Delivery Controller 7.6 / LTSR

Last Modified: Nov 7, 2020 @ 6:34 am

Navigation

Preparation

Citrix Licensing – If you are going to use an existing Citrix Licensing Server, upgrade it to 11.13.1.2 build 16002.

 SQL Databases

  • Citrix blog post Database Sizing Tool for XenDesktop 7 and Bugfix for Database Sizing Tool
  • Citrix article CTX114501 – Supported Databases for Citrix Products
  • There are typically three databases: one for the Site (aka farm), one for Logging (audit log) and one for Monitoring (Director).
    • The monitoring database name must not have any spaces in it. See CTX200325 Database Naming Limitation when Citrix Director Accesses Monitoring Data Using OData APIs
    • If you want Citrix Studio to create the SQL databases automatically, then the person running Studio must be a sysadmin on the SQL instances. No lesser role will work.
    • As an alternative, you can use Citrix Studio to create SQL scripts and then run those scripts on the SQL server. In that case you only need the dbcreator and securityadmin roles.
    • It is possible to create the databases in advance. However, you must use the non-default Latin1_General_100_CI_AS_KS collation. Then use Citrix Studio to configure the database tables.
  • Citrix recommends SQL Mirroring because it has the fastest failover.
    • SQL Mirroring requires two SQL Standard Edition servers and one SQL Express for the witness server.
    • You can setup SQL Mirroring either before installing XenDesktop or after installing XenDesktop. If after, then see Citrix CTX140319 to manually change XenDesktop’s database connection strings How to Migrate XenDesktop Database to New SQL Server.
    • To setup SQL Mirroring, see Rob Cartwright: Configure SQL Mirroring For Use With XenDesktop, XenApp, and PVS Databases.
    • If you try to stretch the mirror across datacenters, the SQL witness must be placed in a third datacenter that has connectivity to the other two datacenters. However, stretching a single XenApp/XenDesktop site/farm and corresponding SQL mirror across datacenters is not recommended.
  • AlwaysOn Availability Groups and SQL Clustering are also supported. However, these features require the much more expensive SQL Enterprise Edition.

 Windows Features

  • Installing Group Policy Management on the Delivery Controller lets you edit GPOs and have access to the Citrix Policies node in the GPO Editor. Or you can install Studio on a different machine that has GPMC installed.
  • vSphere Web Client – if you will connect to vSphere Web Client from the Controller machine, Flash Player is only available for IE if you install the Desktop Experience feature. Or you can use Google Chrome.

 vSphere

Delivery Controller Install

  1. A typical size for the Controller VMs is 2-4 vCPU and 8 GB of RAM.
  2. On two Controllers, install the Delivery Controller software from the XenApp/XenDesktop 7.6 media. Go to the downloaded XenDesktop 7.6 ISO and run AutoSelect.exe.
  3. Click Start next to either XenApp or XenDesktop. The only difference is the product name displayed in the installation wizard.
  4. On the left, click Delivery Controller.
  5. You can install all components on one server or on separate servers. Splitting them out is only necessary in large environments or if you want to share the components (e.g. Licensing, StoreFront, Director) across multiple farms.
  6. In the Features page, uncheck the box next to Install Microsoft SQL Server 2012 SP1 Express and click Next.
  7. In the Summary page, click Install.
  8. In the Installation Successful page, click Finish. Studio will automatically launch.
  9. Ensure the two Controller VMs do not run on the same hypervisor host. Create an anti-affinity rule.

Create Site

There are several methods of creating the databases for XenApp/XenDesktop:

  • If you have sysadmin permissions to SQL, let Citrix Studio create the databases automatically.
  • If you don’t have sysadmin permissions to SQL then do one of the following:
    • Use Citrix Studio to generate SQL scripts and send them to a DBA.
    • Use PowerShell to generate SQL scripts and send them to a DBA.

Database Mirroring

If you are not using database mirroring then skip to the next section.

You can setup SQL Mirroring either before configuring XenDesktop or after configuring XenDesktop.

  • If before, then the empty databases (Site, Logging, Monitoring) must use the Latin1_General_100_CI_AS_KS collation, which is not the default.
  • If SQL Mirroring is already setup then XenDesktop will detect it and set the database connection strings accordingly. Or you can manually change the database connection strings later as detailed at Citrix CTX140319 How to Migrate XenDesktop Database to New SQL Server.
  • If you use Citrix Studio to create SQL scripts that populate the databases, then there will be separate SQL scripts for the Primary and Partner.

To verify mirroring after the XenDesktop configuration has completed, run the PowerShell cmdlet get-configdbconnection and ensure that the Failover Partner has been set in the connection string to the mirror.

 

Use PowerShell to Create SQL Scripts

From Sinisa Sokolic XenDesktop 7.x DB creation with locked SQL Servers: The PowerShell Commands to generate the SQL scripts that create the databases are shown below:

Get-XDDatabaseSchema -SiteName SITENAME -DataStore Site -DatabaseName DBNAME -DatabaseServer DBSERVERNAME -ScriptType FullDatabase > c:\prep\dev_create_site_script.sql

Get-XDDatabaseSchema -SiteName SITENAME -DataStore Logging -DatabaseName DBNAME -DatabaseServer DBSERVERNAME -ScriptType FullDatabase > c:\prep\dev_create_logging_script.sql

Get-XDDatabaseSchema -SiteName SITENAME -DataStore Monitor -DatabaseName DBNAME -DatabaseServer DBSERVERNAME -ScriptType FullDatabase > c:\prep\dev_create_monitor_script.sql

Use Studio to Create the Database

Or use Citrix Studio to create the SQL Scripts:

  1. Launch Citrix Studio. After it loads, click Deliver applications and desktops to your users.
  2. In the Introduction page, select An empty, unconfigured site. This reduces the number of pages in this Setup wizard. The other pages will be configured later.
  3. Enter a Site Name (aka farm name) and click Next. Only administrators see the farm name.
  4. In the Database page, enter the name of the SQL server where the database will be created. Enter a name for the new Database. No spaces in the database name.
  5. If the person running Studio is a sysadmin on the SQL server then you can click Test Connection and click Yes when asked to automatically create the database.
  6. If you are not a sysadmin then click Generate database script.
  7. A folder will open with two scripts. The top script needs to be sent to a DBA.
  8. On the Principal SQL Server, open the query (Script_For_Database…sql).

  9. At the top of the script, is a commented line that creates the database. Either uncomment it or copy it to a second query window and execute it. Or in the case of mirroring, the database is already created so there’s no need to create the database again.
  10. Open the Query menu and click SQLCMD Mode.
  11. Then execute the rest of the script.
  12. If SQLCMD mode was enabled properly then the output should look something like this:
  13. If you have a mirrored database, run the second script on the mirror SQL instance. Make sure SQLCMD mode is enabled.
  14. The person running Citrix Studio must be added to the SQL Server as a SQL Login and granted the public server role.

  15. Back in Citrix Studio, click the Test connection button.
  16. Click Close once the tests have passed. Then click Next.
  17. On the Licensing page, enter the name of the Citrix License Server and click Connect.
  18. If the Certificate Authentication appears, select Connect me and click Confirm.
  19. Then select your license and click Next.
  20. In the Summary page, make your selection for Customer Experience Improvement Program and click Finish.

Verify Database Mirroring

If your database is mirrored, when you run get-brokerdbconnection, you’ll see the Failover Partner in the database connection string.

Second Controller

There are several methods of adding a second Controller to the databases for XenApp/XenDesktop:

  • If you have sysadmin permissions to SQL, let Citrix Studio modify the databases automatically.
  • If you don’t have sysadmin permissions to SQL then do one of the following:
    • Use Citrix Studio to generate SQL scripts and send them to a DBA.
    • Use PowerShell to generate SQL scripts and send them to a DBA.

From Sinisa Sokolic XenDesktop 7.x DB creation with locked SQL Servers: The PowerShell Commands to generate the SQL scripts that add a Controller to the databases are shown below:

Get-XDDatabaseSchema -AdminAddress CONTROLLERNAME-SiteName SITENAME -DataStore Site -DatabaseName DBNAME-DatabaseServer DBSERVERNAME -ScriptType AddController > C:\prep\dev_add_controller_site_script.sql

Get-XDDatabaseSchema -AdminAddress CONTROLLERNAME-SiteName SITENAME -DataStore Logging -DatabaseName DBNAME-DatabaseServer DBSERVERNAME -ScriptType AddController > C:\prep\dev_add_controller_logging_script.sql

Get-XDDatabaseSchema -AdminAddress CONTROLLERNAME-SiteName SITENAME -DataStore Monitor -DatabaseName DBNAME-DatabaseServer DBSERVERNAME -ScriptType AddController > C:\prep\dev_add_controller_monitor_script.sql

Or use Citrix Studio to create the SQL Scripts:

  1. On the 1st Delivery Controller, if desired, delete the default StoreFront store (/Citrix/Store) and recreate it with your desired Store name (e.g. /Citrix/CompanyStore).
  2. On the 2nd Delivery Controller, install XenDesktop as detailed earlier.
  3. After running Studio, click Connect this Delivery Controller to an existing Site.
  4. Enter the name of the first Delivery Controller and click OK.
  5. If you don’t have elevated SQL permissions, click No when asked if you want to update the database automatically.
  6. Click Generate scripts.
  7. A folder will open with two scripts. The top script needs to be sent to a DBA.
  8. On the SQL Server, open the query (Script_For_Database…sql).

  9. Open the Query menu and click SQLCMD Mode.
  10. Then execute the XenDesktop script.
  11. If SQLCMD mode was enabled properly then the output should look something like this:
  12. Back in Citrix Studio, click OK.
  13. In the Studio, under Configuration > Controllers, you should see both controllers.
  14. You can also test the site again if desired.

Delivery Controller Updates

Install the following updates on both Controllers.

The updates detailed below are the same that are included in the Long Term Service Release.

Delivery Controller Hotfixes Update 3

Install Delivery Controller Hotfixes Update 3. If you are upgrading a production installation of multiple Controllers, see Citrix CTX205921 How to Install XenDesktop/XenApp 7.x Controller Hotfixes

  1. Make sure the site is configured (database is created and populated) before installing these updates.
  2. After installing these updates Studio will prompt you to upgrade the database. Coordinate schedules with a DBA before installing these updates. Install the updates on one Controller, upgrade the database, and then install the updates on the remaining Controllers.
  3. On half of the Controllers, install all of the hotfix files. You can delay the reboot until all of them are installed. Don’t install the hotfixes on the remaining Controllers until you’ve used Studio on this Controller to upgrade the database.
  4. Note: if you installed the Controller software in a non-default path, and if UAC is enabled, you will need to run command prompt as administrator and run the MSP files from there. Otherwise the Citrix services will revert to the default path.

  5. Once all of the hotfixes are installed on one Controller, launch Studio.
  6. You’ll be asked if License Server is compatible. Check the box and click Continue.
  7. Choose one of the database upgrade options depending on what your DBA allows you to do.

PowerShell Module 7.6 Hotfix 3

Install XenDesktop PowerShell Module 7.6 Hotfix 3 on all Controllers and Studio machines.


Citrix Studio 7.6 Hotfix 3

Citrix CTX213045 Vulnerability in Citrix Studio Could Result in Insecure Access Policy Configuration – fixed in Citrix Studio 7.6.2000 from XenApp/XenDesktop 7.6 LTSR CU2 (7.6.2000). Use the script at CTX213417 Insecure Access Policy Rules to verify the presence of the vulnerability.  💡

If you’re not concerned about the vulnerability, install Citrix Studio 7.6 Hotfix 3.

Citrix Group Policy Management 2.5 (aka 7.6.300)

Install Citrix Group Policy Management 2.5 (aka 7.6.300) on every machine that has Studio, Director, and/or Microsoft Group Policy Management installed. Download it from XenDesktop Platinum, XenDesktop Enterprise, XenApp Platinum, or XenApp Enterprise, depending on your license.

Director 7.6.300

  1. If Director is installed on the Controller, upgrade it to Director 7.6.300. Download from XenDesktop Platinum, XenDesktop Enterprise, XenApp Platinum, or XenApp Enterprise, depending on your license.

  2. After installing the upgraded Director, run the following command from an elevated command prompt:
    C:\inetpub\wwwroot\Director\tools\DirectorConfig.exe /upgrade

StoreFront 3.0.1

If StoreFront is installed on the Controller, upgrade it to StoreFront 3.0.1.


Citrix Licensing 11.13.1.2 build 16002

If Citrix Licensing is installed on the Controller, upgrade it to Citrix Licensing 11.13.1.2 build 16002 by running CitrixLicensing.exe.

Studio – Slow Launch

Install Citrix Studio 7.6 Hotfix 3.

From B.J.M. Groenhout at Citrix Discussions: The following adjustments can be made if Desktop Studio (and other Citrix management Consoles) will start slowly:

  • Within Internet Explorer, go to Tools – Internet Options – Tab Advanced – Section Security and uncheck the option Check for publisher’s certificate revocation

After adjustment Desktop Studio (MMC) will be started immediately. Without adjustment it may take some time before Desktop Studio (MMC) is started.

Registry setting (can be deployed using Group Policy Preferences):

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
    • State“=dword:00023e00

Database Maintenance

Split the Databases

Once the site is configured, split the Monitoring and Log data into separate databases.

  1. In Citrix Studio, on the left click the Configuration node.
  2. In the middle, click the Monitoring datastore to highlight it. On the right, click Change Database.
  3. Repeat for the Logging datastore.

 View Logging Database

To view the contents of the Logging Database, in Studio, click the Logging node. On the right is Create Custom Report. See Citrix article CTX138132 Viewing Configuration Logging Data Not Shown for more info.

 Enable Read-Committed Snapshot

The XenDesktop Database can become heavily utilized under load in a large environment. Therefore Citrix recommends enabling the Read_Committed_Snapshot option on the XenDesktop databases to remove contention on the database from read queries. This can improve the interactivity of Studio and Director. It should be noted that this option may increase the load on the tempdb files. See Citrix article CTX137161 How to Enable Read-Committed Snapshot in XenDesktop for configuration instructions.

 Change Database Connection Strings

Sometimes the database connection strings need to be modified:

  • When moving the SQL databases to a different SQL server
  • When enabling mirroring after the databases have already been configured in Studio.

Citrix blog post Updating Database Connection Strings in XenDesktop 7.x has PowerShell scripts to update the database connection strings.

Director Grooming

If XenDesktop is not Platinum Edition then all historical Director data is groomed at 7 days.

For XenDesktop/XenApp Platinum Edition, by default, most of the historical Director data is groomed at 90 days. This can be adjusted up to 367 days by running a PowerShell applet.

  1. On a Delivery Controller, run PowerShell and run asnp Citrix.*

  2. Run Get-MonitorConfiguration to see the current grooming settings.
  3. Run Set-MonitorConfiguration to change the grooming settings.

Studio Administrators

Full Administrators

  1. In the Studio, under Configuration, click the Administrators node. The first time you access the node you’ll see a Welcome page. Feel free to check the box and then click Close.
  2. On the Administrators tab, right-click and click Create Administrator.
  3. In the Administrator and Scope page, specify a group (e.g. Citrix Admins or Help Desk) that will have permissions to Studio and Director. Click Next.
  4. On the Role page, select a role and then click Next. For example:
    • Full Administrator for the Citrix Admins group
    • Help Desk Administrator for the Help Desk group
    • Machine Catalog Administrator for the desktop team
  5. In the Summary page, click Finish.

Help Desk

  1. In the Studio, under Configuration, click the Administrators node. On the Administrators tab, right-click and click Create Administrator.
  2. In the Administrator and Scope page, specify a Help Desk group that will have permissions to Studio and Director. Click Next.
  3. On the Role page, select the Help Desk Administrator role and then click Next.
  4. In the Summary page, click Finish.
  5. When administrators in the Help Desk role log into Director, all they see is this.

    To jazz it up a little, add the Help Desk group to the read-only role.
  6. Right-click the Help Desk Administrator and click Edit Administrator.
  7. Click Add.
  8. In the Scope page, select a scope and click Next.
  9. In the Role page, select Read Only Administrator and click Next.
  10. In the Summary page, click Finish.
  11. Then click OK. Now Director will display the dashboard.

Provisioning Services w/Personal vDisk

From Citrix docs.citrix.com: The Provisioning Services Soap Service account must be added to the Administrator node of Studio and must have the Machine Administrator or higher role. This ensures that the PvD desktops are put into the Preparing state when the Provisioning Services (PVS) vDisk is promoted to production.

vCenter Connection

XenDesktop uses an Active Directory service account to log into vCenter. This account needs specific permissions in vCenter. To facilitate assigning these permissions, create a new vCenter role and assign it to the XenDesktop service account. The permissions should be applied at the datacenter or higher level.

Import vCenter Certificate

If you replaced the certificates on your vCenter server, then skip this section.

If vCenter is using a self-signed certificate, in order for Delivery Controller to trust the vCenter certificate, you must import the vCenter certificate on both Delivery Controllers.

  1. On each Delivery Controller, run mmc.exe. Open the File menu and click Add/Remove Snap-in.
  2. Move the Certificates snap-in to the right by highlighting it and clicking Add.
  3. Select Computer account and click Next.
  4. Select Local computer and click Finish.
  5. Click OK.
  6. After adding the snap-in, right-click the Trusted People node, expand All Tasks and click Import.
  7. In the Welcome to the Certificate Import Wizard page, click Next.
  8. In the File to Import page, browse to \\vcenter01\c$\ProgramData\VMware\VMware VirtualCenter\SSL and select crt. Click Next.
  9. In the Certificate Store page, click Next.
  10. In the Completing the Certificate Import Wizard page, click Finish.
  11. Click OK to acknowledge that the import was successful.
  12. Repeat these steps on the second Controller. It is important that you do both Controllers before adding the vCenter connection.

Hosting Resources

A Hosting Resource = vCenter + Cluster (Resource Pool) + Storage + Network. When you create a machine catalog, you select a previously defined Hosting Resource and the Cluster, Storage, and Network defined in the Hosting Resource object are automatically selected. If you need some desktops on a different Cluster+Storage+Network then you’ll need to define more Hosting Resources in Studio.

  1. In Studio, expand Configuration and click Hosting. Right-click it and click Add Connection and Resources.
  2. In the Connection page, select VMware vSphere as the Host type.
  3. Enter https://vcenter01.corp.local/sdk as the vCenter URL. The URL must contain the FQDN of the vCenter server. If the vCenter certificate is self-signed, ensure it is added to the Trusted People certificate store on all Delivery Controllers. Ensure the entered URL has /sdk on the end.
  4. Enter credentials of a service account. Click Next.
  5. Enter a name for the hosting resource. Since each hosting resource is a combination of vCenter, Cluster, Network, and Datastore, include those names in this field (e.g. vCenter01-Cluster01-Network01-Datastore01).
  6. In the Cluster page, click Browse and select a cluster or resource pool.
  7. Select a network and click Next.
  8. On the Storage page, select a datastore for the virtual machines.
  9. If desired, change the selection for personal vDisk to use a different storage. Click Next.
  10. In the Summary page, click Finish.

Citrix Director

Director on Standalone Server

If you are installing Director 7.6.300 on a standalone server, see Citrix CTX142260 Installing or Upgrading to Citrix Director 7.6.200

  1. If you intend to install Director on a standalone server, start with running AutoSelect.exe from the XenApp/XenDesktop 7.6 media.
  2. On the right, click Citrix Director.
  3. It will ask you for the location of one Controller in the farm. Then finish the installation wizard.
  4. Then upgrade it to Director 7.6.300. Director 7.6.300 is contained in the Framehawk components from XenApp/XenDesktop 7.6 Feature Pack 2. Download Framehawk from XenApp Platinum, XenApp Enterprise, XenDesktop Platinum, or XenDesktop Enterprise, depending on your license.

  5. After installing the upgrade, run the following command from an elevated command prompt:
    C:\inetpub\wwwroot\Director\tools\DirectorConfig.exe /upgrade

  6. Also install Citrix Group Policy Management 2.5 (aka 7.6.300) on the Director server. Download from XenDesktop Platinum, XenDesktop Enterprise, XenApp Platinum, or XenApp Enterprise, depending on your license.

Director Tweaks

Prepopulate the domain field

From http://www.xenblog.dk/?p=33: On the Controllers having the Director role installed, locate and edit the ‘LogOn.aspx’ file. By default you can find it at “C:\inetpub\wwwroot\Director\Logon.aspx”

In line 328 or line 358 you will have the following. To find the line, search for ID=”Domain”. Note: onblur and onfocus attributes were added in newer versions of Director.

<asp:TextBox ID="Domain" runat="server" CssClass="text-box" onfocus="showIndicator(this);" onblur="hideIndicator(this);"></asp:TextBox>

In the ID=”Domain” element, insert a Text attribute and set it to your domain name. Don’t change or add any other attributes. Save the file.

<asp:TextBox ID="Domain" runat="server" Text="Corp" CssClass="text-box" onfocus="showIndicator(this);" onblur="hideIndicator(this);"></asp:TextBox>

This will prepopulate the domain field text box with your domain name and still allow the user to change it, if that should be required.

Session timeout

By default the idle time session limit of the Director is 245 min. If you wish to change the timeout, here is how to do it.

  1. Log on to the Director Server as an administrator
  2. Open the ‘IIS Manager’
  3. Browse to ‘\Sites\Default Web Site\Director’ in the left hand pane.
  4. Open ‘Session State’ in the right hand pane
  5. Change the ‘Time-out (in minutes)’ value under ‘Cookie Settings’
  6. Click ‘Apply’ in the Actions list

SSL Check

From http://euc.consulting/blog/citrix-desktop-director-2-1: If you are not securing Director with an SSL certificate you will get this error at the logon screen.

To stop this:

  1. Log on to the Director Server as an administrator
  2. Open the ‘IIS Manager’
  3. Browse to ‘\Sites\Default Web Site\Director’ in the left hand pane.
  4. Open ‘Application Settings’ in the right hand pane
  5. Set EnableSslCheck to false.

Disable Activity Manager

From docs.citrix.com: By default, the Activity Manager in Director displays a list of all the running applications and the Windows description in the title bars of any open applications for the user’s session. This information can be viewed by all administrators that have access to the Activity Manager feature in Director. For Delegated Administrator roles, this includes Full administrator, Delivery Group administrator, and Help Desk Administrator.

To protect the privacy of users and the applications they are running, you can disable the Applications tab from listing running applications.

  • On the VDA, modify the registry key located at HKLM\Software\Citrix\Director\TaskManagerDataDisplayed. By default, the key is set to 1. Change the value to 0, which means the information will not be displayed in the Activity Manager.
  • On the server with Director installed, modify the setting that controls the visibility of running applications. By default, the value is true, which allows visibility of running applications in the Applications Change the value to false, which disables visibility. This option affects only the Activity Manager in Director, not the VDA. Modify the value of the following setting:
    UI.TaskManager.EnableApplications = false

Large Active Directory

From CTX133013 Desktop Director User Account Search Process is Slow or Fails: By default, all the Global Catalogs for the Active Directory Forest are searched using Lightweight Directory Access Protocol (LDAP). In a large Active Directory environment, this query can take some time or even time out.

  1. In Information Server (IIS) Management, under the Desktop Director site, select Application Settings and add a new value called ActiveDirectory.ForestSearch. Set it to False. This disables searching any domain except the user’s domain and the server’s domain.
  2. To search more domains, add the searchable domain or domains in the ActiveDirectory.Domains field.

Site Groups

From Citrix Blog Post Citrix Director 7.6 Deep-Dive Part 4: Troubleshooting Machines:

If there are a large number of machines, the Director administrator can now configure site groups to perform machine search so that they can narrow down searching for the machine inside a site group. The site groups can be created on the Director server by running the configuration tool via command line by running the command:

C:\inetpub\wwwroot\Director\tools\DirectorConfig.exe /createsitegroups

Then provide a site group name and IP address of the delivery controller of the site to create the site group.

Director – Multiple XenDesktop Sites

  1. Run IIS Manager. You can launch it from Server Manager (Tools menu) or from the Start Menu or by running inetmgr.
  2. On the left, expand Sites, expand Default Web Site, and click Director.
  3. In the middle pane, double-click Application Settings.
  4. Find the entry for AutoDiscoveryAddresses and double-click it.
  5. If Director is installed on a Controller, localhost should already be entered.
  6. Add a comma and the NetBIOS name of one of the controllers in the 2nd XenDesktop Site (farm). Only enter one Controller name. If you have multiple Director servers, you can point each Director server to a different Controller in the 2nd XenDesktop Site (farm).
  7. According to Citrix CTX200543 Desktop Director Access Fails After XenDesktop 7.5 is Upgraded to 7.6, the addresses should be NetBIOS names, not FQDN. Click OK.

Director – Saved Filters

From Scott Osborne and Jarian Gibson at Citrix Discussions: In Director, you can create a filter and save it.

The saved filter is then accessible from the Filters menu structure.

The saved filters are stored on each Director server at C:\Inetpub\wwwroot\Director\UserData. Observations:

  • Each user has their own saved filters.
  • The saved filters are not replicated across Director servers. You can schedule a robocopy script to do this automatically.
  • When upgrading Director, the saved filters are deleted?

Director – Custom and Scheduled Reports

The Monitoring database contains more data than is exposed in Director. To view this data, the Monitoring service has an OData Data Feed that can be queried.

You can use Excel to pull data from the OData Data feed. See Citrix Blog Post – Citrix Director – Analyzing the Monitoring Data by Means of Custom Reports. This particular blog post shows how to use an Excel PivotChart to display the connected Receiver versions.

Or for Linqpad, see Citrix Blog Post – Creating Director Custom reports for Monitoring XenDesktop using Linqpad

Go to Citrix Blog Post Obtain XenDesktop Custom report through Citrix Director and download the tool. Once installed you can create custom reports from within Director.

Citrix Licensing Server

Upgrade

If you installed the Licensing Server that came with XenApp 7.6, upgrade it to 11.13.1.2.

  1. Go to the downloaded Citrix Licensing 11.13.1.2 build 16002 and run CitrixLicensing.exe.
  2. Click Upgrade.
  3. Click Finish.
  4. If you go to Programs and Features, it should now show version 11.1.0.16002.
  5. If you login to the license server web console, on the Administration tab, it shows it as version 11.13.1 build 16002.
  6. You can also view the version in the registry at HKLM\Software\Wow6432Node\Citrix\LicenseServer\Install.

Licensing Server HA using GSLB

From Dane Young – Creating a Bulletproof Citrix Licensing Server Infrastructure using NetScaler Global Server Load Balancing (GSLB) and CtxLicChk.ps1 PowerShell Scripts. Here is a summary of the configuration steps. See the blog post for detailed configuration instructions.

  1. Build two License Servers in each datacenter with identical server names. Since server names are identical, they can’t be domain-joined.
  2. Install identical licenses on all License Servers.
  3. Set the DisableStrictNameChecking registry key on all Citrix Licensing servers.
  4. Synchronize the certificate files located at C:\Program Files (x86)\Citrix\Licensing\WebServicesForLicensing\Apache\conf. They must be identical on all Licensing Servers.
  5. Download CtxLicChk.exe from http://support.citrix.com/article/CTX123935 and place on all Licensing Servers.
  6. Schedule the PowerShell script CtxLicChk.ps1 on all Licensing Servers. Get this script from the blog post linked above.
  7. Configure NetScaler:
    1. Configure GSLB ADNS services.
    2. Add wildcard Load Balancing service for each Citrix Licensing Server.
    3. Configure service TCP monitoring for ports 27000, 7279, 8082, and 8083.
    4. Create Load Balancing Virtual Server for each Licensing Server.
    5. Set one Load Balancing Virtual Server as backup for the other.
    6. Repeat in second datacenter.
    7. Configure GSLB Services and GSLB Monitoring.
    8. Configure GSLB Virtual Servers. Set one GSLB Virtual Server as backup for the other.
  8. Delegate the Citrix Licensing DNS name to the ADNS services on the NetScaler appliances.
  9. Configure Citrix Studio to point to the GSLB-enabled DNS name for Citrix Licensing.

Citrix License Server Monitoring

Citrix Licensing 11.13.1 and newer has historical usage reporting:  💡

  1. Run Citrix Licensing Manager from the Start Menu. Or use a browser to connect to https://MyLicenseServer:8083
  2. Use the drop-down menus to select a license type, select dates, and export to a .csv file.
  3. On the top right is a gear icon where you can set the historical retention period.

http://www.jonathanmedd.net/2011/01/monitor-citrix-license-usage-with-powershell.html.

Lal Mohan – Citrix License Usage Monitoring Using Powershell

Jaroslaw Sobel – Monitoring Citrix Licenses usage – Graphs using WMI, Powershell and RRDtool. This script generates a graph similar to the following:

CtxLicUsage-1d_

Remote Desktop Licensing Server

Install Remote Desktop Licensing Server

Do the following on your XenDesktop Controllers:

  1. In Server Manager, open the Manage menu and click Add Roles and Features.
  2. Click Next until you get to the Server Roles Check the box next to Remote Desktop Services and click Next.
  3. Click Next until you get to the Role Services Check the box next to Remote Desktop Licensing and click Next.
  4. Click Add Features if prompted.
  5. Then finish the wizard to install the role service.

Activate Remote Desktop Licensing

  1. After RD Licensing is installed, in Server Manager, open the Tool menu, expand Terminal Services and click Remote Desktop Licensing Manager.
  2. The tool should find the local server. If it does not, right-click All servers, click Connect and type in the name of the local server. Once the local server can be seen in the list, right-click the server and click Activate Server.
  3. In the Welcome to the Activate Server Wizard page, click Next.
  4. In the Connection Method page, click Next.
  5. In the Company Information page, enter the required information and click Next.
  6. All of the fields on the Company Information page are optional so you do not have to enter anything. Click Next.
  7. In the Completing the Activate Server Wizard page, uncheck the box next to Start Install Licenses Wizard now and click Finish. Since the session hosts will be configured to pull Per User licenses, there is no need to install licenses on the RD Licensing Server.
  8. In RD Licensing Manager, right-click the server and click Review Configuration.
  9. Ensure you have green check marks. If the person installing Remote Desktop Licensing does not have permissions to add the server to the Terminal Server License Servers group in Active Directory, ask a domain admin to do it manually. If you have the proper permissions, click Add to Group.
  10. Click Continue when prompted that you must have Domain Admins privileges.
  11. Click OK when prompted that the computer account has been added.
  12. Click OK to close the window.

Health Check

Andrew Morgan – New Free Tool: Citrix Director Notification Service: The Citrix Director Notification service sits on an edge server as a service (or local to the delivery controller) and periodically checks the health of:

  • Citrix Licensing.
  • Database Connections.
  • Broker Service.
  • Core Services.
  • Hypervisor Connections.

And if any of these items fall out of bounds, an SMTP alert is sent to the mailbox of your choice for action. The tool will also send “All Clear” emails when these items are resolved, ensuring you are aware when the service has resumed a healthy state.

Related Pages

55 thoughts on “Delivery Controller 7.6 / LTSR”

  1. Hey Carl,

    Again, thanks for your help awhile back with my Citrix upgrade! I DO have a question about what Citrix Techs have told me concerning Xenapp and split databases. We started out with Citrix Xenapp 7.6, our vendor set up ONE database for Site, Monitoring & Logging. However, here we are 7 years later, now running Xenapp 7.15 LTSR CU7 with that same ONE Database.. when I decided to possibly split it up into 3 .. I was told that since we had started with 7.6 in this configuration, there is a limitation.. meaning we can’t split it up now. IF we had started with 3, would have been fine.

    Is that correct Carl?

    Thank you!

    1. You can create a new database and reconfigure Delivery Controllers to use the new database but I don’t think it moves any data from the ONE database.

      In Citrix Studio, click the Configuration node. Highlight Monitoring or Logging and there’s a link on the right to Change Database.

      1. Thanks Carl,

        Basically, you’d be starting at zero and going forward. You’d have to rebuild whatever MC’s & DG’s you had correct?

          1. The Citrix techs steered me wrong. They told me that I couldn’t split the DB up unless I went over to a blank one and started over. UG.. man. This is the problem that makes me crazy with Citrix Tech support. I think some of it might be lost in translation with English/Indian.Then the other issue is two techs telling you two different things.

  2. Hi Carl,

    If I have two delivery controllers with director installed on each what do I set for the “Service.AutoDiscoveryAddresses” because right now each one is set to localhost. Thanks.

    1. That’s fine. Director will pull down the list of all Controllers in the farm and automatically fail over if localhost is down.

  3. DDC / vCenters communication timeout

    Hi Carl,

    Do you know whether it’s possible to define timeout settings for the hosting connections ?

    We’ve had an issue where the first DC in the vCenter settings was unreachable. With a vSphere client you can add a key (CLIENT_CMD_TIMEOUT) in the registry and then the manual login is fine but I did not find how to achieve the same kinda thing with the connections between DDCs and vCenters.

    In our case we fixed the problem by changing the DCs order in vCenters settings but you may have situations (single DC env for instance) where this “fix” does not apply.

    I know that it’s possible to define connection options (ie DiskUploadReponseTimeout, cf CTX140135) but I did not manage to find a reference list of all the available options.

    Kind regards

    Yvan

  4. hey Carl, what licensing model would you use for the SQL database? would it go as far as needing a license for each Citrix user ?

  5. Hi carl, we have an issue in xd76 studio where machine search is not working and throwing an error as database couldnt contacted , after long time.. sql team says no issues at db end.. any idea about the issue

  6. Hi Carl, we saw some client connection failures (reason = connection timeout) in the director dashboard. where can we find extra logging about this issue?

  7. Carl, can you tell me what XenDesktop LTSR is? Can you still install Xendesktop 7.6 base or do you need to use LTSR instead?

    1. LTSR = Long Term Service Release. If you install specific versions of software, Citrix will support those versions for 5 years.

      You can directly install 7.6.1000, which is the latest LTSR Cumulative Update. No need to install any older version first.

  8. Carl can you explain something for me please? An old colleague installed a XenApp/Xendesktop site on one controller, but there are two types of licenses, Xenapp Concurrent and XenDesktop device/user licenses. How do we have to split this, there have to be 2 sites so each site can use a separate type of license.
    Can a storefront server serve 2 separate sites, and what is the procedure for the Netscaler?

    1. It’s not possible to mix license types in the same farm so you’ll need separate farms for each license type. Or ask your Citrix Partner to quote you a price to trade-up the licenses to the same type.

      Yes, StoreFront can show icons from multiple farms.

  9. Note: if you installed the Controller software in a non-default path, and if UAC is enabled, you will need to run command prompt as administrator and run the MSP files from there. Otherwise the Citrix services will revert to the default path.

    Hey Carl, just to be clear you are saying to run the installer from an elevated command prompt if the components aren’t in the default location. You aren’t saying there are switch commands needed to install in a non default location when doing the upgrade, correct?

    1. Correct. I have one customer using non-standard paths. When they upgraded it moved the files. Not what they wanted. The fix is to run from elevated command prompt.

      1. Great thanks. What behavior did they see? I guess a fresh install of studio asking them to configure the site?

        1. Controller is normally installed to C:\Program Files. They wanted it under D:\Program Files. However, installing the patches moved it back to C:\Program Files.

  10. Hi,i’m Shawn and i’m a student bachelor’s, my final year thesis is on ICA authentication in CITRIX clouds, it has two requirements but as its a new field i chose it but unfortunately i haven’t got any help from professor or his students and i’m really worried because i really don’t know how to get it done,would you like to help me out?i think it would be easier for you. but for me i feel really helpless now.
    thank you

  11. Hi Carl, It is a really good forum for citrix users. I have an issue when we added the second controller XenApp 7.8 on our environment. The citrix director showed us the following error:The following information was included with the event:

    The data source ‘Unknown error.’ (‘http://Citrix/Monitor/OData/v3’) responded with an unexpected error.

    One of the counter Users is broken on the dashboard.

    Do you have any idea?

    Thanks in advanced.

    1. That’s new to me. You might have to call Citrix Support. Or try posting to Citrix Discussions.

  12. Hi Carl,

    Excellent article as usual !

    Just my 2 cents
    – When doing the manual site upgrade, the EnableServices.ps1 script must be run as Admin
    – When finishing the upgrade, I received the message “The service instance is already registered with the configuration service” with error code XDDS:C266BBDF. It seems to be a known bug and can be fixed by following the instructions on http://support.citrix.com/article/CTX200446

    You rock ! take care 🙂

    e-Van

  13. I have several Director Servers in 2 Data centers (load balanced). I have the login page Footer set to a unique image to denote which server I’m hitting. But once I’m logged in, I have no idea which one I’m on. Do you know how to modify the Title or any other ideas?

  14. hello Carl !
    my citrix partner, made mistake when buy licence for me.
    i have 150 XenDesktop concurent licence, my citrix partner buy 25 peruser/perdevice not concurent.
    as i know in one envirement i cant use different types of licence. it true ?
    tnx .

    1. That’s correct. Can’t mix license types in the same farm. I suggest calling Citrix Support and submitting an enhancement request.

  15. Hi Carl, we have implemented Citrix XenApp 7.6 to publish our ERP applications to internal users only, we are using Citrix Receiver 4.3 for windows clients and 12.1 for the Mac, our windows clients were able to save the username and pw but there is no way of doing the same for Mac client 12.1. Is there a way to do that in 12.1? we are not using SSL because it’s all internal.
    Thanks,
    Jimmy

  16. I have a XD 7.6 environment and I want my service desk people to use Director as much as possible and avoid anyone going close to the Controller console. I’m building a ServiceDesk role and I’m trying to figure out the minimum requirements for these users to be allowed to allocate a user to a workstation machine.
    Any ideas?

      1. Tried that. My new custom “Service Desk” role was actually built from the built-in Help Desk role…and yet haven’t found the specific permission.

        1. Are these static machines? And you want to use Director allocate users to the machines? Maybe Delivery Group > Manage > Change users assigned to desktop or maybe Catalog > Manage > Manage Active Directory Accounts.

  17. Thanks Carl. I have a pretty basic question . When looking at Director and the dashboard data. What’s the difference between a connection and a session. How do you distinguish between a connection failure and a session failure.

    Thanks

  18. Prepopulate the domain field is incorrect for the latest version of director, even citrix haven’t updated their documentation. There is a function disableDomainField which is undocumented and I haven’t figured out how to make it work, but the old instructions don’t work anymore.
    Any ideas?

    1. My original post had the wrong quotes (curly instead of straight) so that might be causing it to not work for you. I just fixed the quotes. I also clarified some recent changes to the element. Does that fix it for you? Thanks for pointing it out.

    1. Director can show policy information. It needs the Group Policy Mgmt software installed so it can render the policies correctly.

  19. Carl I would love to know how to install the Studio on a PC with all the updates. Is there a script I could use for this or an iso perhaps?

  20. Very informative, Carl.
    Could you explain if it is supported to load balance Director using NetScaler to make it HA? Is it safe to combine StoreFront and Director roles (XenApp Advanced license support only 7 day statistics so I don’t think we’ll have any performance issues with 4000 active users and 10 helpdesk administrators on two 4 vCPU 8Gb RAM VMs)?

  21. Carl, I tried running the wizard generated sql scripts, and the mirror DB wouldnt be created. When the Get-brokerDBconnection is run I only see the primary DB.

  22. question Carl, can i use the same delivery controllers to have a xenapp site and a xendesktop site? can i use the same database? how can create a new site on the same delivery controller?

    1. Depends on your license. If you only have one type of license then a single site can do everything. If you have different licenses then you need different sites, which means different servers.

    1. If you are load balancing Director then your load balancer can do the redirect for you. Or you can configure IIS to perform the redirect.

Leave a Reply

Your email address will not be published. Required fields are marked *