XenDesktop 7.1 on Hyper-V Pilot Guide v1.0

XenDesktop 7.1 on Hyper-V

Hands-on Lab Pilot Guide

Worldwide Readiness and Enablement February 2014

Contents Overview .................................................................................................................................... 3 Scenario..................................................................................................................................... 7 Task 1 ........................................................................................................................................ 8 SCVMM Configuration ............................................................................................................... 8 Task 2 .......................................................................................................................................11 Installing the SCVMM Agent on the Hyper-V Host ....................................................................11 Task 3 .......................................................................................................................................26 Setting Up SQL Mirroring ..........................................................................................................26 Task 4 .......................................................................................................................................49 Initial Site Setup ........................................................................................................................49 Task 5 .......................................................................................................................................59 Joining a Second Controller to the Site .....................................................................................59 Task 6 .......................................................................................................................................62 Configuring StoreFront and Installing Certificates .....................................................................62 Task 7 .......................................................................................................................................82 Configuring NetScaler for StoreFront Load Balancing ...............................................................82 Task 8 .......................................................................................................................................92 Installing the VDA on the Base Desktop VM .............................................................................92 Task 9 .......................................................................................................................................99 Installing the VDA on the Base Server VM ................................................................................99 Task 10 ...................................................................................................................................106 Creating a Desktop OS Machine Catalog ................................................................................106 Task 11 ...................................................................................................................................112 Creating a Delivery Group for Desktops ..................................................................................112 Task 12 ...................................................................................................................................116 Creating a Server OS Machine Catalog ..................................................................................116 Task 13 ...................................................................................................................................121 PVS Farm Configuration .........................................................................................................121 Task 14 ...................................................................................................................................129 Provisioning Services Optimizations .......................................................................................129 Task 15 ...................................................................................................................................136 Joining a Second Server to the PVS Farm ..............................................................................136 Task 16 ...................................................................................................................................146 Importing vDisks to the Provisioning Services Console ...........................................................146 Task 17 ...................................................................................................................................149 Creating a Windows 8.1 vDisk ................................................................................................149 Task 18 ...................................................................................................................................162 | 1 |

Creating Windows Templates in System Center 2012 R2 Virtual Machine Manager ...............162 Task 19 ...................................................................................................................................184 Creating Catalogs of Desktops with the XenDesktop Setup Wizard ........................................184 Task 20 ...................................................................................................................................191 Creating a Delivery Group for the PVS Catalog.......................................................................191 Task 21 ...................................................................................................................................195 Creating Catalogs of Servers with the XenDesktop Setup Wizard ...........................................195 Task 22 ...................................................................................................................................203 Creating Server-based Delivery Groups and Publishing Applications......................................203 Task 23 ...................................................................................................................................213 Setting Up Remote Access .....................................................................................................213 Task 24 ...................................................................................................................................224 Testing Internal Access ...........................................................................................................224 Task 25 ...................................................................................................................................229 Using the Self-Service Plug-in.................................................................................................229 Task 26 ...................................................................................................................................234 Testing External Access..........................................................................................................234 Task 27 ...................................................................................................................................236 Delivering App-V Applications .................................................................................................236 Task 28 ...................................................................................................................................249 Load Evaluator Policies for Server-based VDAs .....................................................................249 Task 29 ...................................................................................................................................259 Monitoring with Director ..........................................................................................................259 Task 30 ...................................................................................................................................265 Exploring Configuration Logging .............................................................................................265 Task 31 ...................................................................................................................................274 Exploring Delegated Administration ........................................................................................274 Task 32 ...................................................................................................................................283 Working with PowerShell ........................................................................................................283 Task 33 ...................................................................................................................................290 Creating Desktops with the BDM Option Using the XenDesktop Setup Wizard .......................290

| 2 |

Overview Hands-on Pilot Guide Objective This guide will provide hands-on experience with the configuration and operation of XenDesktop 7.1 and related components. It is ideal for use as a way to deploy a PoC and/or pilot environment. Many of these concepts can also be used as you plan for a production environment.

NOTE: Proper assessment and design of a desktop virtualization environment is critical for success. Leverage an experienced resource from a Citrix Partner, Citrix Consulting or the Project Accelerator at project.citrix.com.

Prerequisites Required: Working knowledge of Windows server and desktop operating systems, SQL Server and basic networking. Optional: Citrix XenDesktop, Citrix NetScaler, Microsoft Hyper-V, System Center Virtual Machine Manager and PowerShell.

Audience Citrix Partners and Customers

| 3 |

Environment Architecture

NOTE: This is a sample environment upon which the below tasks are constructed. All VMs are run from a single Hyper-V host for simplicity purposes. Your actual environment will likely vary.

| 4 |

Guide Conventions This symbol indicates particular attention must be paid to this step Special note to offer advice or background information reboot

Text to enter or select is printed like this

Start

Bold text indicates reference to a button or object Focuses attention on a particular part of the screen (R:255 G:20 B:147) Shows where to click or select an item on a screenshot (R:255 G:102 B:0)

List of Virtual Machines Used

| 5 |

VM Name

IP Address

Description

AD.training.lab

192.168.10.11

AppDNA1 DC1

192.168.10.22 192.168.10.14

DC2 FS

192.168.10.15 192.168.10.16

NS1 PVS1 PVS2 SF1 SF2 SQL1 SQL2 VMM

192.168.10.2 192.168.10.17 192.168.10.18 192.168.10.19 192.168.10.20 192.168.10.12 192.168.10.13 192.168.10.21

Win2012R2Base

DHCP

Win7Client Win81Base

192.168.10.25 DHCP

Windows Server 2012 R2. Domain Controller, DNS, DHCP, Certificate Services, SQL Server 2012 (witness) Windows Server 2012 R2. AppDNA 7.0. Windows Server 2012 R2. XenDesktop Controller with Director. Windows Server 2012 R2. XenDesktop Controller. Windows Server 2012 R2. File server and App-V server. NetScaler 10.1 VPX Windows Server 2012 R2. Provisioning Services. Windows Server 2012 R2. Provisioning Services. Windows Server 2012 R2. StoreFront 2.1. Windows Server 2012 R2. StoreFront 2.1. Windows Server 2012 R2. SQL Server 2012. Windows Server 2012 R2. SQL Server 2012. Windows Server 2012 R2. System Center Virtual Machine Manager 2012 R2. Windows Server 2012 R2. Base operating system image. Windows 7 SP1. Endpoint client. Windows 8.1. Base operating system image.

Environment User Credentials The credentials referenced in the steps are as follows. Your credentials should differ from these.

| 6 |

Domain

Username

Password

Description

Training Training Training

Administrator SCVMMSVC SCVMM_RUNAS

Citrix123 Citrix123 Citrix123

Domain Administrator SCVMM Service Account SCVMM RunAs Account

Scenario Acme Corporation has been running both XenApp 5 and XenDesktop 4 in their environment for several years to deliver applications and desktops to users. After a successful demo and proof-ofconcept of XenDesktop 7.1, Acme is impressed with the streamlined architecture and capabilities of the platform and is ready to move forward with a pilot. You have been hired as a consultant to deploy XenDesktop 7.1. Your task is to use the guidelines outlined below to implement a solution that meets the business needs.

| 7 |



Various desktops and applications will be delivered from a single XenDesktop site



SQL Server Mirroring will be used for database high-availability



NetScaler will be used for load balancing and external connectivity

Task 1 SCVMM Configuration Overview In this task we will configure Microsoft System Center Virtual Machine Manager 2012 R2. SCVMM is required when using Hyper-V with XenDesktop. We’ll begin by adding a RUNAS account which is used to deliver the SCVMM Agent software to the Hyper-V host machine. We’ll then proceed to deploy the Agent to the Hyper-V host in order to allow SCVMM to manage it.

Step-by-step guidance Estimated time to complete this task: 20 minutes. Step

| 8 |

Action

1.

From the Hyper-V host machine, launch Server Manager.

2.

Click Tools > Computer Management.

| 9 |

3.

Expand Local Users and Groups and then click Groups.

4.

Double-click Administrators.

5.

Click Add and add the SCVMM_RUNAS user account to the local administrators group. Authenticate as training\administrator with password Citrix123 when prompted. Click OK on the dialog.

6.

Click OK on the Administrators Properties window.

7.

Close Computer Management.

Task Summary The SCVMM RUNAS account used must have the appropriate permissions on the Hyper-V host machine.

| 10 |

Task 2 Installing the SCVMM Agent on the Hyper-V Host Overview In this task we will deploy the System Center Virtual Machine Manager (SCVMM) Agent to the Hyper-V host in order to allow SCVMM to manage it.

Step by step guidance Estimated time to complete this task: 15 minutes. Step

| 11 |

Action

1.

Launch Hyper-V Manager from the Taskbar.

2.

Double-click the VMM virtual machine.

3.

Click the Ctrl+Alt+Delete button on the toolbar and logon to the VMM virtual machine as training\administrator with password Citrix123.

| 12 |

4.

Wait for Server Manager to load. Then click Tools > Services.

5.

Ensure that the System Center Virtual Machine Manager and System Center Virtual Machine Manager Agent services are Running. Right-click and start them if needed.

6.

Close the Services snap-in.

7.

Launch the Virtual Machine Manager Console on the Desktop.

8.

Click Connect.

If you are unable to login, check that the System Center Virtual Machine Manager Service is running per the previous step.

9.

| 13 |

From the ribbon bar on the left click Settings.

10. Expand Security and click Run As Accounts. Click the button Create Run As Account.

11. Type in the details for your RUNAS Account (sample shown below) and then click OK.

Name: SCVMM_RUNAS User name: training\SCVMM_RUNAS Password: Citrix123 Confirm password: Citrix123

| 14 |

12. From the ribbon bar on the left click Fabric. Click the green + Add Resources and then select Hyper-V Hosts and Clusters.

| 15 |

13. Leave the default option of Windows Server computers in a trusted Active Directory Domain and then click Next.

| 16 |

14. Leave Use an existing Run As Account selected and click Browse.

15. Select SCVMM_RUNAS (or whichever is the RUNAS Account) and then click OK.

SCVMM RUNAS Accounts need local administrator access to the hosts. Refer to http://technet.microsoft.com/en-us/library/gg675096.aspx for additional details.

| 17 |

16. Click Next.

| 18 |

17. Leave Specify Windows Server computers by names selected and type in the hostname of the Hyper-V host that you are using under Computer names. Then click Next.

Your Hyper-V hostname is the computer name of the system you are connected to via RDP.

| 19 |

18. Click the checkbox next to the computer name and then click Next.

| 20 |

19. Leave the default host group and click Next.

| 21 |

20. Click Finish. The SCVMM Agent will deploy to the Hyper-V host. This process will take a moment.

| 22 |

21. Monitor the Jobs window and wait for it to complete. Then close the Jobs window.

The status here shows as Completed w/Info. The warning pertains to multipath I/O for storage which has not been configured in this example.

22. Click VMs and Services from the ribbon bar.

| 23 |

23. Navigate to All Hosts-> HostX where HostX is the hostname of the Hyper-V system you are working on. Right-click on HostX and choose Refresh Virtual Machines. This will refresh the list of virtual machines on the host.

24. After waiting a moment, confirm that all the VMs on your Hyper-V host appear in the list.

| 24 |

25. Click Fabric and then click Logical Networks under the Networking section. Confirm that the following networks are shown:

26. Close the Virtual Machine Manager console.

Task Summary • Deploying the SCVMM Agent to a host is done with the SCVMM Console • SCVMM can automatically create VM and logical networks based on the networks contained on the Hyper-V host.

| 25 |

Task 3 Setting Up SQL Mirroring Overview In this task we will perform the steps necessary to setup SQL Mirroring for high-availability. We will use high-safety mode with automatic failover as opposed to high performance mode that does not offer automatic failover. This runs as a synchronous operation meaning that data is committed to both SQL partners. Three servers are required for this mode: A principal, a mirror and a witness. Database Mirroring - http://msdn.microsoft.com/en-us/library/ms189852.aspx Setting Up Database Mirroring - http://msdn.microsoft.com/en-us/library/ms190941.aspx


| 26 |

Action

1.

Logon to SQL1 as training\administrator with password Citrix123.

2.

Launch SQL Server Management Studio from the Desktop.

3.

Click Connect to connect to the local instance.

| 27 |

4.

Right-click the Databases node and choose New Database.

5.

Enter XDSite1 for the database name and click the Options link on the left.

6.

Select Latin1_General_CI_AS_KS for the Collation and then click OK. Double check that you have the correct collation, especially CI (case insensitive), AS (accent sensitive) and KS (Kanji sensitive).

7.

| 28 |

Expand the Databases node, right-click XDSite1 and go to Tasks > Back Up.

| 29 |

8.

Ensure the Backup type is set to Full and click OK.

9.

Click OK on the dialog once the backup process completes.

10. Copy the XDSite1.bak backup file from C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\ Backup

to \\SQL2\C$\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\ MSSQL\Backup

11. From SQL Server Management Studio, click the Connect button in the Object Explorer and then choose Database Engine.

12. Enter SQL2 for the Server name and click Connect.

| 30 |

13. Right-click Databases under the SQL2 instance and select Restore Database.

14. Select the radio button next to Device and then click the ellipsis (…)

| 31 |

15. Click Add.

16. Select the XDSite1.bak backup file at C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Backup and then click OK.

17. Click OK.

| 32 |

18. Do NOT click OK yet. First, ensure the checkbox is selected in the Restore column on to the Restore Database screen and click the link for the Options screen.

19. Select RESTORE WITH NORECOVERY from the drop-down before clicking OK.

| 33 |

20. Click OK on the dialog once the restore operation completes.

21. Right-click XDSite1 under the SQL1 instance and go to Tasks > Mirror.

22. Click Configure Security.

| 34 |

23. Click Next on the first screen.

24. Click Next on the Include Witness Server screen since we will be working with a witness server instance.

| 35 |

25. Click Next on the Choose Servers to Configure screen.

26. Click Next on the Principal Server Instance screen to accept the defaults of SQL1 as the principal.

| 36 |

27. On the Mirror Server Instance screen, click Connect to connect to SQL2.

28. Click Connect in the dialog.

29. Click Next in the wizard to proceed.

| 37 |

30. Ensure that you select AD in the Witness Server Instance screen. Do this by browsing from the Witness Server Instance drop-down menu. Click the drop-down and select

31. Enter AD for the Server name and click Connect.

| 38 |

32. Click Next to proceed.

33. In the Service Accounts screen, type training\sqlservice in the Principal, Witness and Mirror fields and then click Next.

The SQLService account has been created previously, it is used as the service account on each of the instances, and has a corresponding instance login.

| 39 |

34. Review the settings and then click Finish.

35. The endpoints will be configured for mirroring. Click Close when the process completes.

The process may take a moment to complete.

| 40 |

36. Click Start Mirroring on the Database Properties dialog.

37. Database mirroring has now been configured and the status should show as fully synchronized. Click OK on the properties dialog.

| 41 |

38. The XDSite1 database on SQL1 should now show as the principal and as synchronized in the mirroring setup. The XDSite1 database on SQL2 should now show as mirror, synchronized and be in a restoring state. The restoring state is normal and it will always show for the mirror.

Refresh the view if the status is not showing correctly.

| 42 |

39. We will now proceed to test the failover process. Right-click the SQL1 node and select Stop (Do not do this if the server is hosting other databases!)

40. Click Yes on the confirmation.

41. Wait a few seconds and then refresh the view under the SQL2 instance. The XDSite1 database under the SQL2 instance should now show as the principal and that the mirroring state is disconnected.

| 43 |

42. Right-click the SQL1 node and select Start.

43. Click Yes on the confirmation dialog.

| 44 |

44. Wait a few seconds and then refresh the view under both the SQL1 instance and the instance for SQL2. The SQL1 instance should now show the XDSite1 database as the mirror and synchronized with the SQL2 instance of the database as the principal and synchronized.

| 45 |

45. Let’s now swap the roles back. Right-click the XDSite1 database from SQL2 and go to Tasks > Mirror.

| 46 |

46. Click the Failover button.

47. Click Yes on the dialog.

| 47 |

48. Refresh the view under SQL1 and SQL2. Notice that the SQL1 instance is acting as the principal with the database on SQL2 acting as the mirror.

Task Summary • SQL Mirroring with automatic failover requires three SQL Servers (principal, mirror and witness). • SQL Mirroring is configured at the database level as opposed to the instance level. • A properly configured, synchronized mirror database will have a mirroring state of "synchronized" and a database state of "restoring". • The mirror database must be in the RESTORING state for mirroring to work. When preparing a mirror database, you must use RESTORE WITH NORECOVERY for every restore operation. Minimally, you will need to restore WITH NORECOVERY a full backup of the principal database. See http://msdn.microsoft.com/en-us/library/ms189053.aspx.

| 48 |

Task 4 Initial Site Setup Overview In this task we will perform the steps necessary to setup a new XenDesktop site. The core XenDesktop Controller software needs to be installed prior to beginning this task.


| 49 |

Action

1.

Logon to DC1 as training\administrator with password Citrix123.

2.

Launch Server Manager.

3.

Click Tools > Services.

4.

Ensure that all Citrix services are started. Then close the Services snap-in.

It is a best practice to ensure that all Citrix Services are running on the Controller prior to beginning the initial site setup process. If one or more Citrix services are not started, it may result in a failure while trying to build out the site.

| 50 |

5.

Launch Citrix Studio.

6.

Click Get started! under the Full deployment heading.

| 51 |

7.

Leave the first option selected for a full site deployment and type in XDSite1 (or whichever name you would like) for the site name. Then click Next.

8.

Enter SQL1 for the database server location and XDSite1 for the database name. Then click Test connection.

9.

Click OK on the informational dialog. A mirrored database exists; however, the schema does not since the database is blank.

10. Click Close on the information dialog.

11. Click Next. 12. Enter the hostname or IP address for your license server and click Connect.

| 52 |

13. Click Confirm on the dialog.

14. Select the appropriate product and licensing model and then click Next.

| 53 |

15. Change the Host type to Microsoft System Center Virtual Machine Manager and enter the appropriate details (sample provided here):

Address: vmm.training.lab Username: training\scvmmsvc Password: Citrix123 Connection name: Host1

Click Next.

16. Enter Host1Settings in the text field (or an appropriate name) and click Browse…

| 54 |

17. Select the name of your Hyper-V host. Then click OK.

18. Check both the Lab and PVS networks for the virtual machines to use and then click Next.

We are using a separate network for PVS traffic in this guide for demonstration purposes; however, most environments with sufficient bandwidth can use a single network for both infrastructure and PVS traffic.

| 55 |

19. Leave the default of Local storage (or use another option) and then click Next.

20. Click Next on the App-V Publishing screen.

| 56 |

21. Click Finish to complete the wizard.

22. After waiting a moment, the XenDesktop site will be up and running. Click the Configuration node in Citrix Studio.

23. Notice in the Datastores section that the SQL server and mirror server are both shown for the datastores.

| 57 |

Task Summary • XenDesktop includes an easy-to-use wizard for the initial site setup • It is possible to specify the host, network and storage details during the initial site setup (three-step wizard as we did) or specify only the minimum required details of the database and licensing and configure other details later (empty site deployment option).

| 58 |

Task 5 Joining a Second Controller to the Site Overview In this task we will join a second XenDesktop controller to our existing site. It is a best practice to have two or more controllers for high-availability purposes.


| 59 |

Action

1.

Logon to DC2 as training\administrator with password Citrix123.

2.

Wait for Server Manager to load. Then click Tools > Services.

3.

Ensure that all Citrix services are started. Then close the Services snap-in.

| 60 |

4.

Launch Citrix Studio.

5.

Click Scale out your deployment under the Extend heading.

6.

Type in dc1.training.lab and click OK.

7.

Click Yes on the dialog to update the database automatically.

8.

Wait a moment for the process to complete. Then go to the Configuration > Controllers node and confirm that both controllers are shown.

Task Summary Joining additional controllers to a XenDesktop site is a quick and straightforward process

| 61 |

Task 6 Configuring StoreFront and Installing Certificates Overview In this task we will configure the StoreFront virtual machines which serve as the connection point to resources. We’ll begin by configuring the first server with a server group and then proceed to configure the second server to join the server group. This will allow us to load balance connections amongst both servers using NetScaler.


Action

1.

Logon to AD.training.lab as training\administrator with password Citrix123.

2.

Launch DNS Manager.

3.

Expand Forward Lookup Zones, right-click training.lab and select New Host.

4.

Enter connect for the name and 192.168.10.60 for the IP address. Click Add Host.

This will serve as the virtual host and IP address that users will connect to through the NetScaler.

| 62 |

5.

Click OK on the confirmation.

6.

Click Done.

7.

Switch to the SF1 virtual machine and logon as training\administrator with password Citrix123.

8.

Launch the Citrix StoreFront console.

9.

Select Create a new deployment.

10. Enter https://connect.training.lab (or whichever FQDN you plan to use) and click Next. This process may take a moment.

The orange exclamation mark is alerting us that we do not have an SSL certificate installed in IIS. We will do that shortly.

| 63 |

11. Enter Corporate Store (or whichever name you would like) for the store name and then click Next.

12. Click the Add button. Type in XDSite1 (or another name) for the Display name and then click the Add button.

13. Type dc1.training.lab and click OK.

| 64 |

14. Click Add again and enter dc2.training.lab. Then click OK.

15. Click OK on the Add Delivery Controller dialog.

16. Click Next.

| 65 |

17. Accept the default None for Remote Access and then click Create.

18. Click Finish when the process completes.

19. Click the Server Group node.

| 66 |

20. Click Add Server under the Actions pane.

21. Make note of the authorization code that is shown and move to step 22.

22. Switch to SF2 and logon as training\administrator with password Citrix123. 23. Launch the Citrix StoreFront console from the Desktop.

24. Click Join existing server group.

| 67 |

25. Enter SF1.training.lab for the Authorizing server and enter the Authorization code that was shown on SF1. Click the Join button and wait for the operation to complete.

26. The process will take several minutes as it prepares and downloads the StoreFront configuration to this server. On SF1 you will see a corresponding status indicator that the configuration propagation is taking place.

27. Click OK on the dialog when the join completes.

28. Go to Start and launch IIS Manager.

29. Expand the nodes and click the Default Web Site.

| 68 |

30. Double-click HTTP Redirect.

31. Click Redirect requests to this destination and enter https://connect.training.lab/Citrix/CorporateStoreWeb Select both options: Redirect all requests to the exact destination Only redirect requests to content in this directory Then click Apply.

Change the redirect URLs to match your unique environment as required.

32. Click the SF2 server node in IIS Manager.

| 69 |

33. Double-click Server Certificates.

34. Click Create Domain Certificate.

| 70 |

35. Enter the following details: Common name: *.training.lab Organization: Citrix Organization unit: Readiness City/locality: Fort Lauderdale State/province: Florida Country/region: US Click Next.

Make sure you enter *.training.lab correctly for the common name if using a wildcard certificate. If this is misspelled and you proceed through the guide, you will need to repeat several steps with a newly requested certificate. 36. Click the Select button and select the certificate authority of ad.training.lab. Click OK.

| 71 |

37. Enter WildcardCert for the Friendly name. Click Finish.

38. Ensure the WildcardCert is selected and click Export.

39. Export the certificate to C:\WildcardCert.pfx with password Citrix123.

40. Right-click the Default Web Site node and select Edit Bindings.

| 72 |

41. Click Add.

42. Change the type to https, leave the host name blank, and select the WildcardCert under SSL certificate. Click OK.

43. Click Close.

44. Switch to the SF1 virtual machine and click OK on the dialog confirming the server join operation. We now need to complete the same steps as above on SF1.

45. Launch IIS Manager.

| 73 |

46. Expand the nodes and then click the Default Web Site.

47. Double-click HTTP Redirect.

48. Click Redirect requests to this destination and enter https://connect.training.lab/Citrix/CorporateStoreWeb Select both options: Redirect all requests to the exact destination Only redirect requests to content in this directory Then click Apply.

Change the redirect URLs to match your unique environment as required.

49. Click the SF1 server node.

| 74 |


51. Click Import.

52. Click the button and browse to the WildcardCert certificate at \\sf2\c$.

53. Enter the password of Citrix123 and leave the default as Personal for the store. Click OK.

| 75 |

54. Right-click the Default Web Site and select Edit Bindings.

55. Click Add.


57. Click Close.

58. Switch to the DC1 virtual machine.

| 76 |

59. Launch IIS Manager.

We will import the certificate to our delivery controllers as well as our StoreFront servers in order to provide secure communications between StoreFront and the XML Service on the controllers.

60. Click the DC1 node.


62. Click Import.

| 77 |

63. Click the button to browse (…) and type \\sf2\c$ on the path. Select WildcardCert and click Open.

64. Enter the password of Citrix123 and leave the default as Personal for the store. Click OK.


66. Click Add.

| 78 |


68. Click Close.

69. Switch to the DC2 virtual machine. We will now perform the certificate and web site binding steps on this machine to complete the process for all four machines, namely SF1, SF2, DC1 and DC2. 70. Launch IIS Manager.

71. Click the DC2 node.

72. Double-click Server Certificates on the middle pane.

73. Click Import.

| 79 |

74. Click the button and browse to the WildcardCert certificate at \\sf2\c$, enter the password of Citrix123 and leave the default as Personal for the store. Click OK.


76. Click Add. Change the type to https, leave the host name blank, and select the WildcardCert under SSL certificate. Change the type to https, leave the host name blank, and select the WildcardCert under SSL certificate. Click OK.

77. Click Close.

| 80 |

Task Summary • StoreFront configuration data is now stored locally on the StoreFront Servers and synchronized periodically between each one (with the option to synchronize manually as well). A central SQL Server database is not utilized as it was in earlier versions. • An IIS HTTP redirect is used to ensure that when users hit the default web site through the NetScaler, they are redirected to the correct location (we will configure NetScaler in the next task). • The certificates have to be present on all XD controllers and StoreFront servers to ensure secure communication can take place.

| 81 |

Task 7 Configuring NetScaler for StoreFront Load Balancing Overview In this task we will configure the NetScaler virtual appliance with basic load balancing to load balance connections amongst both StoreFront servers.


| 82 |

1.

Action Logon to Win7Client as training\administrator with password Citrix123.

2.

Launch Internet Explorer.

3.

Browse to http://192.168.10.2 and logon with the default credentials of nsroot / nsroot.

4.

Click Configuration.

| 83 |

5.

From the navigation tree on the left, select Traffic Management and click on Load Balancing.

6.

Click Load Balancing wizard.

7.

Click Next on the Introduction screen.

8.

Enter SFService1 for the Name and click the New button.

9.

Enter SF1 for the server name, click Domain Name and enter sf1.training.lab. Then click Create.

10. Select SSL for the Protocol.

11. Click the Add button to add in the first service.

12. Enter SFService2 for the Name and click the New button.

| 84 |

13. Enter SF2 for the server name, click Domain Name and enter sf2.training.lab. Then click Create.

14. Click the Add button to add in the second service.

15. Click Next.

16. Enter SFVirtualServer for the name and 192.168.10.60 for the IP address. Select SSL for the Protocol.

17. Select both services and click Add.

| 85 |

18. Click Next.

19. Click Finish to complete the wizard. Then click Exit.

20. Under Load Balancing > Virtual Servers, double-click the new entry of SFVirtualServer that was created.

| 86 |

21. Click the Method and Persistence tab.

22. Ensure the method is set to Least Connection, persistence is set to COOKIEINSERT and time-out value is set to 0.

This will result in fair-share load balancing amongst the two servers and ensure that open connections between clients persist to the same backend server. A time-out of 0 means that the session will only remain valid as long as the browser is open.

23. Click OK.

24. From the navigation pane, click Traffic Management > SSL.

| 87 |

25. Click Import PKCS#12.

26. Enter the following details (your certificate files may vary): Output File Name: cert.pem PKCS12 File: <> Import Password: Citrix123 Click OK.

27. Browse to Traffic Management > SSL > Certificates.

| 88 |

28. Click Install.

29. Enter the following (your details may vary): Certificate-Key Pair Name: WildcardCert Certificate File name: /nsconfig/ssl/cert.pem Private Key File Name: /nsconfig/ssl/cert.pem Password: Citrix123 Click Create.

30. Click Close. 31. We will now add the certificate to the StoreFront virtual server. Browse to Traffic Management > Load Balancing > Virtual Servers.

| 89 |

32. Double-click the SFVirtualServer entry.

Choose Yes if you are presented with a dialog about settings that have not yet been saved.

33. Click the SSL Settings tab.

34. Click WildcardCert and click Add.

| 90 |

35. Click OK.

36. The SFVirtualServer should now show as Up.

37. Click the disk icon towards the top right and then Yes to save the running state to disk.

Task Summary • NetScaler includes a wizard for load-balancing connections to backend servers (such as StoreFront). • A valid certificate needs to be imported and bound to the virtual server in order to use secure SSL communication.

| 91 |

Task 8 Installing the VDA on the Base Desktop VM Overview In this task we will install the Virtual Delivery Agent (VDA) to prepare the Windows 8.1 master image. To deliver desktops and applications for machines in Server OS or Desktop OS machine catalogs, you must prepare the master image that creates the user desktops and applications. The master image is a template that you use to provision multiple systems from in your environment. In addition to desktops and applications, creating a master image includes installing and configuring the operating system and any software you want to include on your image.

Step by step guidance Estimated time to complete this task: 15 minutes. Step 1. 2.

3.

| 92 |

Action Login to the Win81Base VM as domain administrator using credentials training\administrator and password Citrix123. From the Virtual Machine Connection window, click on Media > DVD drive > Insert Disk.

Navigate to the location where XenDesktop71.iso resides and click Open.

| 93 |

4.

Run AutoSelect.exe from the media.

5.

Click Start on the Welcome Screen.

| 94 |

6.

Select Virtual Delivery Agent for Windows Desktop OS.

7.

Leave Create a Master Image selected and click Next.

| 95 |

8.

Leave No, install the standard VDA selected and click Next.

9.

Leave Citrix Receiver selected and click Next.

10. Leave Do it manually selected for the location of your Delivery Controllers, then add in: dc1.training.lab dc2.training.lab Click Next.

11. Leave the default features selected and click Next.

| 96 |

12. Click Next leaving the firewall rules to be configured automatically.

13. Verify the Summary and click Install.

| 97 |

14. When the installation completes, click Finish and the machine will restart.

15. From the Virtual Machine Connection window, click on Media > DVD drive > Eject XenDesktop71.iso

16. When the VM comes back up, shut it down by clicking the red Shut Down button on the Virtual Machine Connection toolbar.

Task Summary • To deliver Server OS or Desktop OS machines, join the master image to the domain for which you want users' desktops and applications to be members, and make sure that the master image is available on the host where you want to create the machines.

| 98 |

Task 9 Installing the VDA on the Base Server VM Overview In this task we will install the VDA to prepare the Windows 2012 R2 master image. To deliver desktops and applications for machines in Server OS or Desktop OS machine catalogs, you must prepare the master image that creates the user desktops and applications. The master image is a template that you use to create multiple systems from in your environment. In addition to desktops and applications, creating a master image includes installing and configuring the operating system and any software you want to include on your image.


3.

| 99 |

Action Login to the Win2012R2Base VM as domain administrator using credentials training\administrator and password Citrix123. From the Virtual Machine Connection window, click on Media > DVD drive > Insert Disk.

Navigate to where the XenDesktop71.iso file resides and click Open.

| 100 |

4.

Run AutoSelect.exe from the media.

5.

Click Start on the Welcome Screen.

| 101 |

6.

Select Virtual Delivery Agent for Windows Server OS.

7.

Leave Create a Master Image selected and click Next.

8.

Uncheck Citrix Receiver and click Next.

9.

Leave Do it manually selected for the location of your Delivery Controllers, then type dc1.training.lab dc2.training.lab Click Next.

| 102 |

10. Leave the default features selected and click Next.

11. Click Next leaving the firewall rules to be configured automatically.

| 103 |

12. Verify the Summary and click Install.

13. A message will appear stating The machine needs to be restarted before the installation can continue. Click Close and the VM will reboot.

14. When the VM comes back up, login to Win2012R2Base using credentials training\administrator and password Citrix123.

| 104 |

15. Click Finish and the machine will restart.

16. From the Virtual Machine Connection window, click on Media > DVD drive > Eject XenDesktop71.iso

17. When the VM comes back up, shut it down by clicking the red Shut Down button on the Virtual Machine Connection toolbar.

Task Summary • To deliver Server OS or Desktop OS machines, join the master image to the domain for which you want users' desktops and applications to be members, and make sure that the master image is available on the host where you want to create the machines. • Citrix recommends that you create a snapshot of your master image and name the snapshot so that you can identify the master image in the future. If you specify a master image rather than a snapshot when creating a Server OS or Desktop OS machine catalog, Studio creates a snapshot for you but you cannot name it.

| 105 |

Task 10 Creating a Desktop OS Machine Catalog Overview In this task we will perform the steps necessary to create a catalog to be used with Machine Creation Services. Machine Creation Services utilizes a master virtual machine within your XenDesktop environment to manage virtual machines, enabling you to easily administer and update target devices through one master image.


| 106 |

1.

Action From DC1 switch to Citrix Studio or re-launch it from the Desktop.

2.

Select the Machine Catalogs node and click Create Machine Catalog.

| 107 |

3.


4.

Leave Windows Desktop OS selected and click Next.

| 108 |

5.

For Machine Management, leave the defaults of Virtual machines and Machine Creation Services (MCS) selected and click Next.

6.

On the Desktop Experience screen select I want users to connect to a new (random) desktop each time they log on and then click Next.

7.

On the Master Image screen select Win81Base and then click Next.

A snapshot will be created automatically as part of the provisioning process.

8.

| 109 |

Select Lab for the Network Interface Card and then click Next.

9.

Change the Number of virtual machines needed to 2. Leave the other defaults for the virtual machines. Then click Next.

10. On the Computer Accounts screen select the appropriate details (yours may vary):   

Create new Active Directory accounts VDAs OU: OU=VDAs,DC=training,DC=lab Type Win81MCS## for the Account naming scheme

Click Next.

| 110 |

11. Type Win81 MCS Desktops for the Machine Catalog name and Windows 81 Desktops - MCS for the description (or any suitable name and description) and click Finish.

It will take a few minutes for the virtual machines to be provisioned and the machine catalog created.

12. After the process completes, you should see the new catalog under the Machine Catalogs node.

Task Summary Machine Creation Services communicates directly with the hosting infrastructure to provision virtual machines from a base template.

| 111 |

Task 11 Creating a Delivery Group for Desktops Overview In this task we will perform the steps necessary to create a delivery group to be used with the Machine Creation Services catalog of desktop machines created earlier.


| 112 |

1.

Action From Citrix Studio, select the Delivery Groups node and click Create Delivery Group.

2.


| 113 |

3.

Ensure Win81 MCS Desktops is selected and type 2 to Choose number of machines to add. Click Next.

4.

For Delivery Type, leave the default of Desktops and click Next.

5.

6.

| 114 |

Click Add users… Add Domain Users click OK and then click Next.

Leave the default Manually, using a StoreFront server address that I will provide later for StoreFront and then click Next.

7.

Type Win81 MCS for both the Delivery Group name and Display name (or use whichever names you like) and click Finish.

8.

Verify that the Delivery Group was created successfully.

Task Summary Delivery Groups contain systems from Machine Catalogs and set properties such as who will have access to the resource and how the resource will be presented.

| 115 |

Task 12 Creating a Server OS Machine Catalog Overview In this task we will perform the steps necessary to create a catalog with a Server OS. The Server OS Machine Catalog provides hosted shared desktops for a large-scale deployment of standardized machines as well as hosted application delivery. Machine Creation Services uses a master virtual machine within your XenDesktop environment to manage virtual machines, enabling you to easily manage and update target devices through one master image.


| 116 |

1.

Action From Citrix Studio on DC1, select the Machine Catalogs node and click Create Machine Catalog.

2.


| 117 |

3.

Select Windows Server OS and click Next.

4.

For Machine Management, leave the defaults of Virtual machines and Machine Creation Services (MCS) and click Next.

| 118 |

5.

On the Master Image screen, select Win2012R2Base and then click Next.

6.

Select Lab for the Network Interface Card and then click Next.

7.

Change the Number of virtual machines needed to 2. Leave the other defaults and then click Next.

8.

On the Computer Accounts screen select (your details may vary):   

Create new Active Directory accounts VDAs OU: OU=VDAs,DC=training,DC=lab Type Win2012R2MCS## for the Account naming scheme

Click Next.

| 119 |

9.

Type Win2012R2 MCS Servers for the Machine Catalog name and Windows 2012R2 Servers - MCS for the description (or whichever names you like) and click Finish.

It will take a few minutes for the virtual machines to be provisioned and the machine catalog created.

Task Summary Machine Creation Services provides an easy-to-use wizard to provision virtual desktops and servers from base templates.

| 120 |

Task 13 PVS Farm Configuration Overview In this task we will run the Configuration Wizard on a Provisioning Services Server to create a new farm. This task assumes that the Provisioning Services software has already been installed.


2.

Action Login to the PVS1 VM as domain administrator using credentials training\administrator and password Citrix123. Start the Provisioning Services Configuration Wizard.

3.

Click Next on the initial screen.

1.

| 121 |

| 122 |

4.

Select the location where DHCP is installed. In this case we will select The service that runs on another computer (Microsoft DHCP is running on AD.training.lab). Then click Next.

5.

For PXE Services, select The service that runs on another computer as DHCP options 66 and 67 are set on AD.training.lab (Refer to Citrix eDocs for details on the process). Then click Next.

6.

Leave Create farm selected and click Next.

7.

Type SQL1 for Server name and click Next.

To configure mirroring for the PVS database, you would check the box Specify database mirror failover partner and type SQL2 for the mirror server name. Then you would follow the previous task on “Setting Up SQL Mirroring” for the Provisioning Services database.

8.

Enter the appropriate details (sample shown below): Database name: ProvisioningServices Farm name: PVS Site name: PVSSite1 Collection name: Desktops Farm administrator group: training.lab/Users/Domain Admins Click Next.

| 123 |

9.

Type PVSStore for Store name. For the Default path, click on Browse…

10. Select an appropriate local volume for the PVS Store then click OK and Next.

11. Type in your license server name. Check the Validate license server version and communication box and click Next.

| 124 |

12. Provide the credentials for Provisioning Services. Click Specified user account. Enter administrator for the User name; training for the Domain and password Citrix123. Click Next.

Best practice is to use a service account for the Stream and Soap Services. The domain administrator account is being used in this task for simplicity.

13. Accept the defaults for the Active Directory Computer Account Password and click Next.

| 125 |

14. Select the IP address for the streaming service of 172.16.0.2 and click Next.

In this case we are selecting the IP address that will handle the streaming traffic only. PVS streaming and standard server traffic are on separate networks for demonstration purposes.

15. Select the check box Use the Provisioning Services TFTP service and click Next.

16. The 172.16.0.2 IP should show as the Server IP Address for the stream servers boot list. Click on Advanced.

| 126 |

17. Check Verbose mode which will allow us to follow the boot process during the labs. Click OK and then Next.

18. Review the final configuration settings and then click Finish.

Leave the Automatically Start Services box checked.

19. After all the settings are applied successfully click Done.

If there are any issues, you will need to start over with the wizard.

20. At this point the configuration of the Provisioning Services Server is finished. Launch the PVS Console from the shortcut on the Desktop.

| 127 |

21. Right-click on the Provisioning Services Console node and choose Connect to Farm.

22. Enter localhost and click Connect.

23. Ensure you are able to connect to the farm and see all the nodes.

Task Summary • All Provisioning Servers within a farm must share the same database to locate vDisks for target devices on shared storage devices within the farm. If that shared storage device is a Windows network share, refer to configuration information described in the Administrator’s Guide, Managing Network Components section. If that shared storage device is a SAN, no additional configuration is necessary. • To properly configure the network services for PVS, be sure that you understand network service options and settings.

| 128 |

Task 14 Provisioning Services Optimizations Overview This task will implement some performance and scalability tweaks recommended for Provisioning Services. More details can be found at: -

http://support.citrix.com/article/CTX117374

-

http://blogs.citrix.com/2011/05/31/pvs-secrets-part-1-selective-pxe/

-

http://blogs.citrix.com/2011/05/31/pvs-secrets-part-2-hidden-configurations/

Step by step guidance Estimated time to complete this task: 10 minutes. Step 1.

| 129 |

Action Open the Control Panel on PVS1 from the Start screen and then Network and Sharing Center.

| 130 |

2.

Click Change adapter settings.

3.

Right-click on the PVS connection and select Properties.

4.

Click Configure.

| 131 |

5.

Select the Advanced tab then select Large Send Offload Version 2 (IPv4). Change the Value to Disabled. Click OK.

6.

Click on the PowerShell icon and type regedit. Then press Enter.

7.

Navigate to the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

| 132 |

8.

Right-click on Parameters and select New > DWORD.

9.

Type DisableTaskOffload and change the Value data to 1. Click OK.

| 133 |

10.

Close Registry Editor.

11.

Switch back to the Provisioning Services Console.

12.

Navigate to PVS > Sites > PVSSite1 > Servers. Right-click on the PVS1 server and select Properties.

| 134 |

13.

Select the Network tab and change the last port number from 6930 to 6960. Click Advanced.

14.

Change the Threads per port from 8 to 30 and click OK and then OK on Server Properties.

15.

Click Yes to restart the stream service.

This process may take a few seconds and during that that time an MMC pop-up will appear and then disappear. If the PVS1 server is showing as down, right-click and select Refresh.

Task Summary Several optimizations are recommended to ensure optimal performance with Provisioning Services.

| 135 |

Task 15 Joining a Second Server to the PVS Farm Overview In this task we will join PVS2 to the existing Provisioning Services Farm.


2.

Action Login to PVS2 as domain administrator using credentials training\administrator and password Citrix123. Start the Provisioning Services Configuration Wizard from the Desktop.

3.


4.

Select the location where DHCP is installed. In this case we will select The service that runs on another computer (Microsoft DHCP is running on AD.training.lab). Click Next.

1.

| 136 |

5.

Select The service that runs on another computer as DHCP options 66 and 67 are set on AD.training.lab. Then click Next.

6.

Select Join existing farm and click Next.

7.

Type SQL1 for Server name and click Next.

If you configured mirroring for the PVS database, you would check the box Specify database mirror failover partner and type SQL2 for the mirror Server name.

| 137 |

8.

Farm name: ProvisioningServices:PVS. Click Next.

9.

Leave Existing site: PVSSite1 and click Next.

10. Leave Existing store: PVSStore and click Next.

| 138 |

11. Provide the credentials for Provisioning Services. Click Specified user account. Enter administrator for the User name; training for the Domain and password Citrix123. Click Next.

12. Accept the defaults for the Active Directory Computer Account Password and click Next.

13. Select the IP address for the streaming service of 172.16.0.3 and click Next.

In this case we are selecting the IP address that will handle the streaming traffic only.

| 139 |

14. Select the check box for the Provisioning Services TFTP service. Click Next.

15. 172.16.0.3 should show as the Server IP Address for the stream servers boot list. Click on Add.

16. Enter 172.16.0.2 for the IP address and click OK.

17. Click on Advanced and check Verbose mode. Click OK.

| 140 |

18. Click Next.

19. Review the final configuration settings and then click Finish.

Leave the Automatically Start Services box checked.

20. Click OK on the informational message about the firewall.

The Windows Firewall has already been disabled across all network interfaces.

| 141 |

21. After all the settings are applied successfully click Done.

If there are any issues, you will need to start over with the wizard.

22. Launch the PVS Console from the Desktop.

23. Right-click on the Provisioning Services Console node and choose Connect to Farm.

24. Enter localhost and click Connect.

| 142 |

25. Expand PVS > Sites > PVSSite1 > Servers. Verify PVS1 and PVS2 are showing and have the status green (online).

26. Right-click on PVS1 and select Copy Server Properties…

27. Select Port settings, Advanced server settings and Advanced network settings. Click Copy.

| 143 |

28. Right-click on PVS2 and select Paste.

29. Click Paste.

| 144 |

30. Click Close.

31. Repeat steps 1 to 10 from Task 14 for PVS2 Server.

Task Summary • To add additional Provisioning Servers, install the Provisioning Services software on each server that is to a member of the farm. Run the Provisioning Services Installation Wizard, then the Configuration Wizard on each server. NOTE: The maximum length for the server name is 15 characters. Do not enter the FQDN for the server name. • When the Configuration Wizard prompts for the site to add the server to, choose an existing site or create a new site. After adding Provisioning Servers to the site, start the Console and connect to the farm. Verify that all sites and servers display appropriately in the Console window.

| 145 |

Task 16 Importing vDisks to the Provisioning Services Console Overview In this task we will show how to import an existing vDisk. It is fairly common to build vDisks in one environment and import them to another. We will build a new vDisk later on.


| 146 |

1.

Action Before we import the vDisks, let’s add PVS2 to the Bootstrap file. From the Provisioning Services Console on PVS1, expand PVSSite1 > Servers and right-click on PVS1 Server. Select Configure Bootstrap…

2.

Click Read Servers from Database.

| 147 |

3.

Verify PVS2 (172.16.0.3) shows on the server list and click OK.

4.

Right-click on the vDisk Pool and select Add or Import Existing vDisk…

5.

Click on Search.

6.

Click Add and a message will appear: One vDisk added. Click OK and Close.

7.

Switch to PVS2. Browse to the vDisk Store location confirm that the Win2012R2 vDisk is available.

8.

Shut Down PVS2 in preparation for the Windows 8.1 vDisk creation process in the next task.

Task Summary Previously created vDisks can be imported to a Provisioning Services environment.

| 148 |

Task 17 Creating a Windows 8.1 vDisk Overview In this task we will install the Provisioning Services target device software on a Master Target Device prior to building the Windows 8.1 vDisk image. The master image is a template that you use to provision multiple systems from in your environment. In addition to desktops and applications, creating a master image includes installing and configuring the operating system and any software you want to include on your image.


| 149 |

Action From the Hyper-V Manager, right-click on the Win81Base VM and select Settings. Click Add Hardware and select Legacy Network adapter. Then click Add.

| 150 |

2.

Change the Virtual switch to PVS.

3.

Click Add Hardware again and this time select Network Adapter. Then click Add.

| 151 |

4.

Change the Virtual switch to Lab.

5.

Select the other Network Adapter and change its Virtual switch to PVS. Ensure your network adapters and networks match what is shown here. Then click Apply and OK.

6.

Start the Win81Base VM.

7.

Login to the Win81Base VM as domain administrator using credentials training\administrator and password Citrix123.

8.

From the Virtual Machine Connection window, click on Media > DVD drive > Insert Disk.

9.

Browse for the PVS71.iso file for Provisioning Services 7.1.

10. Click Run autorun.exe.

11. Select Target Device Installation.

| 152 |

12. Select Target Device Installation.

13. Click Next on the Welcome screen.

14. Select I accept the terms in the license agreement and click Next.

| 153 |

15. Click Next.

16. Click Next.

17. Click Install.

| 154 |

18. Uncheck Launch Imaging Wizard and click Finish.

19. Click No to not restart now.

20. Shut Down the Win81Base VM. 21. From Hyper-V Manager, right-click on the Win81Base VM and select Settings.

22. Expand the Legacy Network Adapter and select Advanced Features and on the right panel change the MAC address to Static. Click OK.

| 155 |

23. Start the Win81Base VM and login as training\administrator with password Citrix123. 24. From the Start screen, search for and launch the Imaging Wizard.

25. Click Next on the Welcome screen.

26. Type 172.16.0.2 for the Server and click Next.

27. Leave Create new vDisk selected and click Next.

| 156 |

28. Type Win81 for the vDisk name, leave the PVSStore as the Store and change vDisk type to Dynamic. Click Next.

29. Select Key Management Service (KMS) and click Next.

30. Review the information on the Configure Image Volumes screen and then click Next.

| 157 |

31. Type Win81 for the target device name. In the MAC field ensure the adapter selected is the one of the Legacy NIC based on the MAC address. Leave the collection as Desktops and click Next.

To find the MAC address of the legacy NIC, go to File -> Settings of the Win81Base VM.

32. Click Optimize for Provisioning Services and then click OK and Finish.

The vDisk will then be created on the PVS1 vDisks store.

33. Click No to the reboot message.

| 158 |

34. Shut Down the Win81Base VM manually. 35. From Hyper-V Manager, right-click on the Win81Base VM and select Settings.

36. Select the BIOS section and move the Legacy Network adapter to be the first in the BIOS order to start. Click OK.

37. Start the Win81Base VM. The boot process will show information pertaining to PVS.

38. Login as training\administrator with password Citrix123.

| 159 |

39. The disk image will start to be created.

It will take around 15 minutes to create the vDisk.

40. Once the disk has been created click Finish.

41. Shut Down the Win81Base VM. 42. Switch to PVS1 and launch the Provisioning Services Console. Open Sites > PVSSite1 > vDisk Pool and right-click on the Win81 vDisk and select Properties.

| 160 |

43. Change: Access mode from Private Image to Standard Image. Cache type to Cache on device hard drive. Click OK.

44. Start the PVS2 VM and wait for it to come to the login screen. 45. From PVS1, browse to S:\ and copy all the Win81 vDisk files (three total) to \\PVS2\S$.

Task Summary • The Provisioning Services Imaging Wizard is used to build vDisk images from existing machines. • The vDisk access mode needs to be set to Standard Image Mode (read-only) after the vDisk is built to ensure it can be streamed to multiple targets.

| 161 |

Task 18 Creating Windows Templates in System Center 2012 R2 Virtual Machine Manager Overview Citrix XenDesktop leverages Microsoft System Center Virtual Machine Manager (SCVMM) for managing XenDesktop virtual machines that run on Hyper-V. SCVMM acts as the middle-man to Hyper-V and receives the desktop management requests from the XenDesktop controller and then sends them to Hyper-V. In order to successfully create virtual machines on Hyper-V Windows guest templates need to be created from SCVMM. This process will walk you through creating the guest OS templates so that they are available for the Provisioning Server to utilize and distribute to Hyper-V.


| 162 |

1.

Action From Hyper-V Manager on the host system, click New > Virtual Machine.

2.


3.

Type PVS Template for the Name and click Next.

This will be a generic template for the Windows 8.1 and Windows 2012 R2 PVS targets. Typically resources will differ for production environments, but for this example we are using the same template.

4.

| 163 |

Change the Startup memory to 2048 MB and click Next.

| 164 |

5.

Click Next on Configure Networking.

6.

Select Attach a virtual hard disk later and click Next.

| 165 |

7.

Click Finish.

8.

Right-click on the new VM called PVS Template and select Settings.

9.

Click Add Hardware on the left panel and select Legacy Network Adapter on the right panel. Then click Add.

10. Select the Legacy Network Adapter on the left panel and attach it to the PVS virtual switch (drop-down menu on the right panel). Click Apply.

11. Select Add Hardware again, click Network Adapter and then click Add.

| 166 |

12. Select the first Network Adapter on the left panel and attach it to the PVS virtual switch (drop-down menu on the right panel). Click Apply.

13. Select the second Network Adapter on the left panel and attach it to the Lab virtual switch. Click Apply.

| 167 |

14. Click BIOS and move the Legacy Network Adapter first in the BIOS startup order. Click OK.

15. From the VMM virtual machine, launch the VMM Console if it is not already open.

| 168 |

16. Click Connect.

17. Click Library on the bottom left pane. Then select Create VM Template.

| 169 |

18. Choose From an existing virtual machine that is deployed on a host and click Browse…

| 170 |

19. Select the PVS Template and click OK.

| 171 |

20. Click Next.

21. Click Yes on the dialog.

| 172 |

22. Enter PVS Template for the VM Template name and then click Next.

| 173 |

23. Click Next on the Configure Hardware screen.

| 174 |

24. Leave [None customization not required] selected for the Guest OS profile on the Configure Operating System screen and click Next.

| 175 |

25. Click on the VMM.training.lab entry and then click Next.

| 176 |

26. Click Browse for the Virtual machine path and expand the MSSCVMMLibrary folder to select the VHDs folder. Click OK.

| 177 |

27. Click Next.

28. Click Create. Wait for the process to complete.

| 178 |

29. Select the job of Create template and verify the Job was completed. Close the Jobs windows when done.

30. Right-click PVS Template and go to Properties.

| 179 |

31. Go to the Hardware Configuration tab. Select Processor and change the Number of processors to 2.

32. In the Network Adapters section remove the existing network adapter. Select Yes on the confirmation dialog.

| 180 |

33. Click New and select Legacy network adapter.

34. Under Connectivity select Connected to a VM network and choose the VM network PVS. Select MAC Address Static.

| 181 |

35. Choose New again and select Network adapter. Under Connectivity select Connected to a VM network and choose the VM network PVS.

36. Click the New heading once more and select Network adapter. Under Connectivity select Connected to a VM network and choose the VM network Lab.

| 182 |

37. Under Firmware move PXE Boot to be the first on Startup order and click OK.

Later on when creating desktops the wizard will flip the start-up order back to CD first as a backup in the event PXE fails. CD allows for a backup ISO boot fallback.

38. The template should now be accessible from within the Provisioning Services XenDesktop Setup Wizard.

Task Summary In this task we created a generic machine template in SCVMM 2012 R2.

| 183 |

Task 19 Creating Catalogs of Desktops with the XenDesktop Setup Wizard Overview Using a Provisioning Services streamed vDisk, the XenDesktop Setup Wizard assists in provisioning a specified number of virtual machines from a base template.


| 184 |

1.

Action Switch to the PVS1 VM. From the Provisioning Services Console right-click on PVSSite1 in the Console tree panel, then select XenDesktop Setup Wizard…

2.

Click Next on the welcome screen.

3.

Type dc1.training.lab for the XenDesktop Controller address to connect to it. Click Next.

The most recently used XenDesktop Controller (name or IP) is cached in the registry of the local machine running this instance of the PVS Console for convenient reuse.

4.

5.

| 185 |

Select the Virtualization Settings Host1Settings and click Next…

The username should be populated as training\scvmmsvc. Supply the domain administrator password of Citrix123 and click OK.

| 186 |

6.

Select the PVS Template from the list of available templates and click Next.

7.

Select PVS.network for the streaming network and click Next.

8.

Select the PVSStore\Win81 vDisk and click Next.

9.

Leave Create a new catalog selected. Type Windows 81 PVS for the Catalog name and click Next.

10. Leave Windows Desktop Operating System selected and click Next.

11. Select A fresh new (random) desktop each time and click Next.

| 187 |

12. Change the Number of virtual machines to create to 2. Accept the defaults of vCPUs and verify that Memory is set to 2048 as these are inherited from the VMM template. Leave PXE selected for the Boot mode and click Next.

13. Leave Create new accounts selected and click Next.

14. Select training.lab/VDAs and type Win81PVS## for the Account naming scheme. Click Next.

| 188 |

15. Click Finish.

16. Once the process completes, click Done.

17. Expand Device Collections and verify a new Device Collection with the same name as the XenDesktop catalog was created: Windows 81 PVS. Check that the 2 virtual machines Win81PVS01 and Win81PVS02 were added to the Device Collection.

| 189 |

18. Switch to DC1 and from Citrix Studio click on Machine Catalogs. From the Actions panel, click Refresh. Verify that the Windows 81 PVS catalog was created and has 2 virtual machines.

19. Notice in Hyper-V Manager that both Win81PVS01 and Win81PVS02 were created. They will power on initially to perform an initialization routine and then power themselves off.

Task Summary • Virtual machines were created based on a SCVMM template. • Associated Provisioning Services target devices were added to the PVS Device Collection created during the wizard. • A Machine Catalog was automatically created in XenDesktop and a Device Collection with the same name as the Machine Catalog was created within the Provisioning Services Console.

| 190 |

Task 20 Creating a Delivery Group for the PVS Catalog Overview In this task we will perform the steps necessary to create a delivery group to be used with the Provisioning Services catalog created in the previous task.


| 191 |

1.

Action From Citrix Studio on DC1, select the Delivery Groups node and click Create Delivery Group.

2.


| 192 |

3.

Select Windows 81 PVS and type 2 to Choose number of machines to add. Click Next.

4.

For Delivery Type, leave the default of Desktops and click Next.

5.

6.

| 193 |

Select Add Users… Add Domain Users click OK and then click Next.

For StoreFront, leave the default Manually, using a StoreFront server address that I will provide later. Click Next.

7.

Type Win81 PVS for both the Delivery Group name and Display name (or use whatever name you like) and click Finish.

Task Summary Delivery Groups contain systems from Machine Catalogs and set properties such as who will have access to the resource and how the resource will be presented.

| 194 |

Task 21 Creating Catalogs of Servers with the XenDesktop Setup Wizard Overview Using a Provisioning Services streamed vDisk, the XenDesktop Setup Wizard assists in deploying virtual desktops to a number of cloned virtual machines (VMs).


| 195 |

Action

1.

Switch to the PVS1 VM. From the Provisioning Services Console, click the vDisk Pool node.

2.

Right-click Win2012R2 and select Properties.

| 196 |

3.

Change Access mode to Standard Image and Cache type to Cache on device hard drive. Then click OK.

4.

Right-click on PVSSite1 in the Console tree panel, then select XenDesktop Setup Wizard…

5.


6.



7.

8.

| 197 |

Select the Virtualization Settings Host1Settings and click Next…

The username should be populated as training\scvmmsvc. Supply the password of Citrix123 and click OK and Next.

9.

A list of available templates appears. Select the PVS Template and click Next.

10. Select PVS.network for the streaming network and click Next.

11. Select the PVSStore\Win2012R2 vDisk and click Next.

| 198 |

12. Leave Create a new catalog selected. Type Windows 2012R2 PVS for the Catalog name and click Next.

13. Select Windows Server Operating System and click Next.

14. Change the Number of virtual machines to create to 2. Accept the defaults of vCPUs and memory as these are inherited from the VMM template. Leave PXE selected for the Boot mode and click Next.

| 199 |


16. Select training.lab/VDAs and type Win2012R2PVS## for Account naming scheme. Click Next.

17. Click Finish.

| 200 |


19. Click on Device Collections and verify a new Device Collection with the same name as the XenDesktop catalog was created: Windows 2012R2 PVS. Check that the 2 virtual machines Win2012R2PVS01 and Win2012R2PVS02 were added to the Device Collection.

20. Switch to DC1 and from Citrix Studio click on Machine Catalogs. From the Actions panel, click Refresh. Verify that the Windows 2012R2 PVS catalog was created and has 2 virtual machines.

| 201 |

21. Notice in Hyper-V Manager that both Win2012R2PVS01 and Win2012R2PVS02 were created. They will power on initially to perform an initialization routine and then power themselves off.

Task Summary • Virtual machines were created based on a SCVMM template. • Associated Provisioning Services target devices were added to the PVS Device Collection created during the wizard. • A Machine Catalog is automatically created in XenDesktop from the PVS XenDesktop Setup Wizard.

| 202 |

Task 22 Creating Server-based Delivery Groups and Publishing Applications Overview In this task we will create a delivery group for our server machines and publish applications.


Action Power on Win2012R2MCS01 and Win2012R2PVS01 and wait for them to come to the logon screen. We need at least one machine from each of the server catalogs powered on for XenDesktop to automatically discover available applications. Alternatively, publishing custom applications by paths is also an option.

| 203 |

2.

From Citrix Studio on DC1, click the Delivery Groups node.

3.

Click Create Delivery Group.

| 204 |

4.


5.

Select the Win2012R2 MCS Servers catalog, add in 2 machines and click Next.

| 205 |

6.

Select Desktops and Applications and then click Next.

7.

Click Add users and add in Domain Users. Then click OK and Next.

| 206 |

8.

A list of applications will be gathered from the VDA in that catalog which is powered on. Select Excel 2013, PowerPoint 2013 and Word 2013 and then click Next.

9.

Click Next on the StoreFront screen.

10. Enter Win2012R2 MCS for both the Delivery Group name and Display name and click Finish.

11. Click Create Delivery Group again. 12. Click Next on the Introduction screen.

| 207 |

13. Ensure Windows 2012R2 PVS is the selected catalog, add in 2 machines and click Next.

14. Select Desktops and Applications and click Next.

| 208 |

15. Click Add users and add in Domain Users. Then click OK and Next.

16. A list of applications will be gathered from the VDA in that catalog which is powered on. Select Calculator, Notepad and Paint and then click Next.

| 209 |

17. Click Next on the StoreFront screen.

18. Enter Win2012R2 PVS for both the Delivery Group name and Display name and click Finish.

| 210 |

19. Click the Applications tab and notice the applications that were just published.

20. All applications are currently available to Domain Users since that is how the Delivery Group is assigned. Let’s now restrict one of the applications to a subset of Domain Users. Right-click Excel 2013 and go to Properties.

21. Click Limit Visibility and select Limit visibility for this application to the users listed below. Click Add Users.

| 211 |

22. Add in User1 and User2 (or any other sample users) and then click OK.

23. Click OK.

Task Summary • Publishing applications can be done either when a Delivery Group is created or afterwards • It is possible to further restrict who can see applications contained within a Delivery Group from the Delivery Group assignment itself

| 212 |

Task 23 Setting Up Remote Access Overview In this task we will configure remote access with NetScaler Gateway and StoreFront.


Action From Hyper-V Manager on the host, take a snapshot of the NS1 NetScaler VPX virtual appliance and name it Before Gateway Configuration.

A snapshot will allow you to revert back and re-run the initial NetScaler Gateway wizard (should you need to do so) without having to manually clean up multiple entries.

| 213 |

2.

From Win7Client, logon as training\administrator with password Citrix123.

3.

Launch Internet Explorer and browse to http://192.168.10.2 (the NetScaler management IP). Logon as nsroot /nsroot.

| 214 |

4.

Click the Configuration heading.

5.

Click NetScaler Gateway and then select Configure NetScaler Gateway for Enterprise Store.

6.

Click the Get Started button.

7.

Enter RemoteAccess for the Name IP Address: <> Click Redirect requests from port 80 to secure port Gateway FQDN: <> (The PublicIP is an available public IP that NetScaler Gateway will listen on for requests. PublicFQDN will be a public domain name to use for user connections.) Click Continue.

8.

From the Certificate drop-down menu, select WildcardMyCitrixTraining.net (or the appropriate name of a public certificate that you have on the NetScaler) and click Continue.

The certificate used should be issued from a public CA and previously imported to the NetScaler appliance.

| 215 |

9.

Under Authentication Settings, click the button for Configure New and enter the appropriate details (sample shown here): IP Address: 192.168.10.11 Base DN: cn=Users, dc=training, dc=lab Admin Base DN: cn=Administrator, cn=Users, dc=training, dc=lab Server Logon Name Attribute: sAMAccountName Password/Confirm Password: Citrix123 Click Continue.

A service account with read access is typically recommended for production environments.

| 216 |

10. Click XenApp / XenDesktop and enter the details for your StoreFront deployment (sample shown here): Deployment Type: Storefront StoreFront FQDN: connect.training.lab Receiver for Web Path: /Citrix/CorporateStoreWeb Single Sign-on Domain: training.lab STA URL: https://dc1.training.lab Click Done.

11. Close the NetScaler Gateway monitor window

| 217 |

12. Select Virtual Servers under the NetScaler Gateway heading.

13. Double-click the RemoteAccess entry.

| 218 |

14. Under the Published Applications tab, click Add under Secure Ticket Authority. Type in https://dc2.training.lab for the second Controller and click Create. Then click OK.

15. Click the disk icon towards the top right and then Yes to save the running state to disk. 16. Switch to SF1 and launch the Citrix StoreFront console.

17. Under Authentication, click Add/Remove Methods.

18. Select Pass-through from NetScaler Gateway and click OK.

| 219 |

19. Under the NetScaler Gateway node, click Add NetScaler Gateway Appliance.

20. Enter the appropriate details (sample shown here): Display name: Primary Gateway Access Gateway URL: https://<> Version: 10.0 (Build 69.4) or later Subnet IP Address: 1.1.1.1 Logon type: Domain Callback URL: https://<> Click Next.

We are using a bogus 1.1.1.1 subnet IP for the NetScaler Gateway configuration in StoreFront. It is out of range so that the appliance assigns only external connections with the appropriate header gateway settings. Internal connections through the load balancer will be given the internal access settings.

| 220 |

21. Click the Add button to add the following Secure Ticket Authority URLs: https://dc1.training.lab https://dc2.training.lab

22. Click Create and then click Finish.

| 221 |

23. Under the Stores node, click Enable Remote Access within the Actions pane.

24. Select No VPN tunnel, check Primary Gateway and then click OK.

25. Click the Server Group node and then click Propagate Changes.

26. Click OK.

| 222 |

27. Click OK when the propagation completes.

Task Summary NetScaler 10.1 introduces a simplified wizard for setting up external access to a XenDesktop environment. Several configuration settings are required within StoreFront to enable remote access with NetScaler.

| 223 |

Task 24 Testing Internal Access Overview In this task we will test internal connectivity to the environment through NetScaler load balancing and StoreFront.


| 224 |

Action From Win7Client, launch a new instance of Internet Explorer.

2.

Navigate to https://connect.training.lab. Check I agree with the Citrix license agreement and click Install.

3.

Click Run in the information bar.

4.

Click Install to install Citrix Receiver. Click Finish when the process completes.

5.

Click Allow in the information bar of Internet Explorer.

6.

Logon as training\user1 with password Citrix123 (or another similar standard user).

7.

Launch each of the desktops shown one at a time to confirm connectivity. Log off after the desktop fully loads.

If any one of the desktops doesn’t load, retrace your steps through the previous tasks.

8.

| 225 |

Click the Apps button at the bottom of the Receiver Web site.

9.

Click the plus button to the left.

10. Click All Apps and then click each one of the application names to add them in.

11. Launch Word 2013 and then close it.

| 226 |

12. Launch Calculator and then close it.

13. Logoff from StoreFront and then click Log On.

14. Logon as training\user3 with password Citrix123 (or another similar standard user).

15. Notice that the same desktops are presented that was shown to user1.

16. Click the Apps button at the bottom of the Receiver Web site.

17. Notice that this user doesn’t have any applications because applications are considered subscriptions and are made for each user.

| 227 |

18. Click the plus sign and then All Apps. Notice that Excel 2013 is not shown for this user as we restricted it to user1 and user2 only. The other Microsoft Office applications which come from the same delivery group are available, however.

19. Logoff from StoreFront.

Task Summary In this task we tested internal connectivity to the StoreFront Web Site for desktops and applications.

| 228 |

Task 25 Using the Self-Service Plug-in Overview In this task we will use the Self-Service Plug-in within Receiver to further integrate within the client desktop.


3.

| 229 |

Action Switch to AD.training.lab and logon as training\administrator with password Citrix123. Launch DNS Manager from the DNS shortcut on the Desktop.

Expand Forward Lookup Zones, right-click training.lab and select Other New Records.

4.

Select Service Location (SRV) and then click Create Record.

5.

In the New Resource Record dialog box, enter the following values: Service: _citrixreceiver Protocol: _tcp Host offering this service: connect.training.lab (internal StoreFront FQDN) Then click OK.

| 230 |

| 231 |

6.

Click Done in the Resource Record Type dialog.

7.

Switch to the Win7Client VM.

8.

Right-click the Receiver icon in the system tray and select Open.

9.

Enter [email protected] for the email address (or a similar standard user) and click Next.

10. Authenticate as training\user1 with password Citrix123 and click Log On.

11. Click Yes.

12. Click Finish.

| 232 |

13. Receiver should now launch (if not double-click it in the system tray). Notice that the applications this user previously subscribed to are available.

You might need to authenticate again since domain pass-through is not currently configured.

Task Summary In this task we configured the Windows Self-Service Plug-in within Citrix Receiver for an integrated desktop experience.

| 233 |

Task 26 Testing External Access Overview In this task we will test external connectivity to the environment through NetScaler Gateway and StoreFront.


| 234 |

1.

Action From your local workstation, launch a browser.

2.

Navigate to https://<>.

3.

Logon as User1 with password Citrix123 (or a similar standard user).

4.

The desktops should be displayed. Try launching a connection to one of them and then logoff.

5.

Click the Apps button. Notice that the applications we previously subscribed to are shown. Try launching a connection to one of them and then logoff.

Task Summary In this task we verified external connectivity from outside the environment coming in through NetScaler Gateway.

| 235 |

Task 27 Delivering App-V Applications Overview Microsoft App-V technology provides administrators the ability to package and stream applications to users from a central location. XenDesktop 7.1 integrates with App-V by allowing the publishing of App-V packages for delivery within sessions. In this task we will specify the App-V server details for our environment, publish some previously sequenced App-V packages, update our existing Server 2012 R2 image to include the App-V Client, and then access a streamed App-V application within a session.


3.

| 236 |

Action From the FS virtual machine (where App-V components are installed), logon as training\administrator with password Citrix123. Launch the App-V Console from the shortcut located on the Desktop.

In this example, we have two pre-created App-V packages. We will need to ensure that users have permission to them. Click acrobat and then click EDIT under AD ACCESS.

| 237 |

4.

Type in training\domain users and click Check.

5.

Click Domain Users [training.lab] and then click Grant Access.

6.

Click notepad++ and then click EDIT under AD ACCESS.

7.

Type in training\domain users and click Check.

8.

Click Domain Users [training.lab] and then click Grant Access.

9.

Switch to DC1 and launch Citrix Studio.

10. Click the App-V Publishing node.

11. Click Don’t show this again and then click Close on the Welcome screen.

12. Click Add App-V Publishing.

| 238 |

13. Type in the addresses for your App-V servers and then click Test connection. App-V management server: http://fs.training.lab:8080 App-V publishing server: http://fs.training.lab:8081

14. Once the server details are validated, click Save.

15. Click the Delivery Groups node. Then click the Applications tab and click Create Application.

| 239 |

16. Click Next.

17. Select Win2012R2 MCS and click Next.

For this task we will work with the MCS server catalog; however, the PVS catalog would follow a similar process.

| 240 |

18. Click the Location column heading to sort by it.

19. Check both Notepad++ and Adobe Reader XI and then click Next.

| 241 |

20. Click Finish.

21. Start the Win2012R2Base VM and logon as training\administrator with password Citrix123. 22. Click Media > DVD Drive > Insert Disk… Browse for the App-V 5 Client install ISO.

23. Browse to DVD Drive\APP-V 5.0 CLIENT and run APPV_CLIENT_SETUP_RDS.msi

24. Click Install.

| 242 |

25. Click I accept the license terms and then click Next.

26. Select I don’t want to use Microsoft Update and click Next.

27. Click Install.

| 243 |

28. Click Close when the installation completes. 29. Shut down Win2012R2Base. 30. Eject the ISO through the Media > DVD Drive option.

31. Switch back to Citrix Studio on DC1. Click the Machine Catalogs node. 32. Right-click on the Win2012R2 MCS Servers catalog and select Update Machines.

33. Click Next on the Overview screen.

| 244 |

34. Select Win2012R2Base for the master image and click Next.

35. Select Immediately for the rollout strategy and then click Next.

| 245 |

36. Click Finish.

37. The image update process will begin. Wait for the green background progress bar to disappear.

This process will take several minutes.

38. Switch to Win7Client and launch Internet Explorer. 39. Browse to https://connect.training.lab and logon as training\user4 with password Citrix123 (or another standard user that has not previously been used).

| 246 |

40. Click the Apps button. Then click the plus sign and then choose All Apps.

41. Add in Adobe Reader XI and Notepad++.

42. Click Notepad++ and wait for it to launch.

43. Click Adobe Reader XI and wait for it to launch. 44. Close both Notepad++ and Adobe Reader.

| 247 |

Task Summary • Existing App-V management and App-V publishing servers can be specified from within the Citrix Studio console (or via PowerShell). • App-V applications are published in a similar fashion to that of applications which are installed locally on the VDAs. • The App-V client is required to receive the streamed packages. • From the end-user perspective, App-V streamed applications behave just like standard published applications that are locally installed on the VDAs.

| 248 |

Task 28 Load Evaluator Policies for Server-based VDAs Overview The default load evaluator rule for server-based machines is to count every session with a value of 40 which results in a maximum of 250 sessions per host until the limit of 10,000 is reached. In most environments, administrators will want to adjust this default behavior to calculate load based on metrics such as RAM usage and CPU utilization. Load evaluator rules are configured via HDX Policies.


Action From DC1 launch Citrix Studio.

We will configure our policies using Citrix Studio here. The general recommendation is to use Group Policy within Active Directory for Citrix policies whenever possible though.

2.

| 249 |

Click the Policy node.

| 250 |

3.

Click Don’t show this again and then Close on the intro dialog.

4.

Click Create Policy.

5.

Type CPU Usage in the field to search for policies with that name.

| 251 |

6.

Click Select next to CPU usage.

7.

Click Enabled, leave 90 for the percentage and then click OK.

| 252 |

8.

Type Memory in the field to search for policies with that name.

9.

Click Select next to Memory usage.

10. Click Enabled, leave 90 for the percentage and then click OK.

11. Click Next.

| 253 |

12. Select Assign to selected user and machine objects. Click Assign next to Delivery Group.

13. Select the Win2012R2 PVS delivery group and click OK.

14. Click Next.

| 254 |

15. Change the Policy name to Load Evaluator and click Finish.

16. From Hyper-V Manager on the host, reset the Win2012R2PVS01 virtual machine to ensure it receives the machine policy update. Wait for it to get to the login screen. Ensure that Win2012R2PVS02 is shut down.

17. Switch to Win7Client and launch Internet Explorer. 18. Navigate to https://connect.training.lab and logon as training\administrator with password Citrix123.

19. Launch the Win2012R2 PVS Desktop.

| 255 |

20. To illustrate the load evaluator at work, we will run a load test on the VM to stress it. A tool called prime95 is used here.

21. Click OK to start the test.

22. Disconnect from the desktop session by clicking the X, then OK and logoff from StoreFront.

23. Switch to DC1. From Citrix Studio click the Delivery Groups node.

| 256 |

24. Right click the Win2012R2 PVS entry and select View Machines.

25. Right-click one of the column headers and choose Select columns.

26. Check the Load Index option and click OK.

27. Continue to monitor the load index by pressing F5 to refresh. Once the load index reaches 10000 for Win2012R2PVS01, switch to Win7Client.

| 257 |

28. Log on to the StoreFront site at https://connect.training.lab as training\user2 with password Citrix123. 29. Launch the Win2012R2 PVS Desktop and wait for it to load.

The connection will take a few minutes time as your session should be connected to Win2012R2PVS02 which gets powered on. Try launching it again if StoreFront times out.

30. Switch to DC1 and Citrix Studio. 31. Press F5 to refresh the view and verify User2 is connected to Win2012R2PVS02 by the session count and corresponding load index.

32. Right-click on both servers shown and select Log off to logoff the sessions.

33. Click Yes to confirm.

Task Summary • Load management for server-based VDAs is controlled via Citrix policies. • As server-based VDAs are maxed out at 10,000 load, additional VDAs from the delivery group are powered on to service requests.

| 258 |

Task 29 Monitoring with Director Overview Citrix Director is a web-based management console designed for displaying metrics, assisting with common tasks and empowering help desk teams. Aside from providing real-time data on a XenDesktop site, it also collects and displays historical trending information. Director can also be used to shadow user sessions with Microsoft Remote Assistance.


Action From Win7Client, logon as training\administrator with password Citrix123.

2.

Launch Internet Explorer and navigate to https://connect.training.lab.

3.

Logon to StoreFront as training\user1 with password Citrix123.

4.

Click to launch a session to the Win2012R2 PVS desktop.

5.

Start Win81Base (or another client machine in the environment) and login as training\administrator with password Citrix123. Click View > Full Screen Mode.

6.

| 259 |

7. 8.

Launch Internet Explorer and navigate to the Director web site at https://dc1.training.lab/Director. Logon with the following details: Username: Administrator Password: Citrix123 Domain: training

9.

The Dashboard screen loads upon logging in. Browse the data shown here.

10. Click Trends and observe the details on the Sessions screen.

| 260 |

11. Click the Export button and then select Export graph data (CSV). Click Open in the information bar.

12. The data will open in Excel. Close the document when done viewing.

13. Click the Connection Failures tab and observe the details.

| 261 |

14. Clicking an orange dot on the timeline will display the changes made when failures occurred.

15. Click the Logon Performance tab move the mouse over the graph to see the details.

16. Use the search box towards to top right to search for user1 and press Enter. Click Details.

17. User1’s session should be displayed in Activity Manager. Spend a moment browsing the data that is displayed.

| 262 |

18. Click the Shadow button.

19. Click Open on the information bar. 20. Switch to Win7Client and bring up the current session to Win2012R2 PVS. Click Yes on the Windows Remote Assistance dialog.

21. Switch back to Win81Base and click Request control towards the top left.

| 263 |

22. Switch to Win7Client and click Yes on the dialog about Windows Remote Assistance.

23. Switch to Win81Base and notice that you can now take control of the session. 24. Sign out of the session to Win2012R2 PVS and close Windows Remote Assistance when done.

Task Summary • Director provides a wealth of real-time and historical data. • Director allows administrators to shadow user sessions (works for both desktop and application sessions).

| 264 |

Task 30 Exploring Configuration Logging Overview Most enterprises have some form of change control in place which governs how and when production systems may be worked on. It is therefore a requirement to accurately track any configuration changes that were performed to a site. Configuration logging allows us to do just that and is automatically enabled on all XenDesktop site deployments.


Action From DC1, launch Citrix Studio.

2.

Click the Logging node.

3.

Click Don’t show this again and then Close on the Welcome screen.

At this point, all site changes will be displayed along with the corresponding timestamps and results. Certain tasks that contain additional details will have that information displayed in the bottom pane when the row is selected. Clicking on the column names will sort the data by that column. It is also possible to search for specific terms such as “catalog” or “create.”

| 265 |

| 266 |

4.

Click Create custom report under the Actions pane.

5.

Leave the default of Last 7 days and click Next.

6.

Leave the default of HTML and click Browse.

| 267 |

7.

Select the Desktop and then click OK.

8.

Click Next and then click Finish.

9.

Minimize Citrix Studio to view the Desktop. You should have two HTML files (one named Summary and one named Details).

10. Double-click the Summary HTML file to open it in Internet Explorer.

11. Spend a moment browsing the data that this file contains. Clicking the Details link for any row will show additional details from the Details HTML file. 12. Switch back to Citrix Studio and click the Preferences button on the right.

Logging is enabled by default when you install XenDesktop 7.1. It is possible (though not recommended for production) to disable logging, change the logging database and set the option to allow site changes when the database is disconnected.

| 268 |

13. The logging database is contained with the XenDesktop site database by default. For most enterprises, it is best to separate this into its own database from both a logical and management perspective. To do this, click Change logging database.

14. Enter ConfigLogging for the Database name and then click OK.

15. Click OK to create the database automatically.

| 269 |

16. Click OK.

Configuration logging information will now start clean in this new standalone, non-mirrored database yet all existing information will remain in the previous tables of the main XDSite1 database. For this reason, it is best to configure a separate database for Configuration Logging as close to the initial site setup as possible if you plan to go this route.

17. Switch to SQL1 and logon as training\administrator with password Citrix123. 18. Launch SQL Server Management Studio from the Desktop and click Connect.

It is possible to query the configuration logging database directly to obtain custom reports as needed and apply data transformation routines. This is the same process whether the configuration logging database is live, archived, standalone or integrated within the site database.

| 270 |

19. Under the SQL1 node, expand Databases and select XDSite1. Right-click and select New Query.

We will run the query against the existing information in the XDSite1 database where there is sufficient data; however, future log entries will now be written to the ConfigLogging database.

| 271 |

20. Run the following query against the XDSite1 database to return the entries that have succeeded with corresponding administrator user information. (Changing the ‘IsSuccessful’ value to 0 will show site actions that have failed.) SELECT * FROM ConfigLoggingSchema.HighLevelOperationStart Start LEFT JOIN ConfigLoggingSchema.HighLevelOperationStop Stop ON Stop.Id = Start.Id LEFT JOIN ConfigLoggingSchema.users users on users.id=start.adminid WHERE Stop.IsSuccessful IS NULL OR Stop.IsSuccessful=1

Do not be alarmed when viewing site actions that have failed. When administrators choose to cancel certain operations without committing them, the task may be logged with an unsuccessful status to show that they made an attempt.

| 272 |

21. Run the following query against the XDSite1 database to return the entries made by a specific administrator (in this case the domain administrator) and between a specific timestamp range (adjust the timestamps as needed to the current time window). SELECT * FROM ConfigLoggingSchema.HighLevelOperationStart Start INNER JOIN ConfigLoggingSchema.Users U ON Start.AdminId = U.Id AND U.AdminAccountName = 'training\administrator' INNER JOIN ConfigLoggingSchema.HighLevelOperationStop Stop ON Stop.Id = Start.Id WHERE Start.StartTime >= '2013-12-15 00:00:01' AND Stop.EndTime <= '2013-12-22 23:24:00'

Task Summary • Configuration Logging is automatically enabled in a XenDesktop 7.1 site and easily configured from within Citrix Studio. • SQL queries can be run directly against Configuration Logging data.

| 273 |

Task 31 Exploring Delegated Administration Overview Companies often have a team of administrators that keep a XenDesktop environment running. These administrators will typically require varying levels of control depending on their job details, team membership, etc. XenDesktop 7.1 features delegated administration in which administrator permissions can be defined at a very granular level.


| 274 |

1.

Action From Citrix Studio on DC1, click the Administrators node.

2.

Click Don’t show this again on the Welcome screen and then click Close.

| 275 |

3.

Click the Scopes tab and click Create Scope.

4.

Type Windows 81 PVS for the name and then select the Win81 PVS delivery group and Windows 81 PVS machine catalog before clicking Save.

5.

Click the Roles tab and then click Create Role.

| 276 |

6.

Type Junior Admin for the name and then click the checkboxes next to Delivery Groups, Director and Machine Catalogs.

7.

Expand Delivery Groups and remove Delete Application and Delete Delivery Group privileges.

| 277 |

8.

Expand Machine Catalogs and remove the Delete Machine Catalog privilege. Click Save.

9.

Click the Administrators tab and then click Create Administrator.

10. Enter training\user3 in the field and then click the Windows 81 PVS scope. Click Next.

11. Click the Junior Admin role and then click Next.

| 278 |

12. Click Finish.

13. Click Create Report.

14. Enter User3 and click OK.

15. Name the file User3 RSOP and save it on the Desktop.

| 279 |

16. Open the HTML RSOP file on the Desktop to view the results.

17. Sign out of DC1 and log back in as training\user3 with password Citrix123.

| 280 |

18. Go to the Start screen, type in “Studio” and launch Citrix Studio.

19. When Citrix Studio loads, you’ll notice that some of the options and nodes are not available for this delegated administrator. This confirms that delegated access is in place for this user.

20. Click the Delivery Groups node. Right-click on the Win81 PVS Delivery Group and notice that there is no option available to remove the delivery group.

| 281 |

21. Launch a PowerShell window. Type ASNP Citrix.* and press Enter.

22. Run Remove-BrokerDesktopGroup Win8* and notice that an error message is presented about insufficient administrative privilege.

This shows us that delegated administration is enforced through both the management console as well as through PowerShell.

23. Sign out of DC1 and log back in as training\administrator with password Citrix123.

Task Summary • XenDesktop 7.1 provides granular delegated control for any number of administrators that need to work in an environment. • Delegated permissions are enforced through all management areas including Studio, Director and PowerShell.

| 282 |

Task 32 Working with PowerShell Overview XenDesktop is based on PowerShell, and as such, it is important to understand how to interact with the various cmdlets available. PowerShell as a language is primarily case-insensitive; however, the cmdlets shown below are capitalized for readability purposes. PowerShell supports tab autocomplete in most instances as well.


Action From DC1 launch a PowerShell prompt.

2.

Run the following to load the Citrix snap-ins: ASNP Citrix.*

3.

Run the following to list all the Citrix-specific cmdlets: Get-Command –Module citrix.*

| 283 |

4.

Let’s find out more information about a specific cmdlet by running: Help Get-BrokerMachine

5.

| 284 |

Review the help information provided and continue pressing Spacebar until you are returned back to the prompt.

6.

Run the following to see examples of using this specific cmdlet: Help Get-BrokerMachine –Examples

| 285 |

7.

Now run the cmdlet to see the results: Get-BrokerMachine

Detailed information about each VDA will be displayed.

| 286 |

8.

Now run the following to show the VDAs that are not currently registered: Get-BrokerMachine –RegistrationState Unregistered | ft DNSName

This will return the FQDNs of the VDAs that are not registered. The results shown here may vary from your environment. “FT” is a PowerShell alias for Format-Table and it displays the data formatted with one or more properties specified.

9.

Run the following to list all the published applications in the environment with their paths: Get-BrokerApplication | ft PublishedName, CommandLineExecutable

App-V applications will always show with CtxAppVLauncher.exe as that is the process that begins the App-V launch sequence.

| 287 |

10. With pooled catalogs, machines are automatically restarted after each use which discards any changes when using MCS or PVS without Personal vDisk. If you wish to prevent the pooled machines from automatically restarting (perhaps for testing and to conserve resources) this can be accomplished using PowerShell. Run the following to prevent the Windows 81 pooled PVS catalog from automatically restarting when users logoff (type all on one line): Set-BrokerDesktopGroup -Name "Win81 PVS" -ShutdownDesktopsAfterUse $False

No confirmation will be returned after running this statement.

Run Get-BrokerDesktopGroup “Win81 PVS” | ft ShutdownDesktopsAfterUse

This command is to confirm it is set to false.

11. Run the following to see the details of the site: Get-BrokerSite

| 288 |

12. Notice that on the step above the property TrustRequestsSentToTheXmlServicePort is set to False by default

NOTE: Trusting requests sent to the XML Service means that XenDesktop can use the information passed on from NetScaler Gateway to control desktop access and session policies. This information includes the use of NetScaler Gateway filters to control access to virtual desktops and applications and to set XenDesktop session policies. If you do not trust requests sent to the XML Service, this additional information is ignored. Previously in XenApp, this option was configured in a Computer Policy. Before enabling this rule, avoid security risks by using IPSec, firewalls, or another technology that ensures that only trusted services communicate with the XML Service. 13. Run the following to enable the XML Service to trust requests it receives: Set-BrokerSite –TrustRequestsSentToTheXmlServicePort $true Run Get-BrokerSite again to confirm that the change was made.

Task Summary In this task we looked at how to interact with XenDesktop using PowerShell.

| 289 |

Task 33 Creating Desktops with the BDM Option Using the XenDesktop Setup Wizard Overview Using a Provisioning Services streamed vDisk, the XenDesktop Setup Wizard assists in deploying virtual desktops to a number of cloned virtual machines (VMs). In this task, we will use the Boot Device Manager (BDM) option instead of PXE to deliver the required startup information to the VMs.


| 290 |

1.

Action Switch to the PVS1 VM. From the Provisioning Services Console right-click on PVSSite1 in the Console tree panel, then select XenDesktop Setup Wizard…

2.


3.



| 291 |

4.

Select the Virtualization Settings Host1Settings and click Next.

5.

The username should be populated as training\scvmmsvc. Supply the host password Citrix123 and click OK.

| 292 |

6.

A list of available templates appears. Select the PVS Template and click Next.

7.

Select PVS.network for the streaming network and then click Next.

8.

Select the PVSStore\Win81 vDisk and click Next.

9.

Select Use an existing catalog and choose Windows 81 PVS. Then click Next.

10. Accept all the defaults of vCPUs and memory as these are inherited from the VMM template. Select BDM disk for the Boot mode and click Next.


| 293 |

12. Select training.lab/VDAs and type Win81PVS## for Account naming scheme and click Next.

The computer names Win81PVS01 and Win81PVS02 are already in use so this machine created will be named Win8PVS03.

13. Click Finish.

| 294 |


15. From Hyper-V Manager on the host, right-click on Win81PVS03 and go to Settings.

| 295 |

16. Verify under IDE Controller 0 that the BDM disk was automatically added. Then click OK. Win81PVS03_bdm.vhd

17. Wait for Win81PVS03 to power itself off (first setup routine) and then turn it back on. You should see on the boot menu it’s using BDM and not PXE.

18. Login to Win81PVS03 as training\administrator with password Citrix123. 19. Open Disk Management from Control Panel > Administrative Tools > Computer Management.

| 296 |

20. Verify that the BDM disk (8MB) is shown.

Task Summary As an alternative to using PXE, the Boot Device Manager (BDM) can create a bootstrap file on a local hard drive, USB flash drive, or ISO image. The bootstrap file will then be used to boot the target device.

| 297 |

Revision:

Change Description

Updated By

Date

1.0

Original version

Citrix Readiness

February 2014

About Citrix Citrix Systems, Inc. designs, develops and markets technology solutions that enable information technology (IT) services. The Enterprise division and the Online Services division constitute its two segments. Its revenues are derived from sales of Enterprise division products, which include its Desktop Solutions, Datacenter and Cloud Solutions, Cloud-based Data Solutions and related technical services and from its Online Services division's Web collaboration, remote access and support services. It markets and licenses its products directly to enterprise customers, over the Web, and through systems integrators (Sis) in addition to indirectly through value-added resellers (VARs), value-added distributors (VADs) and original equipment manufacturers (OEMs). In July 2012, the Company acquired Bytemobile, provider of data and video optimization solutions for mobile network operators. http://www.citrix.com

| 298 |

XenDesktop 7.1 on Hyper-V Pilot Guide v1.0

Recommend Documents