Workspace Environment Management 4.3

Last Modified: Jul 17, 2017 @ 9:56 am

Navigation

This article covers Workspace Environment Management versions 4.3, 4.2, and 4.1.

ūüí° = Recently Updated

Overview

Workspace Environment Management¬†(WEM) is Citrix’s Performance Management and UEM (User Environment Management) tool for all XenApp/XenDesktop Enterprise or Platinum Customers with active Software Maintenance (Subscription Advantage is not sufficient). The WEM Agent is supported on XenApp 6.5, and XenApp/XenDesktop 7.x. Videos:

Note: WEM does not replace Citrix Profile Management. You usually implement both.

Citrix Blog Post User Experience on Steroids: Citrix Workspace Environment Management has a list of Frequently Asked Questions about WEM, including a drawing of the architecture.

From Hal Lange at Database sizing at Citrix Discussions: SQL Always On is fully supported.  The ONE caveat is to remove from the Always On Availability Group before upgrading.

Here is the official calculations from the Norskale days on space needed on the SQL Server:

  • Reserve 1GB of RAM per 1,000 users deployed
  • RAM=1.5GB system + (1.5GB SQL + 1 GB per 1,000 users) for that SQL instance
  • Disk = 1GB per 10,000 users per year + 10 MB per WEM site configured

Upgrade WEM

To upgrade Citrix WEM:

  1. In-place upgrade the Citrix Licensing Server. No special instructions.
    1. Ensure the installed licenses a non-expired Subscription Advantage date.
  2. In-place upgrade the WEM Server. No special instructions.
  3. Use the Database Maintenance tool to upgrade the WEM database. You might have to run the WEM Broker Configuration Tool on each Broker to point to the upgraded database.
  4. In-place upgrade the WEM Console. No special instructions.
  5. In-place upgrade the WEM Agents. No special instructions.

Install WEM Server (Broker Service)

The WEM Broker Service can be installed on one or more servers. The WEM Agent cannot be installed on the Broker Server.

A WEM Server with 4 vCPU and 8 GB RAM can support 3,000 users.

  1. Go to the downloaded Workspace Environment Management 4.3, and run Citrix Workspace Environment Management Infrastructure Services v4.03.00.00 Setup.exe.
  2. Click Install to install the prerequisites.
  3. In the Welcome to the InstallShield Wizard for Citrix Workspace Environment Magement Infrastructure Services page, click Next.
  4. In the License Agreement page, select I accept the terms, and click Next.
  5. In the Customer Information page, click Next.
  6. In the Setup Type page, click Next.
  7. In the Ready to Install the Program page, click Install.
  8. In the InstallShield Wizard Completed page, click Finish.
  9. C:\Program Files (x86)\Norskale\Norskale Infrastructure Services must be excluded from Antivirus scanning. Or exclude: Norskale Broker Service.exe; Norskale Broker Service Configuration Utility.exe; Norskale Database Management Utility.exe.
  10. Ensure firewall allows the following ports to/from the WEM Broker servers. See Citrix CTX101810 Communication Ports Used by Citrix Technologies.
    • Agent Port defaults to TCP 8286 – from Agent to WEM Broker
    • AgentSyncPort defaults to TCP 8285 – from Agent to WEM Broker SQL
    • AdminPort defaults to TCP 8284 – from Admin Console to WEM Broker
    • Monitoring Port defaults to TCP 8287 – from Director to WEM Broker
    • AgentPort defaults to TCP¬†49752 –¬†from Broker to Agent
  11. See¬†CTX218965¬†Error: “Server sent back a fault indicating it is too busy to process the request” and the WEM Agent fails to connect to the Broker Service if you need to throttle the number of connections if you have insufficient resources on the WEM Broker server.

Upgrade WEM Database

  1. If this is a new install, skip to Create WEM Database.
  2. The person running Database Management must be a sysadmin on the SQL Server. Or you can enter a SQL login.
  3. On the WEM server, run Database Management from the Start Menu.
  4. If upgrading, in the ribbon, click Upgrade Database.
  5. Enter the SQL Server Name.
  6. Enter the existing WEM Database Name.
  7. Configure the credentials for the WEM service account.
  8. If your account is not a sysadmin on Citrix, then enter a SQL account in the Database Credentials fields.
  9. Click Upgrade.
  10. Click Yes when asked to proceed.
  11. Click OK when prompted that database upgraded successfully.
  12. After the database is upgraded, run Broker Service Configuration to set the database connection settings again.
  13. On the Licensing tab, configure the licensing server.
  14. On the Advanced Settings tab, configure the service account.
  15. On the Database Settings tab, enter the database server name and database name, and click Save Configuration.
  16. Skip ahead to upgrading the WEM Administration Console.

Create WEM Database

  1. The person running Database Management must be a sysadmin on the SQL Server. Or you can enter a SQL login.
  2. On the WEM server, run Database Management from the Start Menu.
  3. If a new install, in the ribbon, click Create Database.
  4. In the Create database Wizard page, click Next.
  5. In the Database Informations page, enter the SQL server name, and enter a new Database Name.
    1. From Måns Hurtigh at Problem creating WEM 4.3 Database on SQL Server 2012 at Citrix Discussions: The database name cannot contain a dash.
  6. The paths might not be correct so double check them. Then click Next.
  7. In the Database Server Credentials page, if your account has sysadmin permissions, then leave the box checked. Otherwise, uncheck the box, and enter a SQL login that has sysadmin permissions. Click Next.
  8. In the VUEM Administrators section, click Browse, and select your Citrix Admins group.
  9. In the Database Security page, if you intend to load balance multiple WEM servers, then specify a Windows service account for database access. The Broker Service will run as this account. Ryan Revord Load balancing Citrix Workspace Environment Manager. And the new load balancing topic at Install the Citrix Workspace Environment Management Infrastructure Services at Citrix Docs.
  10. The Database Creation Wizard also creates a SQL account called¬†vuemUser with an 8 character alphanumeric password. If you want it more complex, check the box and specify the password. Note: if you intend to implement AlwaysOn Availability Group, then you must specify this password, since you’ll be asked for it again when adding the database to the Availability Group. Click Next.

  11. In the Database Information Summary page, click Create Database.
  12. Click OK when prompted that the database was created successfully.
  13. Click Finish.
  14. There is a log file at¬†“C:\Program Files (x86)\Norskale\Norskale Infrastructure Services\Citrix WEM Database Management Utility Debug Log.log”

WEM Broker Configuration

  1. On the WEM Server, run Broker Service Configuration from the Start Menu.
  2. On the Database Settings tab, enter the SQL Server name and database name.
  3. Switch to the Advanced Settings tab.
  4. If you intend to load balance WEM Servers, then Browse to a service acccount. This service account must have access to the database. Ryan Revord Load balancing Citrix Workspace Environment Manager.
  5. The service account must be in the local Administrators group on the WEM server.
  6. On the Database Maintenance tab, consider checking Enable Scheduled Database Maintenance.
  7. On the Licensing tab, you can enter a Citrix License Server 11.14.0.1 or newer that has valid licenses. Or you can enter the license server later in the admin console.
  8. Click Save Configuration in the ribbon.
  9. Click Yes when asked to restart the Broker Service.
  10. If you are load balancing WEM servers, then you must also create a Kerberos SPN, where [accountname] is the service account you are using for the Norskale service. Ryan Revord Load balancing Citrix Workspace Environment Manager.
    setspn -U -S Norskale/BrokerService [accountname]

Install WEM Console

  1. Run Citrix Workspace Environment Management Console v4.03.00.00 Setup.exe.
  2. In the Welcome to the InstallShield Wizard for Citrix Workspace Environment Management Console page, click Next.
  3. In the License Agreement page, select I accept the terms, and click Next.
  4. In the Customer Information page, click Next.
  5. In the Setup Type page, click Next.
  6. In the Ready to Install the Program page, click Install.
  7. In the InstallShield Wizard Completed page, click Finish.

WEM Configuration Sets (formerly known as Sites)

In WEM 4.3, Sites was renamed to Configuration Sets.

  1. From the Start Menu, run Administration Console.
  2. In the ribbon, click Connect.
  3. In the Database Broker Information window, enter the WEM Server name, and click Connect.
  4. Some WEM Console settings are global (every agent gets the same setting). So if you want different global settings for different agents, then you create multiple WEM Configuration sets. At the top of the window, in the ribbon, you can create a new WEM Configuration set. 
  5. Once you have multiple Configuration sets, you can use the drop-down to switch between them.
  6. An Agent can only belong to one WEM Configuration set. Different Agents can belong to different WEM Configuration sets.
  7. In WEM 4.3 and newer, you add agents to the Configuration set at Active Directory Objects (workspace on bottom left) > Machines (node on top left). You can add OUs or individual objects (computers). Note: for OU, agent machines must be directly in the OU; it will not add objects from sub-OUs.
  8. In WEM 4.2 and older, the WEM Group Policy template has a GPO setting to specify the WEM Site name that an agent should use.

Import Recommended Settings

  1. If you have multiple WEM configuration sets, this process should be repeated for each WEM configuration set.
  2. On the right side of the ribbon, click Import Settings.
  3. In the Settings Import Wizard page, click Next.
  4. In the Export File Load section, click Browse, and browse to the \Workspace-Environment-Management-v-4-03-00\Configuration Templates\Default Recommended Settings folder that was included in the WEM download.
  5. In the Settings Type Selection section, check all available boxes, and click Next.
  6. In the Settings Import Processing window, click Import Settings.
  7. Click Yes when prompted to replace.
  8. Click Finish.

WEM Administrators

  1. In the Administration Console, go to Administration (workspace on bottom left) > Administrators (node on top left).
  2. In the right pane, click Add.
  3. After adding a group or user, right-click the new administrator and click Edit.
  4. Use the Permissions drop-down to select a role. The roles are detailed at Administrators at Citrix Docs.
  5. Then use the State drop-down to select Enabled. New administrators are initially disabled. Click OK to close the window.

WEM Agent Configuration

  1. In the WEM Administration Console, in the Advanced Settings workspace (bottom left), there are several tabs for configuring the agent.
  2. One you might want to enable is Launch Agent for admins.
  3. Also consider enabling Launch Agent at Reconnect.
  4. In the right pane, on the Reconnection Actions tab, you can select which modules should be refreshed on reconnect.
  5. The Agent Options tab defaults to processing printers and drives asynchronously.
  6. Setting on these tabs are mostly self-explanatory. Feel free to change any as desired.
  7. The Service Options tab has a setting for Bypass ie4uinit Check. Enabling this eliminates a 2 minute delay before WEM Agent starts. See Marco Hofman at http://www.carlstalhood.com/workspace-environment-manager/comment-page-1/#comment-5069 for details.
  8. On the top left, in the Advanced Settings workspace, there’s a¬†UI Agent Personalization node.
  9. In the right pane, in the UI Agent Options tab, you can change the Agent skin, and Preview it.
  10. Other settings on this page let you hide the splash screen.
  11. The Helpdesk Options tab lets you enable Screen Capture.

System Optimization

  1. The System Optimization workspace (bottom left) lets you configure the various optimizations.
  2. On the top left, click the Fast Logoff node.
  3. In the right pane, enabling Fast Logoff disconnects a session immediately and runs logoff processes in the background.
  4. On the top left, click the CPU Management node.
  5. CPU Spikes Protection gives processes equal access to the CPU.
  6. From Hal Lange: “CPU Usage Limit should never be set to higher a percentage than one CPU. This will keep a single threaded application from thrashing a CPU.¬† Example:¬†if 2 CPU’s are available, the CPU setting should not be set above 49%,¬†if 4 CPU’s are available, the CPU setting should not be set above 24%”
  7. Hal Lange demonstrates Citrix WEM Performance Optimizations in a YouTube video.
  8. Other tabs on the right let you manually specify CPU priority and/or clamping.
  9. On the top left, click the Memory Management node.
  10. In the right pane, you can enable Working Set Optimization to periodically reclaim memory from running processes.
  11. On the top left, click the I/O Management node.
  12. On the right, you can prioritize process IO.
  13. On the top left, click the Process Management node.
  14. In the right pane, in the Processes Management tab, enable Process Management. The other tabs are grayed out until you check this box.
  15. You can BlackList processes. There’s also a WhiteList, but once something is added to the WhiteList, then all other processes are blocked.

Policies and Profiles

  1. The Policies and Profiles workspace (bottom left) has four nodes on the top left.
  2. In the Environment Settings node (top left), in the right pane, you can enable Environmental Settings, and configure restrictions that are usually configured in group policy. Peruse the various tabs on the right. Administrators can be excluded from these restrictions.
  3. If you switch to the Citrix Profile Management Settings node, you can use WEM to configure Citrix Profile Management. WEM 4.2 and newer includes the latest UPM 5.5 and 5.6 features, including: Active Write Back Registry, NTUSER.DAT Backup, and Default Exclusion Lists.
  4. If you use WEM to configure UPM settings, but the settings are not applying to the WEM Agent, then see Citrix CTX219086 Some UPM or WEM Agent parameters may not be applied by the agent after switching from GPO settings to Workspace Environment Management settings.
  5. In the right pane, the File System tab has a useful Profile Cleansing button to remove excluded folders from an existing UPM profile share.

    1. Adjust the Profiles Root Folder, click Scan Profiles Folder, and then click Cleanse Profile(s).
  6. To configure folder redirection, on the top left, click¬†Microsoft USV Settings.¬† ūüí°
  7. On the right, on the Roaming Profiles Configuration tab, check the box to Process User State Virtualization Configuration.
  8. Then switch to the Folder Redirection tabs, and configure them as desired.

Monitoring

  1. The Monitoring workspace (bottom left) lets you see Logon Time and Boot Time reports.
  2. Double-click a category to see more info.

  3. Configuration node (top left) lets you configure Work Day Filtering for Login/Boot Time Reports.
  4. When you make changes in the console, if agents are already installed, you can right-click the agent icon (by the clock) and Refresh.
  5. You can also go to the Administration workspace (bottom left) > Agents node (top left). In the right pane, right-click one or more Agents, and click the Refresh options.

WEM Agent Group Policy

  1. In the WEM Download, go to the \Workspace-Environment-Management-v-4-03-00\Agent Group Policies\ADMX folder, and copy the .admx file, and the en-US folder to the clipboard.
  2. Go \\MyADDomain.com\sysvol\MyADDomain.com\Policies. If you have a PolicyDefinitions folder here, paste the file and folder.
  3. If you don’t have PolicyDefinitions in Sysvol, then instead go to¬†C:\Windows\PolicyDefinitions, and paste the file and folder there.
  4. Look for older versions of the .admx and .adml files (in the en-us subfolder), and delete them.

  5. Edit a GPO that applies to the VDAs that will run the WEM Agent.
  6. Go to Computer Configuration | Policies | Administrative Templates | Citrix | Workspace Environment Management | Agent Host Configuration.
  7. On the right, double-click Infrastructure server.
  8. Enable the setting, enter the FQDN of the WEM server (or load balanced name), and click OK. Note: It must be FQDN. Also see Ryan Revord Load balancing Citrix Workspace Environment Manager.
  9. In WEM 4.3 and newer, to assign an Agent to a Configuration Set (formerly known as Site), in the Administration Console, go to Active Directory Objects workspace (bottom left) > Machines node (top left), and in the right pane, add an OU or individual machines.
  10. It’s possible that an Agent might register with multiple Configuration sets. You can review the registrations at¬†Administration¬†workspace (bottom left) > Agents¬†node (top left) >¬†Registrations¬†tab (right pane).
  11. It also might show you Agents not registered with any Configuration Set. Add the Agent to Active Directory Objects > Machines.
  12. If WEM 4.2 and older, you can configure the WEM Agents to connect to a non-default WEM site by editing the Site Name GPO setting.

Install WEM Agent

  1. If you are installing the WEM Agent in a Citrix App Layering – App Layer, see George Spiers to workaround an issue with the Netlogon service in a Platform Layer that has the Provisioning Services Target Device software installed.¬† ūüí°
  2. On a VDA Master machine, run the downloaded Citrix Workspace Environment Management Agent v4.03.00.00 Setup.exe.
  3. If you are installing the Agent on a Provisioning Services vDisk, there are a couple Agent Installer Switches that let you move the WEM cache file to the PvS cache disk:
    "\\fs01\bin\Citrix\Workspace-Environment-Management-v-4-03-00\Citrix Workspace Environment Management Agent v4.03.00.00 Setup.exe" /v"AgentCacheAlternateLocation=\"D:\WEMCache\" AgentServiceUseNonPersistentCompliantHistory=\"1\""
  4. You can use the ARPSYSTEMCOMPONENT=1 switch to prevent the Agent from showing up in the Programs and Features list where it can be uninstalled.
  5. Citrix CTX218964 How To Secure a Citrix WEM Agent Installation in Cases Where Users are Local Administrators also details how to configure a group policy to prevent local administrators from stopping the Agent service.
  6. Click Install to install the prerequisites.
  7. In the Welcome to the InstallShield Wizard for Citrix Workspace Environment Management Agent Host page, click Next.
  8. In the License Agreement page, select I accept the terms, and click Next.
  9. In the Customer Information page, click Next.
  10. In the Setup Type page, click Next.
  11. In the Ready to Install the Program page, click Install.
  12. In the InstallShield Wizard Completed page, click Finish.
  13. After installation, check the registry under HKLM\System\CurrentControlSet\Control\Norskale\Agent Host to verify your command line switches applied correctly.
  14. Citrix CTX219839 How to Enable Debug Logging on Workspace Environment Management Agent manually, if no connectivity to Broker exists. Set AgentDebugModeLocalOverride and AgentServiceDebugModeLocalOverride to 1. The Norskale Agent Host Service Debug.log file will be written to %ProgramFiles(x86)%\Norskale\Norskale Agent Host. The Agent Log file will be written to the User Profile (i.e. under %UserProfile%).
  15. Optionally, you can pre-build the Agent Cache by running AgentCacheUtility.exe, which is located in C:\Program Files (x86)\Norskale\Norskale Agent Host.
  16. It needs the following switches:
    -refreshcache -brokername:MyWEMServer
  17. From Hal Lange: “AgentCacheUtility does except short values (Eg AgentCacheUtility -r -b:)¬† the broker name should always be in FQDN since this does use Kerberos for the authentication.”
  18. You can also use the WEM Administration Console at Administration workspace (bottom left), Agents node (top left), to refresh the cache. The Synchronization column indicates if the cache is up to date or not. It takes a few minutes to update.
  19. From Hal Lange: “Need to optimize the client by running ngen for .NET optimizations¬†in the x64 and x86 directories. These commands will help optimize ANY .NET application installed on the system
    C:\Windows\Microsoft.NET\Framework\v4.0.30319
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319
    ngen.exe update
    ngen.exe eqi 1
    ngen.exe eqi 3
  20. C:\Program Files (x86)\Norskale\Norskale Agent Host must be excluded from Antivirus scanning. Or exclude Norskale Agent Host Service.exe; VUEMUIAgent.exe; Agent Log Parser.exe; AgentCacheUtility.exe; AppsMgmtUtil.exe; PrnsMgmtUtil.exe; VUEMAppCmd.exe; VUEMAppCmdDbg.exe; VUEMAppHide.exe; VUEMCmdAgent.exe; VUEMMaintMsg.exe; VUEMRSAV.exe.
  21. After Agents are installed, the Administration workspace (bottom left), Agents node (top left), shows the list of Agents, allowing you to perform actions against an Agent. For example, if UPM settings are not applying to your Agents, you can right-click the Agent, and click Reset Citrix Upm Settings. See Workspace Environment Manager UPM at Citrix Discussions.
  22. If you use WEM to configure UPM settings, but the settings are not applying to the WEM Agent, then see Citrix CTX219086 Some UPM or WEM Agent parameters may not be applied by the agent after switching from GPO settings to Workspace Environment Management settings.  Delete the machine cache, which is at the following registry location:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Norskale\UsvMachineConfigurationSettings
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Norskale\UpmConfigurationSettings

    This will force VUEM to re-apply the per-machine settings (Microsoft USV or Citrix UPM settings, respectively).

WEM Agent on Provisioning Services

From Julian Mooren Citrix Workspace Environment Management with PVS ‚Äď Synchronization State ‚ÄúUnknown‚ÄĚ: For PvS, schedule a task to run the following commands at Target Device boot (Trigger = At Startup).

"C:\Program Files (x86)\Norskale\Norskale Agent Host\AgentCacheUtility.exe" -refreshcache

From CTA David Ott at Using Citrix Workspace Environment Management to Redirect Folders via Symbolic Links ‚Äď Speed Up Logon:¬†before shutting down your maintenance/private mode vdisk to re-seal, kill the Norskale Agent Host Service. For whatever reason if you don‚Äôt do this it can cause your vms in standard mode to take an obscenely long time to shutdown.

If you have a PVS environment and you have redirected the WEM cache to the persistent drive, use a startup task to refresh the cache, force restart the Norskale Agent Host Service, and start netlogon after. If the cache doesn’t already exist, WEM doesn’t seem to check with the WEM server. You have to create the cache, and then restart the service so that it reads it, and force restarting the Norskale Agent Host Service will stop netlogon (dependent on it).

Login Base Image Script Framework (BIS-F) automates many image sealing tasks, including tasks for Workspace Environment Management. The script is configurable using Group Policy.¬† ūüí°

WEM Actions Configuration

WEM Actions are similar to Group Policy Preferences.

The general process is as follows:

  • Create the Actions
  • Add AD user groups to the WEM Console.
  • Assign Actions to user groups. Use¬†Conditions and Rules to perform the Action for only a subset of machines or users in the user group.

Create Actions

  1. In the WEM Console, use the Actions workspace to map drives, map printers, create shortcuts (Applications), set registry keys, etc. Each Action type is a separate node. In the right pane, click the Add button to add actions. These Actions are self explanatory.
  2. Some Actions, on the Options tab, have a Self-Healing option. To optimize performance, WEM only applies an action once. The Self Healing option causes it reapply at every logon.
  3. Note: Network Drives have no field for selecting a drive letter. Instead, you configure the drive letter later when assigning the action as detailed below.
  4. Note: Applications have no option for placing a shortcut on the Desktop. Instead, you configure shortcut placement later when assigning the action as detailed below.
  5. To prevent applications (shortcuts) from being created if the application isn’t installed, go to¬†Advanced Settings > Configuration > Agent Options, and check the box next to¬†Check Application Existence in the¬†Extra Features section.
  6. After you create Applications (Shortcuts), and assign them, on the agent, there’s a¬†Manage Applications tool that lets users control where shortcuts are created, including pinning to Taskbar and Start Menu.

  7. Applications can be placed in Maintenance Mode. Edit an Application, and find the Maintenance Mode setting on the Options tab.
  8. This causes the icon to change, and a maintenance message to be displayed to the user.

  9. The Applications node has a Start Menu View tab.
  10. For the¬†Printers Action, in the ribbon, there’s a¬†Import Network Print Server button.

  11. For the Registry Entries Action, in the ribbon, there’s an¬†Import Registry File button.
  12. For File System Operations, each Action has an Options tab that lets you set the Type of Action.
  13. For File Associations, “Command” is just the parameters without the executable.

Create Conditions and Rules

  1. Once the Actions are created, you then need to decide under what conditions the Actions are performed. Go to the Filters workspace (bottom left).
  2. On the top left, switch to the Conditions node.
  3. In the right pane, create Conditions. One or more Conditions are later combined into a Rule.
  4. Then switch to the Rules node (top left) and create Rules in the right pane.
  5. If you add (by clicking the right arrow)¬†multiple Conditions to a Rule, all (AND) Conditions must match. There doesn’t appear to be an OR option. The Rules are used later when assigning an Action to a user group.

Add AD Groups to WEM Console

  1. Go to the Active Directory Objects workspace (bottom left).
  2. With the Users node selected on the top left, in the right pane, add groups and/or users that will receive the Action assignments.

Assign Actions to User Groups

  1. Go to the Assignments workspace (bottom left) > Action Assignment node (top left).
  2. In the right pane, initially the bottom half is empty. Double-click a group to show the Actions that are available for assignment.
  3. Move an available Action from the left to the right. This assigns the Action to the user group.
  4. You will be prompted to select a Filter, which contains one or more Conditions.
  5. When you move a Network Drive to the right, you’re prompted to select a drive letter.

    1. The list of drive letters is restricted based on the configuration at Advanced Settings workspace (bottom left) > Configuration node (top left) > Console Settings tab (right pane).
  6. Back in the Assignments workspace, on the right, some Actions have additional options that you can right-click. For example, you can create shortcuts on the desktop.

Modeling Wizard

  1. In the Assignments workspace, you can use the Modeling Wizard node (top left) to see what Actions apply to a particular user.

Transformer

In WEM 4.1 and newer, you can enable Transformer, which puts the WEM Agent in Kiosk mode. Users can only launch icons (e.g. Citrix icons). Everything else is hidden. This is an alternative to Receiver Desktop Lock. The Transformer interface is customizable.

  1. In the WEM Console, there’s a¬†Transformer Settings workspace (bottom left) with two nodes on the top left:¬†General and¬†Advanced.
  2. Enable Transformer and point it to your StoreFront URL. Note, this applies to all users and all agents in this WEM configuration set.
  3. Other settings on the General Settings tab let you customize the appearance, and specify an unlock password. You probably want to disable the Clock. The Navigation Buttons are browser navigation.
  4. Transformer can be unlocked by pressing Ctrl+Alt+U and entering the unlock password.
  5. On the Site Settings tab, you can add website URLs that can be launched from within Transformer.
  6. At the top of the Transformer window is a Sites icon that lets you go to the sites listed in the WEM Console.
  7. The Advanced node lets you configure Transformer to launch a process other than a browser.
  8. The Advanced & Administration Settings tab lets you hide features from Transformer.
  9. To prevent users from accessing the local system, consider checking Hide Taskbar & Start Button.
  10. You probably want Log Off Screen Redirection to redirect users to the logon page when StoreFront logs off.
  11. The Logon/Logoff & Power Settings tab lets you configure the WEM Agent to autologon as a specific account. Transformer then displays the StoreFront webpage where the user enters his or her credentials.

275 thoughts on “Workspace Environment Management 4.3”

  1. Hello Carl,

    I have a problem when I run the agentcacheutility.exe i get the following error:

    C:\WINDOWS\system32>”C:\Program Files (x86)\Norskale\Norskale Agent Host\AgentCacheUtility.exe” -refreshcache -brokername:fgridctxwem01
    Citrix Workspace Environment Management Agent Cache Management Utility – By Citrix Systems, Inc – Version 4.3.0.0
    Broker Server Name or Broker Port Error
    Operation Completed with Errors

    Are there any special requirements which need to be met in order for agent registration to work? Firewall communication is allowed between the WEM broker server and the agent machine.

  2. Carl I’m curious as to what your take is on the WEM licensing model.

    I’m getting conflicting answers on the rules for number of WEM agents that are allowed per the XenApp entitlement. At Synergy, the WEM booth the guy told me I could have 1 WEM agent per XenApp license on any device (vda or non-vda). I went to double check with my Citrix rep this week and they are saying something different. They say if I have 500 XA licenses and 400 are in use, I could only install the WEM agent on 100 non-vda devices which would then act as an in use XenApp license. If you read what’s on the Citrix Licensing portal (https://www.citrix.fr/buy/licensing/product.html) that doesn’t sound right to me.

    ‚ÄúIf you licensed XenApp Platinum Edition, you may use the WEM component to support physical desktops which are not part of a VDA deployment in addition to your VDA deployment, but total usage of WEM may not exceed total licenses purchased.‚ÄĚ

    In my mind, that’s saying if I have 500 XenApp licenses, I can have 500 WEM agents, either VDA or non-VDA. No where in there does it say anything about concurrent users using XenApp or a WEM agent acting as a connected user taking up a license. The license server doesn’t reflect a connected WEM agent as a user either.

    What do you think (know)?

    1. My suspicion is that you can deploy WEM Agent to any machine accessed by a licensed Citrix user. I just asked the Product Managers for confirmation.

      1. From Citrix Discussion:
        “I’m the product manager for WEM and your REP is correct, the intent was to provide a clear message that you can use WEM on physicals if you had enough licenses.

        WEM + VDA = 1 License
        WEM = 1 License

        I will get the wording tightened up on the licensing page to make it clearer, you are correct this is a EULA only enforcement not a license server check at this time but we will be working on that.”

        1. So is it “per device”, or is it “per user”? If per user, I would expect unlimited devices (and VDA) for that user.

          1. The way I’m understanding it is that if I have 500 XenApp CCU licenses, and I have 400 licenses being used for active connections, then I can only have 100 non-vda WEM agents out in the environment. Which doesn’t make sense to me at all. If I’m using WEM to turn a PC into a Transformer kiosk type device to use Citrix Receiver, then it would seem I need a XenApp license for that device, and then another license for the user on that device using accessing the apps…which seems a bit excessive. I don’t really know at this point…but I think it could use some attention from Citrix to clear up when you can and can’t use WEM.

  3. Hi Carl,

    I am having an issue with Transformer and hoping you can point me in the right direction. I have added the policy and it worked perfectly on a XD win 10 vm I have. However, when I can’t get it to work correctly on a win10 physical machine. I have a GPO pointing the machine to the broker and the correct site. I have verified it is pulling down the settings, but when I login, transformer isn’t launching. The issue seems to be that VUEM Agent isn’t launching. If I manually launch it from program files (x86)…, transformer immediately launches. I just can’t for the life of me figure out why it isn’t launching automatically. I do have the Advanced Settings > Configuration > Launch Agent at Logon checked, which I did after it wasn’t working, but even after that, it still isn’t working.

    Any thoughts?

  4. Hi carl,

    I am having an issue with Transformer and hoping you can point me in the right direction. I have configured the policy and applied a GPO that points the agent to the broker and site. When I apply the GPO to a windows 10 XD VM I have, it works perfectly. When I apply it to a win 10 physical machine, it does not. WEM agent is installed and the GPO is applied to the machine. If I make a change to the transformer policy for the site and then update the WEM cache on the machine, it does get the update. Also, if I check the Agent info in WEM Console, it shows that machine is in the correct site. Is there something else that needs configured or applied? Does Citrix Receiver also need to be installed? This physical machine is a fresh install and has very few programs installed.

    Any guidance you can provide would be greatly appreciated.

  5. great article! Thanks Carl. Does WEM require its own server? or can it be installed on the same server as a delivery controller, or Director?

  6. Is there a way to trigger the WEM Agent “Refresh” in the context menu of the system tray icon with a command line ?

  7. Thanks Carl for this effective documentation.
    After upgrading an installation from 4.2 to 4.3, the Norskale Infrastructure Service crashed intermittently.
    There is a private hotfix available for this issue (Infrastructure Service v4.03.00.01), contact Citrix support for it.

  8. Hi Carl,

    For a PVS vDisk that was created via the ELM (Citrix App Layering), should the agent be installed as an application layer or in the platform layer similiar to the VDA. Also, should we use the install parameters to redirect the WEM cache to the overflow drive in any of those layers if that Overflow drive does not yet exist or ?

Leave a Reply