Provisioning Services 7.14 – Server Install

Last Modified: Jul 18, 2017 @ 8:23 am

Navigation

This article applies to all versions of Provisioning Services

đź’ˇ = Recently Updated

Planning

CTX220651 Best Practices for deploying PVS in multi-geo environments: ensure that PVS farms do not span data centers with a network latency that can affect communications between the PVS Servers and the SQL database

PvS Firewall Rules

Download Provisioning Services 7.14.  💡

If you are running XenApp/XenDesktop 7.6 LTSR, then you’ll want Provisioning Services 7.6.5 instead of Provisioning Services 7.14. The install instructions are essentially the same.

Citrix License Server Version

Make sure the Citrix Licensing server is 11.14.0.1 build 20104 or newer.

Upgrade

If you are upgrading from an older version of Provisioning Services, do the following:

  1. In-place upgrade the Citrix License Server.
  2. In-place upgrade the Provisioning Services Console.
    1. Re-register the Citrix.PVS.snapin.dll snap-in:
      "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll"
  3. In-place upgrade the Provisioning Services Server. If you have two or more PvS servers, upgrade one, and then the other. If High Availability is configured correctly, then the Target Devices should move to a different PvS Server while a PvS server is being upgraded.
    1. After the first PvS server is upgraded, run the Configuration Wizard. You can generally just click Next through the wizard. At the end, you’ll be prompted to upgrade the database. Then upgrade the remaining PvS servers, and run the Config Wizard on each of them too.
  4. Upgrade the Target Device Software inside each vDisk. Don’t do this until the PvS servers are upgraded (Target Device Software must be same version or older than the PvS Servers). If your Target Devices are 7.6.1 or newer, you can create a Maintenance version, boot an Updater Target Device, and in-place upgrade the Target Device Software. If your Target Devices are older, then you must reverse image.

vDisk Storage

Do the following on both PvS Servers. The vDisks will be stored locally on both servers. You must synchronize the files on the two servers: either manually (e.g. Robocopy), or automatically (e.g. DFS Replication).

Create D: Drive

  1. In the vSphere Web Client, edit the settings for each of the Provisioning Services server virtual machines.
  2. On the bottom, use the drop-down list to select New Hard Disk, and click Add.
  3. Expand the New Hard disk by clicking the arrow next to it.
  4. Change the disk size to 500 GB or higher. It needs to be large enough to store the vDisks. Each full vDisk is 40 GB plus a chain of snapshots. Additional space is needed to merge the chain.
  5. Feel free to select Thin provision, if desired. Click OK when done.
  6. Login to the session host. Right-click the Start Button, and click Disk Management.
  7. In the Action menu, click Rescan Disks.
  8. On the bottom right, right-click the CD-ROM partition, and click Change Drive Letters and Paths.

  9. Click Change.
  10. Change the drive letter to E:, and click OK.
  11. Click Yes when asked to continue.
  12. Right-click Disk 1 and click Online.
  13. Right-click Disk 1 and click Initialize Disk.
  14. Click OK to initialize the disk.
  15. Right-click the Unallocated space, and click New Simple Volume.
  16. In the Welcome to the New Simple Volume Wizard page, click Next.
  17. In the Specify Volume Size page, click Next.
  18. In the Assign Drive Letter or Path page, select D: and click Next.
  19. In the Format Partition page, change the Volume label to vDisks and click Next.
  20. In the Completing the New Simple Volume Wizard page, click Finish.
  21. If you see a pop-up asking you to format the disk, click Cancel since Disk Management is already doing that.

vDisk Folders

On the new D: partition, create one folder per Delivery Group. For example, create one called Win10Common, and create another folder called Win10SAP. Each vDisk is composed of several files, so its best to place each vDisk in a separate folder. Each Delivery Group is usually a different vDisk.

Robocopy Script

Here is a sample robocopy statement to copy vDisk files from one Provisioning Services server to another. It excludes .lok files and excludes the WriteCache folders.

REM Robocopy from PVS01 to PVS02
REM Deletes files from other server if not present on local server
Robocopy D:\vDisks \\pvs02\d$\vDisks *.vhd *.vhdx *.avhd *.avhdx *.pvp /b /mir /xf *.lok /xd WriteCache /xo

Citrix Blog Post vDisk Replicator Tool has a PowerShell script with a GUI that can replicate vDisks between PvS Sites and between PvS Farms. Version 2.0 at Github supports Intra-site replication.  💡


Service Account

Provisioning Services should run as a domain account that is in the local administrators group on both Provisioning Services servers. This is required for KMS Licensing.

From Considerations: Provisioning Services for Personal vDisk at Citrix Docs: The Provisioning Services Soap Service account must be added to the Administrator node of Citrix Studio and must have the Machine Administrator or higher role. This ensures that the PvD desktops are put into the Preparing state when the Provisioning Services (PVS) vDisk is promoted to production.

.NET Framework 3.5 SP1 & 4.5 – 2008 R2 Only

Provisioning Server on Windows Server 2008 R2 requires .NET Framework 3.5 SP1 to be installed prior to installing Provisioning Server.

  1. On each Provisioning Server, in Server Manager, right-click Features and click Add Features.
  2. In the Select Features page, check the box next to .NET Framework 3.5.1 and click Next.
  3. In the Confirm Installation Selections page, click Install.
  4. In the Installation Results page, click Close.

.NET Framework 4.0 has bug. Upgrade to 4.5. More information at All the target devices are not selected when using shift select within the PVS console to select a number of target devices.

.NET Framework 4.5.1 can be installed from Windows Update or you can download it from Microsoft.

Provisioning Services Console 7.14

The installation and administration of Provisioning Services 7.14 and older (e.g. version 7.6.5) are essentially identical.

If you want to automate the installation and configuration of Provisioning Services, see Dennis Span Citrix Provisioning Server unattended installation.

Dennis Smith at Citrix Provisioning Services automated/unattended installation guide also details how to script the installation and configuration of Microsoft DHCP Server.  💡

To manually install Provisioning Services Console, or in-place upgrade to Provisioning Services Console 7.14:

  1. Go to the downloaded Provisioning Services 7.14, and in the Console folder run PVS_Console_x64.exe.
  2. If you are running XenApp/XenDesktop 7.6 LTSR, then you’ll want Provisioning Services 7.6.5 instead of Provisioning Services 7.14. The install instructions are essentially the same.
  3. Click Install.
  4. In the Welcome to the InstallShield Wizard for Citrix Provisioning Services Console x64 page, click Next.
  5. In the License Agreement page, select I accept the terms, and click Next.
  6. In the Customer Information page, click Next.
  7. In the Destination Folder page, click Next.
  8. In the Ready to Install the Program page, click Install.
  9. In the InstallShield Wizard Completed page, click Finish.

Provisioning Server 7.14 – Server Install

The installation and administration of Provisioning Services 7.6.4, 7.6.5, 7.8, 7.9, 7.11, 7.12, 7.13, and 7.14 are essentially identical.

You can in-place upgrade to Provisioning Services Server 7.14. The Servers must be upgraded before the vDisks are upgraded. While upgrading one Provisioning Services Server, all Target Devices are moved to the other Provisioning Services Server.

To install Provisioning Services server:

  1. If vSphere, make sure the Provisioning Services server virtual machine Network Adapter Type is VMXNET 3.
  2. Go to the downloaded Provisioning Services 7.14, and in the Server folder, run PVS_Server_x64.exe.
  3. If you are running XenApp/XenDesktop 7.6 LTSR, then you’ll want Provisioning Services 7.6.4 instead of Provisioning Services 7.14. The install instructions are essentially the same.
  4. Click Install when asked to install SQL2012nclx64 and/or Telemetry Service. Note: you might need a newer version of SQL Native Client as indicated by Daniele Tosatto at PVS 7.11 & SQL 2014 SP2 – Unsupported? at Citrix Discussions.
  5. In the Welcome to the Installation Wizard for Citrix Provisioning Services x64 page, click Next.
  6. In the License Agreement page, select I accept the terms, and click Next.
  7. In the Customer Information page, select Anyone who users this computer, and click Next.
  8. In the Destination Folder page, click Next.
  9. In the Ready to Install the Program page, click Install.
  10. In the Installation Wizard Completed page, click Finish.

Database Script

By default, the Provisioning Services Configuration Wizard will try to create the database using the credentials of the person that is running the Wizard. This isn’t always feasible. An alternative is to create a script that a DBA can run on the SQL server.

  1. Go to C:\Program Files\Citrix\Provisioning Services, and run DBScript.exe.
  2. Change the selection to New database for 2012 or higher.
  3. Enter a path to save the script file.
  4. Fill in the other fields.
  5. Select an Active Directory group containing your Citrix administrators, and click OK.
  6. In SQL Server Management Studio, open the SQL script.

  7. Execute the script to create the database.

  8. The person that runs the Provisioning Services Configuration Wizard will need db_owner permission to the new Provisioning Services database.
  9. Provision a Windows service account that will run the services on the Provisioning Services server. This account must have a SQL login on the SQL server containing the PvS database. The Provisioning Services Configuration Wizard will grant this account the correct permissions in the database.

Configuration Wizard – New Farm

  1. If you used DBScript.exe to pre-create the database, skip to Configuration Wizard – Join Farm.
  2. For SQL AlwaysOn Availability Group, see CTX201203 SQL Server AlwaysOn Configuration for PVS 7.6. In summary: Use the wizard to create the database instance. In SQL, create the Availability Group. Then reconfigure Provisioning Services to point to the SQL AlwaysOn listener.
  3. The Configuration Wizard launches automatically. If the database wasn’t pre-created, then the person running the wizard must have dbcreator and securityadmin roles on the SQL Server. If true, click Next. If not true, then cancel the wizard and launch it as somebody that does have those roles.
  4. The DHCP Services page appears. DHCP is typically hosted on a different server so select The service that runs on another computer. It is also possible to install DHCP on the PvS Servers. Click Next.
  5. In the PXE Services page, if you intend to use Boot Device Manager (BDM or ISO) instead of PXE, then change the selection to The service that runs on another computer, which disables the PXE service. Click Next.
  6. In the Farm Configuration page, click Create Farm.
  7. In the Database Server page, enter the name of the SQL server. PvS 7.11 has a new option for MultiSubnetFailover. Click Next.
  8. In the New Farm page, enter the following:
    • Enter a descriptive Database name. Put the word Citrix in the database name so the DBA knows what it is for.
    • Enter a descriptive Farm name.
    • Enter a descriptive Site name.
    • Enter a descriptive Collection name. All of these names can be changed later.
    • Select the Active Directory group that will have administrator permissions to Provisioning Services, and click Next. If you don’t see your group here, select any group you belong to, and you can fix it later in the console.
  9. In the New Store page, browse to one of the vDisk folders, and give the store a name. Then click Next.
  10. In the License Server page, enter the name of your Citrix license server, check the box next to Validate license server, and click Next.
  11. In the User account page, notice it defaults to Network service account. This won’t work with KMS licensing so change it to Specified user account. Enter credentials for an account that is a local administrator on all Provisioning Services servers, and click Next.
  12. In the Active Directory Computer Account Password page, check the box, and click Next.
  13. In the Network Communications page, click Next.
  14. In the TFTP Option and Bootstrap Location page, check the box, and click Next.
  15. In the Stream Servers Boot List page, click Advanced.
  16. Check the box next to Verbose mode, click OK, and then click Next.
  17. If PvS 7.12 or newer, in the Soap SSL Configuration page, click Next.
  18. If PvS 7.11 or newer, in the Problem Report Configuration page, enter your MyCitrix credentials, and click Next.
  19. In the Finish page, click Finish.
  20. If you are upgrading, then you might be asked to upgrade the database. Click Yes.
  21. Click OK if you see the firewall message.
  22. In the Finish page, click Done.

Configuration Wizard – Join Farm

  1. The Configuration Wizard launches automatically.
  2. There are two methods of handling SQL permissions:
    1. The person running the wizard must have db_owner on the database and securityadmin role on the SQL Server. This allows the wizard to add the service account to SQL logins and grant it access to the database.
    2. Or the person running the wizard can be limited to just db_owner permission to the database. The service account must be added manually to SQL logins by a DBA.
  3. The DHCP Services page appears. DHCP is typically hosted on a different server so select The service that runs on another computer. It is also possible to install DHCP on the PvS Servers. Click Next.
  4. In the PXE Services page, if using BDM or ISO, select The service that runs on another computer, and click Next.
  5. In the Farm Configuration page, click Join existing farm.
  6. In the Database Server page, enter the name of the SQL server, and click Next.
  7. In the Existing Farm page, select the database, and click Next.
  8. In the Site page, select an existing site, and click Next.
  9. If you used the script to create the database, then there probably are no stores defined. Do so now.
  10. Otherwise, in the New Store page, select the existing store and click Next.
  11. In the License Server page, click Next.
  12. In the User account page, notice it defaults to Network service account. Change it to a service account that is local administrator on both Provisioning Services servers. Click Next.
  13. In the Active Directory Computer Account Password page, check the box, and click Next.
  14. In the Network Communications page, click Next.
  15. In the TFTP Option and Bootstrap Location page, check the box, and click Next.
  16. In the Stream Servers Boot List page, click Advanced.
  17. Check the box next to Verbose mode, click OK, and then click Next.
  18. If PvS 7.12 or newer, in the Soap SSL Configuration page, click Next.
  19. If PvS 7.11 or newer, in the Problem Report Configuration page, enter your MyCitrix credentials, and click Next.
  20. In the Finish page, click Finish.
  21. Click OK if you see the firewall message.
  22. In the Finish page, click Done.

Troubleshooting – Networking Services Don’t Work After Reboot

If your PXE service or TFTP service does not work after a reboot of the Provisioning Services server, do the following:

  1. One option is to set the Citrix PVS PXE Service, Citrix PVS TFTP Service, and Citrix PVS Two-stage boot Service to Automatic (Delayed Start).
  2. The TFTP and Two-stage Boot services can be delayed by setting registry keys. From Carl Fallis at Citrix Discussions:
    • Keys = HKLM\System\CurrentControlSet\services\BNTFTP (and PVSTSB)\Parameters
    • Value = InitTimeoutSec (DWORD). 1 – 4 seconds. Default is 1.
    • Value = MaxBindRetry (DWORD). 5 – 20 retries. Default is 5.

Disable Firewall

The Windows firewall must be disabled to allow communication to all Provisioning Server ports.

  1. In Server Manager, click Tools, and click Windows Firewall with Advanced Security.
  2. Click Windows Firewall Properties.
  3. On the Domain Profile tab, change the Firewall state to Off.

Disable BIOS Boot Menu

The versioning process in Provisioning Services will present a boot menu when booting any version except Production.

  1. To avoid this, create the DWORD registry value HKLM\Software\Citrix\ProvisioningServices\StreamProcess\SkipBootMenu on both Provisioning Servers and set it to 1. Note: the location of this key changed in Provisioning Services 7.0 and newer.
  2. Then restart the Citrix PVS Stream Service.

Private Mode vDisk – No Servers Available for vDisk

Citrix CTX200233 – Error: “No servers available for disk”: When you set a vDisk to Private Image mode (or new Maintenance version), if the Target Device is not connected to the server that contains the vDisk then you might see a message saying “No Servers Available for vDisk”.

  1. To avoid this, create the DWORD registry value HKLM\Software\Citrix\ProvisioningServices\StreamProcess\SkipRIMSForPrivate on both Provisioning Servers and set it to 1. Note: the location of this key changed in Provisioning Services 7.0.
  2. Then restart the Citrix PVS Stream Service.

Multi-Homed Provisioning Server

From slide 20 of http://www.slideshare.net/davidmcg/implementing-and-troubleshooting-pvs:, Multi-homed Provisioning Services server is not recommended but if you insist, and if running Provisioning Services 6.1 or older, configure the following. Provisioning Services 7.7 configuration wizard should have asked you for the management NIC.

  • HKLM\Software\Citrix\ProvisioningServices\IPC
    • New Reg_Sz (string) named IPv4Address with the IP of the NIC for IPC
  • HKLM\Software\Citrix\ProvisioningServices\Manager
    • New Reg_Sz (string) named GeneralInetAddr with the IP of the NIC and port
    • e.g. 10.1.1.2:6909

Citrix 133877 Timeout Error 4002 in Provisioning Server Console after Clicking “Show Connected Devices: when there are multiple streaming NICs assigned to the PVS Server, when Show Connected Devices was clicked in the PVS console, the following symptoms might be experienced: Server timeout error 4002, unusual delay of 3 to 4 minutes to list the connected devices, or PVS console stops responding. Complete the following to resolve the issue:

  1. On the PVS Server machine, under HKLM\software\citrix\provisioningServices\Manager key, create registry DWORD RelayedRequestReplyTimeoutMilliseconds, and set it to 50 ms (Decimal).
  2. Create a DWORD RelayedRequestTryTimes, and set it to 1.
  3. Open the PVS Server console and test by selecting the Show Connected Devices command.

Antivirus Exclusions

Citrix’s Recommended Antivirus Exclusions

Citrix Blog Post Citrix Recommended Antivirus Exclusions: the goal here is to provide you with a consolidated list of recommended antivirus exclusions for your Citrix virtualization environment focused on the key processes, folders, and files that we have seen cause issues in the field:

  • Set real-time scanning to scan local drives only and not network drives
  • Disable scan on boot
  • Remove any unnecessary antivirus related entries from the Run key
  • Exclude the pagefile(s) from being scanned
  • Exclude Windows event logs from being scanned
  • Exclude IIS log files from being scanned

See the Blog Post for exclusions for each Citrix component/product including: StoreFront, VDA, Controller, and Provisioning Services. The Blog Post also has links to additional KB articles on antivirus.

 

Microsoft’s virus scanning recommendations (e.g. exclude group policy files) – http://support.microsoft.com/kb/822158.

TFTP High Availability

If your Target Devices are not on the same VLAN as the Provisioning Servers, you will need to load balance TFTP.

NetScaler 10.1 and newer has native support for TFTP protocol. Older versions of NetScaler are more difficult to configure.

DHCP Failover

The DHCP infrastructure must be highly available. And session hosts should be configured with DHCP Reservations. With multiple DHCP servers, any reservation should be created on all DHCP servers hosting the same DHCP scope. The easiest way to accomplish this is with the new DHCP Failover feature in Windows Server 2012.

  1. Build two DHCP servers on Windows Server 2012 or newer.
  2. Create a scope for the Provisioning Services Target Devices.
  3. Right-click the existing scope, and click Configure Failover.
  4. In the Introduction to DHCP Failover page, click Next.
  5. In the Specify the partner server to use for failover page, enter the name of the other DHCP server, and click Next.
  6. In the Create a new failover relationship page, enter a Shared Secret, and click Next.
  7. Click Finish.
  8. Click Close.

Health Check

Sacha T. – Citrix PVS HealthCheck: PowerShell script to view the health/status of the Provisioning Services environment. Emails an HTML Report. For PvS 7.7, see http://blog.appcloud.ch/happy-new-script-pvs-7-7-healthcheck/. For PvS 7.6, http://blog.sachathomet.ch/happy-new-script-pvs-7-7-healthcheck/.

Related Pages

110 thoughts on “Provisioning Services 7.14 – Server Install”

  1. Hi Carl,

    I’ve just upgraded our PVS-Servers to 7.14.
    When I start a target there is shown during the boot process : Citrix Provisioning Services 7.11.0.4

    Do you know why? If I look under installed Software there is the correct version (7.14.0.15) shown.

        1. Is it your own TFTP server? Or is it the TFTP server that’s built into the PvS Servers?

          The machines are doing NIC BIOS PXE? No boot ISO? No boot partition?

  2. Hi, I’m finalising Tech Brief for our new XenApp7.13 environment which will include PVS – currently customer only wants infrastructure included for PVS in the Production environment (prod domain)nothing for our test environment (test domain). I originally advised that PVS servers etc needed to be included in the Test environment – otherwise our test environment is a bit irrelevant if not deploying apps/VDA’s in the same manner.

    Just checking can I use the PVS servers in my Production environment to provision servers on another domain and configure it to connect to the Delivery controllers in both domains? (Our VMWare farm delivers test/prod/dev VM’s)

    1. Are the domains trusted? When you right-click a Device and join it to Active Directory, are both domains listed?

      1. Many thanks Carl for speedy response – I checked and no only the prod domain is listed – had a meeting earlier and they have agreed to approve separate PVS servers servers for the test environment – wanted them anyway as am new to PVS so need to be able to play around with them and test updates etc without impacting Production.

  3. Hi Carl

    I am trying to use Netscaler to load balance the TFTP. I have configured it accordingly and all seems to be green, however my clients seem not able to download the necessary boot loader.

    When this command “tftp -h get ” is used to test each PVS server individually, it works fine for both. I was able to download the necessary file from each PVS-Server.
    However when used with the NetScaler-VIP of the TFTP configuration, I get “Timeout occurred. Connect request failed”

    What changes should I make on the NetScaler?

    Thanks

    1. What method did you use to configure the load balancing? You used the TFTP protocol for the LB vServer? What build of NetScaler?

      1. Yes, the configuration is as below:
        Port-69, Protocol-TFTP, Persistence-SOURCEIP

        I’m on NS11.0, Build 70.12.nc

  4. Hello Carl

    Has “Citrix PVS Soap Server” service in 7.13 depreciated. I do see this service on my 7.11 installation, but it is missing on the 7.13. I’m wondering if something is wrong with my installation.

    Thanks

    1. You’re looking at an actual PvS server? I have “Citrix PVS Soap Server” on my 7.13 server. It’s how the console communicates with PvS Server.

  5. Hello Carl, great document as usual. Is it not necessary to reconfigure the TCPIP offload parameters any longer with PVS?

    1. I always do it on the Target Devices. I’ve seen performance problems if I don’t. However, some have argued that it’s no longer necessary, which contradicts my own experiences. I’m not sure it’s needed on the PvS server side.

      1. Hi Carl, thanks for the prompt reply and clarification. I have always done it on the PVS and Target devices based on past experience with issues. It could not be necessary now as some have argued. Below are the basic parameters that I set. Do you configure any of the other offload settings on the target devices? Also, will you be at Synergy this year?

        Windows Registry Editor Version 5.00

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BNNS\Parameters]
        “EnableOffload”=dword:00000000

        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters]
        “DisableTaskOffload”=dword:00000001

  6. Hi Carl, can you please advise whether the below approach is workable ?

    Production : Citrix XenDesktop 5.5 and PVS 5.5
    Staging : Citrix XenDesktop 7.12 and PVS 7.12

    1. Copy the vDisk from Production to Staging
    2. Update the copied vDisk’s Provisioning Services Target Device Software via Reverse Image in Staging
    3. Upgrade Production Citrix XenDesktop and PVS to 7.12
    4. Copy the updated vDisk in (2) to updated Production

    Question : Will the updated vDisk boot up successfully in the upgraded Production farm ?

    Reason for this approach is that i would like to prepare the vDisk upfront so that it could save me some time during Production Citrix infrastructure upgrade later.

    Thanks

    Regards
    Jason

  7. Hi,
    We are working on Linux VDA, but we are confused if streaming is only supported on PVS or does it also works with MCS in XenDesktop 7.13, how viable is the technology ?

  8. Hi Carl

    I am trying to use NetScaler 11.1 to configure LB for PVS. While going through the “citrix whitepaper” on the subject, I realized difference in versions.

    So in my configuration, I used “TFTP” under protocol instead of “ANY” indicated in the paper . In the Port-field, I used 69 instead of *.

    Would this be appropriate?

    Thanks

      1. I didn’t see any configuration in respect of “Monitoring” on the “Whitepaper”, so I thought I could create one. However, there is no “TFTP” or “UDP” within the available type lists. Since tftp use UDP, which of these should be used: UDP-ECV, SIP-UDP. or is there any more appropriate type I should use?

        Thanks

          1. I have NS11.0 Build 70.12.nc. Actually I have “NetScaler VPX Express” installed and configured.

            Yes, TFTP is available on vServer and services. I actually configured ServiceGroup and it is visible there as well.

            But under “Monitoring” I only have UDP-ECV and SIP-UDP relating to UDP protocol. I guess I have to use UDP-ECV to monitor the “TFTP” ServiceGroup.

  9. I found out, that the setting “Automate computer account password updates” is not enabled in our environment. Would it be a problem to activate it on the fly, when all targets are online? (24/7 business)

    1. Does it let you enable it when the vDisk is being used? But yes, PvS needs to manage the AD computer accounts.

      1. It is enabled for the vDisk, but the Server-Setting is not enabled. I think I would be able to set it, but don’t know if it would be harmful to running targets …

  10. Many thanks again Carl,
    When upgrading to XD LTSR 7.6 CU3 and PvS 7.6.4, should the “vDisk” PVS target device be upgraded first vefore upgrading the XD VDA version, does the order matter?

    1. PvS and XD are unrelated to each other. The only exception is XenDesktop Setup Wizard, which requires them to be the same version.

  11. Hi Carl, I’m curious to know the “why” behind what you mentioned above here?
    “If you are running XenApp/XenDesktop 7.6 LTSR, then you’ll want Provisioning Services 7.6.4 instead of Provisioning Services 7.13”

    If at 7.6.4, can I then jump to 7.13 or is it not recommended if the VDA’s are still at 7.6 CU3?

    Thanks,
    Steve

    1. The LTSR version of PvS is 7.6.4. If you go to 7.13, then the only way to get hotfixes is to upgrade to 7.14.

  12. On which machine is the registry key “DisableTaskOffload” to be applied? On the PVS-Server, TargetDevice or both?

  13. Hi Carl , Do you have a minimum required privileges for PVS User to handle HyperV enviroment ? I have found a relevant for VMWare but i cant see any for HyperV

    Any ideas ?

  14. Hi Carl,

    Is it possible to add database mirror failover partner later to the pvs farm?

    If yes,How to do that?

  15. Hello Carl, do you have any recommended articles for configuring BDM? My company wants to move away from boot ISO and PXE is not an option. Thanks.

      1. I just went trough it in a new installation. I lost a few hours because I didn’t read properly this part “The hardware of the additional target devices must match the original virtual machine. This is so the drivers contained in the vDisk continue to function. The easiest way to preserve the hardware configuration is to clone the original virtual machine.”

        I cant stress enough to ask that you apply this recommendation.

  16. Carl,

    I am using netscaler 7.11, If I want to load balance TFTP can I use netscaler built in TFTP protocol? I ask because it looks like by default PVS 7.12 uses 6910 for its TFTP and the default netscaler protocol uses port 69.

    Thanks for all your help your blog is always very helpful!

    1. There are two TFTP listeners on PvS. One is 69 (for regular PXE boot) and the other is 6969 (for Two-stage BDM boot).

      Yes, NetScaler can load balance TFTP.

      1. Carl,

        we have xenapp 6.5 environment with pvs 7.8 on 2 standard alone servers. Due to the citrix security vulnerability, we want to build 2 virtual 7.12 pvs server. can I migrate the current master image to the new pvs?

        Thanks.

        1. Of course. You’d probably want to upgrade the TD Software inside the vDisk. And whatever boot method your using should point to the 7.12 servers instead of the 7.8 servers.

  17. Hi Carl, Looking for some advice please. Currently planning new XenApp 7.12/ PVS 7.12 environment (VMware) as we have recently uplifted our Licenses to Platinum. New environment will lead to decommission of 6 legacy farms (ps4 – xa6)

    Looking for guidance on a few areas
    1. As this is a fresh start would it make sense to request a new VLAN so entire citrix infrastructure on same vlan/subnet? as will also simplify Netscaler connectivity too rather than configuring multiple subnets etc

    2. Originally planning on storing vdisks on SAN but lot of docs suggest storing locally on PVS servers & syncing, unsure which way to go – think customer would prefer SAN but want best solution

    3. My original design is over 12mths old and now with v12.7 AppDisk is now an option but very mixed reviews out there on it – just wondering should I still go with apps on vdisks (keeping as few as possible) and wait for AppDisk to settle a bit and look at it down the line?

    Any advice would be much appreciated

    1. 1. I do put VDAs on their own VLAN, especially if you have several hundred or more. If PvS, then separate VLAN makes PXE less risky to other VMs.

      2. Do you mean SMB share? If so, SMB shares are usually slower than local disk. Or do you mean local disk attached to a SAN? Or do you mean a local disk that’s local on the hypervisor host? I wouldn’t do the last option because you lose vMotion/HA.

      3. Now that Citrix owns Unidesk, AppDisk is probably going away.

    1. It should be the normal PvS upgrade process. I think the server side can be done in-place (upgrade console, upgrade server). For Target Device, if you’re starting from 7.6.1, then you can upgrade it while booted to PvS. If upgrading from older, you have to reverse image.

  18. On the “PXE Services” is the possibility to choose between using TFTP or not. Since all is not yet ready in respect of our DHCP and LoadBalancer, so I am opting for “The service that runs on another computer (BDM or ISO)” for now.

    Since all Services are actually installed irrespective of the option chosen, would it be enough just to enable the “Citrix PVS TFTP Service” and “Citrix PVS PXE Service” once we want to change to TFTP, or I would have to reconfigure the farm?

    Thanks

    1. You can run the wizard as many times as you want. If the database is already configured, it lets you skip it, but you can still configure the services.

      1. Thanks

        When using two PVS for Load-balance, would it be appropriate to configure both to access common “CIFS-Share” as vDisks-Storage, or each PVS-Server must have its own LocalDisk.

        1. SMB is certainly easier. But make sure you test performance before you configure it. Local disk has the advantage of always having duplicate copies of vDisk files, and high performance.

    1. BDM connects to PvS server two-stage boot service, which is another TFTP service on port 6969. Not sure if disabling TFTP also disables two-stage boot.

    1. If using the console, PvS uses the permissions of whoever is running the console.

      During normal vDisk operations, PvS instructs the Target Device to update its own password.

      Thus, PvS Services Account does not talk to AD directly.

  19. Hi Carl ,
    Is it possible to have only one vDisk storage location shared between 2 PVS servers , eliminating the need to robocopy vDisks versions between them ? How would the servers handle their .lok file in that scenario ?
    Thanks

  20. Hi Carl,

    My goal is to move from PVS to MCS, i am thinking to create VM from vdisk and covert that vm from hyper-v to VMware VM so that i can use Citrix MCS with a new converted VM .

    Thanks in advance,

    Basem

  21. Dear Carl,

    I have an environment which includes PVS installation with a master Image.

    Is there any way to transform that environment to Citrix MCS ? is there any challenges to acheive that transformation ?

    Thank you in advance,

    Mvh
    Basem

          1. Hi Carl,

            What i am thinking to do is to create VM on hyper-v for the VHDX disk and convert that VM using VMware convertor? is there any to do that ?

            Thank you in advance.

            Basem

  22. Carl, during an upgrade, after I upgrade the first device are the targets able to fail back over to the newly upgraded server so that I can upgrade the rest of the streaming servers? I am upgrading from 7.1.3 to 7.11.

  23. Carl mabay you can add some comments to the following section
    ◦Configuration Wizard – New Farm
    While when the SQL server initial db size is more then 20MB the Provisioning Services Configuration Wizzard failed!
    on the configuring Services
    And in the eventlog you found the following error message
    DbAccess error: (in ServerGetByNameFromDb() called from SSProtocolModule.cpp:291)

    As soon the SQL Admin changed the initial size to 19MB, the wizard runs without an issue!
    If you like it I can provide you an screenshot with the error!

  24. Thanks, Carl. Question…Once I upgrade all of my servers from 7.1 to 7.9, will my target devices (that still have the 7.1 target software installed) still work in the upgraded pvs farm?

      1. Thanks for the fast response, Carl. May I ask what the downside is if I don’t upgrade the target device software immediately after upgrading the PVS farm (besides missing all the new features)? I was thinking of upgrading all of my servers in my PVS farm first to 7.9, and upgrade my 7.1 target device software within a week or two. Do you think that will be ok? Thanks, Carl!

        1. That should be fine. If you call support with 7.1 connecting to 7.9, they will probably ask you to upgrade to 7.9 before providing support.

  25. Thanks for the great information, Carl.
    Is it possible to automate the versioning process? I’d like to push MS patches every month using SCCM to our master image, from there I’d like to automate all of the PVS work…from creating a new version, setting it to production, pointing all of the PVS clones to the new version, etc.
    Have you ever seen this done? Is it possible?

  26. Hi Carl, when upgrading PVS to a newer version (7.6 to 7.62) do you recommend doing it after hours when no users using it? I know the upgrade does a db upgrade, & most likely with stop streaming services, etc. so am wondering if the upgrade would break current vdisk streaming or prevent any new attempts?

    1. When you upgrade one, it moves the targets to the other server. Most have no problems upgrading during the day. But it depends on your risk tolerance.

  27. Great article Carl. I upgraded 7.6 to 7.9 recently. Noticed the target devices don’t show the correct status. VM’s are ON users are connected, but PVS shows target device is down. I have logged a case with Citrix but waiting…

  28. Thanks again Carl,
    Do you have any tips and best practice on (multi site) high availability..
    How can you provide the same vDisks to devices at different sites?

    1. I typically copy the vDisk to different PvS servers in each site. Yes, targets in each site can boot from the same vDisk. However, you might have to use GPO to adjust the ListOfDDCs registry key so the VDAs register with the correct Controllers.

  29. Hi Carl. we also get the no servers for disk. just 1 out of 50 servers or so. then the server needs to be reset 1-10 times before it Works (hyper-v). Its both maintanance and standard image.
    Do you have ANY idea ?
    /anker

    1. You might have to call Citrix Support. Or post to Citrix forums, where the Product Manager usually replies.

  30. hi Carl,

    I Got the message suddenly
    No servers available for disk, when i put the vdisk in Private mode, it used to work suddenlijk it doesnt work any more, i already added the registry entry, restart streaming service, nothing seems to work

    What else can i do to get this work ?

    Thanks
    rolf

  31. Carl,

    This rule is mentioned double in the anti virus exclusions:

    C:\Program Files\Citrix\Provisioning Services\MgmtDaemon.exe
    C:\Program Files\Citrix\Provisioning Services\Inventory.exe
    C:\Program Files\Citrix\Provisioning Services\MgmtDaemon.exe

  32. Question: regarding service account or to use PVS servers Computer Accounts? For my PVS installations I use the Computer accounts, then I don´t need to care about password expries for the service account. Do you Carl see any downsides with using Computer Accounts? except the KMS part ?

    1. Make sure NETWORK SERVICE is added as a local administrator. Also, can’t do PvD with local account since the account needs to log into Citrix Studio. And probably can’t do Scale Out File Share with VHDX files.

      1. For the Active Directory OU where the computer accounts is situated, doesn´t the PVS serviceaccount or the PVS servers computer account need higher rights there like: update computer accounts?
        It used to be that way..

        1. Nope. It should use the AD permissions of the person running the console.

          For AD password changes, PvS asks the TD to do it so no extra permissions are needed.

          1. I asked you this on Twitter as well. So are you saying the stream/soap service account DOES NOT require any AD permissions on the OU? I’m getting mixed information on this.

          2. I’m pretty sure it’s not required. You could always test it. It should use the credentials of the person running the console.

          3. I know the console user would be able to manage, but what about the automated password management of the computer objects? You said the TDs handle that but I’m unsure how that works. I’m definitely going to test though. Nothing definitively says the stream service needs ad permissions anywhere.

  33. You are fantastic Carl. One of the clearest PVS articles I have seen. This will definitely be a help when we do our POC for XenApp 7.6. Thanks again.

Leave a Reply