
settings and shut it down.
2. Select the Networking tab.
3. Select the virtual NIC you would like to adjust.
4. Click Properties.
5. Select Enable a QoS limit of and type the desired limit.
6. Click OK.
N
ot

Discussion Question
fo

Your environment is running low on memory and storage. What are some options available to you
rr

in order to resolve these issues?

es

Configuring and Customizing Alerts

al
e

To simplify monitoring of your environment, hypervisors allows you to configure events and alerts.
or

These events and alerts raise awareness when resources reach a pre-determined level.
di

To Configure and Customize Alerts in XenCenter

s tri
bu

The following steps are provided for informational purposes only and are not to be
performed in the lab environment.
t io
n

1. Select the server or virtual machine on which you would like to configure the alert.
2. Select the General tab.
3. Click Properties.
4. Click Alerts.
5. Select one or more of the available options:
• Select the Generate CPU usage alerts checkbox and then set the CPU usage and time that
will trigger an alert.
• Select the Generate network usage alerts checkbox and then set the network I/O usage
and time threshold that will trigger an alert.

© Copyright 2016 Citrix Systems, Inc. Module 3: Managing and Monitoring the Hypervisor 79
 • Select the Generate disk usage alerts checkbox and set the disk I/O usage and time
threshold that will trigger an alert.
• Type the number of minutes in the Alert repeat interval box at the top of the screen to
configure the frequency of the alerts.
6. Click OK.
7. Click System Alerts on the top right within XenCenter to view any alerts.
8. Click Close.

Discussion Question
A subset of end users in your environment is having difficulty launching and utilizing their virtual
machines. These end users are also noticing degradation in graphical performance with their
AutoCAD software. How can you track these issues? What are some common causes of these
N

issues?
ot

Troubleshooting: Managing and Monitoring Hypervisors

fo
rr
es

Issue Resolution
al

Memory statistics are not displayed for a virtual Confirm that the necessary hypervisor tools are
e

machine. installed on the virtual machine.

or

Hyper-V - Virtual machines are missing from Configure real-time scanning within anti-virus
di

the Hyper-V Management Console. software to exclude:

s

• Default and custom virtual machine

tri

configuration directories
bu

• Default and custom virtual hard disk drive

directories
t io

• Snapshot directories
n

• Vmms.exe and Vmwp.exe files

80 Module 3: Managing and Monitoring the Hypervisor © Copyright 2016 Citrix Systems, Inc.
 4
Module 4

Managing Desktops
and Applications
N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

82 © Copyright 2016 Citrix Systems, Inc.

Managing Desktops and Applications
Overview
Collections of identical virtual machines or physical computers are managed as a single entity called
a machine catalog. The machines within these machine catalogs are configured to run either a
Windows Desktop operating system (OS) or a Windows Server OS. For end users who want to
access their office machine remotely, there is also an option for Remote PC Access when creating
machine catalogs.
In order to deliver desktops and applications to specific end users, you allocate machines from the
catalog to end users through Delivery Groups. Delivery Groups provide desktops, applications, or a
combination of the two, to one or more end users. Delivery Groups provide a flexible way of
allocating machines and applications to end users. In a Delivery Group, you can:
N

• Use machines from multiple catalogs.

ot

• Allocate a user to multiple machines.

fo

• Allocate multiple end users to one machine.

rr

After completing this module you will be able to:

es

• Describe the XenApp and XenDesktop infrastructure for delivering desktops and applications.
al

• Describe the role of the Delivery Controller.

e

• Create and manage machine catalogs.

• Manage Delivery Groups.
or

Module timing: Approximately 4.5 hours

di
s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 83
 The lab environment Student Desktop has two management consoles. You will use both
interchangeably throughout this course. Microsoft Remote Desktop Connection Manager
is the preferred method to logging in and interacting with your virtual machines. Citrix
XenCenter is the preferred method to managing power tasks, mounting and un-mounting
ISO's.
Before you begin, you must ensure these following lab environment core virtual machines
are powered on:
• Controller-1
• DomainController-1
• SQLServer-1
• StudentManagementConsole-1
To conserve resources all other core lab environment virtual machines that are not a part
of a machine catalog may be powered down. Powering down machine catalog virtual
N

machines is not favored as it could impact future session launch times.

ot

All lab environment virtual machines are power managed through XenCenter. To change
the power state of a lab environment virtual machine, complete the following steps:
fo

1. Select the virtual machine within XenCenter.

rr

2. Click on either the Start or Shutdown button on the top-right of the XenCenter.
es
al

Architecture Overview
e
or

The following diagram depicts the functions and communications of the Delivery Controller within
a XenApp and XenDesktop deployment.
di
s tri
bu
t io
n

84 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
 N
ot
fo
rr
es
al
e
or

The Delivery Controller communicates with StoreFront to present resources to end users connected
di

with Citrix Receiver.

s

Supported operating systems include:

tri
bu

• Windows Server 2012 R2 (Standard and Datacenter Editions)

• Windows Server 2012 (Standard and Datacenter Editions)
t io

• Windows Server 2008 R2 SP1 (Standard, Enterprise, and Datacenter Editions)

n

Requirements include:
• 100 MB disk space
• Windows PowerShell 2.0 or 3.0
• Visual C++ 2005, 2008 SP1, and 2010
• Microsoft .NET 3.5 SP1 (required on Windows Server 2008 R2 only)
• Microsoft .NET 4.0
The SQL Server database presents information about the site to the Controllers. Supported database
editions include:
• SQL Server 2012 SP1

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 85
• SQL Server 2008 R2 SP2

Windows authentication is required for connections between the Controller and the SQL
Server database.

The Delivery Controller contacts the hypervisor to confirm availability of the virtual machines and
applications that will be presented to an end user.
The Delivery Controller communicates with Active Directory to validate end-user credentials.
Studio and Director communicate with the Delivery Controller to manage and configure the site.
Once an end user's session has connected to a StoreFront server, the Delivery Controller can
present the end user with a list of resources from the physical network or from a supported
hypervisor.
N

Connecting to Resources
ot
fo

Site outages and interruptions in communications between the Delivery Controller and the site
database can result in resource availability issues for users. Connection leasing enables Delivery
rr

Controllers to continue to broker users to sessions in the event that the site cannot communicate
es

with the site database. This connection brokering relies on a cache on each Delivery Controller.
User sessions brokered for the last two weeks are cached on the Delivery Controller.
al

Connection leasing is not a database redundancy solution. Citrix recommends that XenApp and
e

XenDesktop implementations use SQL mirroring or clustering to protect and provide failover for
or

the site database. Connection leasing is a XenApp and XenDesktop feature that supplements a SQL
Server high availability solution.
di

In most large deployments, connection leasing will likely never be used because the SQL
s

clustering options will prevent the loss of connection to the site database.
tri
bu

For example, an end user has accessed Microsoft Word within the last two weeks, but has not
t io

accessed Microsoft PowerPoint. During the site outage, the connection leasing feature allows the
Delivery Controllers to broker that user’s request to Microsoft Word, but not to Microsoft
n

PowerPoint, because Microsoft PowerPoint is not in the cache.

Connection leasing is enabled by default and is limited to user sessions accessing server-hosted
applications, server desktops and static (assigned) desktops; it is not supported for random (pooled)
desktops. Connection leasing can be turned on or off using the PowerShell SDK or the Windows
registry.
When the Delivery Controller enters into lease connection mode during a database connection
failure:
• Studio, Director and the PowerShell console cannot be used.

86 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
• Workspace control is not available, so users will not be automatically reconnected to
disconnected sessions.
• If new sessions are created just before the database becomes unavailable, users may not be able
to access the resources in those sessions if the Delivery Controllers did not have a chance to
sync with the database.
• Users roaming from an external to internal HDX connection may not be able to reconnect to a
session established from a different network.
• Power managed, powered off static (assigned) desktops remain unavailable until the database
connection is restored.
• New sessions will not prelaunch and session lingering timeouts are not used.
• Server-based connections are routed to the most recently used VDA, and all server-based load
balancing is ignored.
• Only VDAs that are 7.6 minimum version are supported.
N

For more information about connection leasing, see http://docs.citrix.com/en-us/xenapp-and-

ot

xendesktop/7-6/xad-connection-leasing.html.
fo

Managing Machine Catalogs

rr
es

A machine catalog is a collection of virtual machines or physical computers managed as a single

entity. Machine catalogs specify the virtual machines or computers available to host applications or
al

desktops, the Active Directory computer accounts assigned to those virtual machines or computers,
e

and in some cases, the master image that is copied to create the virtual machines. Virtual machines
within machine catalogs are organized into Delivery Groups that deliver the same set of desktops
or

and applications to groups of end users.

di
s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 87
 N
ot
fo
rr
es
al
e
or
di
s tri
bu

To Create New Resource Settings

t io

Perform these steps in order to create new resource settings. The new resource settings will allow
n

you to create machine catalogs in the lab environment. Resource settings are the connection
information used by your XenApp or XenDesktop Delivery site to communicate with the
underlying hypervisor technology. You can improve the performance of a XenApp or XenDesktop
site, by further optimizing the Delivery site connection to the host for XenServer, vSphere, and
Hyper-V.
After you specify the host connection in Citrix Studio, you can use the properties to modify the
connection settings. The connection settings allow you to specify the maximum number of
simultaneous actions, simultaneous Personal Storage inventory updates, and the number of actions
per minute that can occur on a host connection. For more information about connection settings
and connection throttling, see http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-6/xad-
connections.html.

88 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
1. Logon to the machine which has Citrix Studio installed with administrator credentials.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Click Yes on the User Account Control window if it appears.

4. Expand the Configuration node in Studio.
5. Select the Hosting node.
6. Click Add Connection and Resources in the Actions pane.
7. Select the appropriate hypervisor in the Connection type drop-down menu.
Verify that Citrix XenServer is selected.
N
ot

8. Type the IP address of the XenServer into the Connection address field.
Type the IP as http://<XenServerHostIP> into the Connection address field. Use the
fo

XenServer credentials provided with the lab environment to retrieve the IP address of the
rr

XenServer Host.
es

9. Type the administrator credentials for the hypervisor into the User name and Password fields.
al

Use the XenServer credentials provided with the lab environment to complete the User
e

name and Password fields.

or

10. Type a name for the connection in the Connection name field and select the appropriate
networks for the virtual machines to use.
di

Type Training in the Connection name field and then click Next.
s tri

11. Type a name for the resources and then select the networks for the virtual machines to use.
bu

Type Training Resource Settings and then select Internal.

t io

12. Click Next.

n

13. Select the storage devices for the new virtual machines and then click Next.
Verify that Local Storage is selected (leave all other options default) and then click Next.

14. Define the scopes for the resources on the Scopes page and then click Next.
Verify that All scope is selected and then click Next.

15. Click Finish.

16. Select the Training connection at the top of the center pane and then click Edit Connection in
the Actions pane.
17. Select the Advanced tab and investigate the various settings.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 89
18. Click Cancel to avoid applying any of the changes you made.

Citrix recommends that you only adjust these advanced connection properties under the
guidance of a Citrix Support representative.

Using Machine Creation Services

Machine Creation Services (MCS) is a collection of services that work together to create virtual
desktops from a master desktop image on demand, optimizing storage utilization and providing a
pristine virtual desktop to end users every time they logon.
N
ot
fo
rr
es
al
e
or
di
s tri

MCS creates two disks for every machine that is generated from the master image. The two disks
bu

are an Identity Disk and a Differences Disk.

t

The Identity Disk contains the virtual machine's presence within Active Directory. It deals with the
io

relationship between the machine and the Active Directory database. The Differences disk holds
n

changes made to the base image within the session. As all machines are spawned from one
snapshot, their uniqueness is written into the Differences disk as opposed to the base image.

Discussion Question
What are some use cases for Machine Creation Services? Are those use cases different for
Provisioning Services?

90 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
Creating a Machine Catalog for Server Desktops and
Hosted Applications
Collections of identical virtual machines or physical computers are managed as a single entity called
a machine catalog. If you are not provisioning through Machine Creation Services or Provisioning
Services, Citrix recommends that you use Microsoft System Center Configuration Manager or
another third-party application to make sure that the machines in the catalog are consistent.
The machines within these machine catalogs are configured to run either a Windows Desktop OS
or a Windows Server OS. For end users who need to remotely access their office machine, you can
select Remote PC Access for those machine catalogs.
You should create a new machine catalog whenever the desktop needs of your end users deviate
from those being used in the environment. For example, all of the end users are currently provided
with a Windows 8.1 desktop, but some of your end users require a Windows 7 desktop.
N

Here, we will explore two of the three options that are available to you when creating a machine
catalog in Studio. First, we begin with a Server OS machine catalog. Both XenApp and XenDesktop
ot

can create Server OS Machine catalogs; which can then be used later in a delivery group to deliver
both server desktops and applications.
fo
rr

Installing the Virtual Delivery Agent

es
al

The Virtual Delivery Agent (VDA) has to be present on the virtual or physical machines to which
your end users will be connecting. It enables the machines to register with Controllers and manages
e

the HDX connection between the machines and the end-user devices. There are two types of VDA,
or

one specifically used for Desktop OS and one used for Server OS.
di
s

To Install and Configure the VDA on a Server OS

tri
bu

1. Right-click the Win2012-Master from within XenCenter and select Start.

t

If Win2012-Master does not connect from the Microsoft Remote Desktop Connection
io

Manager, check the power state of the machine using Citrix XenCenter.
n

2. Logon to the virtual machine that you will use as the Master Image using domain
administrator credentials.
Logon to the Win2012-Master virtual machine using the TRAINING\Admin1 and
Password1 credentials

3. Insert the XenApp and XenDesktop 7.6 installation media into the DVD drive in XenCenter.
Select XenApp_and_XenDesktop7_6.iso in the DVD Drive 1 field.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 91
 If no ISOs are listed, select the ISO library, Local ISO SR XS in XenCenter, click the
Storage tab,and then click Rescan.

4. Click File Explorer in the taskbar and then click This PC.
5. Double-click the CD Drive (D:) XenApp_and_XenDesktop7_6 to launch the installer.

If the installation wizard does not start automatically, double-click AutoSelect.

6. Click Start next to XenDesktop.

7. Click Virtual Delivery Agent for Windows Server OS.
8. Click Yes on the User Account Control window if it appears.
N

9. Select the appropriate configuration option and then click Next.

ot

Verify that Create a Master Image is selected and then click Next.
fo

This option is selected because we are installing the VDA on a master image. For
rr

more information about optimizing XenApp and XenDesktop machines, see Citrix
es

article CTX125874 at http://support.citrix.com.

al

10. Select the core components to install and then click Next.
e

Verify that Citrix Receiver is selected and then click Next.

or

11. Choose your Delivery Controller configuration.

di

Select Do it manually, type c-1.Training.lab, click Test Connection and then click Add.
s tri

12. Click Next.

13. Select the features you would like to include in the installation and then click Next.
bu

Verify that all features are selected and then click Next.
t io

14. Choose how you will configure your firewall rules and then click Next.
n

Verify that Automatically is selected and then click Next.

These are the default ports used by the Controller. If you need to use different ports,
select Manually and configure the respective ports after the installation completes.

15. Review the Installation Settings Summary and then click Install if the settings are correct.
16. Click Close to allow the machine to restart and then logon using the TRAINING\Admin1
and Password1 credentials.

92 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
17. Click Finish when the installation is complete. Windows configuration will continue and the
virtual machine will be restarted.
18. Logon to the virtual machine on which you installed the VDA using domain administrator
credentials.
Logon to the Win2012-Master virtual machine using the TRAINING\Admin1 and
Password1 credentials.

The installation of the VDA includes Citrix Receiver. If a Receiver prompt appears,
dismiss it.

19. Review the event logs to verify the VDA has successfully registered with a Delivery Controller.

a. Click the Start button on the Windows toolbar.

N

b. Type Event Viewer and then click onEvent Viewer to open the Event Viewer.
ot

c. Expand the Windows Logs node and select the Application logs.
d. Click Find in the "Actions" pane on the right of the screen.
fo

e. Type Citrix Desktop Service and click Find Next.

rr

f. Verify an event was logged indicating the Citrix Desktop Service successfully
es

registered with c-1.training.lab.

al

The following Citrix Desktop Service Event IDs can be reviewed to indicate successful
e

VDA registration with a Delivery Controller: 1010, 1012, 1013.

or
di

20. Shut down the virtual machine once the process is complete.
s

Using XenCenter, right click Win2012-Master and choose Shutdown.

tri
bu

21. Eject the XenApp_and_XenDesktop7_6.iso from the virtual machine.

t io

To Install and Configure the VDA on a Desktop OS

n

1. Start the virtual machine that will become the master image for the Desktop OS machines.
Logon to the Win8-Master virtual machine using the TRAINING\Admin1 and Password1
credentials

2. Attach the XenApp and XenDesktop 7.6 media to the virtual machine.
Select XenApp_and_XenDesktop7_6.iso from the DVD Drive 1 field.

3. Click Desktop from the Start screen and then click the File Explorer icon.
4. Select This PC and then double-click CD Drive (D:) XenApp_and_XenDesktop7_6.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 93
 If the installation wizard does not start automatically, double-click AutoSelect.

5. Click Start next to XenDesktop.

6. Click Virtual Delivery Agent for Windows Desktop OS.
7. Click Yes on the User Account Control window if it appears.
8. Select the appropriate configuration option and then click Next.
Verify that Create a Master Image is selected and then click Next.

This option is selected because we are installing the VDA to a master image. For more
information about optimizing XenApp and XenDesktop machines, see Citrix article
CTX125874 at http://support.citrix.com.
N

9. Determine which Virtual Delivery Agent to install and then click Next.
ot

Verify that No, install the standard VDA is selected and then click Next.
fo

10. Select the necessary core components to install and then click Next.
rr

Verify that Citrix Receiver is selected and then click Next.

es

11. Choose your Delivery Controller configuration.

al
e

Select Do it manually, type c-1.Training.lab, click Test Connection and then click Add.
or

12. Click Next.

13. Select the features you would like to include in the installation and then click Next.
di
s

Select Personal vDisk, ensure that all other features are selected and then click Next.
tri

14. Choose how you will configure your firewall rules.

bu

Verify Automatically is selected and then click Next.

t io

These are the default ports used by the Controller. If you need to use different ports,
n

select Manually and then configure the respective ports after the installation completes.

15. Review the Installation Settings Summary and then click Install if the settings are correct.
16. Click Finish when the installation is complete and allow the virtual machine to restart.
17. Logon to the virtual machine on which you installed the VDA using domain administrator
credentials.
Logon to the Win8-Master virtual machine using the TRAINING\Admin1 and Password1
credentials.

94 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
18. Review the event logs to verify the VDA has successfully registered with a Delivery Controller.

a. Click the Start button on the Windows toolbar.

b. Type Event Viewer and then click on Event Viewer to open the Event Viewer.
c. Expand the Windows Logs node and select the Application logs.
d. Click Find in the "Actions" pane on the right of the screen.
e. Type Citrix Desktop Service and click Find Next.
f. Verify an event was logged indicating the Citrix Desktop Service successfully
registered with c-1.training.lab.

The following Citrix Desktop Service Event IDs can be reviewed to indicate successful
VDA registration with a Delivery Controller: 1010, 1012, 1013.
N

19. Run the inventory updater for Personal vDisk.

ot

a. Click the Start button on the Windows toolbar.

fo

b. Type Update personal vDisk on the Windows Start screen and then click Update
rr

personal vDisk.
es

c. Wait for the process to complete and then click Yes to shut down the virtual
machine.
al

20. Eject the XenApp_and_XenDesktop7_6.iso from the virtual machine.

e
or

Creating a Machine Catalog for Windows Server

di
s

Server OS machine catalogs provide a Windows Server environment and provide standard desktops
tri

and applications that are shared by a large number of end users. These machine catalogs provide
desktops and applications that are:
bu

• Allocated to end users on a per-session, first-come, first-served basis.

t io

• Deployed on standardized machines.

n

Typically, end users who need a Server OS machine:

• Are task workers who require standardized virtual desktops and applications, such as call
center operators and retail workers.
• Do not need to or are not permitted to install applications on their desktops.
With these types of end users, you want to:
• Optimize hardware use by providing only the number of desktops required at any one time
rather than assigning each user a specific desktop.
• Maintain control over desktops and increase security by preventing end users from making
permanent changes.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 95
• Minimize desktop management costs by providing a locked-down standardized environment
for your end users.

Using a Virtual IP Address

Virtual IP and virtual loopback allow XenApp and XenDesktop administrators hosting application
sessions on Server OS machines running Server 2008 R2 and later to host IP dependent
applications. By default, each application running on a Server OS machine shares the IP address of
that machine.
The virtual IP address feature allows you to provide a unique and unused IP address to an
application session running on a Server OS machine. The virtual loopback feature allows you to
assign a session an IP address from the localhost 127.0.0.1 range. These features are implemented
using Citrix policies and are independent; you do not have to enable both.
N

In larger environments, depending upon the class of network and the number of devices
ot

and applications supported, it may be possible to run out of unique IP addresses.

fo

Applications that might require the use of the virtual IP and virtual loopback features for
rr

addressing, licensing, and identification, include CRM and Computer Telephone Integration (CTI).
es

For more information about virtual IPs and virtual loopback, see http://docs.citrix.com/en-
us/xenapp-and-xendesktop/7-6/xad-deliver-virtual-ip.html.
al
e

To Create a Server OS Machine Catalog

or

1. Logon to a machine that has Citrix Studio installed on it.

di

Logon to the StudentManagementConsole-1 virtual machine using the

s tri

TRAINING\Admin1 and Password1 credentials.

bu

2. Open Citrix Studio.

t

Double-click the Citrix Studio icon on the desktop.

io
n

3. Click Yes on the User Account Control window if it appears.

4. Select the Machine Catalogs node in Studio.
5. Click Create Machine Catalog in the Actions pane.

The Machine Catalogs node is not visible until you have completed one of the initial
configuration tasks presented when you first start Studio.

6. Click Next.

96 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
7. Select the type of machine catalog you want to create and then click Next.
Verify that Windows Server OS selected and then click Next.

8. Select the type of infrastructure that will deliver desktops and applications.
Verify that Machines that are power managed (for example, virtual machines or blade
PCs) is selected.

9. Select the machine image management method.

Verify that Citrix Machine Creation Services (MCS) is selected.

10. Click Next.

11. Select the master image that you want to use and then click Next.
Select Win2012-Master and then click Next.
N
ot

Ensure that the Win2012-Master virtual machine is turned off before continuing.
fo
rr

12. Select the number of virtual machines you would like to create and their resources.
es

Select 2 virtual machines, with 1 Virtual CPUs, and 1024 MB of memory, and then click
Next.
al
e

13. Add computer accounts on the Active Directory Computer Accounts page and then click Next.
or

a. Select Create new Active Directory accounts.

di

b. Select the Training Virtual Desktops > Servers organizational unit.

s

c. Specify the account-naming scheme as HostedApps-## and then click Next.

tri

14. Define the scopes for the machine catalog on the Scopes page and then click Next.
bu

Verify that All scope is selected and then click Next.

t io

15. Add a name and description before creating the machine catalogon the Summary page and
n

then click Finish.

Type HostedApps as the name of the machine catalog, leave the description blank, and then
click Finish.

The creation process will take approximately 3-5 minutes.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 97
16. Open XenCenter to verify virtual machines were created successfully.
Open XenCenter and verify HostedApps-01 and HostedApps-02 are listed.

Creating a Machine Catalog for Windows Desktop

Desktop OS machine catalogs provide a Windows desktop environment and provide desktops and
applications that are assigned to individual users. Only XenDesktop can create desktop OS machine
catalogs.
Typically, end users who need a Desktop OS machine:
• Are task or knowledge workers who require personalized desktops of which they can take
ownership
• Are mobile workers who want to access the same desktop from a variety of devices over
N

different networks
ot

• Need to install their own applications on their desktops

fo

With these types of end users, you want to:

rr

1. Standardize certain aspects of end users' desktops through the use of a common template
2. Deliver end users' desktops to any device regardless of hardware capability
es

3. Reduce desktop management costs while still providing your end users with a personalized
al

desktop experience
e
or

To Create a Desktop OS Machine Catalog

di

1. Logon to a machine that has Citrix Studio installed on it.

s tri

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
bu

2. Open Citrix Studio.

tio

Double-click the Citrix Studio icon on the desktop.

n

3. Click Yes on the User Account Control window if it appears.

Click Cancel if the End Snap-in window appears.

4. Select the Machine Catalogs node and then click Create Machine Catalog.
5. Click Next on the Introduction screen.

98 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
6. Select the type of machine catalog you want to create and then click Next.
Select Windows Desktop OS and then click Next.

7. Select the type of infrastructure that will deliver desktops and applications.
Verify that Machines that are power managed (for example, virtual machines or blade
PCs) is selected.

8. Select the machine image management method and then click Next.
Verify that Machine Creation Services (MCS) is selected and then click Next.

9. Select the appropriate desktop experience for your end users.

Verify I want users to connect to the same (static) desktop each time they logon and Yes,
save changes on a separate Personal vDisk are both selected.
N

10. Select the master image you want to use and then click Next.
ot

Select Win8-Master and then click Next.

fo

11. Specify the number of virtual machines you would like to create and their configuration.
rr

Select:
es

a. 2 as the number of virtual machines needed

al

b. 1Virtual CPU
e

c. 1024 Memory (MB)

or

d. 10 Personal vDisk size (GB)

e. P: Personal vDisk drive letter
di

12. Click Next.

s tri

13. Add computer accounts on the Active Directory Computer Accounts page and then click Next.
bu

a. Select Create new Active Directory accounts.

t

b. Select the Training Virtual Desktops > Desktops organizational unit.

io

c. Type UserDesktop-## in the Account naming scheme field and then click Next.
n

14. Define the scopes for the machine catalog on the Scopes page and then click Next.
Verify that All scope is selected and then click Next.

15. Add a name and description before creating the machine catalogon the Summary page and
then click Finish.

a. Type UserDesktops as the machine catalog name.

b. Type Standard Windows 8.1 Desktops as the description and then click Finish.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 99
 The creation process will take approximately 5-10 minutes.

16. Open XenCenter to verify virtual machines were created successfully.

Open XenCenter and verify UserDesktop-01 and UserDesktop-02 are listed.

Discussion Question
What are some reasons for creating a Server OS machine catalog as opposed to creating a Desktop
OS machine catalog?
N

Managing Delivery Groups

ot

Delivery Groups are a grouping of end users who require access to a common set of applications or
fo

desktop resources, and require the same end-user experience across those resources. A Delivery
Group can access different machine catalogs as long as the machine catalogs consist of similar
rr

machine types. For example, end users assigned to the Engineer Delivery Group can access the
es

hosted applications on the Server 2012 App Catalog as well as the CAD application hosted on the
Server 2012 CAD Catalog; the desktop and the applications are delivered with a consistent end-user
al

experience from a single Delivery Group.

e

You cannot create mixed Delivery Groups from machine catalogs with different machine
or

types. Machine catalog characteristics must match if you want to put the machines into a
single group. For example, you cannot mix machines from Server OS machine catalogs
di

with Desktop OS machine catalogs.

s tri

Defining the end-user experience in the Delivery Group means that you do not need to duplicate or
maintain these settings across multiple pools of resources, and the backend resources can be
bu

changed without affecting the end-user experience.

t io
n

100 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
 N
ot

You can create Delivery Groups for specific teams, departments, or types of end users. With
Delivery Groups, you can:
fo

• Specify groups of end users who access desktops, applications, or desktops and applications.
rr

• Add end users and groups of users.

es

In order for end users to access resources from a machine catalog, a Delivery Group is required.
When creating a Delivery Group, you will need to specify the end users, groups, applications, and
al

desktop settings to match the end-user needs. You will also have the ability to configure power
e

management options for the desktops in the group.

or
di
s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 101
Session prelaunch and session linger are user session experience optimizations. The session
prelaunch and session linger features help users quickly access applications by starting sessions
before they are requested (session prelaunch) and keeping application sessions active after a user
closes all applications (session linger). These features are supported for Server OS machines only.
By default, session prelaunch and session linger are not used; a session starts (launches) when a
user starts an application, and remains active until the last open application in the session closes.
Session prelaunch and session linger settings are configured in the settings for a Delivery Group.
Considerations:
• The Delivery Group must support applications, and the Server OS machines must be running a
Server VDA version 7.6 or later.
• Users must be using a Citrix Receiver for Windows that is configured with additional settings.
For more information about these additional settings, see Citrix product documentation at
http://docs.citrix.com. Search for session prelaunch for the specific Receiver for Windows
version.
N

• When using session prelaunch:

ot

• Physical client machines cannot use the suspend or hibernate power management
fo

functions.
• Users can lock their end-user devices but should not log off.
rr

• Prelaunched and lingering sessions consume a license, but only when connected. Unused
es

prelaunched and lingering sessions disconnect after 15 minutes by default. This value can be
configured in PowerShell using the New/Set-BrokerSessionPreLaunch cmdlet.
al
e

Careful planning and monitoring of your users’ activity patterns are essential to
tailoring these features to complement each other. Optimal configuration balances the
or

benefits of earlier application availability for users against the cost of keeping licenses
in use and resources allocated.
di
s tri

To Create a Delivery Group for Application Delivery

bu

1. Logon to a machine that has Citrix Studio installed on it.

t io

Logon to the StudentManagementConsole-1 virtual machine using the

n

TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Click Yes on the User Account Control window if it appears.

4. Select the Delivery Groups node.
5. Click Create Delivery Group.
6. Click Next on the Getting started with Delivery Groups screen.

102 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
7. Select a machine catalog for the Delivery Group, and then specify the number of machines the
group will consume from the machine catalog.
Verify the HostedApps machine catalog is selected, and then add 1 machine.

8. Click Next.
9. Select the type of resource that you want to deliver to your end users on the Delivery Type
page.
Select Applications.

10. Click Next.

11. Add the user accounts and user groups that can access the resource.
Click Add, type Domain Users, click Check Names, and then click OK.

12. Click Next.

N

13. Select applications from the display on the Applications page, if the Delivery Group will
ot

provide applications and then click Next.

fo

It may take a few moments for the list of applications to populate. In the background,
rr

XenApp and XenDesktop are starting the machine assigned to this catalog to
inventory the applications available for publishing, and will populate this list once the
es

information is obtained.
al
e

Select Calculator and WordPad, and then click Next.

or

14. Select the scope to assign to this Delivery Group.

Verify that Allscope is selected and then click Next.
di
s

15. Verify that all of the details on the Summary page are correct and then specify a Delivery
tri

Group name.
bu

Type Hosted Applications as the delivery group name.

t io

16. Click Finish.

n

17. Optimize the Hosted Applications Delivery Group with Session Prelaunch and Session
Lingering.
Select the Hosted Applications Delivery Group and then click Edit Delivery Group in the
Actions pane.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 103
18. Configure Application Prelaunch.

a. Click Application Prelaunch and select Prelaunch when any user in the Delivery
Group logs on to Receiver for Windows.
b. Select Minutes and set the number to 15.
c. Click Apply.

19. Configure Application Lingering.

a. Click Application Lingering and then select Keep sessions active until.
b. Select Minutes and set the number to 15.
c. Click Apply and then click OK.
N

Discussion Question
ot

How would you handle a request that asks you to provide access to a Windows 8.1 machine catalog
fo

and a Server 2012 R2 machine catalog for one group of end users?
rr
es

To Create a Delivery Group for Anonymous User Access

al

In some scenarios, administrators may want to allow non-domain users to access company
e

resources from non-domain joined computers such as kiosks at libraries, schools and trade shows.
You can configure Delivery Groups containing Server OS machines to allow users to access
or

applications and desktops without presenting credentials to StoreFront or Citrix Receiver.

di

Considerations:
s

• Unauthenticated user support is configured through Delivery Groups. Each machine in the
tri

Delivery Group must have a Server VDA version 7.6 or later installed and a store must be
bu

specifically configured in StoreFront for use by unauthenticated users.

t

Users requiring sessions on Desktop OS machines must logon using authenticated user
io

credentials
n

• An Anonymous Users Group is created when you install the Delivery Controller.

Some applications might still require credentials even though the StoreFront store and
Citrix Receiver do not.

• Unauthenticated user accounts are created on demand when a session is launched. User
accounts are named AnonXYZ, in which XYZ is a unique three-digit value.

104 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
• Unauthenticated user sessions have a default idle timeout of 10 minutes and are logged off
automatically when the user device disconnects. Reconnection, roaming between user devices,
and Workspace Control are not supported.
1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Click Yes on the User Account Control window if it appears

Click Cancel if the End Snap-in window appears.

4. Select the Delivery Groups node.

N

5. Click Create Delivery Group.

ot

6. Click Next on the Getting Started with Delivery Groups screen.

fo

7. Select the machine catalog and the number of machines to add.

rr

Verify the HostedApps machine catalog is selected and select 1 machine.

es

8. Click Next.
al

9. Select Applications and then click Next.

e

10. Add the unauthenticated (anonymous) users.

or

Select Give access to unauthenticated (anonymous) users; no credentials are required to

access StoreFront.
di

11. Click Next.

s tri

12. Add the applications to the Delivery Group and then click Next.
bu

It may take a few moments for the list of applications to populate. In the background,
XenApp and XenDesktop are starting the machine assigned to this catalog to
t io

inventory the applications available for publishing, and will populate this list once the
n

information is obtained.

Select Paint and then click Next.

13. Select the scope to assign to this Delivery Group and then click Next.
Verify that All scope is selected and then click Next.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 105
14. Add a name and description before creating the Delivery Group on the Summary page and
then click Finish.
Type Anonymous Access as the Delivery Group name, leave the description blank, and then
click Finish.

To Create a Delivery Group for User Desktops

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

N

Double-click the Citrix Studio icon on the desktop.

ot

3. Click Yes on the User Account Control window if it appears.

fo

Click Cancel if the End Snap-in window appears.

rr
es

4. Select the Delivery Groups node.

al

5. Click Create Delivery Group.

e

6. Click Next on the Getting started with Delivery Groups screen.

or

7. Select a machine catalog for the Delivery Group and then specify the number of machines the
group will consume from the machine catalog.
di
s

Verify the UserDesktops machine catalog is selected and then specify 2 machines.
tri

8. Click Next.
bu

9. Select the type of resource that you want to deliver to your end users on the Delivery Type
t

page and then click Next.

io

Verify that Desktops is selected and then click Next.

n

10. Add the user accounts and user groups that can access the resource and then click Next.

a. Click Add, type Human Resources and then click Check Names.
b. Click OK.
c. Click Next.

11. Add your StoreFront server settings to configure Citrix Receiver and then click Next.
Verify that Manually, using a StoreFront server address that I will provide later is
selected and then click Next.

106 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
12. Select the scope to assign to this Delivery Group and then click Next.
Verify that All is selected and then click Next.

13. Verify that all of the details on the Summary page are correct and then specify a Delivery
Group name and display name.
Type HR Desktops as the Delivery Group name and HR Desktop as the display name.

14. Click Finish.

Organizing Applications in Folders

Application folders allow XenApp and XenDesktop administrators to organize applications in the
Delivery Groups without affecting how users access the applications. This organization is
accomplished during the creation of the Delivery Group or afterwards using Citrix Studio.
N
ot

By default all applications specified in a Delivery Group are organized under the default application
folder named Applications. Application folders can be nested up to five times by dragging and
fo

dropping applications and folders.

rr

To Organize Applications in Folders

es
al

1. Logon to a machine that has Citrix Studio installed on it.

e

Logon to the StudentManagementConsole-1 virtual machine using the

or

TRAINING\Admin1 and Password1 credentials.

di

2. Open Citrix Studio.

s

Double-click the Citrix Studio icon on the desktop.

tri

3. Click Yes on the User Account Control window, if it appears.

bu

Click Cancel if the End Snap-in window appears

t io

4. Select the Delivery Groups node.

n

5. View the default Application organization.

Click the Applications tab and note that Calculator, Notepad, Paint and Wordpad are all
listed under the default Applications folder. This list of applications reflects multiple
Delivery Groups.

6. Create and name a new Application folder.

a. Right-click the Applications blue bar to the left of the applications list and select
Create Folder.
b. Name the new folder Domain Users and then click OK.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 107
7. Organize the applications in the Delivery Group created for the TRAINING\Domain Users
group.

a. Click Show all directly above the Applications folder.

b. Drag and drop Calculator, Notepad, and Wordpad into the Domain Users folder.

8. Verify that the appropriate applications appear within the application folder.
Click the Domain Users application folder and verify that Calculator, Notepad, and
Wordpad are listed. Also notice that Paint was not added to the folder because Paint was
not published to the TRAINING\Domain Users group.

Securing Connections
N

Many administrators must adhere to company compliance regulations based on security

requirements and ensuring that all company traffic (internal and external) is secure. To ensure that
ot

communications are properly encrypted, administrators typically add certificates to Delivery

Controllers, StoreFront servers, NetScaler appliances and more.
fo
rr

The SSL to VDA feature allows you to secure communications between users and the Virtual
Delivery Agents (VDAs) with SSL. To configure SSL to VDA, you:
es

• Manually configure SSL on the machines containing the VDA using the Microsoft
al

Management Console or use the Enable-VdaSSL.ps1 PowerShell script located on the

installation media. Note: The PowerShell script configures SSL on static VDAs; it does not
e

configure SSL on random (pooled) VDAs that are provisioned by Machine Creation Services or
or

Provisioning Services, where the machine image resets on each restart.

• Configure SSL in the Delivery Groups containing the VDAs using the Get-
di

BrokerAccessPolicyRule and Set-BrokerAccessPolicyRule PowerShell scripts in Studio.

s tri

Before you configure the SSL to VDA communications, you should be aware of the following
considerations:
bu

• SSL connections between users and VDAs are valid only for sites in XenApp 7.6 and
t

XenDesktop 7.6 or later versions.

io

• SSL configuration in the Delivery Groups and on the machines containing the VDA is done
n

after you create the Delivery site, create the machine catalogs, and create the Delivery Groups.
• Only Full Administrators have the permissions required to configure SSL in the Delivery
Groups and change the Delivery Controller access rules.
• Only Windows administrators on the machines containing the VDA have the necessary
permissions to configure SSL on those machines.
• If SSL Relay was installed on a machine, it must be uninstalled before installing the VDA on
the machine. This is applicable to machines being upgraded from a previous version of
XenApp or XenDesktop.

108 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
 For more information about securing internal communications using the SSL to VDA
feature, see http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-6/xad-security-article/xad-
ssl.html.

Managing Resources
From time to time you may need to add, delete, or reallocate resources to better fit the needs of
your organization. The modular design of XenApp and XenDesktop gives you the ability to manage
resources in a granular fashion.

To Add Machines to a Machine Catalog

1. Logon to a machine that has Citrix Studio installed on it.
N

Logon to the StudentManagementConsole-1 virtual machine using the

ot

TRAINING\Admin1 and Password1 credentials.

fo

2. Open Citrix Studio.

rr

Double-click the Citrix Studio icon on the desktop.

es

3. Click Yes on the User Account Control window if it appears.

al
e

Click Cancel if the End Snap-in window appears.

or
di

4. Select the Machine Catalogs node and then select the machine catalog you want to add
s

machines to.
tri

Select the UserDesktops machine catalog.

bu

5. Click Add Machines in the Actions pane.

t io

6. Specify the number of virtual machines that you want to add then click Next.
n

Verify 1 machine is listed and then click Next.

7. Ensure that the current Active Directory settings are correct for your environment and then
click Next.
Verify that Training Virtual Desktops>Desktops is selected and then click Next.

8. Click Finish.

Studio creates the machine as a background process so that you can continue to work.
Machine creation continues to completion even if you close Studio.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 109
9. Open XenCenter to verify virtual machines were created successfully.
Open XenCenter and verify UserDesktop-03 is listed.

To Perform an Update to the Master Image Virtual Machine

It may be necessary to update desktops in a machine catalog when installing applications, when
installing hotfixes or service packs into the base operating system, or when making any significant
change to the original image.
1. Start the Master Image virtual machine and then logon using the domain administrator
credentials.
Using XenCenter, power on the Win8-Master virtual machine. Logon using the
TRAINING\Admin1 and Password1 credentials
N

2. Perform the desired changes.

ot

a. Type \\AD\Share in the Start screen and then press Enter.

fo

b. Double-click Firefox Setup and then click Run.

rr

c. Click Yes on the User Account Control prompt if it appears.

es

d. Click Install.
al

e. Select Don't import anything and then click Next. Firefox will launch.
e

f. Deselect Always perform this check when starting Firefox in the "Default
Browser" prompt and click Not now.
or

g. Close Firefox.
di

3. Update the Personal vDisk inventory on the virtual machine.

s tri

a. Click the Start button to access the Start screen.

bu

b. Type Update into the Start screen and click Update Personal vDisk.
c. Click Yes to shut down.
t io
n

To Update the Desktops in a Machine Catalog

The administrator can make updates to a master machine when users are actively using machines
in the machine catalog. The administrator can then determine when the updates on the master
machine are rollout out to the idle machines and those that are actively being used.

• Server OS Desktop machine catalogs can be updated using either XenApp or

XenDesktop.
• Desktop OS machine catalogs can be updated using XenDesktop only.

110 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Select the Machine Catalogs node in Studio and then select a machine catalog that you would
like to update.
Select the UserDesktops machine catalog.

4. Click Update Machines.

5. Select the delivery groups to be affected and then click Next.
Select HR Desktops and then click Next.
N
ot

6. Select the host and updated master image that you want to use and then click Next.
fo

Select the Win8-Master virtual machine image and then click Next.
rr

7. Select the appropriate roll-out strategy and then click Next.

es

Select Immediately (leave all other options default) and then click Next.
al

It is safe to roll out the changes immediately in the lab environment because there are
e

no users currently logged in. This is likely not the case in a production scenario.
or
di

8. Verify that the details are correct and then click Finish.
s tri

Managing Active Directory Accounts

bu
t

You can remove Active Directory computer accounts from Desktop OS and Server OS machine
io

catalogs, and Organizational Units (OUs) from Remote PC Access machine catalogs in order to
n

make unused accounts available for use in other machine catalogs. Similarly, you can attach
additional accounts to a machine catalog so that when more machines are added to the machine
catalog, the computer accounts are already in place.

To Manage Active Directory Accounts

The following steps are provided for informational purposes only and are not to be
performed in the lab environment.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 111
1. Logon to a machine that has Citrix Studio installed on it.
2. Open Citrix Studio.
3. Select the Machine Catalogs node.
4. Select a machine catalog in the center pane.
5. Click Manage AD Accounts.
6. Click Add.
7. Type the object names to select and then click Check Names.
8. Click OK.
9. Decide whether to reset the account password or to give them all the same password and then
click OK.
10. Click Close.
N

Managing Power for Machines in a Desktop OS Delivery

ot

Group
fo

Full and partial machine power management is available for Delivery Group machines. However,
rr

this only applies to Desktop OS machines. For Server OS machines, you can manage power settings
es

by using reboot schedules.

al

To Manage Power for Machines in a Desktop OS Delivery

e
or

Group
di

1. Logon to a machine that has Citrix Studio installed on it.

s

Logon to the StudentManagementConsole-1 virtual machine using the

tri

TRAINING\Admin1 and Password1 credentials.

bu

2. Open Citrix Studio.

t io

Double-click the Citrix Studio icon on the desktop.

n

3. Select the Delivery Groups node and then select the Delivery Group that you wish to control.
Select HR Desktops.

You have to be on the Delivery Groups tab.

4. Click Edit Delivery Group in the Actions pane.

5. Select the Power Management tab.

112 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
6. Edit the power management settings for the Delivery Group.

a. Verify that Weekdays is selected in Power manage machines field.

b. Click 6:00 and drag the green box to 21:00.
c. Type 30 minutes in the When disconnected field in the During peak hours section
and select the action Suspend.

7. Click OK.

To Reallocate Machines in a Delivery Group

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.
N
ot

2. Open Citrix Studio.

fo

Double-click the Citrix Studio icon on the desktop.

rr

3. Select the Delivery Groups node.

es

4. Select the Delivery Group containing the machines you want to reallocate and then select Edit
Delivery Group.
al

Select HR Desktops and then select Edit Delivery Group.

e
or

5. Select Users in the left pane so you can add or remove users and groups to the Delivery Group.
di

You can use an import list to specify the users and groups who can access any existing
or physical machines.
s tri
bu

Click Add.
t io

6. Specify the users or groups you would like to add and then click Check Names.
n

Type TRAINING\Admin1 and then click Check Names.

7. Click OK twice.

Discussion Question
What is the time zone setting in the basic settings of a Delivery Group used for? What could be a
reason to set two Delivery Groups to different time zones?

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 113
To Shut Down and Restart Desktops
1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Select the Delivery Groups node.

4. Select the Delivery Group containing the machines you want to shut down and then click View
Machines.
Select HR Desktops and then click View Machines.
N

5. Select the machine and then select the appropriate power management action from the Actions
ot

pane. Depending on the state of the machine, some of these options are not available:
a. Force shutdown - Forcibly turns of the machine and refreshes the list of machines.
fo

b. Restart - Tells the machine operating system to shut down and start the machine
rr

again.
es

c. Suspend - Pauses the machine without shutting it down and refreshes the list of
machines.
al

d. Shut down - Requests that the machine's operating system shut down.
e
or

Select a machine that lists the power state as Off and then click Start. The power state
change and the machine can be seen in the XenCenter console. In some scenarios the citrix
di

administrator may not have access to the hypervisor console. The machine state can also be
seen within Studio after a refresh.
s tri

6. Click Yes.
bu
t

Enabling and Disabling Maintenance Mode

io
n

Putting a machine in maintenance mode lets you perform administrative tasks on the associated
image, such as applying updates and upgrading using image management tools.
User connectivity is affected as follows when in maintenance mode:
• With Server OS machines, end users can connect to existing sessions but cannot start new
sessions.
• With Desktop OS and Remote PC Access machines, end users cannot connect or reconnect. If
the user is already connected, they will stay connected until they either disconnect or log off.
Machines are available for user connections when you take them out of maintenance mode.

114 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
To Enable and Disable Maintenance Mode
1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Select the Delivery Groups node.

4. Select the Delivery Group that you need to service and then click View Machines to locate
individual machines.
Select Notepad Application Servers and then click View Machines.
N

5. Select the machine and then click Turn On Maintenance Mode..

ot

Select AppServer-1.Training.lab and then click Turn On Maintenance Mode.

fo

6. Click Yes.
rr
es

Removing Desktops from Delivery Groups

al

Removing a machine deletes it from a Delivery Group but does not delete the associated virtual
e

machine from the machine catalog on which the group is based. Therefore, the machines are
or

available for assignment to other Delivery Groups.

You can only remove machines while in maintenance mode. Putting the machine in maintenance
di

mode temporarily prevents end users from connecting to the machine while you are removing it.
s tri

Machines may contain personal data. Manage this activity appropriately, especially if the
bu

machine is allocated to another end user.

t io
n

To Remove Desktops from Delivery Groups

1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Select the Delivery Groups node.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 115
4. Select a Delivery Group and then click View Machines.
Select Notepad Application Servers and then click View Machines.

5. Select the machine and put it in maintenance mode.

Select AppServer-1.Training.lab. This machine should already be in maintenance mode.

6. Verify that the machine is shut down.

7. Click Remove from Delivery Group and then click Yes.

Deleting a Delivery Group

There are Delivery Groups for desktops and for applications. There may be potential scenarios
wherein you would need to move machines to another Delivery Group and then delete the leftover
N

Delivery Group. This involves putting the Delivery Group into maintenance mode.
ot

To Delete a Delivery Group

fo
rr

1. Logon to a machine that has Citrix Studio installed on it.

es

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
al
e

2. Open Citrix Studio.

or

Double-click the Citrix Studio icon on the desktop.

di

3. Click Delivery Groups and then select the Delivery Group to delete.
s

Click Delivery Groups and then select the Notepad Application Servers Delivery Group.
tri
bu

4. Click Delete Delivery Group and then click Yes.

t io

Deleting Machines from a Machine Catalog

n

When you delete a machine, end users can no longer access it, and the machine is deleted from the
machine catalog. Before deleting the machine, make sure all user data is backed up since end users
cannot be logged on the machine that you want to delete. Place the machine in maintenance mode
to stop end users from connecting to the machine.

116 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
To Delete Machines from a Machine Catalog
1. Logon to a machine that has Citrix Studio installed on it.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open Citrix Studio.

Double-click the Citrix Studio icon on the desktop.

3. Click Yes on the User Account Control window if it appears.

Click Cancel if the End Snap-in window appears.

N

4. Select Machine Catalogs in Citrix Studio and then select the catalog containing the machine to
ot

be deleted.
fo

Select Machine Catalogs and then select the AppServers machine catalog.
rr

5. Click View Machines to view the machines associated with the machine catalog.
es

6. Shut Down the machine you would like to delete if it is powered on.
Using XenCenter select AppServer-1.Training.lab and then click Shut Down.
al
e

AppServer-1.Training.lab was created as an existing machine catalog. Power

or

management tasks from the studio do not apply to existing machine catalogs.
di
s

7. Select the machines to delete and then click Delete.

tri

Select AppServer-1.Training.lab and then click Delete.

bu

8. Click Finish.
t io

This process will remove the AppServer-1 from Citrix Studio and the XenDesktop
n

database. The AppServer-1 virtual machine has not been created with MCS or
Provisioning Services therefore the machine will still exist on the hypervisor and must
be deleted from XenCenter manually.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 117
 The steps to delete a virtual machine created by MCS or Provisioning Services are:
1. Select the virtual machine and click Delete.
2. Select Remove the virtual machines from the Catalog and delete the virtual
machines.
3. Select Remove the accounts from the Catalog and delete them from Active
Directory.
4. Click Next.
5. Click Finish.

To Delete a Machine Catalog

1. Logon to a machine that has Citrix Studio installed on it.
N

Logon to the StudentManagementConsole-1 virtual machine using the

ot

TRAINING\Admin1 and Password1 credentials.

fo

2. Open Citrix Studio.

rr

Double-click the Citrix Studio icon on the desktop.

es

3. Click Yes on the User Account Control window if it appears.

al

Click Cancel if the End Snap-in window appears.

e
or

4. Select Machine Catalogs in Citrix Studio and then select the catalog to be deleted.
di
s

Select Machine Catalogs and then select the AppServers machine catalog.
tri

5. Click Delete Machine Catalog.

bu

6. Click Finish.
t io
n

Troubleshooting: Managing Desktops and Applications

Issue Resolution
An administrator is unable to update desktops Verify that the administrator has the
in a machine catalog. appropriate permissions.

Unable to remove a machine from a machine Verify that the machine is in maintenance mode
catalog. prior to removal.

118 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
Issue Resolution
When creating an application delivery group in Verify that the application is installed on the
Studio, the desired application does not appear. application server/host.

Not all end users have access to a newly created Verify that the application has been assigned to
application. all of the required Delivery Groups. Verify that
the application is enabled.

You are unable to power manage a machine. Verify that the machine is a virtual machine.
Physical machines cannot be power-managed
through XenApp and XenDesktop.

Users logon time is taking longer than usual. Ensure that the power management settings for
a Delivery Group are appropriate for the end
N

users. Verify that different time zones are taken

ot

into consideration.
1. Choose the Delivery Group in which you
fo

would like to verify the time zone.

rr

2. Click Edit Delivery Group.

es

3. Click End user settings.

4. Verify the time zone.
al
e

You are unable to reallocate a machine within a Ensure that the machine was not created using
Delivery Group. Provisioning Services, as they are unable to be
or

reallocated.
di

Users in a Delivery Group are unable to access Verify that maintenance mode is not enabled.
s

their applications or desktops.

tri
bu

Reinforcement Exercise: Delivering Server Desktops

t io
n

During this exercise, you will not be given step-by-step instructions for performing the
task. Instead, you are asked to use what you have learned to complete it. This exercise is
designed to take your newly-acquired knowledge and determine if you can apply it to
perform a task you have never done before. In most instances the default value will be the
best choice, but we encourage you to explore and try different options. If you have a
question or need help, ask the instructor or a fellow student for assistance.

In this module, you have learned how to:

• Describe the XenApp and XenDesktop infrastructure for delivering desktops and applications.
• Describe the role of the Delivery Controller.
• Create and manage machine catalogs.

© Copyright 2016 Citrix Systems, Inc. Module 4: Managing Desktops and Applications 119
• Manage Delivery Groups.
Time to complete: Approximately 20 minutes
Your manager has asked you to deliver a Server Desktop to all of the domain administrators on the
network. As there are only a few domain administrators, you believe that a single server will easily
fit this objective.
In order to deliver these desktops, you decide to use an existing machine catalog called HostedApps
because it can fit your needs quickly. However, there are no more machines available in that
catalog, so you will have to create them.
To complete your objective:
• Add one additional machine to the HostedApps machine catalog.
• Use the default memory and processor resources.
• Add the machine to the Training Virtual Desktops > Servers organization unit.
N

• Use the naming scheme ServerDesktop-#

ot

• Add a new Delivery Group called ServerDesktops.

• Publish the desktops only to the TRAINING\Domain Admins group.
fo
rr
es
al
e
or
di
s tri
bu
t io
n

120 Module 4: Managing Desktops and Applications © Copyright 2016 Citrix Systems, Inc.
 5
Module 5

Managing
StoreFront
N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

122 © Copyright 2016 Citrix Systems, Inc.

Managing StoreFront
Overview
Citrix StoreFront authenticates end users to XenApp and XenDesktop sites, enumerating and
aggregating available desktops and applications into stores that end users access through Citrix
Receiver for Android, iOS, OSX, Linux, Windows, Win8/RT, or Receiver for Web sites. StoreFront
is the successor to Web Interface and has been built on a modern, more flexible and powerful
framework that enables StoreFront to provide next generation features, such as:
• A unified StoreFront that delivers SaaS & native mobile applications and XenApp and
XenDesktop resources.
• Simplified Account Provisioning, which enables end users to connect to assigned desktops and
applications by simply entering their email or a server address, or by opening a Provisioning
N

File in Receiver.
ot

• Access from any Receiver with a consistent user experience, including automatic fallback to an
HTML 5 client if a native client is not available locally and cannot be installed.
fo

• Synchronization of resource subscriptions across all platforms and devices (Follow-me Apps &
rr

Data).
es

After completing this module you will be able to:

al

• Discuss StoreFront components and the communication that takes place within its architecture.
e

• Create, add, hide, and remove stores within StoreFront.

or

• Manage authentication services.

• Control the resources that are made available through stores.
di

• Manage Citrix Receiver updates.

s tri

Module timing: Approximately 3 hours

bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 123

 The lab environment Student Desktop has two management consoles. You will use both
interchangeably throughout this course. Microsoft Remote Desktop Connection Manager
is the preferred method to logging in and interacting with your virtual machines. Citrix
XenCenter is the preferred method to managing power tasks, mounting and un-mounting
ISO's.
Before you begin, your must ensure these following lab environment core virtual machines
are powered on:
• Controller-1
• DomainController-1
• EndPoint-Internal-1
• SQLServer-1
• StoreFrontServer-1
• StudentManagementConsole-1
N

To conserve resources all other core lab environment virtual machines that are not a part
ot

of a machine catalog may be powered down. Powering down machine catalog virtual
machines is not favored as it could impact future session launch times.
fo

All lab environment virtual machines are power managed through XenCenter. To change
rr

the power state of a lab environment virtual machine, complete the following steps:
es

1. Select the virtual machine within XenCenter.

al

2. Click on either the Start or Shutdown button on the top-right of the XenCenter.
e
or

StoreFront Architectural Overview

di

StoreFront is a front-end web server responsible for aggregating resources from different locations
s

and presenting end users with a list of resources, including desktops and applications. The
tri

presentation of resources is customizable. An organization can control how resources are presented
bu

or users can subscribe to the resources available to them as needed.

t io
n

124 Module 5: Managing StoreFront © Copyright 2016 Citrix Systems, Inc.

 When planning your StoreFront deployment, consider the following recommendations:
• Citrix recommends hosting StoreFront on a dedicated instance of IIS. Installing other
Web applications on the same IIS instance as StoreFront could have security
implications for the overall StoreFront infrastructure.
• In a production environment, Citrix recommends using HTTPS to secure
communications between StoreFront and end users' devices. To use HTTPS,
StoreFront requires that the IIS instance hosting the authentication service and
associated stores is configured for HTTPS. In the absence of the appropriate IIS
configuration, StoreFront uses HTTP for communications.
• StoreFront servers must reside within the same Microsoft Active Directory forest as
the XenApp and XenDesktop servers hosting end users' resources. All the StoreFront
servers in a group must reside within the same domain. To enable smart card and
user certificate authentication, end users' accounts must be configured within the
Active Directory forest containing the StoreFront servers.
N

• Consider implementing multiple StoreFront servers to ensure high availability if the

ot

primary server hosting StoreFront fails.

• Configure the external load balancer to fail over between the servers to ensure end
fo

users have uninterrupted access to their applications and desktops.

rr
es

StoreFront Components
al

StoreFront consists of several components and are described in the following section:
e

• StoreFront Server - The StoreFront server records details of end-user application subscriptions
or

locally along with associated shortcut names and locations. When an end user accesses a store,
the application synchronization feature automatically updates the subscribed applications on
di

the end-user device to match the configuration stored on the StoreFront server. The credentials
s

are later retrieved by the Store Service to authenticate to XenApp and XenDesktop, ensuring
tri

that the end user has a consistent experience across all devices.
bu

StoreFront requires a minimum of 2 GB of storage space on the StoreFront server.

t io
n

• Authentication Service - The StoreFront authentication service authenticates end users to

XenApp and XenDesktop sites. When an end user's credentials have been validated, the
authentication service handles all subsequent interactions to ensure that the user only needs to
logon once. The credentials are stored using built-in Windows security features.
• Store - The store retrieves end-user credentials from the authentication service to authenticate
end users to the components providing the resources. The store also enumerates and aggregates
the resources currently available from XenApp and XenDesktop sites and the Delivery
Controller (SaaS applications). End users access the store through Citrix Receiver or a Receiver
for Web site.

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 125

• Receiver for Web site - This site enables end users to access stores through a Web page.
Furthermore, this site can verify the version of Receiver installed locally on the end-user device
and guide the end user through an upgrade or installation procedure if required. In scenarios
where Receiver cannot be locally installed, an HTML 5-based Receiver will be used.

StoreFront Communication
N
ot
fo
rr
es
al
e
or
di
s tri
bu
t io
n

1. An end user enters a username and password into Receiver, which is then sent to the
StoreFront server. End users may skip this step if pass-through authentication is configured.
2. The authentication service of StoreFront retrieves the end-user credentials and validates them
with a domain controller. The StoreFront server must be a member of the same Active
Directory forest as the end-user account and the accessed resources.
3. StoreFront retrieves the end user's application subscriptions locally and loads them into
memory.

126 Module 5: Managing StoreFront © Copyright 2016 Citrix Systems, Inc.

4. StoreFront forwards the end-user credentials as part of an XML query to the XenApp and
XenDesktop Delivery Controller.
5. The Delivery Controller validates the end-user credentials with a domain controller.
6. After a successful validation, the Delivery Controller checks which resources have been
published for this end user within its SQL Server database.
7. The Delivery Controller sends an XML response to StoreFront, which contains all resources
available for the end user from the XenApp and XenDesktop site.
8. StoreFront sends the list of available resources including the existing subscriptions to Citrix
Receiver or displays them in the Receiver for Web site.

Discussion Question
What advantages does StoreFront offer in place of Web Interface?
N
ot

StoreFront Management Console

fo

After the initial configuration of StoreFront, other tasks that enable you to manage your
rr

deployment become available in the StoreFront management console. This console gives you the
es

following access:
• Stores - Create, configure, and manage stores.
al

• Receiver for Web - Create and configure a Web-based point of access for end users.
e

• Citrix NetScaler Gateway - Configure NetScaler connection settings.

or

• Server Groups - Customize StoreFront server groups.

di

• Beacons - Manage beacon points for external and internal access.

s

• Authentication - Configure the authentication process for the StoreFront site.

tri
bu

Creating a New Store

t io

StoreFront allows you to create as many stores as needed for a particular group of end users or to
n

group together a specific set of resources. To create a store, you must identify and configure
communications with the servers providing the resources that you want to make available in the
store. You will then have the option to configure remote access through NetScaler.

To Create and Add a New Store

1. Logon to the primary StoreFront server using domain administrator credentials.
Logon to the StoreFrontServer-1 virtual machine within the Citrix lab environment using
the TRAINING\Admin1 and Password1 credentials.

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 127

2. Using the Windows Start Screen type in StoreFront and click the Citrix StoreFront icon in
the search results to launch the StoreFront management console.
3. Select the Stores node and then click Create Store.
4. Specify the store name and then click Next.
Type Store and then click Next.

5. Click Add on the Delivery Controllers page.

6. Type a name for the XenDesktop Site.
Type XenDesktop Site.

7. Verify that XenApp 7.5 (or later) or XenDesktop is the selected as the type of Delivery
Controller.
8. Click Add.
N

9. Type the Server name or IP address of a Delivery Controller in the environment.

ot

Type C-1.Training.lab into the Server name field.

fo

It is recommended to add a second Controller in a production environment to ensure

rr

there are no single point of failure. If available, Citrix recommended practices suggest
es

using a hardware load balancer, such as NetScaler. When using a hardware load
balancer, the FQDN of the Controller load balancer would be added to the Store.
al

10. Click OK.

e

11. Select the types of connections that StoreFront will use to communicate with the Delivery
or

Controllers from the Transport type list.

di

Verify HTTPS is listed.

s

12. Specify the port for StoreFront to use for connections to the XenApp and XenDesktop site.
tri
bu

Verify that 443 is specified in the Port field..

t

13. Click OK and then click Next..

io

14. Specify whether and how end users connecting from public networks can access the store
n

through NetScaler on the Remote Access page.

Verify None is listed.

If it is not already enabled, the pass-through from NetScaler authentication method is

automatically enabled when you configure remote access to the store through
NetScaler. End users authenticate to NetScaler and are automatically logged on when
they access their stores.

15. Click Create.

16. Click Finish.

128 Module 5: Managing StoreFront © Copyright 2016 Citrix Systems, Inc.

Creating Anonymous User Stores
Delivery Groups can be configured for use with both authenticated and unauthenticated
(Anonymous) users. To support both types of users accessing sessions using XenApp or
XenDesktop, you must create separate stores for the authenticated users and the unauthenticated
users in StoreFront.

Stores created for unauthenticated users do not support remote access through NetScaler
Gateway.

To Create a Store for Anonymous User Access

1. Logon to the primary StoreFront server using domain administrator credentials.
N

Logon to the StoreFrontServer-1 virtual machine using the TRAINING\Admin1 and

ot

Password1 credentials.
fo

2. Click Start, type StoreFront, and then click StoreFront.

rr

3. Select the Stores node and then click Create Store for Unauthenticated Users.
es

4. Click Next in the Information screen.

5. Specify the store name and the click Next.
al

Type Anonymous Store and then click Next.

e
or

6. Click Add on the Delivery Controllers page.

7. Type a name for the XenDesktop Site.
di

Type XenDesktop Site.

s tri

8. Verify that XenDesktop to XenApp 7.5 (or later), or XenDesktop is selected.

bu

9. Click Add.
t

10. Type the server name or IP address of a Delivery Controller in the environment.
io
n

Type C-1.Training.lab.

It is recommended to add a second Controller in a production environment to ensure

there are no single point of failure. If available, Citrix recommended practices suggest
using a hardware load balancer, such as NetScaler. When using a hardware load
balancer, the FQDN of the Controller load balancer would be added to the Store.

11. Click OK.

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 129

12. Select the types of connections from the Transport type list that StoreFront will use to
communicate with the Delivery Controllers.
Verify HTTPS is selected to use a secure connection.

13. Specify the port for StoreFront to use for connections to the XenApp or XenDesktop site.
Verify that 443 is specified in the Port field.

14. Click OK and then click Create.

It may take several minutes to create the store.

15. Click Finish once the store has been created.

N
ot

Hiding a Store
fo

Hiding a store will prevent end users from adding stores to their accounts when they configure
rr

Citrix Receiver through email-based account discovery. By default, when you create a store it is
presented as an option for end users to add within Citrix Receiver when they discover the
es

StoreFront server hosting the store. Hiding the store does not make it inaccessible; instead, end
users must configure Citrix Receiver with connection details for the store, either manually using a
al

setup URL or with a provisioning file.

e
or

To Hide a Store
di

1. Logon to the StoreFront virtual machine using domain administrator credentials.

s tri

Logon to the StoreFrontServer-1 virtual machine using the TRAINING\Admin1 and

Password1 credentials.
bu

2. Click Start, type StoreFront, and then click Citrix StoreFront.

t io

3. Select the Stores node.

n

4. Select the store you would like to hide.

Select Training.

5. Click Hide Store and then click Yes to hide the store..

Discussion Question
What is the impact of a StoreFront server failure on the end user?

130 Module 5: Managing StoreFront © Copyright 2016 Citrix Systems, Inc.

Managing Authentication
The management of authentication within StoreFront is necessary to allow end users access to
XenApp and XenDesktop applications and desktops. StoreFront will then handle all interactions to
ensure that end users only need to logon once.

Configuring Authentication
You can enable or disable end-user authentication methods set up when the authentication service
was created, by selecting an authentication method within the StoreFront management console. If
end users are having difficulty accessing the store or Receiver for Web site, you may need to review
their authentication settings.

To Configure Authentication Methods

N
ot

1. Logon to the StoreFront virtual machine using domain administrator credentials.

fo

Logon to the StoreFrontServer-1 virtual machine using the TRAINING\Admin1 and

rr

Password1 credentials.
es

2. Click Start, type StoreFront, and then click Citrix StoreFront.

al

3. Select the Authentication node..

e

4. Click Add/Remove Methods within the Actions pane.

5. Specify the access methods that you want to enable or disable for your end users.
or

Select and verify the following methods are being used:

di

• User name and password

s

• Domain pass-through
tri
bu

6. Click OK.
t io

Discussion Question
n

What authentication methods have you used? What are the benefits of each?

Enabling End Users to Change Their Passwords

You can perform this task to enable end users accessing stores with explicit domain credentials to
reset their expired passwords when logging on. When this setting is enabled, end users who cannot
logon because their passwords have expired are redirected to the Change Password dialog box.
StoreFront then contacts the domain controller to reset the end-user password.

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 131

To Enable End Users to Change Their Passwords At Any
Time
1. Logon to the StoreFront virtual machine using domain administrator credentials.
Logon to the StoreFrontServer-1 virtual machine using the TRAINING\Admin1 and
Password1 credentials.

2. Click Start, type StoreFront, and then click Citrix StoreFront.

3. Select the Authentication node.
4. Click Manage Password Options in the Actions pane.
5. Select the appropriate option.
Select At any time.
N

6. Click OK.
ot
fo

Managing Delivery Controllers

rr

StoreFront has the capability to aggregate several independent infrastructures, like legacy XenApp
es

farms as well as XenApp and XenDesktop sites, to seamlessly present all available resources to users
from any of these infrastructures in a single unified location for access.
al
e

Adding Delivery Controllers

or

After creating a store within StoreFront, you may need to add other controllers. Adding controllers
di

alleviates the issue of having a single point of failure. There may also be times in which you want to
s

modify or remove existing Delivery Controllers that are available to a particular store.
tri
bu

To Add Delivery Controllers

t io

1. Logon to the StoreFront virtual machine using domain administrator credentials.

n

Logon to the StoreFrontServer-1 virtual machine using the TRAINING\Admin1 and

Password1 credentials.

2. Click Start, type StoreFront, and then click Citrix StoreFront.

3. Select the Stores node in the StoreFront console.
4. Select a store in the center pane.
Select Store.

5. Click Manage Delivery Controllers in the Actions pane.

132 Module 5: Managing StoreFront © Copyright 2016 Citrix Systems, Inc.

6. Click Add to include desktops and applications from another site, farm, or virtual appliance in
the store.
7. Specify a name to help identify the deployment in the Display name field.
Type XenApp 6.5 Farm in the Display name field.

8. Indicate whether the resources that you want to make available are provided by XenApp 7.5
(or later) or XenDesktop, XenApp 6.5 (or earlier), AppController, or VDI-in-a-Box.
Select XenApp 6.5 (or earlier).

9. Click Add, type the name or IP address of Delivery Controllers running the Citrix XML
Service and then click OK.
Click Add, type xenapp-1.Training.lab and then click OK.

The resource added in this step, "xenapp-1.Training.lab" does not exist in this lab
N

environment. It is being used for illustrative purposes only.

ot
fo

10. Select the type of connection in Transport type.

rr

Verify HTTPS is selected to use a secure connection.

es

If you are using certificates to secure connections between StoreFront and XenApp
al

and XenDesktop sites, ensure that the server names you specify in the Servers list
e

match exactly (including the case) the names on the certificates for the servers.
or

11. Click OK twice.

di
s

To Remove Delivery Controllers

tri
bu

1. Logon to the StoreFront virtual machine using domain administrator credentials.

t io

Logon to the StoreFrontServer-1 virtual machine using the TRAINING\Admin1 and

Password1 credentials.
n

2. Click Start, type StoreFront, and then click Citrix StoreFront.

3. Click Yes on the User Account Control window if it appears.

Click Cancel if the End Snap-in window appears.

4. Select the Stores node.

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 133

5. Select a store to delete in the results pane.
Select Store.

6. Click Manage Delivery Controllers in the Actions pane.

7. Select a Delivery Controller and then click Remove to stop StoreFront from contacting that
Delivery Controller or server when enumerating the resources that are available.
Select XenApp 6.5 Farm and then click Remove.

8. Click OK.

Discussion Question
How can StoreFront help you transition from previous versions of Citrix products?
N
ot

Removing a Store
fo

If an existing store is being replaced or is no longer usable for a particular group or user, it may be
rr

necessary to remove the store. When a store is removed, any associated Receiver for Web sites are
es

also deleted.
al

To Remove a Store
e
or

1. Logon to the StoreFront virtual machine using domain administrator credentials.

di

Logon to the StoreFrontServer-1 virtual machine using the TRAINING\Admin1 and

s

Password1 credentials.
tri
bu

2. Click Start, type StoreFront, and then click Citrix StoreFront.

t

3. Click Yes on the User Account Control window if it appears.

io
n

Click Cancel if the End Snap-in window appears.

4. Select the Stores node.

5. Select the store that you want to remove.
Select Training.

6. Click Remove Store and then click Yes.

134 Module 5: Managing StoreFront © Copyright 2016 Citrix Systems, Inc.

Discussion Question
How does the propagation process work if you have a deployment of two StoreFront servers?

Troubleshooting: Managing StoreFront

Issue Resolution
Receiver for Windows end users cannot logon To resolve this issue, run the command Set-
to stores using pass-through authentication, BrokerSite -
even though the domain pass-through TrustRequestsSentToTheXmlServicePort $True
authentication method is enabled in the from a Windows PowerShell command prompt
StoreFront authentication service. on the server hosting the XenApp and
N

XenDesktop Delivery Controller.

ot

Changes to the configuration of the StoreFront In multiple server deployments, use only one
fo

server group are not propagating. server at a time to make changes to the
configuration of the server group. Ensure that
rr

the StoreFront management console is not

es

running on any of the other StoreFront servers

in the deployment. Once complete, propagate
al

your configuration changes to the server group

e

so that the other servers in the deployment are

updated.
or

StoreFront cannot join a server group. Ensure that you are not using Group Policy to
di

prevent the addition of new members to the

s

local administrator group. When you add a new

tri

server to a server group, StoreFront service

bu

accounts are added as members of the local

administrator group on the new server. These
t

services require local administrator permissions

io

to join and synchronize with the server group.

n

After upgrading multiple StoreFront servers the Ensure that you upgrade your StoreFront
stores, sites and services have become unusable. servers sequentially. Upgrading multiple
StoreFront servers in parallel is not supported
and can cause configuration mismatches that
lead to this issue.

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 135

 StoreFront supports Windows event logging for the authentication service, stores, and
Receiver for Web sites. Any events that are generated are written to the StoreFront
Application log, which can be viewed using the Event Viewer under either Applications
and Services Logs > Citrix Delivery Services or Windows Logs > Application. For more
information about event logging, see Citrix product documentation at
http://docs.citrix.com.

Reinforcement Exercise: Creating and Configuring a New

Store
During this exercise, you will not be given step-by-step instructions for performing the
task. Instead, you are asked to use what you have learned to complete it. This exercise is
designed to take your newly-acquired knowledge and determine if you can apply it to
N

perform a task you have never done before. In most instances the default value will be the
best choice, but we encourage you to explore and try different options. If you have a
ot

question or need help, ask the instructor or a fellow student for assistance.
fo

In this module, you learned how to:

rr

• Discuss StoreFront components and the communication that takes place within its architecture.
es

• Create, add, hide, and remove stores within StoreFront.

al

• Manage authentication services.

e

• Control the resources that are made available through stores.

or

• Manage Citrix Receiver updates.

Time to complete: Approximately 30 minutes
di

A legacy Web Interface server that has been decommissioned is waiting to be replaced with a Citrix
s

StoreFront server. The StoreFront server will initially be used for internal users of Receiver to access
tri

desktops and applications. Eventually, the design will incorporate a StoreFront site that is being
bu

rolled out externally and used across the business.

t

Your objective is to:

io

• Create a new store called Training.

n

• Add both of the XenApp and XenDesktop Delivery Controllers that exist in the environment.
• Allow access to XenApp and XenDesktop using a HTTP connection only.
• Configure Store to be the default store to ensure that users of earlier Citrix client-side software
will be able to access the store.
• Perform the following tests from the EndPoint-Internal virtual machine using the
TRAINING\HRUser1 and Password1 credentials.
• Use IE to browse to the Store using the Receiver for Web Address.
• Add https://sfs-1.Training.lab to the Trusted sites zone within Internet Explorer.
• Confirm that you can connect to the Store through Receiver for Web

136 Module 5: Managing StoreFront © Copyright 2016 Citrix Systems, Inc.

 • Install Citrix Receiver onto the virtual machine through the Web browser.
• Confirm that you can connect to the store through Receiver.
• Confirm that HRUser1 can launch Wordpad and the HR Desktop

N
ot
fo
rr
es
al
e
or
di
s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 5: Managing StoreFront 137

 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

138 © Copyright 2016 Citrix Systems, Inc.

 6
Module 6

Managing Policies
and Profiles
N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

140 © Copyright 2016 Citrix Systems, Inc.

Managing Policies and Profiles
Overview
Policies are the most efficient method of controlling connection, security, and bandwidth settings.
You can create policies for specific groups of end users, devices, or connection types. Each policy
can contain multiple settings. For example, you can configure settings to:
• Control sound quality for end-user devices.
• Allow end users to access the Documents folder on their local end-user device.
• Allow or prevent remote end users from being able to save to their hard drives from within a
session.
• Allow or prevent end users from accessing the Windows clipboard.
N

• Monitor CPU usage, HDX (ICA) latency, and profile load time.
ot

Citrix policies can be managed through Group Policy in Microsoft Windows or within the Citrix
fo

Studio console in XenApp or XenDesktop. The console or tool you use depends on whether you
have the appropriate permissions to manage Group Policy, where policies will be stored, and how
rr

policies will be maintained.

es

You can also use Citrix policies to accommodate your end users' varying needs. With policies you
can apply different profile behavior to the machines in each Delivery Group. For example, one
al

Delivery Group might require Citrix mandatory profiles, whose template is stored in one network
e

location, but another Delivery Group might require Citrix roaming profiles stored in another
or

location with several redirected folders.

Citrix Profile management provides you with an easy, reliable, and high-performance way to
di

manage end-user personalization settings in a virtualized or physical Windows environment. Citrix

s

Profile management requires minimal infrastructure and administration, and provides end users
tri

with fast logons and logoffs. Whichever profile solution you choose, you can access diagnostic
bu

information for and troubleshoot end-user profiles.

t

For more information about profile solutions, see Citrix Support at

io

http://www.citrix.com/support.
n

After completing this module, you will be able to:

• Create, apply, and edit a policy in Studio and as a Group Policy Object (GPO).
• Prioritize policies in Studio and within Active Directory GPOs.
• Use, import, and export a user policy template within Studio and Active Directory.
• Run and obtain a resultant set of policy (RSOP) report.
• Configure folder redirection and streaming user profiles.
• Manage profile settings using Citrix policies.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 141
• Resolve conflicting profiles.
Module timing: Approximately 5 hours

The lab environment Student Desktop has two management consoles. You will use both
interchangeably throughout this course. Microsoft Remote Desktop Connection Manager
is the preferred method to logging in and interacting with your virtual machines. Citrix
XenCenter is the preferred method to managing power tasks, mounting and un-mounting
ISO's.
Before you begin, your must ensure these following lab environment core virtual machines
are powered on:
• Controller-1
• DomainController-1
• SQLServer-1
N

• StoreFrontServer-1
ot

• StudentManagementConsole-1
To conserve resources all other core lab environment virtual machines that are not a part
fo

of a machine catalog may be powered down. Powering down machine catalog virtual
rr

machines is not favored as it could impact future session launch times.

es

All lab environment virtual machines are power managed through XenCenter. To change
the power state of a lab environment virtual machine, complete the following steps:
al

1. Select the virtual machine within XenCenter.

e

2. Click on either the Start or Shutdown button on the top-right of the XenCenter.
or
di

Policy Precedence (Studio vs. Group Policy Objects)

s tri

Policies can be created using Studio or using GPOs. Prior to creating policies, you should evaluate
whether policies should be managed and stored in Studio or by using GPOs.
bu

Citrix recommends managing and storing policies using GPOs if you have the appropriate
t io

permissions in Active Directory.

n

In situations where policies exist that have been created using both Studio and GPOs, Group
Policy-based settings take precedence over policies stored within the site database.

142 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
 N
ot
fo
rr
es

Creating Policies Using Studio

al

If you do not have the necessary permissions to manage Group Policy, or if filtering mechanisms
e

such as SmartAccess are required, use Studio to create policies for your site. Policies created using
or

Studio are stored in the site database and updates are pushed to the end-user session either when
the machine registers with the broker or when an end user connects to the relevant resource.
di

Before you create a policy, decide which group of end users or devices you want it to affect. You
s

may want to create a policy based on end-user job function, connection type, end-user device, or
tri

geographic location.
bu
t

Unfiltered Policy
io
n

You have the option of creating policies that can be assigned to all objects in a site, or using the
pre-created unfiltered policy. Unfiltered policies are created by default upon the installation of
XenApp and XenDesktop. By default, unfiltered policies apply to all objects and sessions within the
site, allowing you to configure global, organization-based settings within one policy. If you want
policies to impact specific groups or end users or objects, you can use policy filters to apply these
settings. The pre-created unfiltered policies cannot be deleted.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 143
Using a Policy Template in Studio
Templates can help you save time when administering a large environment and are also useful for
establishing standards that multiple administrators can use.
You can create templates from either an existing template or an existing policy. Several computer
policy templates already exist for specific purposes. New policies can be created from these
templates and modified as needed or you can choose to create your own custom policy templates.
The new template is then populated with the same settings as the original template or policy. Any
assignments specified in the original policy are not included in the template.

To Create a Policy from a Template

1. Logon to the machine that has Citrix Studio installed.
N

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
ot

2. Double-click Citrix Studio on the desktop to open it.

fo

3. Select Policies in the left pane of Studio and then select the Templates tab.
rr
es

If the Welcome screen for Citrix Policies appears, select Don't show this again and
then click Close.
al
e

4. Select the template that you want to implement and then create a new policy from it.
or

Select High Definition User Experience and then click Create Policy from Template in the
di

Actions pane.
s

5. Verify that Template default settings (recommended) is selected and then click Next.
tri

6. Select how you would like to apply the policy and then click Next.
bu

a. Click Assign to the right of the User or Group option.

t io

b. Type TRAINING\Remote Employees in the User or group name field and then
n

click OK.
c. Click Next.

7. Type a policy name and then click Finish.

Type User Experience Enhancements for Remote Employees and then click Finish.

144 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
To Create a Policy Using Studio
1. Logon to the machine that has Citrix Studio.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Select Policies in the left pane of Studio.
4. Click Create Policy in the Actions pane. The Create Policy wizard opens.

If the Create Policy option is not available in the Actions pane, ensure the Policies tab
is selected.

5. Add and configure individual policy settings, as required and then click OK.
N
ot

a. Select Desktop UI from the All Settings menu

b. Click Select to the right of the Menu animation setting.
fo

c. Select Prohibited and then click OK.

rr

d. Click Select to the right of the View window contents while dragging setting.
es

e. Select Prohibited and then click OK.

al

6. Click Next.
e

7. Assign the policy to a particular user or group or assign to it all objects within the site and
or

then click OK.

di

a. Click Assign to the right of the Delivery Group object.

s

b. Select HR Desktops from the Delivery Group field and then click OK.
tri
bu

8. Click Next.
9. Enter a unique name for the new policy or accept the default name that is generated
t

automatically.
io
n

Type Disabled Desktop UI Elements as the policy name.

10. Click Finish to create the policy.

Applying a Policy Using Studio

When you assign a policy to certain end users and machine objects, that policy is applied to
connections according to specific criteria or rules. If no assignments are added, the policy is applied
to all connections. You can add as many assignments as you want to a policy, based on a
combination of criteria.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 145
You must add at least one assignment to a policy for that policy to be applied correctly. If you do
not add any assignments, policy settings are applied to all user sessions, unless those policy settings
are overridden by settings in a policy with a higher priority.

Citrix recommends that you apply policies to groups rather than individual end users. If
you apply policies to groups, assignments are updated automatically when you add or
remove end users from the group.

To Apply a Policy
1. Logon to the machine that has Citrix Studio installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.
N

2. Double-click Citrix Studio on the desktop to open it.

ot

3. Select Policies in the left pane of Studio.

fo

4. Click the Policies tab and then select an existing policy or create a new policy.
rr

Select the Disabled Desktop UI Elements policy.

es

5. Click Edit Policy in the Actions pane to open the Policy Wizard.
6. Configure policy settings, if necessary and then click Next.
al
e

Click Next.
or

7. Click Assign or Edit for each user or machine object to which you want to assign the policy.
di

a. Select Edit to the right of the Delivery Group object.

s

b. Click + and then select Hosted Applications from the Delivery Group field.
tri

c. Click OK.
bu

8. Click Next to use the existing assignment settings and then click Finish to complete editing the
t io

policy.
n

Editing a Policy Using Studio

If you want to apply another policy setting, consider editing the existing policy and configuring the
appropriate options instead of creating an additional policy. Avoid creating a new policy solely to
enable a specific setting or to exclude the policy from applying to certain end users.

146 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
To Edit a Policy
1. Logon to the machine that has Citrix Studio installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Click Yes on the User Account Control window if it appears.

Click Cancel if the End Snap-in window appears.

4. Select Policies in the left pane of Studio.

5. Click the Policies tab and then select an existing policy or create a new policy.
N
ot

Click the Policies tab and then select the Disabled Desktop UI Elements policy.
fo

6. Click Edit Policy in the right pane to open the Policy Wizard.
rr

7. Add or edit the policy settings and then click OK.

es

a. Select Desktop UI from the All Settings menu.

b. Click Select to the right of the Desktop wallpaper setting.
al

c. Select Prohibited and then click OK.

e
or

8. Click Next.
9. Adjust user and machine assignments, if necessary and then click Next.
di

Click Next.
s tri

10. Click Finish.

bu
t

Prioritizing Policies Using Studio

io
n

When creating policies for a site, you may encounter a situation in which specific end users require
exceptions to the current policy. This action is taken by creating policies and prioritizing them.
Prioritizing policies allows you to define the precedence of policies when they contain conflicting
settings. You prioritize policies by giving them different priority numbers. By default, new policies
are given the lowest priority. If policy settings conflict, a policy with a higher priority overrides a
policy with a lower priority.

A priority number of 1 is the highest.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 147
To Prioritize a Policy
1. Logon to the machine that has Citrix Studio installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Click Yes on the User Account Control window if it appears.

Click Cancel if the End Snap-in window appears.

4. Select Policies in the left pane of Studio.

5. Click the Policies tab and then select an existing policy.
N
ot

Click Policies and then select the Disabled Desktop UI Elements policy.
fo

6. Change the policy to a higher or lower priority, as necessary.

rr

Select Higher Priority for the Disabled Desktop UI Elements policy.

es
al

Discussion Question
e

What type of policy should you configure if you need to create specific settings and want them
or

applied globally across your organization?

What if there are end users or objects that should not be affected by these policy settings?
di
s tri

To Create a Computer Template in Studio

bu

1. Logon to the machine that has Citrix Studio installed.

t io

Logon to the StudentManagementConsole-1 virtual machine using the

n

TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Click Yes on the User Account Control window if it appears.

Click Cancel if the End Snap-in window appears.

4. Select Policies in the left pane of Studio and then select the Policies tab.

148 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
5. Select the policy you would like to use as a template.
Select the Disabled Desktop UI Elements policy that you previously configured.

6. Right-click the policy and select Save as Template.

7. Verify the settings, click Unselect to the right of any settings that you want to exclude from the
template, and then click Next.
Click Next.

8. Type a name for the template and a description.

Type Disabled Desktop UI Elements without a description.

9. Click Finish. The new template appears on the Templates tab of Studio within the Custom
templates pane.
N
ot

Exporting a Policy Template Using Studio

fo

Exporting a policy template allows you to create backups of your template files to aid in the
recovery of policy configurations. It also allows you to supply policy configurations from your site
rr

to aid Citrix Support in troubleshooting issues.

es

You can also export policies created in Studio into Group Policy Objects.
al
e
or

To Export a Policy Template

di
s

1. Logon to the machine that has Citrix Studio installed.

tri
bu

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
tio

2. Double-click Citrix Studio on the desktop to open it.

n

3. Click Yes on the User Account Control window if it appears.

Click Cancel if the End Snap-in window appears.

4. Select Policies in the left pane of Studio.

5. Click the Templates tab and then select the template you want to export.
Click the Templates tab and then select Disabled Desktop UI Elements in the Custom
templates field.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 149
6. Click Export Template. The Export Template dialog box appears.
7. Select the location where you want to save the template and then click Save. A .gpt file is
created in the location you specified.
Type \\AD\Share\Policies in the Address field of the Export Template window and then
click Save.

Importing a Policy Template Using Studio

Policy templates are local to the computer on which you are running the console to manage your
site. You can transfer policy configurations between environments, including other sites that you
manage on the computer running the console.
You can transfer templates by importing or exporting them. Importing a policy template allows you
to implement policy configurations from servers in other sites, or policy configurations created by
N

Citrix Support to resolve issues in your site.

ot
fo

To Import a Policy Template

rr

1. Logon to the machine that has Citrix Studio installed.

es

Logon to the StudentManagementConsole-1 virtual machine using the

al

TRAINING\Admin1 and Password1 credentials.

e

2. Double-click Citrix Studio on the desktop to open it.

or

3. Click Yes on the User Account Control window if it appears.

di

Click Cancel if the End Snap-in window appears.

s tri
bu

4. Select Policies in the left pane of Studio.

t io

5. Click the Templates tab and click Import Template.

n

6. Find the policy to import, click Open, and then click Yes.

a. Browse to the \\AD\Share\Policies folder and select USB Security.gpt.

b. Click Open.

Running the Resultant Set of Policy

When multiple policies settings are configured in an environment, it can be difficult to determine
the effect of those settings on a resource or end user. You can model the outcome of the policy
settings on a connection using the Citrix Group Policy Modeling Wizard. With the Citrix Group

150 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
Policy Modeling Wizard, you can specify conditions for a connection scenario such as domain
controller, end users, Citrix policy assignment evidence values, and simulated environment settings
such as slow network connection. The report that the wizard produces lists the policies that would
likely take effect in the scenario.
The Citrix Group Policy Modeling Wizard can be run from Studio and from the Group Policy
Management Console. If you created policies using:
• Studio only, you should use the Citrix Group Policy Modeling Wizard from Studio.
• Studio and the Group Policy Management console, you should use the Citrix Group Policy
Modeling Wizard from Studio.
• Group Policy Management Console only, you should use the Citrix Group Policy Modeling
Wizard from the Group Policy Management Console.
N
ot
fo
rr
es
al
e
or
di
s

To Create a Resultant Set of Policy Using the Group Policy

tri

Management Console
bu

1. Logon to the machine that has the Group Policy Management Console and Citrix Studio
t io

installed.
n

Logon to the Controller-1 virtual machine from the Citrix lab environment using the
TRAINING\Admin1 and Password1 credentials.

2. Open Server Manager and then click Tools in Server Manager.

3. Click Group Policy Management.
4. Expand the Forest node.
Expand the Forest: Training.lab node.

5. Right-click Citrix Group Policy Modeling and then click Citrix Group Policy Modeling
Wizard.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 151
6. Click Next in the Welcome screen.
7. Specify the domain controller that will process the Resultant Set of Policy.
Click Next to use any available domain controller.

This lab environment has only one domain controller, AD.Training.lab is used
automatically.

8. Specify the OU containing the end users or computers you want to model and then click OK.

a. Click Browse to the right of Container in the Computer Information field.

b. Double-click Training > Training Virtual Desktops > Servers.
c. Click OK.
N

9. Click Next on the User and Computer Selection screen.

ot

10. Specify the filter criteria to use and then click Next.
fo

Click Next.
rr

11. Specify the advanced simulation options and then click Next.
es

Click Next.
al

12. Click Run.

e

13. Click Close in the Completing screen to view the report .

or

If you receive a message from Internet Explorer that the site is being blocked click
di

Add.
s tri

14. Review the policy modeling report to determine which policies were applied and have an effect
bu

on the selected end users or computers.

15. Close the Group Policy Management window.
t io
n

152 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
Creating Policies Using Group Policy

N
ot
fo
rr

The following is a description of the policy flow depicted in the graphic.

es

1. Citrix policy extensions are installed on the same machine where GPOs will be created or
managed. These extensions add a Citrix node in the Microsoft GPO Editor and GPMC
al

consoles for managing machines and end users.

e

In general, Citrix does not recommend installing policy extensions on domain

or

controllers.
di
s

2. Local and domain policies are created

tri

a. Active Directory group policies are created and assigned using GPMC or GPO Editor.
bu

These policies are applied at the OU, Domain and site level of Active Directory. Citrix
policies are created in exactly the same manner as Microsoft policies.
t io

b. Local site policies are created using the Citrix Studio Management Console. The
n

settings are stored in the site database and propagated to the registry of the VDAs.
Upon next restart or logon, policies are implemented.
3. Active Directory Group Policies take precedence over local system policies. If you do not have
access to Active Directory, site policies can be used to accomplish all of the same tasks.
4. Policies are stored in a Directory file structure or System Volume (SysVol) on Domain
Controllers only.
a. Microsoft policy GUID folders are created in SysVol and hold ADM/X files
b. Citrix policies configured at the Active Directory level are stored in SysVol as GPF/X
files (XML files) that are parsed by Citrix Client-side extensions

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 153
Citrix settings are stored in the site database as metadata and propagated to servers as GPF/X files
stored in Windows directory. These settings are applied to the VDA registry of each VDA
configured.

Discussion Question
Where do you manage policies in your organization? Why do you choose one method over
another?

Creating and Applying a Group Policy Object

The same criteria for creating a policy using Studio applies to creating a GPO. You may want to
create a policy based on user job function, connection type, end-user device, or geographic location.
N
ot

To Create a GPO
fo

1. Logon to the machine that has the Group Policy Management Console and Citrix Studio
rr

installed.
es

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
al
e

2. Click Tools in Server Manager and then click Group Policy Management.
or

3. Right-click an organizational unit in the left pane and then select Create a GPO in this
domain, and Link it here to open the New GPO window.
di

a. Expand the Forest: Training.lab > Domains > Training.lab nodes.

s tri

b. Right-click Training Virtual Desktops and then select Create a GPO in this
domain, and Link it here to open the New GPO window.
bu

4. Type a name for the new Group Policy Object.

t io

Type VDA Settings.

n

5. Click OK. The new GPO appears in the console tree.

Editing a Group Policy Object

By default, only domain administrators, enterprise administrators, and members of the Group
Policy creator owners group can edit GPOs.

154 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
 Citrix recommends creating a separate GPO for distributing Citrix policies through Active
Directory, and advises against editing the Default Domain Controllers Policy GPO or the
Default Domain Policy GPO.

To Edit a Policy
1. Logon to the machine that has the Group Policy Management Console and Citrix Studio
installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Click Tools in Server Manager and then click Group Policy Management.
3. Select the organizational unit in the left pane of the Group Policy Management Console that
N

contains the policy that you want to edit.

ot

Select Training Virtual Desktops.

fo

4. Right-click the GPO you would like to edit and then click Edit.
rr

Right-click the VDA Settings GPO in the right pane and then click Edit.
es

5. Expand the Computer Configuration node.

al

6. Expand Policies and then select Citrix Policies to open the Citrix Computer Policy window.
e

7. Create or edit an existing policy.

or

Click Edit in the Policies tab.

di

8. Add or edit the settings within the policy and then click OK.
s tri

a. Select the Settings tab.

bu

b. Select Virtual Delivery Agent Settings from the Categories menu.

c. Click Add to the right of the Controllers setting.
t io

d. Type c-1.Training.lab and then click OK.

n

9. Click OK.
10. Close the Group Policy Management Editor.

Using a User Template with Group Policy

Policy templates are displayed on the Templates tab in Group Policy Editor. Computer templates
are displayed when you are working with Computer policies. User templates are displayed when
you are working with user policies.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 155
To Use a User Template
1. Logon to the machine that has the Group Policy Management Console and Citrix Studio
installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Click Tools in Server Manager and then click Group Policy Management.
3. Select the organizational unit in the left pane of the Group Policy Management Console.

a. Click Training.lab > Training Users.

b. Right-click Training Users and then select Create a GPO in this domain, and
Link it here.
c. Type WAN Optimization and then click OK.
N

4. Right-click the GPO you would like to edit and then click Edit.
ot

Right-click the WAN Optimization GPO from the linked Group Policy Objects tab in the
fo

right pane and then click Edit.

rr

5. Expand User Configuration.

es

6. Expand Policies.
al

7. Click Citrix Policies.

e

8. Click the Templates tab.

or

9. Select the template from which you want to create a new template.
Select Optimized for WAN.
di
s

10. Click New Policy to open the New Policy Wizard opens.
tri

11. Type a name for the new template.

bu

Type Remote Users in the Name field.

t io

12. Click Next two times to accept the default settings.

n

13. Configure how the policy is applied.

a. Click Add to the right of the Client IP address filter.

b. Click Add.
c. Select Deny from the Mode menu.
d. Type 192.168.1.1-192.168.255.255 in the Client IP address field.
e. Type Policy applies to every user without an IP in this range in the Comment
field and then click OK.
f. Click OK.

156 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
14. Click Next.
15. Click Create.
16. Close the Group Policy Management Editor.

Importing a Policy Template with Group Policy

Built-in templates are created and updated by Citrix. You cannot modify or delete these templates.
However, you can modify templates that you import through Studio or the Group Policy Editor.

To Import a Policy Template

1. Logon to the machine that has the Group Policy Management Console and Citrix Studio
installed.
N
ot

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
fo

2. Click Tools in Server Manager and then click Group Policy Management.
rr

3. Select the organizational unit in the left pane of the Group Policy Management Console.
es

Expand the Training.lab > Training Users organizational unit.

al

4. Right-click the GPO you would like to edit and then click Edit.
e

Right-click WAN Optimization GPO from the linked Group Policy Objects tab in the right
or

pane and then click Edit.

di

5. Expand User Configuration.

s

6. Expand Policies.
tri

7. Select Citrix Policies in the right pane.

bu

8. Click Templates tab.

t

9. Select Actions and then select Import from the Actions menu.
io

10. Select the template that you want to import and then click Yes.
n

a. Type \\AD\Share\Policies in the Address field of the Import Template window,

press Enter, and then double-click USB Security.gpt.
b. Click Open.
c. Click Yes to overwrite the existing template.

11. Close the Group Policy Editor.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 157
Exporting a Policy Template with Group Policy
Exporting a policy template allows you to create backups of your template files to aid in the
recovery of policy configurations. It also allows you to supply policy configurations from your site
to aid Citrix Support in troubleshooting issues.

To Export a Policy Template

1. Logon to the machine that has the Group Policy Management Console and Citrix Studio
installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Click Tools in Server Manager and then click Group Policy Management.
N

3. Select the organizational unit in the left pane of the Group Policy Management Console.
ot

Select Training Virtual Desktops.

fo

4. Right-click the GPO you would like to edit and then click Edit.
rr

Right-click the VDA Settings GPO from the linked Group Policy Objects tab in the right
es

pane and click Edit.

al

5. Expand Computer Configuration.

e

6. Select Policies.
or

7. Double-click Citrix Policies in the right pane.

8. Click Templates.
di

9. Select the template that you want to export.

stri

Select High Server Scalability.

bu

10. Select Actions and then select Export from the Actions menu.
t io

11. Select the location where you would like to export the file to and then click OK.
n

a. Type \\AD\Share\Policies in the Address field of the Export Template window and
then press Enter.
b. Click Save.

12. Close the Group Policy Editor.

158 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
Prioritizing a Policy Using Group Policy
With the tree-based structure of Active Directory, policies can be created and enforced at any level
in the tree structure. It is important to understand how the aggregation of policies, known as policy
precedence, flows in order to understand how a resultant set of policies is created.
Any policy setting that is disabled takes precedence over a lower-ranked setting that is enabled.
Policy settings that are not configured are ignored.
If you are using Active Directory, policy settings are updated when Active Directory re-evaluates
policies at regular 90 minute intervals and when a user logs on.

To Change the Priority of a Policy

1. Logon to the machine that has the Group Policy Management Console and Citrix Studio
N

installed.
ot

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
fo
rr

2. Click Tools in Server Manager and then click Group Policy Management.
3. Browse to the OU containing the policies you want to prioritize.
es

Expand the Forest: Training.lab > Domains > Training.lab > Training Users nodes in the
al

left pane.
e

4. Select the Linked Group Policy Objects tab in the right pane.
or

5. Select a policy in the Group Policy Editor for which you want to change the priority.
di

Select WAN Optimization.

s tri

6. Use the arrows on the left side of the Linked Group Policy Object tab to raise and lower the
priority of the policy.
bu

You will not be able to change the priority of the policy because only one policy exists
t io

for the OU.

n

Discussion Question
You have created and applied a new policy. You configured the policy with client removable drives
set to disabled. The policy contains a filter that has been set to allow for the Accounting group.
Some employees from the Engineering group are now asking the Support team why they are unable
to access their client drives. What could be causing this issue? How can you fix the issue?

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 159
Troubleshooting: Managing Policies

Issue Resolution
A new policy is not functioning properly. • Ensure that the policy is enabled.
• Verify that it is assigned to the appropriate
end users, groups, OUs, and/or domains.
• Verify that there are no Active Directory
policies that supersede the policy built in
Studio.
• Check the prioritization of the policies.
• Ensure that the correct policy settings have
N

been chosen to achieve the desired results.

ot

Unable to modify or delete a template. Verify that the administrator attempting to

make this change has the authority to do so.
fo
rr

Built-in templates can be used as a model

for other templates, but cannot be modified
es

or deleted.
al

Loopback policy issues. For information about loopback policy issues,

e

see http://technet.microsoft.com Web site.

or

Virtual IPs are not being assigned by the policy. Verify that:
di

• The applications are installed on Windows

s

Server 2008 R2 or Windows Server 2012 R2

tri

machines. Virtual IPs and virtual loopback

do not apply to applications installed on
bu

Desktop OS machines.
t

• Enough IP addresses are available in the

io

reservation to support the number of

n

applications and users accessing those

applications. For more information about
virtual IPs and virtual loopback, see
http://docs.citrix.com/en-us/xenapp-and-
xendesktop/7-6/xad-deliver-virtual-ip.html.

Unable to find the appropriate policy settings. Use the Search field to narrow the results as you
search for settings.

160 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
Managing End-User Profiles

N
ot
fo
rr

1. An end user starts a session for a machine with profile management enabled.
es

2. The Citrix Profile management service determines if the end user is a member of the processed
group defined in the profile management policies. If the end user is a member of the group,
al

the service attempts to load the end user's profile from the store. If the end user is not part of
e

the group a Microsoft profile is assigned.

3. If the end user is a member of the processed group, Citrix Profile management verifies that the
or

user store contains the profile. If a profile is not found in the store, the service migrates the
end user's Microsoft profile to the store or creates a new one from a template specified in the
di

policy.
s tri

4. A local profile that is managed by Citrix Profile management is streamed from the store to the
virtual machine.
bu

5. Profile management monitors the end user's profile and logs any changes back to the end user's
t

profile store.
io

Profile management addresses end-user profile deficiencies in environments where simultaneous

n

domain logons by the same end user introduces complexities and consistency issues to the profile.
For example, if an end user starts sessions on two different virtual resources based on a roaming
profile, the profile of the session that terminates last overwrites the profile of the first session. This
problem, known as "last writer wins", discards any personalization settings that the end user has
made in the first session.
You can prevent this by using separate profiles for each resource silo. However, this results in
increased administration overhead and storage capacity requirements. Another drawback is that end
users will experience different settings depending on the resource silo they access.
Profile management optimizes profiles in an easy and reliable way. At interim stages and at logoff,
changes to the registry, as well as files and folders in the profile, are saved to the user store for each

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 161
end user. If a file already exists, it is overwritten if it has an earlier timestamp. This helps safeguard
application settings for mobile end users who experience network disruption and end users who
access resources from different operating systems.
Alternatives to using Citrix Profile management exist, including Environment Manager from
AppSense and RES PowerFuse.

By default, Citrix Profile management is installed silently on master images when you
install the VDA.

Configuring Folder Redirection

Client folder redirection changes the way that some of the files and folders within an end user's
profile are accessed from their current logon destination, such as their virtual desktop. Folders that
N

are frequently used, like "My Documents" and "Desktop" can be redirected to a network share
ot

outside of the roaming profile share so they are not copied over the network at every logon and
logoff. This will also improve user logon times, since profiles will be smaller in size requiring less
fo

network bandwidth utilization.

rr
es

To Configure Folder Redirection

al

1. Logon to the machine that has Citrix Studio installed.

e

Logon to the StudentManagementConsole-1 virtual machine using the

or

TRAINING\Admin1 and Password1 credentials.

di

2. Double-click Citrix Studio on the desktop to open it.

s

3. Select the Policies node in the left pane of Studio and then click the Policies tab.
tri

4. Click Create Policy in the Actions pane.

bu

5. Select Profile Management > Basic Settings from the All Settings menu.
t

6. Click Select to the right of the Enable Profile Management setting.

io

7. Select Enabled and click OK.

n

8. Click Select next to Path to user store.

9. Verify that Enabled is selected and then enter the path to the user store in the field provided.
Verify that Enabled is selected and then type \\AD\UPM$\%USERNAME%.

10. Click OK.

11. Select Folder Redirection in the All Settings drop-down menu.

162 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
12. Configure the folders you want to redirect.

a. Click Select to the right of the Desktop path setting.

b. Click Enabled and then type \\AD\UPM$\%USERNAME%.
c. Click OK.
d. Click Select to the right of the Redirection settings for Desktop setting.
e. Ensure Redirect to the following UNC path is listed in Value.
f. Click OK.
g. Click Select to the right of the Downloads path setting.
h. Click Enabled and then type \\AD\UPM$\%USERNAME%.
i. Click OK.
j. Click Select to the right of the Redirection settings for Downloads setting.
k. Ensure Redirect to the following UNC path is listed in Value.
N
ot

l. Click OK.
fo

13. Click Next.

14. Click Assign to assign the policy to the appropriate user and machine objects and then click
rr

OK.
es

Click Assign to the right of Delivery Group, select HR Desktops in the Delivery Group
al

drop-down menu, and click OK.

e

15. Click Next.

or

16. Type the policy name and then click Finish.

di

Type Folder Redirection for HR Desktops and then click Finish.

s tri

Managing Profile Settings Using Citrix Policies

bu
t

Within Citrix policies, you have the option to customize and configure policy settings at a detailed
io

level. Using policy filters, profile configuration settings can be associated with Delivery Groups,
n

Delivery Group Types, Organizational Units, or Tags.

To Manage Profile Settings Using Citrix Policies

1. Logon to the machine that has Citrix Studio installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Click Yes on the User Account Control window if it appears.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 163
 Click Cancel if the End Snap-in window appears.

4. Select the Policies node in the left pane.

5. Select the Policies tab and then click Folder Redirection for HR Desktops policy.
6. Click Edit Policy in the Actions pane.
7. Select the appropriate setting in the All Settings drop-down field.
Select Profile Management > Profile handling in the All Settings drop-down field.

8. Click Select next to the settings that you would like to edit.
Click Select to the right of the Delay before deleting cached profiles setting.

9. Make the necessary changes within the setting and then click OK.
N
ot

Type 5 in the Value field and then click OK.

fo

10. Click Select next to any other setting you would like to edit.
rr

Click Select to the right of the Delete locally cached profiles on logoff setting.
es

11. Make the necessary changes within the setting and then click OK.
al

Click Enabled and then click OK.

e

12. Click Next twice and then click Finish.

or
di

Resolving Conflicting Profiles

s tri

Citrix Profile management has a feature that detects conflicting profiles between end users'
Windows profile and Citrix profiles. When an end user is having difficulties with the desktop or
bu

applications, yet all policies and profiles appear to be correct, you should verify that there are no
conflicting policies. You can use the steps below to address any profile conflicts.
t io
n

To Resolve Conflicting Profiles

1. Logon to the machine that has Citrix Studio installed.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Click Yes on the User Account Control window if it appears.

164 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
 Click Cancel if the End Snap-in window appears.

4. Click the Policies node and then click the Policies tab to display the list of policies in the
center pane.
5. Select the profile policy that you would like to change.
Select the Folder Redirection for HR Desktops policy.

6. Click Edit Policy in the Actions pane and determine which policy setting to add or delete from
the policy.
Type Local profile in the Search field.

If you know one or two words of a policy setting, you can use the Search field to find
N

the setting.
ot
fo

7. Click Select to the right of the Local profile conflict handling setting.
rr

8. Select the appropriate option in the Value field and then click OK.
es

Select Delete local profile and then click OK.

al

9. Click Next twice and then click Finish.

e
or

Streaming End-User Profiles

di

To improve logon performance and enhance an end user's experience, profiles can be streamed.
s

With profile streaming end users' profiles are synchronized on the local computer only when they
tri

are needed. Registry entries are cached immediately, but files and folders are only cached when
bu

accessed by end users.

t io

To Stream End-User Profiles

n

1. Logon to the machine that has Citrix Studio installed.

Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click Citrix Studio on the desktop to open it.

3. Click Yes on the User Account Control window if it appears.

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 165
 Click Cancel if the End Snap-in window appears.

4. Click the Policies node and then click the Policies tab to display the list of policies.
5. Select the particular policy that you would like to edit and then right-click Edit.
Select Folder Redirection for HR Desktops and click Edit Policy.

6. Select Profile Management in the All Settings field.

7. Click Select to the right of the Profile streaming setting.
8. Select Enabled.
9. Click OK.
10. Click Next twice and click Finish.
N
ot

Discussion Question
fo

What other policy settings used to customize end-user profiles would be valuable within your
rr

environment? Why?
es
al

Troubleshooting: Profile Management

e
or

Issue Resolution
di

Folder redirection is not working properly.

s

• Ensure that the redirection location is

tri

properly configured and that no characters

are missing from the paths when utilizing
bu

variables.
t

• View the "Configuring Folder Redirection"

io

task within this module.

n

Profile definition is not affecting the relevant • Verify that the profile has been assigned to
end users. the appropriate Delivery Group.
• Verify the profile policies are applied to the
relevant filters.
• Ensure conflicting policies have been
configured with the appropriate priorities.

End user's Desktop settings, document history • Verify that the relevant Common Folders
and download data is not being retained. have been selected within the profile.

166 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
Reinforcement Exercise 1: Working with Policies
During these exercises, you will not be given step-by-step instructions for performing the
tasks. Instead, you are asked to use what you have just learned to complete them. These
exercises are designed to take your newly acquired knowledge determine if you can
perform a task you have never done before. In most instances the default value will be the
best choice, but we encourage you to explore and try things out. If you have a question or
need help, ask the instructor or a fellow student for assistance.

In this module, you learned how to:

• Create, apply and edit a policy in Studio and as a Group Policy Object (GPO).
• Prioritize policies within Studio and with Active Directory GPOs.
• Use, import, and export a user policy template within Studio and Active Directory.
• Run and obtain a resultant set of policy (RSOP) report.
N

• Configure folder redirection and streaming user profiles.

ot

• Manage profile settings using Citrix policies.

fo

• Resolve conflicting profiles.

rr

Time to complete: Approximately 15 minutes

es

The Training Engineering team's IDE and programming tools will eventually be hosted on a
desktop provided by XenApp and XenDesktop. Since they have access to the source code,
al

management wants you to put some policies in place that may make it more difficult for the source
e

code to be taken outside company systems.

or

Your objective is to put a group policy object in place to put some safeguards in place to limit how
the Engineering team can transfer this kind of data.
di

To complete your objective:

s tri

• Create a group policy object called "Safeguards Against Data Theft" that is applied to the
Engineering organizational unit.
bu

• Add the following settings to the Citrix User Policies:

t io

• Disable client clipboard redirection

n

• Disable client drive redirection

• Disable USB device redirection

© Copyright 2016 Citrix Systems, Inc. Module 6: Managing Policies and Profiles 167
Reinforcement Exercise 2: Working with Profiles
During these exercises, you will not be given step-by-step instructions for performing the
tasks. Instead, you are asked to use what you have just learned to complete them. These
exercises are designed to take your newly acquired knowledge determine if you can
perform a task you have never done before. In most instances the default value will be the
best choice, but we encourage you to explore and try things out. If you have a question or
need help, ask the instructor or a fellow student for assistance.

Time to complete: Approximately 15 minutes

The Engineering team needs only specific parts of their profiles to be redirected to a central
location. Management has asked you to implement Folder Redirection for the Documents,
AppData(Roaming) folders.
Your objective is to create a policy within Studio to enable the folder redirection required for the
N

team and then apply the policy to the Engineering team.

ot

To complete the objective:

fo

• Create a Citrix policy in Studio called "Folder Redirection for Engineering".

• Add the following settings to the policy:
rr

• Enable AppData(Roaming) Path and set to

es

\\AD\UPM$\%USERNAME%\AppData\Roaming.
al

• Enable Documents Path and set to \\AD\UPM$\%USERNAME%.

e

• Apply the policy to the Engineering organizational unit.

or
di
s tri
bu
t io
n

168 Module 6: Managing Policies and Profiles © Copyright 2016 Citrix Systems, Inc.
 7
Module 7

Managing and
Monitoring Sessions,
Sites, and End
N

Users with Director

ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

170 © Copyright 2016 Citrix Systems, Inc.

Managing and Monitoring Sessions, Sites,
and End Users with Director
Overview
Managing end users and their sessions is a common administrative task. When end users
experience difficulty accessing their applications or desktops, they will require troubleshooting
assistance from the administrator in order to resolve the session issues.
Another important administrative task is the monitoring of your XenApp or XenDesktop
environment and the troubleshooting of issues before they become system critical. Director enables
support teams to obtain an overview of the entire XenApp or XenDesktop site, including real-time
machine issues, usage metrics, and host and controller information. With this data, you can
N

proactively monitor and troubleshoot system issues.

ot

After completing this module, you will be able to:

fo

• Monitor sessions and sites using the Dashboard within Director.

rr

• Monitor and manage end-user sessions within Director.

es

• Monitor historical trends within Director.

Module timing: Approximately 3 hours
al
e
or
di
s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 171
 The lab environment Student Desktop has two management consoles. You will use both
interchangeably throughout this course. Microsoft Remote Desktop Connection Manager
is the preferred method to logging in and interacting with your virtual machines. Citrix
XenCenter is the preferred method to managing power tasks, mounting and un-mounting
ISO's.
Before you begin, your must ensure these following lab environment core virtual machines
are powered on:
• Controller-1
• DomainController-1
• EndPoint-Internal-1
• SQLServer-1
• StoreFrontServer-1
• StudentManagementConsole-1
N

To conserve resources all other core lab environment virtual machines that are not a part
ot

of a machine catalog may be powered down. Powering down machine catalog virtual
machines is not favored as it could impact future session launch times.
fo

All lab environment virtual machines are power managed through XenCenter. To change
rr

the power state of a lab environment virtual machine, complete the following steps:
es

1. Select the virtual machine within XenCenter.

al

2. Click on either the Start or Shutdown button on the top-right of the XenCenter.
e
or

Director Overview
di

Director is a Web-based tool that enables IT Support and Helpdesk teams to monitor a XenApp or
s

XenDesktop environment, troubleshoot issues before they become system critical, and perform
tri

support tasks for end users.

bu

Director allows you to search for a particular end user and display activity associated with that end
user, such as:
t
io

• Finding the status of the end user's applications and processes

n

• Ending unresponsive applications or processes

• Restarting an end user's machine
• Disconnecting end-user sessions
• Shadowing an end-user session
Director provides an overview of the key aspects of a deployment, such as the status of connections,
sessions, and the site infrastructure. Meaningful performance metrics and graphs are displayed,
together with information about the health of the hypervisors and Controllers. Information is
updated every minute. If issues occur, details appear automatically about the number and type of
failures that have occurred. You can view more detailed information, for example, to display all the
end users affected and the associated machines.

172 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
 In preparation for the exercises in this module, you will need to logon as an end user and
begin a session that you can use Director to monitor in subsequent procedures.

To Monitor an End-User Session

1. Logon to an internal endpoint using domain user credentials.

Logon to the EndPoint-Internal virtual machine once the reboot has completed, using
the TRAINING\HRUser1 and Password1 credentials.

2. Launch Internet Explorer and then browse to the URL for the Receiver for Web site.
N

a. Click Desktop and launch Internet Explorer from the Windows taskbar.
ot

b. Type https://sfs-1.Training.lab/Citrix/StoreWeb in the Address field and then press

Enter.
fo
rr

If you did not complete the reinforcement exercise in Module 5, then you will need to
download and install the Citrix Receiver on the EndPoint-Internal at this time. If you
es

do not have the Citrix Receiver installed, an .ICA file will be downloaded to the
al

endpoint and you will not be able to launch applications.

e

If Internet Explorer fails to open, restart the EndPoint-Internal VM.

or
di
s

3. Logon to Citrix Receiver for Web using the domain user credentials.
tri

Logon using the TRAINING\HRUser1 and Password1 credentials.

bu

4. Launch an application.
t io

Click Apps and then click Wordpad to launch the application.

n

5. Click Desktops at the top of the Receiver window.

6. Launch a desktop.
Click HR Desktop to launch the desktop.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 173
To Access Director
1. Logon to a computer within the same network as your Controller using domain administrator
credentials.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Open a browser window and type the URL for Director using the following format,
http://server/Director and then press Enter.
Double-click the Citrix Director shortcut on the desktop.

3. Type your domain user name.

Type Admin1 in the User name field.
N

4. Type your password.

ot

Type Password1 in the Password field.

fo

5. Type the domain you would like to connect to.

rr

Type Training.lab in the Domain field.

es

6. Click Logon.
al
e

Monitoring within the Director Dashboard

or

The Director Dashboard is the opening page of Director and shows basic information regarding
di

your environment including:

s

• Infrastructure
tri

• Sessions Connected
bu

• Average Logon Duration

t io

The Dashboard will give you a general overview of the current status of the environment and allow
you to quickly view unusual and irregular activity.
n

Monitoring Infrastructure
From the Infrastructure panel in Director, you can monitor the health status of your XenApp and
XenDesktop site components, as well as view performance alerts. This panel lists all servers with
alerts in alphabetical order.
The columns list different states for each server. A green check represents that everything is
working properly; an alert or error represents a warning or failure of an infrastructure component.
The panel lets you monitor the current status of the following entities:

174 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
• Hosts
• Delivery Controllers
• Services
• Database
• License Server
• Configuration Logging Database
• Monitoring Database

To Monitor the Infrastructure

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

N

TRAINING\Admin1 and Password1 credentials.

ot

b. Double-click the Citrix Director shortcut on the desktop.

fo

c. Logon using the Admin1, Password1, and Training credentials.

rr

2. Scroll the Dashboard to view the Infrastructure panel of Director.

es

If the Infrastructure panel is not available, click Trends at the top of the Director
al

window and then click Dashboard again.

e
or

3. Ensure that no alerts exist. If a performance alert is indicated, click the alerts in the
Infrastructure panel to read more information.
di
s tri

Monitoring Connected Sessions

bu

The Dashboard shows information for Sessions Connected, which provides you with a real-time
t

view of end users connected to the environment, including an option to view historical trends.
io
n

To Monitor Connected Sessions

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 175
2. Click the number above the Sessions Connected text on the Dashboard.
Click 2 to view information about the two connected sessions.

Instead of clicking on the number of end users, you also have the option of clicking
View Historical Trend in the Sessions Connected graph on the Dashboard if you
would like to view information about the past number of concurrent sessions.

3. Click Dashboard at the top of the Director window to return to the Dashboard.

Monitoring Logon Duration Averages

From the Average Logon Duration panel within the Dashboard, you can view logon data for end
users across a site. This panel provides data to determine where any patterns are affecting logon
times.
N
ot

The logon duration chart displays two types of information at each data point: The average logon
duration and the number of logons. When you hover over the chart, a red line appears at the
fo

cursor to highlight that point in time and display a dialog box showing both the values of logon
duration and logons at the same time.
rr
es

To Monitor Logon Duration Averages

al
e

1. Logon to Director (http://server/Director) using domain administrator credentials.

or

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
di

b. Double-click the Citrix Director shortcut on the desktop.

s tri

c. Logon using the Admin1, Password1, and Training credentials.

bu

2. Scroll the Dashboard to view the Average Logon Duration panel in Director.
t

3. Point your cursor at the chart and view the logon duration and logon information at the same
io

time.
n

4. Click Trends at the top of the Director screen to view logon performance data across a site
beyond the last 60 minutes.
5. Select the Delivery Group that you want to view logon trend information about.
Select All in the Delivery Group field.

6. Select a time period for which you want to view logon trend information.
Select Last 7 days in the Time period field.

7. Click Apply to view the logon data for the Delivery Groups and time period selected.
8. Click Dashboard at the top of the Director window to return to the Dashboard.

176 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
Monitoring Machine and End-User Connection Failures
If there were Machine or User Connection failures in the previous 60 minutes, additional panels
appear on the Dashboard automatically.
The large number on the left of the panel indicates the total number of failures for that type. If you
click the large number, the Filters page opens and displays all the individual failures in this
instance. Click the User Connection Failures number to see a list of these end users whose
connections failed, so that you can troubleshoot and resolve the cause of these failures.
The list and graph on the right displays data for each type of failure. If a particular category has
more than one failure during the last 60 minutes, it is expanded by default. These panels stay open
even when you fix the failures, but you can click the tab to collapse them.
End-user connection failures can be categorized as follows:
• Client Connection Failures - Virtual machine unavailable, connection not established
N

• Machine failures - End user connection failures resulting from machine failures
ot

• Unavailable capacity - Desktop OS machine or Server OS machine session is not available due
to maximum capacity reached
fo

• No License Available - Failure to acquire a license for this user

rr
es

Monitoring and Managing End-User Sessions

al

You can easily monitor and manage end-user sessions within Director. Common monitoring tasks
e

include:
or

• Viewing end-user sessions

di

• Searching for end-user sessions

s

• Monitoring end-user applications

tri

• Monitoring machine processes

bu

• Managing an end user's machine power status

t

• Enabling or disabling maintenance mode

io

• Disconnecting and logging off end users

n

• Shadowing end users

• Sending messages to end users
• Monitoring HDX channels
• Resetting end user profiles

These tasks may also be helpful for Helpdesk representatives to troubleshoot and resolve
issues prior to escalation.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 177
Viewing End-User Sessions
There are multiple ways to view sessions within Director. The steps below will be beneficial when
you would like to search for groups of users or filter with specific requirements.

To View End-User Sessions

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.
N

2. Click Filters at the top of the Director window.

ot

3. Select Sessions > All Sessions.

fo

The page displays information about all of the sessions currently running in the
rr

environment. You can reduce the number of sessions displayed using the Filter by
fields. For example, you may want to view current sessions that exist by a particular
es

Delivery Group, OS, machine catalog, etc.

al

4. Select one or more user sessions to enable the Session Control and Send Message functions for
e

the selected user sessions.

or

Select the HRUser1 session that is running on the Hosted Apps-1 machine.
di

5. Click Dashboard at the top of the Director window to return to the Dashboard.
s tri

Searching for an End User

bu

In order to search for a specific end user and have the ability to perform all management tasks, you
t io

should use the Search users field.

n

To Search for an End User

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.

178 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
2. Scroll to the right within any page in Director to locate the Search users button.

Click on the Search users button.

3. Type a specific end user's account name or a partial account name in the Search users field and
then press Enter to locate information about matching end-user sessions.
Type HRUser1 in the search for users field, select HRUser1, and then click on the Wordpad
session to view the Activity Manager.

4. Select the appropriate end user to open the Activity Manager for that user.
Select HRUser1 and then verify that Details appears below the Search users field.
N

This step is only necessary if a "fuzzy" search was performed using the Search users
field.
ot
fo
rr

Monitoring End-User Applications

es

You can monitor end-user applications by performing the following tasks:

al

• View local and hosted applications for currently connected machines.

e

• View applications on all machines to which the end user has access.
or

• Stop an application.
di
s

To Monitor End-User Applications

tri
bu

1. Logon to Director (http://server/Director) using domain administrator credentials.

t

a. Logon to the StudentManagementConsole-1 virtual machine using the

io

TRAINING\Admin1 and Password1 credentials.

n

b. Double-click the Citrix Director shortcut on the desktop.

c. Logon using the Admin1, Password1, and Training credentials.

2. Scroll to the right within any page in Director to select the Search field.
3. Click Search for user.
4. Type a specific end user's account name or a partial account name in the Search users field and
then press Enter to locate information about matching end user's sessions.
Type HRUser1 in the Search users field, select HRUser1, and then click Activity Manager.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 179
5. If there are multiple sessions for the user, you will have the option to select a session.
Select Applications - HostedApps.

6. Click Activity Manager below the Search users field to view the Activity Manager.

If the Details button is displayed below the Search field, then the Activity Manager
screen is already displayed. The Activity Manager screen is white and the Details
screen is black.

7. Click the Applications tab menu in the Activity Manager to view a list of the applications and
hosted applications being run by the selected end user.

Monitoring End-User Machine Processes

N

When an end user calls the Helpdesk about a slow desktop machine, you can monitor the status of
the processes on that machine without needing to start a Remote Assistance session and shadow the
ot

end user.
fo

One resolution for a process problem is to stop the process. If the process is successfully stopped, it
rr

disappears from the list of processes. If the process problems continue, you can escalate by
restarting the machine or by resetting the end user's profile.
es
al

To Monitor End-User Machine Processes

e
or

1. Logon to Director (http://server/Director) using domain administrator credentials.

di

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
s tri

b. Double-click the Citrix Director shortcut on the desktop.

bu

c. Logon using the Admin1, Password1, and Training credentials.

t

2. Scroll to the right within any page in Director to access the Search users field.
io

3. Search for an end-user session and then click Activity Manager under the Search users field.
n

Type HRUser1 in the Search users field, select HRUser1, and then click Activity Manager.

If the Details button is displayed below the Search users field, then the Activity
Manager screen is already displayed. The Activity Manager screen is white and the
Details screen is black.

4. Click the Processes tab in the Activity Manager.

5. Select the process to be stopped, click End Process and then select Yes to confirm the action.
Do not end any processes.

180 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
Managing an End User's Machine Power Status
Director gives you the ability to restart, shutdown, or suspend virtual machines within the
environment.

To Manage an End User's Machine Power Status

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.
N

2. Scroll to the right within any page in Director to access the Search users field.
ot

3. Search for an end-user session and then click Details below the Search users field.
fo

Type HRUser1 in the Search users field, select HRUser1, and then click Details.
rr

If Activity Manager button is displayed below the Search users field, then the Details
es

screen is already displayed. The Activity Manager screen is white and the Details
screen is black.
al
e

4. Click Power Control under Machine Details on the page.

or

5. Select the appropriate action to take on the machine.

di

The following power controls are available:

s

• Restart
tri

• Force Restart
bu

• Shutdown
t

• Force Shutdown
io

• Suspend
n

• Resume
• Start

Do not select any of the available actions at this time.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 181
Enabling or Disabling Maintenance Mode
Maintenance mode prevents end users from launching a session to specified desktops or Delivery
Groups. If an end user has a connection, maintenance mode will not be enabled until the session is
disconnected.

To Enable or Disable Maintenance Mode

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Double-click the Citrix Director shortcut on the desktop.

b. Logon using the Admin1, Password1, and Training credentials.

2. Scroll to the right within any page in Director to access the Search users field.
N

3. Search for an end-user session that you would like to put in maintenance mode and then click
ot

Details.
Type HRUser1 in the Search users field, select HRUser1, and then click Details.
fo
rr

If Activity Manager button is displayed below the Search users field, then the Details
es

Manager screen is already displayed. The Activity Manager screen is white and the
Details screen is black.
al
e

4. Ensure that the appropriate desktop or application connection for the end user is displayed.
or

Click the machine switcher icon (Computer display icon) at the top of the Details Manager
page and then select the Hosted Applications resource from the drop-down menu.
di
s

The machine switcher icon is only available when the selected end user has multiple
tri

sessions running.
bu
t

5. Click the Maintenance mode button under Machine Details to change the mode. If you are
io

unsure if Maintenance mode is enabled or disabled, hover over the Maintenance mode button
n

and a message will appear with the status.

Ensure that maintenance mode is off.

Resetting an End-User Profile

Resetting a profile allows you to manage end-user settings stored within their Citrix-based profile
or Microsoft roaming-based profile. When a profile is reset, the end user's folders and files are
saved and copied to the new profile. All other profile properties are reset to default, including
registry, applications, and personalization settings.

182 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
Discussion Question
Can you provide examples of when Director would be useful within your organization?

Monitoring HDX Channels

Monitor the status of the HDX channels within the user session in the HDX panel of the User
Details page. The HDX channels monitor allows you to view the status and current configuration of
end user's specific HDX channels within their session, greatly assisting in the diagnostic of
connections and performance concerns. Detailed information can be gathered around numerous
HDX parameters including Audio and Media Stream, Thinwire, USB utilities, and Flash.

To Monitor HDX Channels

N
ot

1. Logon to Director (http://server/Director) using domain administrator credentials.

fo

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
rr

b. Double-click the Citrix Director shortcut on the desktop.

es

c. Logon using the Admin1, Password1, and Training credentials.

al

2. Scroll to the right within any page in Director to access the Search users field.
e

3. Search for an end-user session whose HDX details you want to view and then click Details
or

below the Search users field.

Type HRUser1 in the Search users field, select HRUser1, and then click Details.
di
s tri

If Activity Manager button appears instead of Details, you are already on the Details
page.
bu
t io

4. Ensure that the appropriate desktop or application connection for the user is displayed.
n

Click the machine switcher icon (Computer display icon) at the top of the Details page and
then select the HostedApplications resource from the drop-down menu.

The machine switcher icon is only available when the selected end user has multiple
sessions running.

5. Scroll down to the HDX panel on the Details page.

6. View the information specified below the HDX heading.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 183
7. Click an HDX channel preceded by a red circle or triangle to view error information for an
HDX channel.

a. Click Smart Cards to view error information.

b. Click the X to close the window.

8. Click an HDX channel preceded by a green check mark to view information for an HDX
channel that has no current alerts.

a. Click VDA to view information about the channel.

b. Click the X to close the window.

9. Click Download System Report to export HDX channel information for the session to an
.XML file.
10. Save the file to a location of your choice or open the file.
N

a. The DirectorHDXReport.xml document is automatically saved to your Downloads

ot

folder.
fo

b. Click DirectorHDXReport.xml to open the file within a new Internet Explorer

browser window.
rr

c. Click X in Tab that is displaying the report within Internet Exlporer to close the
es

file.
al
e

Sending a Message to an End User

or

You can send individual messages to end users (or as a group message) to inform them about
di

desktop maintenance or to communicate with a user directly. For example, you may want to tell
s

end users to log off before critical maintenance is about to take place to ensure they save their
tri

work, preventing loss of data.

bu
t

To Send a Message to an End User

io
n

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.

2. Scroll to the right within any page in Director to access the Search users field.

184 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
3. Search for an end-user session whose HDX details you want to view and then click Details
below the Search users field.
Type HRUser1 in the Search users field, press Enter, and then click Details.

If Activity Manager button appears instead of Details, you are already on the Details
page.

4. Ensure that the appropriate desktop or application connection for the end user is displayed.
Click the machine switcher icon (Computer display icon) at the top of the Details page and
then select the Hosted Applications resource from the drop-down menu.

The machine switcher icon is only available when the selected end user has multiple
sessions running.
N
ot

5. Scroll the page to the right to view the Session Details pane.
fo

6. Click the Send Message button.

rr

7. Type a message you would like to send the end user.

es

Type Thank you for contacting the Helpdesk. Your issue should now be resolved.
al

8. Click Send and then verify that the message was successfully sent.
e

a. Click Send.
or

b. Switch to the EndPoint-Internal virtual machine and then click OK on the

di

message to close it.

s

c. Switch back to the StudentManagementConsole-1 virtual machine.

tri
bu

The selected end user must have an active session running in order to receive the
message. If the end user is disconnected or the session has timed out, the end user will
t io

not receive the message.

n

Shadowing an End-User Session

Director allows you to shadow a XenApp and XenDesktop session while assisting an end user.
When shadowing, you are using the Microsoft Remote Assistance client, which allows you to view
and work on the virtual machine of an end user whom you are assisting. You can also request that
the end user allow you to share control of the keyboard and mouse.
The Microsoft Remote Assistance client must be installed on the system running Director, usually
the Helpdesk Agent's desktop. In addition, remote assistance must be enabled on the virtual
desktop, either through the Virtual Delivery Agent Installation Wizard or through an Active

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 185
Directory GPO. By default, only local administrators on the virtual desktop, including domain
administrators, can launch a shadowing session. To provide shadowing access to Helpdesk
administrators, you must configure an Active Directory GPO to add those administrators as remote
assistance users.

To Shadow an End-User Session

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.
N

2. Scroll to the right within any page in Director to access the Search users field.
ot

3. Search for an end-user session that you want to shadow and then click Details below the
Search users field.
fo

Type HRUser1 in the Search users field, press Enter, and then click Details.
rr
es

If Activity Manager button appears instead of Details, you are already on the Details
page.
al
e

4. Ensure that the appropriate desktop or application connection for the end user is displayed.
or

Click the machine switcher icon (Computer display icon) at the top of the Details page and
di

then select the TRAINING\UserDesktop-## resource from the drop-down menu (##
s

references either UserDesktop-01 or UserDesktop-02 that are in the same Delivery Group).
tri
bu

The machine switcher icon is only available when the selected end user has multiple
sessions running.
t io
n

5. Scroll the page to the right to view the Session Details pane.
6. Click the Shadow button.
7. Open the Invite.msrcincident file that is downloaded.

a. Open the Invite.msrcincident on the bottom-left side of the screen.

b. Switch to the Endpoint-Internal and select the HR Desktop from the taskbar.
c. Click Yes in the "Would you like to allow HelpAssistant to connect to your
computer" message.

186 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
 If the end user does not respond within 120 seconds, the connection will fail. If the
user does not respond, click OK in the Windows Remote Assistance message, on the
system running Director, to end the shadowing request.

8. Click Request control at the top of the Windows Remote Assistance window on the system
running Director to ask the end user to allow you to take control of the keyboard and mouse
in the session.

a. Switch to the StudentManagementConsole-1 virtual machine.

b. Click Request control from the Windows Remote Assistance window on the
system running Director.
c. Switch to the EndPoint-Internal virtual machine.
d. Click Yes on the Windows Remote Assistance screen to allow Admin1 to share
control.
N

e. Switch back to the StudentManagementConsole-1 virtual machine.

ot

9. Assist the end user from the system running Director and then close the Windows Remote
Assistance window to end the shadowing session.
fo
rr

Click the X in the small or full screen Windows Remote Assistance window.
es

The end user could also end the shadowing session by clicking the X in the Windows
al

Remote Assistance window displayed on the endpoint. If the administrator ends the
shadowing session closing the small Windows Remote Assistance window, they must
e

close the full screen Windows Remote Assistance window separately.

or
di

Disconnecting an End-User Session

s tri

Disconnecting a session will break the connection that the end user has with their virtual desktop
bu

or application, however, the desktop or application will continue to run. When creating a new user
session, the end user will have the ability to resume their work where they were interrupted. This is
t

valuable when an end user has difficulty during a session, and may have unsaved work.
io
n

To Disconnect an End-User Session

1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.

2. Scroll to the right within any page in Director to access the Search users field.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 187
3. Search for an end-user whose session that you want to disconnect and then click Details below
the Search users field.
Type HRUser1 in the Search users field, press Enter, and then click Details.

If Activity Manager button appears instead of Details, you are already on the Details
page.

4. Ensure that the appropriate desktop or application connection for the end user is displayed.
Click the machine switcher icon (Computer display icon) at the top of the page and then
select the Hosted Applications resource from the drop-down menu.

The machine switcher icon is only available when the selected end user has multiple
sessions running.
N
ot

5. Scroll the Details page to the right and then click Session Control.
fo

6. Click Disconnect to disconnect the selected session.

rr

7. Verify that the state of the session has changed to Disconnected.

es
al

Logging an End User Off

e

Unlike disconnecting an end-user session, logging an end user off will completely log the end user
or

off the desktop or application, therefore leading to a loss of data. Once an end user is logged off of
a desktop, it will become available to other end users.
di
s tri

To Log an End User Off

bu

1. Logon to Director (http://server/Director) using domain administrator credentials.

t io

a. Logon to the StudentManagementConsole-1 virtual machine using the

n

TRAINING\Admin1 and Password1 credentials.

b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.

2. Scroll to the right within any page in Director to access the Search users field.
3. Search for an end user whose session that you want to log off and then click Details below the
Search users field.
Type HRUser1 in the Search users field, press Enter, and then click Details.

188 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
 If Activity Manager appears instead of Details, you are already on the Details page.

4. Ensure that the appropriate desktop or application connection for the user is displayed.
Click the machine switcher icon (Computer display icon) at the top of the page and then
select the Hosted Applications resource from the drop-down menu.

The machine switcher icon is not visible if the selected end user only has a single
connection running.

5. Scroll the Details page to the right and then click Session Control.
6. Click Log Off to log the end user off the session.
N

Wait while the end user is logged off. Do not click Log Off again, doing so will result
ot

in an error being displayed. After the end user is logged off the session, the session
fo

details will disappear from the Details pane.

rr
es

Discussion Question
al

What is the difference between disconnecting a session and logging off an end user?
e
or

Monitoring Historical Trends

di

In Director, use the Trends page to access historical trend information for sessions, connection
s

failures, machine failures, logon performance, and load evaluation for each site. To locate the
tri

information, on the Dashboard or Filters page, click Trends.

bu

Each graph shows trend data for a specified period of time (the default is previous 24 hours) and
t

for specified Delivery Groups (default: all groups). You can also view data for a single point in time
io

by pointing your cursor to that location. Click the refresh icon at any time to update the data.
n

You can save the graph to a PDF file or save the data to a CSV file so that you can reuse the data
in other applications. When the data is exported, you can view more detailed information that was
not visible within the graph, assisting with the analysis of historical trends.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 189
To Monitor Historical Trends
1. Logon to Director (http://server/Director) using domain administrator credentials.

a. Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
b. Double-click the Citrix Director shortcut on the desktop.
c. Logon using the Admin1, Password1, and Training credentials.

2. Click Trends at the top of the Director window.

3. Select the appropriate tab according to the type of trend analysis you would like to perform.
Select the Logon Performance tab.

4. Select specific filters to view only important information that is relative to your analysis.
N

a. Select All in the Delivery Group field.

ot

b. Select Last 24 hours in the Time period field.

fo

5. Click Apply.
rr

6. Review the information for specific trends.

es
al
e
or
di
s tri
bu
t io
n

190 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
Troubleshooting: Managing Sites, Sessions, and End Users
with Director

Issue Resolution
An error dialog is received during configuration If an error dialog box is received while
with Citrix Studio. configuring XenDesktop in Citrix Studio, a
descriptive message will display that may help
you self-diagnose the issue.
If you are unable to address the issue based on
the descriptive error message, you can select the
option in Studio: "I need help from Citrix to
solve this problem." When this option is
N

selected, the Citrix Tools as a Service (TaaS)

ot

system searches an error reporting web service

maintained by the Citrix TaaS team. If the
fo

service locates a matching Knowledge Base (KB)

article that specifically addresses the problem, it
rr

displays the article. If no match is found, you

es

are directed to a web page where you can send

details to Citrix and search Citrix Support
al

forums.
e

For more information about TaaS, access

or

your Student Resource Kit (SRK).

di

Unable to shadow an end-user session in 1. Ensure that the end user has an active
s

Director. session.
tri

2. Verify that remote assistance is enabled on

bu

the virtual desktop.

t

3. Verify that the administrator has the

io

correct permissions to shadow end users

n

within Director.
4. Verify that the device you are trying to
shadow accepts connections on port 3389.

The HDX Panel is not available in the Verify that the end user's machine is connected
administrator's Director. using HDX. If the end user is not connected
using HDX, then the panel will not be available.

Usage graphs are not displayed in the Ensure that the latest version of Flash is
dashboard. installed on the system running Director.

© Copyright 2016 Citrix Systems, Inc. Module 7: Managing and Monitoring Sessions, Sites, and End
Users with Director 191
Issue Resolution
An error is displayed when running Real-Time Citrix Director requires that WinRM 1.1 or later
reports. be installed and enabled on the desktop
machine.

Citrix recommends upgrading to WinRM

2.0 - based on operating system
compatibility.

Reinforcement Exercise: Using Director

During this exercise, you will not be given step-by-step instructions for performing the
N

task. Instead, you are asked to use what you have learned to complete it. This exercise is
ot

designed to take your newly-acquired knowledge and determine if you can apply it to
perform a task you have never done before. In most instances the default value will be the
fo

best choice, but we encourage you to explore and try different options. If you have a
question or need help, ask the instructor or a fellow student for assistance.
rr

In this module, you learned how to:

es

• Monitor using the Dashboard within Director.

al

• Monitor and manage end-user sessions within Director.

e

• Monitor historical trends within Director.

or

Time to complete: Approximately 30 minutes

di

As a prerequisite for this exercise, perform the following:

s

• Logon to the EndPoint-Internal virtual machine using the HRUser1 and Password1 credentials.
tri

• Logon to StoreFront (https://sfs-1.training.lab/Citrix/StoreWeb) using the HRUser1 and

bu

Password1 credentials.
t

• Launch the HR Desktop.

io
n

You want to explore some more of the options that Director can offer Training.
To complete your objective:
• Use Director to restart the machine used by the HRUser1 user.
• View the results of issuing the command:
• Watch the virtual machine restart in Citrix XenCenter.
• View the results on the EndPoint-Internal virtual machine.
• On the EndPoint-Internal virtual machine logon again to HR Desktop using the
TRAINING\HRUser1 credentials once the machine has finished restarting.
• Reset the Personal vDisk of the HR Desktop for the TRAINING\HRUser1.

192 Module 7: Managing and Monitoring Sessions, Sites, and End Users with Director © Copyright
2016 Citrix Systems, Inc.
 8
Module 8

Managing Printing
N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

194 © Copyright 2016 Citrix Systems, Inc.

Managing Printing
Overview
Printing is a very important aspect of every Citrix infrastructure, but it is not well understood and a
common cause of issues. XenApp and XenDesktop offer a variety of features to enable you to
successfully integrate printing in almost every scenario. Choosing the most appropriate printing
configuration for your organization helps to simplify administration and improve the end-user
experience. In order to successfully design a printing infrastructure it is vital to understand the
available technologies as well as their benefits and limitations.
After completing this module, you will be able to:
• Manage printers using policies.
N

• Add session printers.

ot

• Map and install printer drivers.

• Customize and optimize printing performance.
fo

• Manage the Universal Print Server.

rr

Module timing: Approximately 3 hours

es

The lab environment Student Desktop has two management consoles. You will use both
al

interchangeably throughout this course. Microsoft Remote Desktop Connection Manager

e

is the preferred method to logging in and interacting with your virtual machines. Citrix
or

XenCenter is the preferred method to managing power tasks, mounting and un-mounting
ISO's.
di

Before you begin, your must ensure these following lab environment core virtual machines
s

are powered on:

tri

• Controller-1
bu

• DomainController-1
• SQLServer-1
t io

• StoreFrontServer-1
n

• StudentManagementConsole-1
• UniversalPrintServer-1
To conserve resources all other core lab environment virtual machines that are not a part
of a machine catalog may be powered down. Powering down machine catalog virtual
machines is not favored as it could impact future session launch times.
All lab environment virtual machines are power managed through XenCenter. To change
the power state of a lab environment virtual machine, complete the following steps:
1. Select the virtual machine within XenCenter.
2. Click on either the Start or Shutdown button on the top-right of the XenCenter.

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 195

Print Management Process
Managing printing in a XenApp and XenDesktop environment is a multi-stage process:
• Plan your printing architecture, including analyzing your business needs, your existing printing
infrastructure, how your end users and applications interact with printing today, and which
printing management model best applies to your environment.
• Configure your printing environment, including creating the policies necessary to deploy your
printing design.
• Test a pilot printing configuration before deploying it to end users.
• Maintain your Citrix printing environment, including updating policies when new employees
or servers are added and maintaining drivers on your XenApp and XenDesktop machines.
• Troubleshoot issues that may arise in your printing environment.
N

Default Printing Behavior

ot

By default, if you do not configure any policy rules, XenApp and XenDesktop printing behaviors
fo

are as follows:
rr

• All printers configured on the end-user device are created automatically at the beginning of
es

each session. This behavior is equivalent to configuring the Citrix policy setting Auto-create
client printers with the Auto-create all client printers option.
al

• XenApp and XenDesktop route all print jobs queued to printers locally attached to end-user
e

devices as client print jobs.

or

• XenApp and XenDesktop route all print jobs queued to network printers directly from Server
OS machines. If XenApp and XenDesktop cannot route the jobs over the network, they will
di

route them through the end-user device as a redirected client print job.
s

• XenApp and XenDesktop uses the Windows version of the printer. If the printer driver is not
tri

available, XenApp and XenDesktop attempts to install the driver from the Windows operating
bu

system. If the driver is not available in Windows, they use a Citrix Universal Printer Driver.
• The Universal Print Server is disabled.
t io
n

196 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

 N
ot
fo
rr
es
al
e
or
di
s tri
bu

Configuring Client Printing

t io

XenApp and XenDesktop policies specify the client printers that are made available for end-user
n

sessions. You can control the number and type of printers that are made available, along with
customizing printer settings and options.
Within client-based printing policies, you can configure options such as client printer auto-creation,
client printer redirection, printer property retention, print mapping, and other settings.

Modifying Client Printer Auto-Creation

Client printer auto-creation settings allow you to specify client printing behavior from the auto-
creation of default printers to auto-creation of local non-network client printers only.

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 197

During printer auto-creation, if a new local printer connected to a end-user device is detected, the
server hosting the published application is checked for the required printer driver. By default, if a
Windows-native driver is not available, the Universal printer driver is used. This setting overrides
default client printer auto-creation settings. This setting takes effect only if the Client printer
redirection setting is present and set to Allowed.

To Modify Client Printer Auto-Creation Behavior

1. Logon to a virtual machine that has Citrix Studio and the Group Policy Management feature
installed using domain administrator credentials.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Click Tools in Server Manager and then click Group Policy Management to open the Group
N

Policy Management Console.

ot

3. Select the organizational unit to which you want to apply the policy.
fo

Expand Forest: Training.lab > Domains > Training.lab > Training Users > Human
Resources.
rr

4. Right-click the OU and then click Create a GPO in this domain, and Link it here.
es

Right-click Human Resources and then click Create a GPO in this domain, and Link it
al

here.
e

5. Type a name for the new Group Policy Object and then click OK.
or

Type Print Settings in the Name field and then click OK.
di

6. Click the OU containing the policy, right-click the GPO to which you want to add settings in
s tri

the Linked Group Policy Objects tab and then click Edit.
bu

Click the Human Resources OU, right-click Print Settings in the Linked Group Policy
Objects tab, and then click Edit.
t io

7. Expand User Configuration > Policies > Citrix Policies nodes.

n

8. Click Edit in the right pane to add settings to the unfiltered Citrix User Policy.

If you select Edit, you are adding new settings to the Unfiltered policy. If you select
New, you are creating a new policy and can filter that policy to determine to which
objects the policy will apply.

9. Select the Settings tab to view the available settings.

10. Select a category of settings in the Categories field.
Select Printing > Client Printers in the Categories field.

198 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

 If you know the name of the category or a word in the name of the setting, you can
search for the setting using the Search field. For example, you could search for
Printing or Client Printers, or auto-create.

11. Click Add to the right of the desired setting.

Click Add to the right of the Auto-create client printers setting.

12. Select the desired value for the setting in the Value field and then click OK.
Select Auto-create the client's default printer only and then click OK.

13. Click OK.

14. Close the Group Policy Management Editor.
15. Select the Group Policy Object OU in the left pane and drag the policy to another OU to
which you also want to apply that policy.
N
ot

a. Select the Group Policy Objects OU, select the Print Settings policy, and drag it to
the Training Users > Engineering OU.
fo

b. Click OK in the Group Policy Management message.

rr

This step is only necessary if you want to apply an existing policy to another OU.
es
al
e
or

Discussion Question
di

When a Windows-native driver is not available and the Citrix universal print driver is not being
s

used. What could be the problem?

tri
bu

Adding Session Printers

t io

By default, network printers on the end-user device are created automatically at the beginning of
n

sessions. XenApp and XenDesktop enable you to reduce the number of network printers that are
enumerated and mapped by specifying the network printers to be created within each session.
Network printers created within the session printers setting can vary according to where the session
was initiated by filtering on objects such as subnets. This feature enables you to control the
assignment of network printers so that the most appropriate printer is presented to the end-user,
based on the location of the end-user device (also known as Proximity Printing).

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 199

To Add Session Printers
1. Logon to a virtual machine that has Citrix Studio and the Group Policy Management feature
installed using domain administrator credentials.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Click Tools in Server Manager and then click Group Policy Management to open the Group
Policy Management Console.
3. Select the organizational unit to which you want to apply the policy.
Expand Forest: Training.lab > Domains > Training.lab > Training Users.

4. Right-click the OU and then click Create a GPO in this domain, and Link it here.
Right-click Training Users and then click Create a GPO in this domain, and Link it here.
N
ot

5. Type a name for the new Group Policy Object and then click OK.
Type Session Printers in the Name field and then click OK.
fo
rr

6. Click the OU containing the newly created policy, right-click the GPO to which you want to
add settings in the Linked Group Policy Objects tab, and then click Edit.
es

Click Training Users, right-click Session Printers in the Linked Group Policy Objects tab
al

and then click Edit.

e

7. Expand User Configuration > Policies > Citrix Policies.

or

8. Click New in the right pane to launch the New Policy wizard.
di

If you select Edit, you are adding new settings to the Unfiltered policy. If you select
s

New, you are creating a new policy and can filter that policy to determine to which
tri

objects the policy will apply.

bu

You are creating a new policy so that filters can be applied at a later time should you decide
t io

to enable proximity printing.

n

9. Type a name for the new policy or leave the field blank and then click Next.
Type Citrix Session Printers in the Name field and then click Next.

10. Type a setting name or a word contained in the setting to filter the Settings list.
Type Session printers in the Search field.

You could also scroll through the categories of settings in the Categories field to find
the required setting.

200 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

11. Click Add to the right of the desired setting.
Click Add to the right of the Session printers setting.

12. Click Add.

13. Click Browse, go to the location where the network printers are defined, and then click OK.

a. Type \\UPS-1 into the Printer UNC path and then click Browse.
b. Expand Entire Network > UPS-1.
c. Click Accounting to add the Accounting printer.
d. Click OK.

You could also type the UNC path to the printer directly into the Printer UNC path
field and then click OK.
N
ot

14. Click OK after all desired network printers are added to the Session printers list.
fo

15. Click Next to go to the Filters screen.

16. Configure any necessary filters and then click Next.
rr

Click Next.
es
al

You will not be adding any filters at this time. If you wanted to enable proximity
e

printing, you could assign session printers to end users based on the Client IP address
filter. Session printers are an optimal configuration for scenarios where users roam
or

between locations using the same device (laptop, tablets) or where thin clients are used
because they do not have the ability to connect to network-based printers directly.
di
s

17. Click Create.

tri

18. Close the Group Policy Management Editor.

bu
t

Managing Printer Drivers

io
n

There are three options for managing printer driver usage within XenApp and XenDesktop policies:
• Automatic installation of in-box printer drivers
• Universal Printer Driver preference
• Universal Printer Driver usage
Using these features, you can control the way end-user sessions use specific printer drivers as well
as configure the Citrix Universal Printer driver settings.

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 201

Automatic Installation of In-Box Printer Drivers
You have the ability to control the automatic installation of Windows-native printer drivers. If it is
necessary to ensure consistency across Server OS machines and virtual desktops, this can be
achieved by disabling the policy setting through Citrix or Microsoft policies.

To Configure the Automatic Installation of Printer Drivers

1. Logon to a virtual machine that has Citrix Studio and the Group Policy Management feature
installed using domain administrator credentials.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Click Tools in Server Manager and then click Group Policy Management to open the Group
N

Policy Management Console.

ot

3. Select the organizational unit to which you want to apply the policy.
fo

Expand Forest: Training.lab > Domains > Training.lab > Training Users.
rr

4. Right-click the OU and then click Create a GPO in this domain, and Link it here.
es

Right-click Training Users and then click Create a GPO in this domain, and Link it here.
al

5. Type a name for the new Group Policy Object and then click OK.
e

Type Disable Auto-Install of Printer Drivers in the Name field and then click OK.
or

6. Click the OU containing the newly created policy, right-click the GPO to which you want to
di

add settings in the Linked Group Policy Objects tab, and then click Edit.
s

Click Training Users, right-click Disable Auto-Install of Printer Drivers in the Linked
tri

Group Policy Objects tab and then click Edit.

bu

7. Expand User Configuration > Policies > Citrix Policies.

t io

8. Select Edit to add settings to the unfiltered Citrix User Policy.

n

9. Select the Settings tab to view the available settings.

10. Type a setting name or a word contained in the setting to filter the Settings list.
Type Automatic or Printer in the Search field.

You could also scroll through the categories of settings in the Categories field to find
the required setting.

11. Click Add to the right of the desired setting.

Click Add to the right of the Automatic installation of in-box printer drivers setting.

202 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

12. Select the appropriate value for the setting and then click OK.
Select Disabled and then click OK.

13. Click OK.

While you added multiple settings to the unfiltered Citrix User Policy in previous
procedures, the reason that you do not see them now is because they were applied to a
different OU in the environment.

14. Close the Group Policy Management Editor.

Configuring Printer Driver Mapping and Compatibility

Each client provides information about client-side printers during logon, including the printer
N

driver name. During client printer auto-creation, Windows server printer driver names are selected;
these names correspond to the printer model names provided by the client. The auto-creation
ot

process then uses identified, available printer drivers to construct redirected client print queues.
fo

If the client driver is different to the driver name on the server it can prevent mapping
rr

from automatically occurring.

es
al

When you define these rules, you can allow or prevent printers from being created with the specific
driver. Additionally, you can allow created printers to use only the Universal Printer Driver.
e

You can add a driver mapping, edit an existing mapping, or override custom settings.
or
di

To Configure Printer Driver Mapping and Compatibility

s tri

1. Logon to a virtual machine that has Citrix Studio and the Group Policy Management feature
bu

installed using domain administrator credentials.

t

Logon to the StudentManagementConsole-1 virtual machine using the

io

TRAINING\Admin1 and Password1 credentials.

n

2. Click Tools in Server Manager and then click Group Policy Management to open the Group
Policy Management Console.
3. Browse to the OU containing the Group Policy Objects.
Expand Forest: Training.lab > Domains > Training.lab > Group Policy Objects.

4. Right-click the policy to which you want to add new settings and then click Edit.
Right-click the Print Settings policy and then click Edit.

5. Expand User Configuration > Policies > Citrix Policies.

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 203

6. Select Edit to add settings to the unfiltered Citrix User Policy.

If you select Edit, you are adding new settings to the Unfiltered policy. If you select
New, you are creating a new policy and can filter that policy to determine to which
objects the policy will apply.

7. Select the Settings tab to view the available settings.

8. Type a setting name or a word contained in the setting to filter the Settings list.
Type Mapping or Printer in the Search field.

You could also scroll through the categories of settings in the Categories field to find
the required setting.

9. Click Add to the right of the desired setting.

N
ot

Click Add to the right of the Printer driver mapping and compatibility setting.
fo

10. Specify the desired values for the setting.

rr

a. Click Add to configure driver mapping.

es

b. Type HP PhotoSmart D-110.

c. Select Replace with.
al

d. Type HP PhotoSmart 220X in the Replace with field.

e

e. Click OK.
or
di

You could also click the Find Driver button to search for the desired printer driver. If
you have printer drivers already configured, you can use those drivers.
s tri
bu

11. Click OK twice after all settings have been configured.

t io

The new setting in the unfiltered policy is displayed in the Active Settings pane of the
Group Policy Management Editor.
n

12. Close the Group Policy Management Editor.

Universal Printer Driver

To simplify printing in XenApp and XenDesktop environments, Citrix recommends the use of the
Citrix Universal Printer Driver (UPD). The Universal Printer Driver is a device-independent driver
that supports any print device and thus simplifies administration by reducing the number of drivers

204 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

required. The Universal Printer Driver supports advanced printer functionality, such as stapling and
sorting, and does not limit color depth.
The UPD consists of two components:
• Server component: On a XenApp and XenDesktop-based virtual desktop, the Citrix UPD is
installed as part of the XenApp and XenDesktop VDA installation. When a print job is
initiated, this driver records the output of the application and sends it, without any
modification, to the end-user device with the ICA/HDX connection.
• Client component: The client component of the Citrix UPD is installed as part of the Citrix
Receiver installation. It receives the incoming print stream for the virtual desktop and forwards
it to the local printing subsystem where the print job is rendered using the device-specific
printer driver.
The diagram shows the UPD components and a typical work flow for a printer locally attached to a
device.
N
ot
fo
rr
es
al
e
or
di
s tri
bu
t io
n

Controlling Universal Printing Behavior

Universal Printing behavior is controlled by configuring policies to optimize processing, print
quality, and compression limit settings. Using these features you can streamline items such as the
transfer of printer traffic and the spooling process.

Optimizing Printing Performance

The following policies control printing optimization and compression:

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 205

• Universal printing optimization defaults
• Desired image quality
• Enable heavyweight compression
• Image and Font caching
• Allow non-administrators to modify these settings
• Universal printing image compression limit
• Universal printing print quality limit
• Printer redirection bandwidth limit
• Printer redirection bandwidth limit percent

To Configure Printing Optimization

N

1. Logon to a virtual machine that has Citrix Studio and the Group Policy Management feature
ot

installed using domain administrator credentials.

Logon to the StudentManagementConsole-1 virtual machine using the
fo

TRAINING\Admin1 and Password1 credentials.

rr

2. Click Tools in Server Manager and then click Group Policy Management to open the Group
es

Policy Management Console.

al

3. Browse to the OU to which you want to apply the policy.

e

Expand Forest: Training.lab > Domains > Training.lab > Training Users.
or

4. Right-click the OU and then click Create a GPO in this domain, and Link it here.
di

Right-click the Training Users and then click Create a GPO in this domain, and Link it
s

here.
tri

5. Type a name for the new policy and then click OK.
bu

Type Printer Optimizations in the Name field and then click OK.
t
io

6. Right-click the policy in the Linked Group Policy Objects tab and then click Edit.
n

Right-click the Printer Optimizations policy and then click Edit.

7. Expand User Configuration > Policies > Citrix Policies.

8. Select Edit to add settings to the unfiltered Citrix User Policy.

If you select Edit, you are adding new settings to the Unfiltered policy. If you select
New, you are creating a new policy and can filter that policy to determine to which
objects the policy will apply.

9. Select the Settings tab to view the available settings.

206 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

10. Type a setting name or a word contained in the setting to filter the Settings list.
Type Universal or Printing in the Search field.

You could also scroll through the categories of settings in the Categories field to find
the required setting.

11. Click Add to the right of the desired setting.

Click Add to the right of the Universal printing optimization defaults setting.

12. Specify the desired values for the setting.

Select Reduced quality (maximum compression) in the Desired image quality field, select
the Enable heavy weight compression and then click OK.
N

13. Click Add to the right of the desired setting.

ot

Click Add to the right of the Universal printing print quality limit setting.
fo

14. Select the desired option from the Value field.

rr

Select Medium resolution (600 DPI).

es

15. Click OK twice after all settings have been configured.

al
e

The new settings in the unfiltered policy are displayed in the Active Settings pane of
the Group Policy Management Editor.
or
di

While you added multiple settings to the unfiltered Citrix User Policy in previous
s

procedures, the reason that you do not see them now is because they were applied to a
tri

different OU in the environment.

bu

16. Close the Group Policy Management Editor.

t io
n

Discussion Question
End users are experiencing substantial network latency when attempting to print high quality
images used for marketing campaigns. What policies should be adjusted or implemented to resolve
this? Which policies would you want to avoid?

Setting Up and Managing the Universal Print Server

The Universal Print Server provides universal printing support for network printers. The Universal
Print Server uses the Universal Printer Driver, which is installed with XenApp and XenDesktop.

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 207

 The Citrix Universal Print Server is recommended for remote print server scenarios or
environments with numerous network-based printers. Since the print drivers are installed
on the print server instead of the XenApp or XenDesktop hosts, this greatly simplifies
print driver management.

N
ot
fo
rr
es
al
e
or

To Set Up and Manage the Universal Print Server

di

1. Logon to a virtual machine that has Citrix Studio and the Group Policy Management feature
s tri

installed using domain administrator credentials.

bu

Logon to the StudentManagementConsole-1 virtual machine using the

TRAINING\Admin1 and Password1 credentials.
t io

2. Click Tools in Server Manager and then click Group Policy Management to open the Group
n

Policy Management Console.

3. Browse to the OU to which you want to apply the policy.
Expand Forest: Training.lab > Domains > Training.lab > Training Virtual Desktops.

4. Right-click the OU and then click Create a GPO in this domain, and Link it here.
Right-click the Training Virtual Desktops and then click Create a GPO in this domain,
and Link it here.

208 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

5. Type a name for the new policy and then click OK.
Type Universal Printing in the Name field and then click OK.

6. Right-click the policy in the Linked Group Policy Objects tab and then click Edit.
Right-click the Universal Printing policy and then click Edit.

7. Expand Computer Configuration > Policies > Citrix Policies.

Ensure that you select Computer Configuration in this step.

8. Select Edit to add settings to the unfiltered Citrix User Policy.

If you select Edit, you are adding new settings to the Unfiltered policy. If you select
N

New, you are creating a new policy and can filter that policy to determine to which
ot

objects the policy will apply.

fo

9. Select the Settings tab to view the available settings.

rr

10. Type a setting name or a word contained in the setting to filter the Settings list.
es

Type Print Server in the Search field.

al

You could also scroll through the categories of settings in the Categories field to find
e

the required setting.

or

11. Click Add to the right of the desired setting.

di
s

Click Add to the right of the Universal Print Server enable setting.
tri

12. Specify the desired values for the setting and then click OK.
bu

Select Enabled with fallback to Windows' native remote printing in the Value field and
t

then click OK.

io
n

13. Click OK after the settings have been configured.

The new settings in the unfiltered policy are displayed in the Active Settings pane of
the Group Policy Management Editor. While you added multiple settings to the
unfiltered Citrix User Policy in the previous procedure, the reason that you do not see
them now is because this policy setting is a Citrix Computer Policy rather than a
Citrix User Policy.

14. Close the Group Policy Management Editor.

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 209

Troubleshooting: Managing Printing

Issue Resolution
Cannot update printer drivers. Citrix recommends that you never update a
printer driver. Always uninstall a driver, restart
the print server, and install the replacement
driver. This helps ensure consistency and
decreases the chance that issues with existing
drivers are transferred to the updated drivers.

Printers that are no longer used or no longer Verify that all unused drivers are uninstalled to
exist are being created. prevent this.
N

The Universal Print Server does not appear. • Verify that the Universal Print Server is
ot

enabled.
• Ensure that the operating system is
fo

Windows Server 2008 or later.

rr
es

Reinforcement Exercise: Managing Printing

al
e

During this exercise, you will not be given step-by-step instructions for performing the
task. Instead, you are asked to use what you have just learned to complete it. This exercise
or

is designed to take your newly-acquired knowledge and determine if you can perform a
task you have never done before. In most instances the default value will be the best
di

choice, but we encourage you to explore and try things out. If you have a question or need
s

help, ask the instructor or a fellow student for assistance.

tri
bu

In this module, you learned how to:

• Manage printers using policies.
t io

• Add session printers.

n

• Map and install printer drivers.

• Customize and optimize printing performance.
• Manage the Universal Print Server.
Time to complete: Approximately 45 minutes
Your manager at Training has tasked you with creating the following policies in Citrix Studio. To
complete your objective, create the following policies:
• Local Users Print
• Universal printing image compression limit - no compression
• Default printer: \\UPS-1\Accounting

210 Module 8: Managing Printing © Copyright 2016 Citrix Systems, Inc.

 • Wait for printers to be created - enabled
• Apply it to the Hosted Applications Delivery Group
• Satellite Office Users Print
• Automatic installation of in-box printer drivers disabled
• Universal printing image compression limit to reduced quality
• Default printer \\UPS-1\Color Laser Printer
• Apply it to the HR Desktops delivery group.
• Eng NY Print
• XPS Universal Printer driver to a higher priority
• Client printer redirection prohibited
• Retained and restored printers prohibited
• Apply it to the Engineering-NY users group
N

• Eng Miami Print

ot

• Client default printer only auto create

fo

• Automatic installation of in-box printer drivers disabled

rr

• Apply it to the Engineering-Miami users group

• Unfiltered
es

• Computer policy with universal print server enabled (Windows fallback)

al

• 200 kbps Print Server bandwidth limit

e

• Ensure the Satellite Office Users Print policy has a higher priority than the Local Users print
or

policy.
di

Remember to use the RSOP wizard to verify settings.

s tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. Module 8: Managing Printing 211

 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

212 © Copyright 2016 Citrix Systems, Inc.

 9
Module 9

Managing
Provisioning
Services
N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

214 © Copyright 2016 Citrix Systems, Inc.

Managing Provisioning Services
Overview
Provisioning Services takes a different approach from traditional imaging solutions by
fundamentally changing the relationship between hardware and the software that runs on it.
Provisioning Services enables organizations to reduce the number of images that they manage and
simultaneously provides the efficiencies of centralized management with the benefits of distributed
processing.
After completing this module, you will be able to:
• Describe the basic architecture and communication flow of Provisioning Services.
• Describe the differences between Machine Creation Services and Provisioning Services.
N

• Manage vDisks and target devices for a Provisioning Services implementation.

ot

• Manage vDisk updates.

fo

Module timing: Approximately 5 hours

rr

The lab environment Student Desktop has two management consoles. You will use both
es

interchangeably throughout this course. Microsoft Remote Desktop Connection Manager

is the preferred method to logging in and interacting with your virtual machines. Citrix
al

XenCenter is the preferred method to managing power tasks, mounting and un-mounting
e

ISO's.
or

Before you begin, your must ensure these following lab environment core virtual machines
are powered on:
di

• Controller-1
s

• DomainController-1
tri

• EndPoint-Internal-1
bu

• ProvisioningServicesHost-1
t

• SQLServer-1
io

• StoreFrontServer-1
n

• StudentManagementConsole-1
To conserve resources all other core lab environment virtual machines that are not a part
of a machine catalog may be powered down. Powering down machine catalog virtual
machines is not favored as it could impact future session launch times.
All lab environment virtual machines are power managed through XenCenter. To change
the power state of a lab environment virtual machine, complete the following steps:
1. Select the virtual machine within XenCenter.
2. Click on either the Start or Shutdown button on the top-right of the XenCenter.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 215
Citrix Provisioning Services
Provisioning Services provides the ability to provision the operating system of a computer and re-
provision it in real time. Administrators can choose from a one-to-one relationship between the
Provisioning Services host and the target device or a one-to-many relationship, starting multiple
target devices from a single shared-disk image. In doing so, you can completely eliminate the need
to manage and update individual systems, allowing changes made to one disk to be deployed to
multiple target devices simultaneously.
Provisioning Services is based on software-streaming technology. After installing and configuring
Provisioning Services components, a vDisk is created from the hard drive of a device by taking a
snapshot of the operating system and application image, and then storing that image as a VHD file
on the network.
vDisks can exist on a Provisioning Services host, file share, or in larger deployments, on a storage
system with which the Provisioning Services host can communicate, such as iSCSI, NFS, and CIFS.
N

vDisks can be assigned to a single target device in private image mode, or to multiple target devices
in standard image mode.
ot
fo

Machine Creation Services or Provisioning Services

rr
es

Citrix XenApp and XenDesktop contains improvements to both the Machine Creation Services
(MCS) and Provisioning Services (PVS) features.
al

XenApp and XenDesktop sites can now be deployed and managed from within Studio. Sites can
e

also be provisioned using the MCS linked-clone delivery model. MCS allows new machine catalogs
containing virtual desktops and Server OS machines to be created with ease.
or

The Machine Creation Services model provides many of the same single-image management
di

benefits of Provisioning Services, but works directly on the storage managed by your hypervisor, so
s

there is no need for PXE or to build out a Provisioning Services deployment.

tri

Provisioning Services provides enhanced image management capabilities and storage I/O
bu

optimizations beneficial in larger, more complex environments. Provisioning Services can provide a
centralized image library for mixed environments where multiple XenApp and XenDesktop sites are
t io

used.
n

Your implementation may require you to migrate your virtual machines from Machine Creation
Services to Provisioning Services. This will allow you to use the machines that you created using
Machine Creation Services and deploy and manage those using Provisioning Services.

When possible, Citrix recommends reducing complexity by using either Provisioning

Services or Machine Creation Services, but not both. For more information about using
Machine Creation Services or Provisioning Services, see the Citrix blog "PVS vs. MCS
Revisited" at http://blogs.citrix.com/2013/08/12/pvs-vs-mcs-revisited/.

216 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
Provisioning Services Overview and Architecture

N
ot
fo
rr
es

When a target device is turned on, it is set to start from the network and to communicate with a
al

Provisioning Services host. The target device downloads the startup file from a TFTP server, and
e

then the target device starts up. Based on the device start up configuration settings, the appropriate
vDisk is located, and then mounted by a Provisioning Services host. The software on that vDisk is
or

streamed to the target device, as needed.

di

Instead of immediately pulling all the vDisk content down to the target device, the data is brought
s

across the network in real time, as needed. The Provisioning Services host provides blocks of data
tri

from the vDisk as they are requested by the operating system, in the same way that the operating
system would normally request them from its hard drive. This approach allows a target device to
bu

load a completely new operating system and software from the vDisk in the time it takes to restart.
This approach dramatically decreases the amount of network bandwidth required by traditional
t io

disk imaging tools; making it possible to support a larger number of target devices on your network
n

without impacting overall network performance, although a dedicated storage network could be
required for larger implementations.

Discussion Question
What are the components that comprise a Provisioning Services farm? What would happen if the
SQL database of the Provisioning Services farm failed?

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 217
Navigating the Provisioning Services Console
The Provisioning Services Console is used for viewing and managing sites, servers, connections, and
performing tasks such as assigning vDisk to target devices, managing stores, creating device
collections and more.

To Navigate the Provisioning Services Console

1. Logon to a virtual machine that has the Provisioning Services Console installed using domain
administrator credentials.
Logon to the StudentManagementConsole-1 virtual machine using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click the Provisioning Services Console icon on the Start screen.

N

3. Click Action and then click Connect to Farm.

ot

4. Specify the hostname name of the Provisioning Services server in the Name field and then click
fo

Connect.
rr

Type PVS-1.Training.lab in the Name field and then click Connect.

es

5. Double-click the farm node in the left pane of the Provisioning Services Console to expand it.
al

Double-click Training (PVS-1.Training.lab).

e

You could also expand a node by clicking the arrow to the left of the node.
or
di
s

6. Double-click the Sites node in the left pane of the Provisioning Services Console to expand it.
tri
bu

The Sites node can contain multiple sites. Each site contains the servers, vDisk pools,
device collections, and settings for the resources defined in that site. In our lab
t

environment, you will only have a single site available.

io
n

7. Double-click a site in the Sites node to reveal its contents.

Double-click the Miami site.

8. Click the Servers node in the left pane of the Provisioning Services Console to expand it and
view information about the Provisioning Services servers in the implementation.

The green icon next to the server name indicates the PVS-1 virtual machine is
currently online and in an UP state.

218 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
9. Double-click the Device Collections node in the left pane of the Provisioning Services Console
to expand it and view the collections that are currently defined.
10. Double-click the Stores node in the left pane of the Provisioning Services Console to view the
stores that are currently defined.

The names of the individual sites, device collections, and stores can be changed by
right-clicking the node and selecting Properties. The name of the farm cannot be
changed.

11. Right-click the store name and then click Properties.

Right-click Store and then click Properties.

12. Click the Paths tab and select the appropriate path for the default store.
Click the Paths tab and type E:\PVS into the Default store path field.
N

13. Validate the store path.

ot

Click Validate, verify "Valid" is listed as the status, and click Close.
fo

14. Click OK and then click OK on the Write Cache Path window.
rr
es

To Create a Provisioning Services Master Virtual Machine

al
e

1. Right-click a template in XenCenter and then click Quick Create.

or

a. Open XenCenter.
b. Right-click Win8_template in XenCenter and then click Quick Create.
di
s

2. Right-click the newly created virtual machine and then click Properties.
tri

Right-click Win8_template (1) and then click Properties.

bu

3. Type a new name for the virtual machine in the Name field and then click OK.
t io

Type Win8-PVS-Master as the name and then click OK.

n

4. Click the Console tab in XenCenter for the newly created virtual machine and wait for the VM
to start.
5. Select the appropriate options on the Region and language screen and then click Next.
Click Next to accept the default options.

6. Read and respond to the license terms.

Click I accept.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 219
7. Type a name for the computer in the PC name field and then click Next.
Type Win8-PVS in the PC name field and then click Next.

8. Specify which settings to use for the computer.

Click Use express settings.

9. Specify how you want to sign in to the computer.

Select Create a new account.

10. Specify how you want to sign in to the computer.

Select Sign in without a Microsoft account.

11. Specify a username, password and password hint information for the new local account and
then click Finish.
N
ot

a. Type TempUser2 in the User name field.

b. Type Password1 in the Password and Reenter password fields.
fo

c. Type First Password in the Password hint field.

rr

d. Click Finish.
es

12. Wait whil the virtual machine completes its setup. Click on the Start button to get to the Start
al

screen.
e

13. Type This PC at the Start screen, right-click This PC, and then select Properties.
or

14. Click Change settings and then click Change.

15. Select Domain, type the name of the domain into the Domain field, and then click OK.
di

Select Domain, type Training.lab and then click OK.

stri

16. Type the credentials of a domain administrator into the User name and Password fields and
bu

then click OK.

Type Admin1 in the User name field, Password1 in the Password field and then click OK.
t io

17. Click OK in the ComputerName/Domain Changes message.

n

18. Click OK in the Restart message.

19. Click Close in the System Properties screen.
20. Click Restart Now in the Microsoft Windows message.

220 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
To Install the Virtual Delivery Agent (VDA)
1. Logon to the virtual machine that will be used as the Master Target Device for Provisioning
Services using domain administrator credentials.
Logon to the Win8-PVS-Master virtual machine using the TRAINING\Admin1 and
Password1 credentials.

2. Insert the XenApp and XenDesktop installation media into the DVD drive.
Select XenApp_and_XenDesktop7_6.iso in the DVD Drive 1 field.

3. Click Desktop on the Start screen and then click the File Explorer icon.
4. Select This PC and then double-click CD Drive (D:) XA and XD 7.6.

Double-click AutoSelect if the installation wizard does not start automatically.

N
ot

5. Click Start next to XenDesktop on the installation screen.

fo

6. Click Virtual Delivery Agent for Windows Desktop OS.

rr

7. Click Yes on the User Account Control window if it appears.

es

8. Determine how you want the Virtual Delivery Agent to be configured on the virtual machine
al

and then click Next.

e

Verify that Create a Master Image is selected and then click Next.
or

This option is selected because we are installing the VDA on a Master Image. For
di

more information about optimizing XenDesktop machines, see Citrix article

CTX125874 at http://support.citrix.com.
s tri

9. Determine which Virtual Delivery Agent to install on the virtual machine and then click Next.
bu

Select No, install the standard VDA and then click Next.
t io

10. Select the core components to install during the Virtual Delivery Agent installation and then
n

click Next.
Verify that Citrix Receiver is selected and then click Next.

11. Determine how the Delivery Controllers in the environment will be identified and then click
Next.

a. Select Do it manually, type c-1.Training.lab, click Test Connection and then click
Add.
b. Click Next.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 221
 For production Provisioning Services deployments it is recommended to use Active
Directory group policy to specify the controller location. This will allow controllers to
be changed or added without having to update the image. A minimum of two
controllers should be utilized to prevent a single point of failure in the environment.

12. Select the features to install and then click Next.

Verify that all features except Personal vDisk are selected and then click Next.

13. Determine how the firewall rules will be configured and then click Next.
Verify Automatically is selected and then click Next.

These are the default ports used by the Controller. If you need to use different ports,
select Manually and then configure the respective ports after the installation
completes.
N
ot

14. Review the prerequisites and the components selected for installation on the Summary screen
and then click Install.
fo

15. Click Finish when the installation is completed.

rr

The virtual machine will restart automatically after the prerequisites and components
es

are installed.
al
e

16. Wait while the virtual machine restarts.

or

Do not shut down the virtual machine or eject the installation media until the virtual
machine restarts successfully. If the installation of the VDA or the restart of the virtual
di

machine is interrupted, vDisks created from the Master Target Device will not register
s

with XenDesktop.
tri

17. Eject the installation media from the DVD drive.

bu

Click Eject to the right of the DVD Drive 1 field to eject the installation media.
t io
n

Creating the vDisk

After the operating system and desired software are installed on the Master Target Device, you
must convert the hard drive of the Master Target Device into a vDisk file. The resultant vDisk file
is stored on a Provisioning Service server or shared storage so it can be accessed by any
Provisioning Services server that will provide the vDisk to target devices.

222 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
To Convert the Hard Drive of the Master Target Device to a
vDisk
1. Logon to the Master Target Device using your domain administrator credentials.
Logon to Win8-PVS-Master using the TRAINING\Admin1 and Password1 credentials.

2. Insert the PVS installation media into the DVD drive.

Select ProvisioningServices_7_6.iso in the DVD Drive 1 field.

3. Click Desktop on the Start screen and then click the File Explorer icon.
4. Select This PC and then double-click CD Drive (D:) PVS_7.6.

Double-click autorun if the installation wizard does not start automatically.

N
ot

5. Click Target Device Installation twice.

fo

6. Click Next on the Welcome screen of the Installation wizard.

rr

7. Read and respond to the license agreement.

es

Select I accept the terms in the license agreement and then click Next.
al

8. Type the customer information in the appropriate field, determine for whom the application is
e

being installed, and then click Next.

or

Click Next to accept the default selections.

di

9. Specify a destination folder and then click Next.

s

Click Next to accept the default destination folder.

tri
bu

10. Click Install and wait while the installation completes.

11. Click OK to update files or services that cannot be updated while the system is running.
t io

12. Verify that Launch Imaging Wizard is selected and then click Finish.
n

13. Click Next on the Welcome screen of the Imaging wizard.

14. Type the name or the IP address of the first Provisioning Services VM into the Server field and
then click Next.
Type PVS-1.training.lab and then click Next.

15. Determine whether a new or existing vDisk will be used and then click Next.
Verify Create new vDisk is selected and then click Next.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 223
16. Type a name for the new vDisk.
Type Win8vDisk.

17. Select the vDisk type and then click Next.

Select Dynamic and then click Next.

The Fixed vDisk type allocates 100% of the space allocated for the vDisk immediately.
The Dynamic vDisk type allocates space as it is needed. A Dynamic vDisk starts out
small and then grows up to the maximum amount of space allocated as it is needed.

18. Select the Volume Licensing method to be used with the vDisk and then click Next.
Select Key Management Service (KMS) and then click Next.

19. Define the size of each volume and then click Next.
N

Click Next to accept the default volume sizes.

ot

20. Type a name for the target device and then click Next.
fo

Type Win8TD and then click Next.

rr
es

21. Click Optimize for Provisioning Services, click OK, and then click Finish.
22. Click No in the Reboot message and then click No again.
al
e

Do not restart the VM at this point.

or
di

23. Click the General tab for the Master Target Device VM in XenCenter and then click
s

Properties.
tri

Click Win8-PVS-Master in XenCenter, click the General tab, and then click Properties.
bu
t

You will need to use Citrix XenCenter for steps 22-26.

io
n

24. Click Boot Options and then select Network.

25. Move Network to the top of the list to force the VM to start up from the network instead of
from the hard drive and then click OK.
Click Move Up until the Network option is at the top of the list; deselect DVD-Drive and
Hard Disk. Ensure Network is still selected and then click OK.

26. Right-click the Master Target Device VM in XenCenter and then click Reboot.
Right-click Win8-PVS-Master and then click Reboot.

224 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
27. Click Yes in the Reboot VM message.
28. Logon to the Master Target Device VM using your domain administrator credentials.
Logon to Win8-PVS-Master VM using the TRAINING\Admin1 and Password1
credentials.

After you Logon, you will see the XenConvert progress window for the vDisk capture
process. Do not restart the VM until the XenConvert process completes. This process
takes around approximately 5 to 10minutes (If process takes less that 2 minutes than
it may have failed; please advise your instructor).

29. Wait while the XenConvert process completes and then click Finish.
30. Shut down the Master Target Device VM.
Right-click Win8-PVS-Master, click Shut Down, and then click Yes to confirm.
N

31. Eject the ProvisioningServices_7_6.iso from the virtual machine.

ot

32. Logon to the machine hosting the Provisioning Services Console using the domain
administrator credentials.
fo
rr

Logon to StudentManagementConsole-1 using the TRAINING\Admin1 and Password1

credentials.
es

33. Double-click Provisioning Services Console on the desktop.

al

34. Type the NetBIOS name or IP address of the first Provisioning Services server in the Name
e

field and then click Connect.

or

Type PVS-1.Training.lab and then click Connect.

di

35. Double-click the farm name > Sites > site name > vDisk Pool in the left pane of the
s

Provisioning Services Console.

tri

Double-click Training (PVS-1) > Sites > Miami> vDisk Pool.

bu

36. Verify that the newly created vDisk is listed.

t io

Verify that Win8vDisk is listed.

n

If the vDisk does not appear, right-click vDisk Pool and then click Refresh.

37. Verify that the newly created target device is listed.

a. Double-click Device Collections > Windows 8 in the left pane of the Provisioning
Services Console.
b. Verify that Win8TD is listed.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 225
 If the target device does not appear, right-click the collection and then click Refresh.

38. Add the target device to Active Directory.

a. Right-click Win8TD and then click Active Directory > Create Machine Account.
b. Select Training Virtual Desktops/Desktops in the "Organizational Unit" drop
down.
c. Click Create Account, verify the status is listed as "Success", and then click Close.

39. Configure the target device to boot from the vDisk.

a. Right-click Win8TD and then click Properties

b. Select vDisk in the Boot from field, and then click OK.
N

.
ot

40. Double-click Stores > store name in the left pane of the Provisioning Services Console.
fo

Double-click Stores > Store.

rr
es

41. Verify that the newly created vDisk is listed.

Verify that Win8vDisk is listed.
al
e

If the vDisk does not appear, right-click the store name and then click Refresh.
or
di
s tri

Setting the vDisk Mode

bu

In order to understand the vDisk mode, you must first understand the concept of VHD types.
t

There are two types of VHD files: static and dynamic. A static VHD file will physically be the full
io

size of the configured vDisk. A dynamic VHD file will only be as large as the amount of data
n

written to the vDisk. You can set the VHD type during the XenConvert process.
For example, if you configure a VHD file for 40 GB, but install only 10 GB of operating system and
applications on it and then set the type as static, the VHD will have a foot print of 40 GB. If you set
the 40 GB VHD file as dynamic, it will have a foot print of 10 GB. Target devices will see a 40 GB
hard drive regardless of the type of VHD file to which they connect.
A vDisk can be placed in one of two modes: standard or private. Only one mode can be applied to
a vDisk at a time. Any vDisk can be changed from one mode to another as long as there are no
current connections to the vDisk. You set the vDisk mode in the Properties of the vDisk using the
Provisioning Services Console.

226 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
A vDisk in private image mode is read/write. In private image mode, only one target device can
start up from the vDisk at a time, and that vDisk is most likely dedicated to a specific target device.
Because a private vDisk is read/write, there is no need for a write-cache; all system write backs are
written directly to the VHD file.
A vDisk in standard image mode is read only. In standard image mode, multiple target devices can
start up from the same vDisk. Because a vDisk in standard image mode is read only, it requires a
write cache file for each started target device.
The write-cache contains the information that the system would typically write back to a hard
drive. If the hard drive is read only, you need to have a place for the write back information. As a
general rule, a write-cache size of 300 - 500 MB per end user should cover mostly text-based
workloads and daily restarts. Graphic-based workloads will require a considerably larger write
cache. The size of the write cache should be determined using a workload analysis for the
organization. If the write cache is placed on the local disk of each Provisioning Services server,
there may not be a smooth transition to the remaining Provisioning Services servers in the event of
failover, because the write cache will be inaccessible. Therefore, server-side caching on the local disk
N

is not recommended for fault tolerance. Target device RAM provides the best performance for the
ot

write cache, but has limited space and is not persistent.

fo
rr
es
al
e
or
di
s tri
bu
t io
n

Dynamic VHD is best when a vDisk is configured in standard image mode. Static VHD is best
when a vDisk is configured in private image mode. When the appropriate mode is selected, an
administrator can appropriately expect and manage the growth of the vDisk footprint.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 227
To Set the vDisk Mode
1. Logon to the Provisioning Services VM using domain administrator credentials.
Logon to StudentManagementConsole-1 using the TRAINING\Admin1 and Password1
credentials.

2. Double-click the Provisioning Services Console icon on the Start screen.

3. Type the NetBIOS name or IP address of a Provisioning Services server in the Name field and
then click Connect.
Verify that PVS-1 appears in the Name field and then click Connect.

4. Double-click the farm name > Stores > store name to display the contents of the store.
Double-click Training (PVS-1) > Stores > Store.
N

5. Right-click the vDisk in the store and click Properties.

ot

Right-click Win8vDisk and then click Properties.

fo

6. Specify the access mode on the General page.

rr

Click Standard Image (multi-device, read-only access) in the Access mode field.
es

7. Specify the cache type on the General page and then click OK.
al

Click Cache in device RAM with overflow on hard disk in the Cache type field and then
e

click OK.
or

You cannot manage the vDisk properties if the vDisk is in use by any target device.
di

The vDisk will appear locked and must first be unlocked. Unlocking a vDisk that is in
s

use by any device runs the risk of corrupting data on the vDisk.
tri
bu

Creating the Machine Catalog

t io

The XenDesktop Setup Wizard can be used to create machine catalogs of target devices from the
n

Master Target Device and Provisioning Services. Machine catalogs created with the XenDesktop
Setup Wizard are displayed in Citrix Studio and are managed like machine catalogs created using
Machine Creation Services.
The Provisioning Services Streamed VM Setup Wizard assists in deploying a Provisioning Services
streamed vDisk to a number of cloned virtual machines (VMs). The wizard is run directly from a
Provisioning Services Console, for the purpose of creating virtual machines as well as the associated
Provisioning Services target devices, and assigning a shared vDisk to the virtual machines.
The XenDesktop Setup Wizard assists in deploying virtual desktops to a number of cloned virtual
machines (VMs) as well as to devices using the Personal vDisk feature. This wizard creates virtual
machines, associates Provisioning Server target devices to those machines, assigns a standard image

228 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
vDisk, and then adds all virtual desktops to a XenDesktop catalog. Using this wizard, can save you
valuable time when mass deploying virtual desktops using XenDesktop and XenApp.

To Create a Target Device Template

Prior to creating a machine catalog for use with a vDisk, you must have a template that
you can use to create the target devices that start from the network rather than a hard
drive. The target devices created from this template will use PXE or BDM to start and will
be associated with a vDisk using Provisioning Services.

1. Create a new template or make a copy of an existing template in XenCenter.

a. Right-click Win8_template and then select Copy.

b. Type TD with no storage_template in the Name field and then click Copy.
N
ot

You are using an existing template to simplify the template creation process. Use
Citrix XenCenter for steps 1 through 9.
fo
rr

2. Click the template in XenCenter and then click the General tab.
es

Click the TD with no storage_template VM in XenCenter and then click the General tab.
al

3. Click Properties.
e

4. Click Boot Options in the left pane.

or

5. Move Network to the top of the list to force the VM to start up from the network instead of
from the hard drive and then click OK.
di
s

Click Move Up until the Network option is at the top of the list; deselect DVD-Drive
tri

and Hard Disk. Ensure Network is still selected and then click OK.
bu
t

6. Deselect the DVD-Drive and Hard Disk options.

io

7. Click OK.
n

8. Click the Storage tab to remove the hard drive from the target device so you can use PXE or
BDM to start and use a vDisk.
9. Select the virtual disk, click Delete, and then click Yes in the Delete System Disk message.
Select the storage in Position 0, click Delete, and then click Yes in the Delete System Disk
message.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 229
To Create the Machine Catalog
1. Logon to the Provisioning Services VM using domain administrator credentials.
Logon to StudentManagementConsole-1 using the TRAINING\Admin1 and Password1
credentials.

2. Double-click the Provisioning Services Console icon on the Start screen.

3. Type the NetBIOS name or IP address of a Provisioning Services server in the Name field and
then click Connect.
Verify that PVS-1.Training.lab appears in the Name field and then click Connect.

4. Double-click farm name > Sites.

Double-click Training (PVS-1)>Sites.
N

5. Right-click the site name and then click XenDesktop Setup Wizard.
ot

Right-click Miami and then click XenDesktop Setup Wizard.

fo

6. Click Next on the Welcome screen.

rr

7. Type the name of a Delivery Controller in the XenDesktop Controller address field and then
es

click Next.
Type C-1.Training.lab and then click Next.
al
e

8. Select the host network and then click Next.

or

Select Training Resource Settings and then click Next.

di

9. Type the Logon credentials of the host (XenServer) and then click OK.
s

Use the XenServer credentials provided with the lab environment to complete the User
tri

name and Password fields.

bu

10. Select a VM template to use for the Master Target Devices and then click Next.
t io

Select TD with no storage_template and then click Next.

n

11. Select a Standard image mode vDisk and then click Next.
Select Store\Win8vDisk and then click Next.

12. Determine if a new or existing catalog will be used and then click Next.
Select Create a new catalog, type Win8PVS in the Catalog name field, and then click Next.

13. Specify the type of operating system machines to create in the catalog and then click Next.
Select Windows Desktop Operating System and then click Next.

230 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
 You must be careful to select the correct type of desktop at this point. Selecting the
incorrect OS will result in an unusable machine catalog.

14. Select the appropriate desktop type for your users and then click Next.
Select A fresh new (random) desktop each time and then click Next.

15. Specify the virtual machines preferences for vCPUs, memory, Personal vDisk size and drive
letter, and startup mode, and then click Next.

a. Select 2 in the Number of virtual machines to create field.

b. Select 1 in the vCPU field.
c. Select 1024 MB in the Memory field.
d. Select 6 GB in the Local write cache disk field.
N

e. Select BDM (create a boot device manager partition).

ot

f. Click Next.
fo

16. Determine whether to use existing Active Directory accounts or to create new ones for the new
rr

target device machines in the machine catalog and then click Next.
es

Verify that Create new accounts is selected and then click Next.
al

If you are creating new accounts, you must specify the OU where they should be
e

created. The Active Directory organizational units must be created before you
or

complete this step.

di

17. Specify the domain and OU to which the new target devices in the machine catalog will be
added in Active Directory.
s tri

Select Training.lab in the Domain field and then double-click Training.lab > Training
Virtual Desktops > Desktops.
bu

18. Determine the account naming scheme and then click Next.
t io

Type Windows8-##, verify that the 0-9 enumeration scheme is selected, and then click
n

Next.

This will be the naming scheme associated with the target devices that will use the
Win8vDisk vDisk.

19. Click Finish and wait for the VMs (target devices) to be created in the machine catalog.
20. Verify that the new target devices appear in XenCenter and then click Done.
Verify that Windows8-01 and Windows8-02 appear in XenCenter and then click Done.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 231
21. Double-click the Citrix Studio icon on the desktop and then click Yes on the User Account
Control window if it appears.

Click Cancel if the End Snap-in window appears.

22. Click Machine Catalogs and then verify that the newly created catalog appears.
Click Machine Catalogs and verify that Win8PVS appears in the list.

Discussion Question
What is the purpose of the Master Target Device and the target device within Provisioning
Services?
N
ot

To Assign a Machine Catalog to a Delivery Group

fo
rr

1. Logon to the virtual machine hosting Citrix Studio using domain administrator credentials.
es

Logon to StudentManagementConsole-1 virtual machine using the TRAINING\Admin1

and Password1 credentials.
al
e

2. Open Studio.
or

Double-click Citrix Studio on the desktop.

di

3. Select Delivery Groups in the left pane and then click Create Delivery Group in the right
pane.
s tri

If the Create Delivery Group option is not available, make sure the Delivery Group tab
bu

is selected in the center pane.

t io

4. Click Next in the Getting Started screen.

n

5. Select a machine catalog, determine the number of machines in the catalog that is Delivery
Group will consume, and then click Next.
Select Win8PVS, type 2 in the number of machines to add field, and then click Next.

6. Select the resource to deliver in the Delivery Type screen and then click Next.
Select Desktops and then click Next.

7. Click the Add button to specify which end users can access the desktops.

232 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
8. Type the name of the end user or group, click Check Names and then click OK.
Type Domain Users in the Enter the object names to select field, click Check Names, and
then click OK.

9. Verify that the appropriate end users and groups appear in the Assign users field and then
click Next.
Verify that TRAINING\Domain Users appears and then click Next.

10. Determine how Receiver will be configured on the machines and click Next.
Select Manually, using a StoreFront server address that I will provide later and then click
Next.

11. Select the appropriate scope and click Next.

Verify that the All scope is selected and then click Next.
N
ot

12. Type a name for the Delivery Group that administrators will see in the Delivery Group name
field.
fo

Type Windows 8 for All Users.

rr

13. Type a name for the Delivery Group that end users will see in the Display name field.
es

Type Windows 8.
al
e

14. Click Finish.

or

Discussion Question
di
s

Upon assigning machine catalogs to a Delivery Group, end users of the Delivery Group are unable
tri

to access their desktops or applications. What can be the cause of this issue?
bu
t

To Update a vDisk
io
n

1. Logon to a virtual machine that has the Provisioning Services Console installed using domain
administrator credentials.
Start the StudentManagementConsole-1 virtual machine and then Logon using the
TRAINING\Admin1 and Password1 credentials.

2. Click the Provisioning Services Console icon on the Start screen and then click Connect.
3. Browse to a site in the Provisioning Services Console.
Double-click Training (PVS-1) > Sites > Miami.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 233
4. Click the vDisk Pool node, right-click a vDisk in the right pane, and then click Versions.
Click vDisk Pool, right-click Win8vDisk in the right pane, and then click Versions.

If the vDisk does not appear, right-click vDisk Pool and then click Refresh.

5. Click New and then click Done.

6. Click the Device Collections node and then click on the device collection that contains a
device that uses the targeted vDisk.
Double click Device Collections and then double click Windows 8.

7. Right-click the target device and then click Properties.

N

Right-click Win8TD and then click Properties.

ot

8. Select Maintenance in the Type field and then click OK.

fo

9. Right-click the virtual machine associated with the target device that you put in Maintenance
mode and then start or restart the virtual machine.
rr

Right-click the Win8-PVS-Master virtual machine in XenCenter and then click Start.
es
al

Use Citrix XenCenter for steps 9 through 13.

e
or

10. Select the Console tab.

di

11. Wait while the virtual machine restarts and then select the target device that you put in
s

Maintenance mode from the Boot Menu in the console of the virtual machine.
tri

Type 1 in the console of the Win8-PVS-Master virtual machine and then press Enter.
bu
t io
n

234 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
12. Logon as an administrator and make the desired changes to the virtual machine.
Perform the following changes to the virtual machine:
a. Logon to the Default Desktop using the TRAINING\Admin1 and Password1
credentials.
b. Type \\AD\Share in the Start screen and then press Enter.
c. Double-click Firefox Setup and then click Run.
d. Click Yes on the User Account Control window if it appears.
e. Click Install.
f. Select Don't import anything and then click Next. Firefox will launch.
g. Deselect Always perform this check when starting Firefox in the "Default
Browser" prompt and click Not now.
h. Close Firefox.
N

13. Right-click the virtual machine in XenCenter, click Shut Down and then click Yes in the Shut
ot

Down virtual machine message.

fo

Right-click the Win8-PVS-Master virtual machine in XenCenter, click Shut Down, and
then click Yes in the Shut Down virtual machine message.
rr
es

Promoting Updated Versions

al
e

An updated version of the vDisk is not available to production devices until it is promoted to
or

production. The updated promotion stages include maintenance, test, and production. Each time a
new version is created, the Access setting is automatically set to maintenance to allow maintenance
di

devices to make updates. After updates are complete, this version can be promoted from
s

maintenance to test to allow for testing by test devices, or directly to production, for use by all
tri

target devices.
bu

To Promote Updated vDisk Versions

t io
n

1. Logon to a virtual machine that has the Provisioning Services Console installed using domain
administrator credentials.
Start the StudentManagementConsole-1 virtual machine and then Logon using the
TRAINING\Admin1 and Password1 credentials.

2. Double-click the Provisioning Services Console icon on the Start screen and then click
Connect.
3. Browse to a site in the Provisioning Services Console.
Double-click Training (PVS-1) > Sites > Miami.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 235
4. Click the vDisk Pool node, right-click a vDisk in the right pane, and then click Versions.
Click vDisk Pool, right-click Win8vDisk in the right pane, and then click Versions

5. Select the latest version of the vDisk and then click Promote to promote the updated version
of the vDisk.
Select version 1 and then click Promote.

6. Select the version access and availability time frame and then click OK.
Select Production, select Immediate, and then click OK.

7. Click Done.
Click Cancel if the End Snap-in window appears and then click Done.

8. Start or restart a target device to test that the update was successful.
N

Start the Windows8-01 virtual machine in XenCenter, Logon as the TRAINING\Admin1

ot

user, and ensure that Firefox is now present.

fo
rr

Discussion Question
es

What are the benefits of updating and merging a vDisk over traditional re-creation of images?
al
e

VHD Chain of Differencing Disks

or
di

A vDisk consists of a VHD base image file, any associated files, and if applicable, a chain of
referenced VHD differencing disks. Differencing disks are created to capture the changes made to
s

the base disk image, leaving the original base disk unchanged. Each differencing disk that is
tri

associated with a base disk represents a different version.

bu
t io
n

236 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
 N
ot
fo
rr
es
al
e
or
di
s tri

vDisk versions are created and managed using the vDisk versions dialog box and by performing
bu

vDisk versioning tasks. Each time a vDisk is put into maintenance mode a new version of the VHD
differencing disk is created and the file name is numerically incremented.
t io
n

Merging VHD Differencing Disks

Merging VHD differencing disk files can save disk space and increase performance, depending on
the merge method selected. Merge methods include merging to a new base image or merging to a
consolidated differencing disk.

A merge can only occur when no Maintenance version exists for this vDisk or when the
vDisk is in Private Image mode. A merge starts from the top of the chain down to a base
disk. A starting disk cannot be specified for the merge.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 237
Merging to a new base image is recommended when performance is more important than disk
space, because a new base disk is created for every merge performed.
Merging to a consolidated differencing disk is recommended when disk storage is limited or when
the bandwidth between remote locations is limited, which makes copying large images impractical.

To Merge VHD Differencing Disks

1. Logon to a virtual machine that has the Provisioning Services Console installed using domain
administrator credentials.
Start the StudentManagementConsole-1 virtual machine and then Logon using the
TRAINING\Admin1 and Password1 credentials.

2. Click the Provisioning Services Console icon on the Start screen and then click Connect.
N

3. Click the vDisk Pool node, right-click a vDisk in the right pane, and then click Versions.
ot

Click vDisk Pool, right-click Win8vDisk in the right pane, and then click Versions.
fo

4. Click Merge to open the Merge window.

rr

5. Select the type of merge version you want to create and the merge version access type.
es

Select Merged Base and then select Maintenance.

al

6. Click OK to begin the merge process; click OK when the merge process is complete, and then
e

click Done to close the vDisk Versions window.

or

The merge process may take up to 5 minutes to complete. The time it takes to
complete the merge process varies based on the merge method selected and the
di

number of differencing disks to merge. After the merge successfully completes, the
s

new version displays in the vDisk Versions dialog box. The Type column displays
tri

either "Merged Base" if a full merge was selected, or "Merge" is a partial merge was
selected.
bu
t io

Troubleshooting: Provisioning Services

n

Issue Resolution
Streamed Services stops running. Set the service to automatically restart on
failure.

238 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
Issue Resolution
End-user machine is not receiving an IP address Verify that DHCP is accessible on the subnet.
(DCHP issues). Ensure that the client device is BIOS is
configured to start from the network. You need
to adjust the BIOS device startup order for the
virtual machine. It is hypervisor-specific.

Machine cannot obtain ARDBP32.bin. Ensure the settings in DHCP (67) are pointing
to the correct file. Verify that the boot file is
present on the PVS machine. Ensure that the
TFTP service running points to the relevant
boot file.

When starting up a target device using Boot Place the target device in Private image mode
N

Device Manager (BDM), the static address and change the network adapter to use any
ot

assigned in the boot file is not what is reflected statically assigned IP address. Avoid using
when the target device fully starts. DHCP unless it is preferred, in which case you
fo

must specify DHCP in the BDM file when

running the BDM wizard.
rr
es

For more information about BDM, see

Citrix article CTX125066 at
al

http://support.citrix.com/article/CTX125066
e

After updating a Provisioning Services vDisk There are corrupt files or directories on the
or

that has Personal vDisk enabled, a blue screen Personal vDisk. Detaching the personal vDisk
of death (BSOD) appears with a STOP error from the virtual machine allows it to start.
di

indicating a corrupt file.

s tri
bu

Reinforcement Exercise: Using Provisioning Services

t io

During this exercise, you will not be given step-by-step instructions for performing the
n

task. Instead, you are asked to use what you have just learned to complete it. This exercise
is designed to take your newly-acquired knowledge and determine if you can perform a
task you have never done before. In most instances the default value will be the best
choice, but we encourage you to explore and try things out. If you have a question or need
help, ask the instructor or a fellow student for assistance.

In this module, you learned how to:

• Describe the differences between Machine Creation Services and Provisioning Services.
• Describe the basic architecture and communication flow of Provisioning Services.
• Manage vDisks and target devices for a Provisioning Services implementation.
• Manage vDisk updates.

© Copyright 2016 Citrix Systems, Inc. Module 9: Managing Provisioning Services 239
Time to complete: Approximately 90 minutes
You already have a Provisioning Services host installed. Using the Provisioning Services host, you
have been asked to complete the following tasks:
• Create a new Master virtual machine of Windows 2012 R2 for use on Provisioning Services
using the Win2012R2_template.
• Install the VDA and the PVS Target Device Installation.
• Join the virtual machine to the domain.
• Install Firefox from the \\AD\Share.
• Create a new vDisk in the vDisk pool for Windows 2012R2.
• Create a new Device collection for Windows 2012R2.
• Use the Imaging Tools to copy the master onto a vDisk.
• Create two new virtual machines that start from this vDisk.
N

• Create a new machine catalog with two virtual machines.

ot

• Name the machine catalog "Win2012PVS".

fo

• Create a new Delivery Group named "Hosted Firefox".

• Deliver Firefox to TRAINING\Domain Users.
rr
es
al
e
or
di
s tri
bu
t io
n

240 Module 9: Managing Provisioning Services © Copyright 2016 Citrix Systems, Inc.
 N
ot
fo
rr
es
al
e
or
di
s
tri
bu
t io
n

© Copyright 2016 Citrix Systems, Inc. 241

 N
ot
fo
rr
es
al
e
or
di
s tri
bu
t io
n

851 West Cypress Creek Road Fort Lauderdale, FL 33309 USA (954) 267 3000 www.citrix.com
Rheinweg 9 8200 Schaffhausen Switzerland +41 (0) 52 63577 00 www.citrix.com
© Copyright 2016 Citrix Systems, Inc. All rights reserved.