Navigation
- Preparation
- Delivery Controller 7.8 Install
- Studio – Slow Launch
- Database Maintenance:
- Change DB connect strings, read-committed snapshot, Director grooming, etc.
- Studio Administrators
- vCenter Connection – Hosting Resources 💡
- Citrix Licensing Server
- Remote Desktop Licensing Server
- Health Check
Preparation
Citrix Licensing – If you are going to use an existing Citrix Licensing Server, upgrade it to 11.13.1.2 build 16002.
SQL Databases
- Citrix blog post Database Sizing Tool for XenDesktop 7 and Bugfix for Database Sizing Tool
- Citrix article CTX114501 – Supported Databases for Citrix Products
- There are typically three databases: one for the Site (aka farm), one for Logging (audit log) and one for Monitoring (Director).
- The monitoring database name must not have any spaces in it. See CTX200325 Database Naming Limitation when Citrix Director Accesses Monitoring Data Using OData APIs
- If you want Citrix Studio to create the SQL databases automatically, then the person running Studio must be a sysadmin on the SQL instances. No lesser role will work.
- As an alternative, you can use Citrix Studio to create SQL scripts and then run those scripts on the SQL server. In that case you only need the dbcreator and securityadmin roles.
- It is possible to create the databases in advance. However, you must use the non-default Latin1_General_100_CI_AS_KS collation. Then use Citrix Studio to configure the database tables.
- Citrix recommends SQL Mirroring because it has the fastest failover.
- SQL Mirroring requires two SQL Standard Edition servers and one SQL Express for the witness server.
- You can setup SQL Mirroring either before installing XenDesktop or after installing XenDesktop. If after, then see Citrix CTX140319 to manually change XenDesktop’s database connection strings How to Migrate XenDesktop Database to New SQL Server.
- To setup SQL Mirroring, see Rob Cartwright: Configure SQL Mirroring For Use With XenDesktop, XenApp, and PVS Databases.
- If you try to stretch the mirror across datacenters, the SQL witness must be placed in a third datacenter that has connectivity to the other two datacenters. However, stretching a single XenApp/XenDesktop site/farm and corresponding SQL mirror across datacenters is not recommended.
- AlwaysOn Availability Groups and SQL Clustering are also supported. However, these features require the much more expensive SQL Enterprise Edition.
Windows Features
- Installing Group Policy Management on the Delivery Controller lets you edit GPOs and have access to the Citrix Policies node in the GPO Editor. Or you can install Studio on a different machine that has GPMC installed.
- vSphere Web Client – if you will connect to vSphere Web Client from the Controller machine, Flash Player is only available for IE if you install the Desktop Experience feature. Or you can use Google Chrome.
vSphere
- Create a role in vSphere Client. Assign a service account to the role at the Datacenter or higher level.
Delivery Controller Install
- A typical size for the Controller VMs is 2-4 vCPU and 8 GB of RAM.
- Make sure the User Right Log on as a service includes NT SERVICE\ALL SERVICES or add NT SERVICE\CitrixTelemetryService to the User Right.
- On two Delivery Controllers, install the Delivery Controller software from the XenApp/XenDesktop 7.8 media. Download it from XenApp Enterprise, XenApp Platinum, XenDesktop Enterprise, or XenDesktop Platinum, depending on your license. Go to the downloaded XenDesktop 7.8 ISO and run AutoSelect.exe.
- Click Start next to either XenApp or XenDesktop. The only difference is the product name displayed in the installation wizard.
- On the left, click Delivery Controller.
- You can install all components on one server or on separate servers. Splitting them out is only necessary in large environments or if you want to share the components (e.g. Licensing, StoreFront, Director) across multiple farms.
- In the Features page, uncheck the box next to Install Microsoft SQL Server 2012 SP1 Express and click Next.
- In the Summary page, click Install.
- In the Installation Successful page, click Finish. Studio will automatically launch.
- Ensure the two Controller VMs do not run on the same hypervisor host. Create an anti-affinity rule.
Create Site
There are several methods of creating the databases for XenApp/XenDesktop:
- If you have sysadmin permissions to SQL, let Citrix Studio create the databases automatically.
- If you don’t have sysadmin permissions to SQL then use Citrix Studio to generate SQL scripts and send them to a DBA.
Database Mirroring
If you are not using database mirroring then skip to the next section.
You can setup SQL Mirroring either before configuring XenDesktop or after configuring XenDesktop.
- If before, then the empty databases (Site, Logging, Monitoring) must use the Latin1_General_100_CI_AS_KS collation, which is not the default.
- If SQL Mirroring is already setup then XenDesktop will detect it and set the database connection strings accordingly. Or you can manually change the database connection strings later as detailed at Citrix CTX140319 How to Migrate XenDesktop Database to New SQL Server.
- If you use Citrix Studio to create SQL scripts that populate the databases, then there will be separate SQL scripts for the Primary and Partner.
To verify mirroring after the XenDesktop configuration has completed, run the PowerShell cmdlet get-configdbconnection and ensure that the Failover Partner has been set in the connection string to the mirror.
Use Studio to Create Database Scripts
- Launch Citrix Studio. After it loads, click Deliver applications and desktops to your users.
- In the Introduction page, select An empty, unconfigured site. This reduces the number of pages in this Setup wizard. The other pages will be configured later.
- Enter a Site Name (aka farm name) and click Next. Only administrators see the farm name.
- In the Databases page, change the selection to Generate scripts to manually set up databases on the database server.
- Change the database names if desired.
- If you are building two Controllers, click Select near the bottom of the same page.
- Click Add.
- Enter the FQDN of the second Controller and click OK. Note: the Delivery Controller software must already be installed on that machine.
- Then click Save.
- If you hover your mouse over 2 selected, it will show both Controllers. Click Next.
- In the Additional Features page, click Next.
- In the Summary page, click Generate scripts.
- A folder will open with six scripts. Edit each of the scripts.
- Near the top of each script are two lines to create the database. Uncomment both lines (including the go line). Then save and close the file.
- Once all of the scripts are edited you can send them to your DBA.
- On the Principal SQL Server, open the file Site_Principal.sql.
- Open the Query menu and click SQLCMD Mode.
- Then execute the script.
- If SQLCMD mode was enabled properly then the output should look something like this:
- If you have a mirrored database, run the second script on the mirror SQL instance. Make sure SQLCMD mode is enabled.
- Repeat for the Logging_Pricipal.sql script.
- You’ll have to enable SQLCMD Mode for each script you open.
- Repeat for the Monitoring_Principal.sql script.
- Once again enable SQLCMD Mode.
- The person running Citrix Studio must be added to the SQL Server as a SQL Login and granted the public server role.
- Back in Citrix Studio, click the Continue database configuration and Site setup button.
- In the Database page, enter the SQL server name and instance name and click Next.
- On the Licensing page, enter the name of the Citrix License Server and click Connect. . If you installed Licensing with your Delivery Controller, then simply enter localhost.
- XenApp/XenDesktop 7.8 requires the newest Licensing Server. If your server isn’t compatible, leave it set to localhost and fix it later.
- If the Certificate Authentication appears, select Connect me and click Confirm.
- Then select your license and click Next.
- In the Additional Features page, click Next.
- In the Summary page, make your selection for Customer Experience Improvement Program and click Finish.
- It will take some time for the site to be created.
Verify Database Mirroring
If your database is mirrored, when you run get-brokerdbconnection, you’ll see the Failover Partner in the database connection string.
Second Controller
When building the first Delivery Controller the scripts might have already included the second Delivery Controller. Thus no special SQL permissions are needed. If the second Delivery Controller has not already been added to the SQL databases then there are several methods of adding a second Controller to the databases for XenApp/XenDesktop:
- If you have sysadmin permissions to SQL, let Citrix Studio modify the databases automatically.
- If you don’t have sysadmin permissions to SQL then do use Citrix Studio to generate SQL scripts and send them to a DBA.
To use Citrix Studio to create the SQL Scripts:
- On the first Delivery Controller, if StoreFront is installed, delete the default StoreFront store (/Citrix/Store) and recreate it with your desired Store name (e.g. /Citrix/CompanyStore).
- On the 2nd Delivery Controller, install XenDesktop as detailed earlier.
- After running Studio, click Connect this Delivery Controller to an existing Site.
- Enter the name of the first Delivery Controller and click OK.
- If you don’t have elevated SQL permissions, click No when asked if you want to update the database automatically.
- Click Generate scripts.
- A folder will open with six scripts. If not mirroring, then the top three scripts need to be sent to a DBA. If mirroring, send all six.
- On the SQL Server, open open one of the .sql files.
- Open the Query menu and click SQLCMD Mode.
- Then execute the XenDesktop script.
- If SQLCMD mode was enabled properly then the output should look something like this:
- Back in Citrix Studio, click OK.
- In the Studio, under Configuration > Controllers, you should see both controllers.
- You can also test the site again if desired.
Studio – Slow Launch
From B.J.M. Groenhout at Citrix Discussions: The following adjustments can be made if Desktop Studio (and other Citrix management Consoles) will start slowly:
- Within Internet Explorer, go to Tools – Internet Options – Tab Advanced – Section Security and uncheck the option Check for publisher’s certificate revocation
After adjustment Desktop Studio (MMC) will be started immediately. Without adjustment it may take some time before Desktop Studio (MMC) is started.
Registry setting (can be deployed using Group Policy Preferences):
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
- “State“=dword:00023e00
Database Maintenance
View Logging Database
To view the contents of the Logging Database, in Studio, click the Logging node. On the right is Create Custom Report. See Citrix article CTX138132 Viewing Configuration Logging Data Not Shown for more info.
Enable Read-Committed Snapshot
The XenDesktop Database can become heavily utilized under load in a large environment. Therefore Citrix recommends enabling the Read_Committed_Snapshot option on the XenDesktop databases to remove contention on the database from read queries. This can improve the interactivity of Studio and Director. It should be noted that this option may increase the load on the tempdb files. See Citrix article CTX137161 How to Enable Read-Committed Snapshot in XenDesktop for configuration instructions.
Change Database Connection Strings
Sometimes the database connection strings need to be modified:
- When moving the SQL databases to a different SQL server
- When enabling mirroring after the databases have already been configured in Studio.
CTX140319 How to Migrate XenDesktop Database to New SQL Server has the correctly ordered list of PowerShell commands to change the database connection strings. Make sure PowerShell is running as administrator before running these commands.
XenApp/XenDesktop 7.8 adds set-applibdbconnection so make sure the commands include setting that DB connection too. 💡
Step 5 assumes Site, Monitoring, and Logging are one database so you’ll need to adjust the commands if those databases are split. In particular, change $cs in Set-LogDBConnection -DataStore Logging -DBConnection $cs to the Logging database. And change $cs in Set-MonitorDBConnection -DataStore Monitor -DBConnection $cs to the Monitoring database. The other commands don’t need to be changed.
Director Grooming
If XenDesktop is not Platinum Edition then all historical Director data is groomed at 7 days.
For XenDesktop/XenApp Platinum Edition, by default, most of the historical Director data is groomed at 90 days. This can be adjusted up to 367 days by running a PowerShell cmdlet.
- On a Delivery Controller, run PowerShell and run asnp Citrix.*
- Run Get-MonitorConfiguration to see the current grooming settings.
- Run Set-MonitorConfiguration to change the grooming settings.
Studio Administrators
Full Administrators
- In the Studio, under Configuration, click the Administrators node. The first time you access the node you’ll see a Welcome page. Feel free to check the box and then click Close.
- On the Administrators tab, right-click and click Create Administrator.
- In the Administrator and Scope page, specify a group (e.g. Citrix Admins or Help Desk) that will have permissions to Studio and Director. Click Next.
- On the Role page, select a role and then click Next. For example:
- Full Administrator for the Citrix Admins group
- Help Desk Administrator for the Help Desk group
- Machine Catalog Administrator for the desktop team
- In the Summary page, click Finish.
Help Desk
- In the Studio, under Configuration, click the Administrators node. On the Administrators tab, right-click and click Create Administrator.
- In the Administrator and Scope page, specify a Help Desk group that will have permissions to Studio and Director. Click Next.
- On the Role page, select the Help Desk Administrator role and then click Next.
- In the Summary page, click Finish.
- When administrators in the Help Desk role log into Director, all they see is this.
To jazz it up a little, add the Help Desk group to the read-only role. - Right-click the Help Desk Administrator and click Edit Administrator.
- Click Add.
- In the Scope page, select a scope and click Next.
- In the Role page, select Read Only Administrator and click Next.
- In the Summary page, click Finish.
- Then click OK. Now Director will display the dashboard.
Provisioning Services w/Personal vDisk
From Considerations: Provisioning Services at Configure and manage Personal vDisk at docs.citrix.com: The Provisioning Services Soap Service account must be added to the Administrator node of Studio and must have the Machine Administrator or higher role. This ensures that the PvD desktops are put into the Preparing state when the Provisioning Services (PVS) vDisk is promoted to production.
vCenter Connection
XenDesktop uses an Active Directory service account to log into vCenter. This account needs specific permissions in vCenter. To facilitate assigning these permissions, create a new vCenter role and assign it to the XenDesktop service account. The permissions should be applied at the datacenter or higher level. CTX214389 How to Define VMware vSphere User Privileges for XenApp and XenDesktop defines the minimum permissions needed for various activities in XenDesktop: MCS, PvS, Power Management, and AppDisks. 💡
AppDisks requires an additional permission: Virtual Machine > Configuration > Modify Device Settings.
For AppDisks, the read only role must be applied to the vCenter level. See Mark New at discussions.citrix.com for details. ?
Hosting Resources
A Hosting Resource = vCenter + Cluster (Resource Pool) + Storage + Network. When you create a machine catalog, you select a previously defined Hosting Resource, and the Cluster, Storage, and Network defined in the Hosting Resource object are automatically selected. If you need some desktops on a different Cluster+Storage+Network then you’ll need to define more Hosting Resources in Studio.
- In Studio, expand Configuration and click Hosting. Right-click it and click Add Connection and Resources.
- In the Connection page, select VMware vSphere as the Connection type.
- Enter https://vcenter01.corp.local/sdk as the vCenter URL. The URL must contain the FQDN of the vCenter server. Ensure the entered URL has /sdk on the end.
- Enter credentials of a service account that can log into vCenter.
- In the Connection name field, give the connection a name. Typically, this matches the name of the vCenter server.
- If you are not using Machine Creation Services and instead only need the vCenter connection for machine power management, change the Create virtual machines using selection to Other Tools.
- Click Next.
- If you see a message about the vCenter certificate, check the box next to Trust certificate and click OK.
- Enter a name for the hosting resource. Since each hosting resource is a combination of vCenter, Cluster, Network, and Datastore, include those names in this field (e.g. vCenter01-Cluster01-Network01-Datastore01).
- In the Cluster page, click Browse and select a cluster or resource pool.
- Select a network and click Next.
- On the Storage page, select a datastore for the virtual machines. Maximum flexibility is achievable if you only select one datastore per hosting resource. Create additional hosting resources for each datastore.
- If desired, change the selection for personal vDisk to use a different storage. Click Next.
- In the Summary page, click Finish.
Citrix Licensing Server
Upgrade
Upgrade Citrix Licensing to 11.13.1.2. 💡
- Go to the downloaded Citrix Licensing 11.13.1.2 build 16002 and run CitrixLicensing.exe.
- Click Upgrade.
- Click Finish.
- If you go to Programs and Features, it should now show version 11.1.0.16002.
- If you login to the license server web console, on the Administration tab, it shows it as version 11.13.1 build 16002.
- You can also view the version in the registry at HKLM\Software\Wow6432Node\Citrix\LicenseServer\Install.
Licensing Server HA using GSLB
From Dane Young – Creating a Bulletproof Citrix Licensing Server Infrastructure using NetScaler Global Server Load Balancing (GSLB) and CtxLicChk.ps1 PowerShell Scripts. Here is a summary of the configuration steps. See the blog post for detailed configuration instructions.
- Build two License Servers in each datacenter with identical server names. Since server names are identical, they can’t be domain-joined.
- Install identical licenses on all License Servers.
- Set the DisableStrictNameChecking registry key on all Citrix Licensing servers.
- Synchronize the certificate files located at C:\Program Files (x86)\Citrix\Licensing\WebServicesForLicensing\Apache\conf. They must be identical on all Licensing Servers.
- Download CtxLicChk.exe from http://support.citrix.com/article/CTX123935 and place on all Licensing Servers.
- Schedule the PowerShell script CtxLicChk.ps1 on all Licensing Servers. Get this script from the blog post linked above.
- Configure NetScaler:
- Configure GSLB ADNS services.
- Add wildcard Load Balancing service for each Citrix Licensing Server.
- Configure service TCP monitoring for ports 27000, 7279, 8082, and 8083.
- Create Load Balancing Virtual Server for each Licensing Server.
- Set one Load Balancing Virtual Server as backup for the other.
- Repeat in second datacenter.
- Configure GSLB Services and GSLB Monitoring.
- Configure GSLB Virtual Servers. Set one GSLB Virtual Server as backup for the other.
- Delegate the Citrix Licensing DNS name to the ADNS services on the NetScaler appliances.
- Configure Citrix Studio to point to the GSLB-enabled DNS name for Citrix Licensing.
Citrix License Server Monitoring
Citrix Licensing 11.13.1 and newer has historical usage reporting: 💡
- Run Citrix Licensing Manager from the Start Menu. Or use a browser to connect to https://MyLicenseServer:8083
- Use the drop-down menus to select a license type, select dates, and export to a .csv file.
- On the top right is a gear icon where you can set the historical retention period.
http://www.jonathanmedd.net/2011/01/monitor-citrix-license-usage-with-powershell.html.
Lal Mohan – Citrix License Usage Monitoring Using Powershell
Jaroslaw Sobel – Monitoring Citrix Licenses usage – Graphs using WMI, Powershell and RRDtool. This script generates a graph similar to the following:
Remote Desktop Licensing Server
Install Remote Desktop Licensing Server
Do the following on your XenDesktop Controllers:
- In Server Manager, open the Manage menu and click Add Roles and Features.
- Click Next until you get to the Server Roles page. Check the box next to Remote Desktop Services and click Next.
- Click Next until you get to the Role Services page. Check the box next to Remote Desktop Licensing and click Next.
- Click Add Features if prompted.
- Then finish the wizard to install the role service.
Activate Remote Desktop Licensing
- After RD Licensing is installed, in Server Manager, open the Tool menu, expand Terminal Services and click Remote Desktop Licensing Manager.
- The tool should find the local server. If it does not, right-click All servers, click Connect and type in the name of the local server. Once the local server can be seen in the list, right-click the server and click Activate Server.
- In the Welcome to the Activate Server Wizard page, click Next.
- In the Connection Method page, click Next.
- In the Company Information page, enter the required information and click Next.
- All of the fields on the Company Information page are optional so you do not have to enter anything. Click Next.
- In the Completing the Activate Server Wizard page, uncheck the box next to Start Install Licenses Wizard now and click Finish. Since the session hosts will be configured to pull Per User licenses, there is no need to install licenses on the RD Licensing Server.
- In RD Licensing Manager, right-click the server and click Review Configuration.
- Ensure you have green check marks. If the person installing Remote Desktop Licensing does not have permissions to add the server to the Terminal Server License Servers group in Active Directory, ask a domain admin to do it manually. If you have the proper permissions, click Add to Group.
- Click Continue when prompted that you must have Domain Admins privileges.
- Click OK when prompted that the computer account has been added.
- Click OK to close the window.
Health Check
Andrew Morgan – New Free Tool: Citrix Director Notification Service: The Citrix Director Notification service sits on an edge server as a service (or local to the delivery controller) and periodically checks the health of:
- Citrix Licensing.
- Database Connections.
- Broker Service.
- Core Services.
- Hypervisor Connections.
And if any of these items fall out of bounds, an SMTP alert is sent to the mailbox of your choice for action. The tool will also send “All Clear” emails when these items are resolved, ensuring you are aware when the service has resumed a healthy state.