Terminal Server/XenApp vs VDI

There is a lot of hype these days around VDI and it seems like every week there is some new VDI related product or company being announced. With all of these options available how is company ever to decide on which VDI solution to go with?

In my opinion you should first decide on whether or not you want to go with Terminal Services/XenApp or VDI. Both technologies offer the same advantages and feature sets but Terminal Services/XenApp has a much cheaper per user cost and is a proven solution that has been around for 12 years. VDI is cool, hip and is in all of the industry news but it is very young and still evolving.

In my opinion VDI is for special use cases and for applications that will not run in Terminal Services.

Brian Madden did a great session on this at VMworld Europe 2009.

Any company currently looking at VDI should watch this session and first decide if Terminal Services would work for them. If so you can save a lot of money in infrastructure costs by using Terminal Services/XenApp.

http://www.brianmadden.com/blogs/videos/archive/2009/03/23/terminal-services-versus-vdi-brian-s-presentation-from-vmworld-europe-2009.aspx

Advertisement

How to install EMC Navisphere Host Agent on Citrix XenServer 5

If you are integrating Citrix XenServer with EMC Clariion storage the Navisphere Host Agent (naviagent) can be installed in the Linux management OS (domain 0) so that the host registers with Navisphere.

1. Download the Navisphere Host Agent 6.28 from here (requires Powerlink login) – http://tinyurl.com/n5cbu2
2. Unzip and copy the RPM to the /tmp folder of the XenServer host. I use a tool from Bitvise called Tunnelier to do this – http://dl.bitvise.com/Tunnelier-Inst.exe
3. From the SSH shell go to the /tmp folder and give give yourself execute permissions to the rpm with this command “chmod 755 *.rpm”
4. Type this command to install “rpm -i naviagent-6.28.20.1.40-1.noarch.rpm”
5. Open the firewall ports using these commands

iptables -D RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6389 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p udp –dport 6389 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6389 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p udp –dport 6389 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6390 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6390 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6391 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6391 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6392 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6392 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
iptables-save >/etc/sysconfig/iptables

Reboot the host and then check Navisphere to see if the host registered.

Citrix Provisioning Server 5.1 and XenDesktop Setup Wizard

With the new version of Provisioning Server Citrix changed the management console ports from 8000 and 8001 to 54321 and 54322. The reason for this change is so that PVS can be installed on the XenDesktop Desktop Delivery Controller without port conflicts.

The port change breaks the the XenDesktop Setup Wizard because by default the setup wizard tries to communicate with PVS on ports 8000 and 8001.

To fix this you must edit the SetupToolApplication.exe.config file that is located in the “C:\Program Files\Citrix\XenDesktop Setup Wizard” folder and change the two ports from 8000 to 54321 and from 8001 to 54322.

The Provisioning Server 5.1 release notes states that you only have to change the 8000 port but in my experience I had to change both.

http://support.citrix.com/article/CTX121336

New Citrix XenDesktop Virtual Desktop Agent

Citrix just released an updated build of the XenDesktop VDA.

I was experiencing slow login times at one of my clients with the previous 3.1 build and this updated build fixed the issue.

http://support.citrix.com/article/CTX121590

Citrix XenConvert

Citrix XenConvert is a tool to migrate (P2V) physical (or virtual) Windows systems to XenServer.

XenConvert is similar to VMware Converter but without some of the advanced features and functions differently.

XenConvert is installed and executed on the source system and only one local disk can be converted at a time.

You must have 115% free space to convert a disk, the free space doesn’t have to be on the same local disk but cannot be a mapped network drive. XenConvert creates a local VHD file, mounts it as a new drive and then copies the contents of the local drive you are converting to the new VHD file.

If during the XenConvert wizard you chose to migrate to XenServer it then takes the VHD and creates an XVA (XenServer Virtual Applicance) and then moves it up to the XenServer and creates the new VM.

The process takes at least twice as long as it does with VMware Converter. Most of this time is spent copying the local disk to the local VHD file.

XenConvert does not have a feature that lets you resize the destination VHD, if your local disk is 72 GB then the virtual disk will be 72 GB.

Some other features of XenConvert include the ability to convert an offline VMDK to either a VHD or OVF and Microsoft VMs to OVF.

http://community.citrix.com/blogs/citrite/simoncr/2009/04/16/XenConvert+v2+Tech+Preview+-+OVF+and+VMDK+Support+for+XenServer

Citrix preps Feature Pack 1 for XenDesktop 3

The below is from Brian Madden’s blog.

Citrix will be releasing Feature Pack 1 for XenDesktop 3 at Citrix Synergy in two weeks.

Here is a list of new features.

• Multimedia redirection for Flash (or HDX MediaStream or whatever it’s called now). This just means that the remote host will send the raw flash content to the endpoint where it will be rendered locally, similar to the RAVE technology that’s been in place for media streams for the past five years.
• Improvements for general host-based motion, including Silverlight, Quicktime, dragging windows, PowerPoint animations, etc.
• VoIP soft-phone support for LAN users
• Bi-directional audio support in Vista.
• Refined smart card support, including flowing sessions between devices with different brands of readers
• Windows 7 guest support (which will be huge)

http://www.brianmadden.com/blogs/brianmadden/archive/2009/04/20/citrix-preps-feature-pack-1-for-xendesktop-3-catapulting-its-ica-features-past-ica-in-xenapp-behold-the-powers-of-competition.aspx

Advanced Access Control and the Citrix Secure Access Client

When using the Citrix Advanced Access Control (AAC) software with the Citrix Access Gateway the Secure Access Client must be installed with some additional command line arguments. The Secure Access Client must be downloaded and insalled with these command line arguments.

CitrixSAClient.exe -Q -D https://cag.company.com -i

After installing there will be a shortcut on the desktop that will take the user to the CAG login page. After login the user will be prompted to install the net6helper.dll add-on in Internet Explorer.

After this add-on is installed the user will then be connected to the VPN.

http://support.citrix.com/article/CTX114917

http://support.citrix.com/article/CTX108757

Citrix XenApp 5 Hotfix Rollup Pack 4

Citrix has released a new hotfix rollup pack for XenApp 5/Presentation Server 4.5 for Windows 2003.

Before you install this latest rollup pack make sure you read through this article http://support.citrix.com/article/CTX119069

One of the most important prerequisites is to update your Citrix Licensing server to 11.6 https://www.citrix.com/English/ss/downloads/details.asp?downloadId=1688507&productId=186%20target=

If you have not yet installed hotfix rollup pack 3 then you first need to install the Microsoft Visual C++ 2005 SP1 Redistributable Package from here http://www.microsoft.com/downloads/details.aspx?familyid=200B2FD9-AE1A-4A14-984D-389C36F85647

Citrix Application Streaming Troubleshooting

Here are some useful resources for troubleshooting Citrix Application Streaming.

Troubleshooting Application Streaming Issues – http://support.citrix.com/article/CTX113304

Application Streaming FAQs for Administrators – http://support.citrix.com/article/ctx118181

RadeRunSwitches – Application Streaming – http://community.citrix.com/blogs/citrite/josephno/2008/03/28/RadeRunSwitches+-+Application+Streaming

Citrix Application Streaming Guide for XenApp 5.0 – http://support.citrix.com/servlet/KbServlet/download/17820-102-18856/Application-Streaming-Guide.pdf

How to Find the .Rad File that is Used to Launch a Streamed Application – http://support.citrix.com/article/CTX114673

XenApp Plug-in for Streamed Apps – Version 1.3 – http://www.citrix.com/English/ss/downloads/details.asp?downloadId=1686680&productId=186&c1=sot2755

Application Streaming Utilities – http://support.citrix.com/article/ctx115137

How to Enable the Streaming Client Debug Console – http://support.citrix.com/article/ctx112472

Application Streaming Licensing Explained – http://support.citrix.com/article/ctx112636

XenServer Troubleshooting for VMware Engineers Part 1

I thought it would be helpful for all of the engineers out there that have a VMware ESX background and are starting to implement Citrix XenServer. There are a lot of similarities between the two virtualization platforms.

One of the issues I ran into recently was the changes made to a host via the cmd line not displaying in the XenCenter management console. To fix this you can issue the “xe–toolstack–restart” command to restart the management stack on the XenServer host.

This command is the first thing you should try if there is any type host connectivity or pool issue in XenCenter.

This is similar to the VMware ESX cmd “service mgmt-vmware restart”.

User Profiles Best Practices White Paper

Check out my updated User Profiles Best Practices White Paper.

http://www.varrow.com/index.php?id=98

Mandatory User Profiles in Windows 2008 Terminal Server and XenApp 5

Some of you may have already known about the mandatory profile change in Windows 2008 but I had no idea. I recently did my first Citrix XenApp 5 – Windows 2008 project and had a hard time getting the mandatory profile working.

After some searching I found that the mandatory profile folder name has to have a “.v2” appended to the end of the folder name. The reason Microsoft made this change is because the user profile sturcture in Vista and Windows 2008 is a lot different than in previous versions of Windows. By forcing you to append .v2 to the end of the folder prevents Windows 2008 from trying to load a profile from a previous version of Windows.

It was a little tricky configuring Group Policy to point to the mandatory profile with a .v2 on the folder name. When I first configured the “Set path for TS Roaming User Profile” setting I set it to %logonserver%\netlogon\xenapp-prof.v2. This didn’t work, I had to set the profile path to %logonserver%\netlogon\xenapp-prof and then Windows 2008 automatically appends .v2 to the end when looking for the path.

So to recap,

1. I created a mandatory profile with the folder name “xenapp-prof.v2”.
2. I configured my profile path to point to “%logonserver%\netlogon\xenapp-prof”. If you configure the profile path with a .v2 it will not work.

Hotfix Recommendations for Windows 2008 XenApp Servers Streamed with Provisioning Server 5.1

I did a migration last week at a clients site from Windows 2003 Presentation Server 4.5, Provisioning Server 4.5 and Web Interface 4.6 to Windows 2008 XenApp 5, Provisioning Server 5.1a and Web Interface 5.

During the image build for Windows 2008 XenApp I had a few issue that were resolved by installing these 5 Windows 2008 hot fixes from Microsoft.

• http://support.microsoft.com/kb/951149/en-us – “Stop error on a Windows Server 2008-based terminal server when the server is running under a heavy load: 0x0000000A”
• http://support.microsoft.com/kb/949914 – “Citrix ICA clients may crash when they are connecting to a Windows Server 2008-based terminal server that has Citrix Presentation Server installed”
• http://support.microsoft.com/kb/955625 – “Mandatory user profiles do not work as expected on Windows Vista-based and Windows Server 2008-based client computers when the %LogonServer% environment variable is set in the profile path”
• http://support.microsoft.com/kb/953531 – “A  0x0000007E Stop error occurs in Windows Server 2008 after you unmount and delete a persistent VSS snapshot”
• http://support.microsoft.com/kb/958652 – “Some Citrix commands do not work correctly in Citrix XenApp 5.0 for Windows Server 2008”

Upgrading Citrix XenDesktop Virtual Desktop Agent with Citrix Password Manager Agent

I updated the XenDesktop Virtual Desktop Agent from 2.0 to the latest build of 2.1 at a client’s site today. After the upgrade the Citrix Password Manager Agent stopped working properly. It would connect to AD at login and appear OK but when an application configured for Password Manager was opened the credentials were not submitted.

Here is what I did to fix this.

1. Tried updateting the Password Manager Agent from 4.6.93 to 4.6.94. This didn’t work.
2. Uninstalled the Password Manager Agent and rebooted.
3. Uninstalled the Virtual Desktop Agent and rebooted.
4. Installed the Virtual Desktop Agent and rebooted.
5. Installed the Password Manager Agent and rebooted. This fixed the issue.

From now on when updating the VDA uninstall both VDA and Password Manager Agent then reinstall the VDA and then the Password Managaer Agent.

How to build and Optimize a Windows XP Image for XenDesktop

1. Use a volume license Windows XP ISO that already has SP2/SP3 on it.

2. Build a new VM that has at least 512 MB and a 6 – 8 GB drive. You may need more or less depending the applications that will be installed.

3. Attach the Windows XP ISO to the CD/DVD drive and set it to connect at power on.

4. Attach the Buslogic driver floppy image “/vmimages/floppies/vmscsi-1.2.0.2.flp” to the Floppy drive.

5. On the VM Edit Settings window go to the Options tab and in the General section uncheck the Enable logging check box.

6. Go to the Boot Options section and check the box to force going into the BIOS on next boot.

7. Power on the VM and when the BIOS appears go to Advanced, I/O Device Configuration.

8. Disable the Serial and Parallel ports.

9. Go to the Boot menu and set the CD-ROM first in the boot order.

10. Save and exit.

11. When the install starts press the F6 key to load a mass storage driver.

12. Press S to load the Buslogic driver.

13. Press Enter to choose the driver.

14. Continue installing Windows XP.

15. During the install you will get a couple of driver install prompts, choose Yes to both.

16. On first boot after the initial install the startup wizard will run. On the 2^nd screen choose “Not right now”

17. Choose, “No” and then choose Skip at the bottom.

18. Choose “No, not at this time.”

19. Type “temp” for your name.

20. Go to VM, Edit settings, disconnect the CD and floppy, set them both to Client device.

21. Install VMware Tools, choose to do a Custom install.

22. Do not install the Shared Folders driver.

23. After the install completes reboot.

24. Right-click on the desktop and go to display properties, set the theme to Windows Classic.

25. Set the Screen Saver to none. Click Apply.

26. Go to My Computer properties, Advanced tab, Performance settings. Choose “Adjust for best performance”, click Apply.

27. Go to Startup and Recovery settings. Set the debugging information to none, uncheck the “Send an administrative alert”. Click OK.

28. Go to Error Reporting and choose Disable error reporting and uncheck the notify box.

29. Go to the Remote tab and uncheck both boxes. Click Apply.

30. Go to the Automatic Updates tab and turn off automatic updates. Click Apply.

31. Go to the System Restore tab and turn off System Restore. Click Apply.

32. Click OK, to exit the System Properties window.

33. Right-click on the taskbar and go to properties. Go to the Start Menu tab and choose Classic Start Menu, click apply, click Customize.

34. Scroll to the bottom of the Advanced Start menu options and check the box for “Show Small Icons in Start menu” and uncheck the “Use Personalized Menus” box. Click OK, and click OK.

35. Right-click on the desktop and go to properties. Go to the Desktop tab and click Customize Desktop, uncheck the Run Desktop Cleanup Wizard every 60 days, click OK, click Apply.

36. Go to the Appearance tab and click Advanced, uncheck all of the boxes and click OK. Click OK.

37. Right-click on the taskbar, go to Toolbars and choose Quick Launch.

38. Open the Control Panel, go to the View menu, choose Status bar and List.

39. Right-click on the Go button and uncheck the Go Button.

40. Right-click on the toolbar and choose Customize, set the Text options to No text labels and set Icon options to Small icons.

41. Go to Tools, Folder Options, View tab and check/uncheck the boxes below.

42. Click Apply, click Apply to All Folders and choose Yes.

43. Go to Add/Remove Programs, Add/Remove Windows Components. Go to Accessories and Utilities, remove Games and remove the optional components shown below.

44. Remove MSN Explorer, Networking Services, Outlook Express and Windows Messenger.

45. Choose No to reboot now.

46. Open User Accounts, click Change the way users log on or off, Uncheck both boxes and click apply.

47. Right-click on the taskbar, go to properties and check the box to Display Log Off.

48. Right-click on the Start button and choose Open All Users. Delete the three shortcuts for Set Program Access and Defaults, Windows Catalog and Window Update.

49. Go to Control Panel, Administrative Tools, Right-click Computer Management and choose Author.

50. Maximize the window, Expand Services and Applications, select Services, expand the Name column, go to File Save, choose Yes to the prompt. Close Computer Management.

51. Open Computer Management again, go to Services, Stop and disable these services.

a. Computer Browser

b. Error Reporting Service

c. Help and Support

d. Security Center

e. Task Scheduler

f. SSDP Discovery Service

g. Themes

h. Windows Firewall/Internet Connection Sharing (ICS)

i. Wireless Zero Configuration

52. Go to Start, Run and type regedit, go to this key, HKEY_USERS\.DEFAULT\Control Panel\Desktop and delete the SCRNSAVE.EXE name.

53. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, right-click on Parameters and choose New, DWORD value, type DisableTaskOffload and set the Data to 1.

54. Go to HKEY_CURRENT_USER\Control Panel\Desktop and change the MenuShowDelay to 0.

55. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control, right-click on Control and choose New DWORD value, type ServicesPipeTimeout and set the Data to 120000 decimal.

56. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server and add a new DWORD value called AllowRemoteRPC and set it to 1. This will allow shadowing of the XenDesktop session for remote support. Once this key is set you can shadow a session by running this command “shadow 0 /server:VMNAME.

57. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete the VMware Tools name.

58. Go to Start, Run and type cmd to open the CMD prompt. Type “FSUTIL behavior set disablelastaccess 1” and press Enter.

59. Type “sfc /purgecache”, press enter, type “sfc /cachesize=0” and press enter. Type exit.

60. Reboot and login as temp.

61. Click on the Windows XP Tour in the system tray, click Cancel.

62. Go to Start, Settings, Printers and Faxes. Go to File, Server Properties, Advanced tab and uncheck all of the boxes.

63. Open Internet Explorer, go to Tools, Windows Update. Install the Microsoft Update by clicking the Go button.

64. Install all High Priority updates and under Software, Optional install Root Certificates Update.

65. After the updates complete, reboot.

66. Login as temp.

67. Run Microsoft Update from the Start menu to get any remaining updates.

68. Right-click on the Language bar and choose Settings.

69. Go to the Advanced tab and turn off advanced text services.

70. Go to the cmd prompt and run this command to unregister the language bar.
“Regsvr32.exe /u msutb.dll”

71. Right-click on Internet Explorer on the desktop and go to properties.

72. Set the Home page to blank and click Delete and then click Delete all, check the box to Also delete files.

73. Go to the Advanced tab and check/uncheck the boxes below

74. Open Internet Explorer and go through the first time startup wizard, choose to keep

75. Change the default search provider from Live Search to Google.

76. Go to My Computer properties, Advanced tab, Performance settings, Advanced tab and set the page file on the C drive to No paging file, click Set. Do not reboot yet.

77. Download and install the User Profile Hive Cleanup tool. The fastest way to find this tool is to search Google for uphclean.

78. Reboot and login as Administrator.

79. Open My Computer, go to Tools, Folder options and set the view option to show hidden files and folders.

80. Right-click on My Computer, go to Properties, Advanced, User Profiles Settings, select temp, copy to, browse to c:\documents and settings\default user, change Permitted to use to Authenticated users. Click OK, Click Yes to the confirm copy question.

81. Log out and login as temp.

82. Delete the local administrators profile from the system properties tool.

83. Log out and login as Administrator.

84. Delete the temp user account and user profile.

85. Go to C:\WINDOWS and delete all the folders that start and end with a $

86. Open C:\Documents and Settings\Default User and delete the temp’s Documents folder.

87. Defragment the C drive.

88. Power down the VM and convert it to a template.

89. Use this template to deploy an XP VM for use with any VDI (XenDesktop, VMware) or use it for any purpose that an XM VM is needed.