Terminal Server/XenApp vs VDI

There is a lot of hype these days around VDI and it seems like every week there is some new VDI related product or company being announced. With all of these options available how is company ever to decide on which VDI solution to go with?

In my opinion you should first decide on whether or not you want to go with Terminal Services/XenApp or VDI. Both technologies offer the same advantages and feature sets but Terminal Services/XenApp has a much cheaper per user cost and is a proven solution that has been around for 12 years. VDI is cool, hip and is in all of the industry news but it is very young and still evolving.

In my opinion VDI is for special use cases and for applications that will not run in Terminal Services.

Brian Madden did a great session on this at VMworld Europe 2009.

Any company currently looking at VDI should watch this session and first decide if Terminal Services would work for them. If so you can save a lot of money in infrastructure costs by using Terminal Services/XenApp.

http://www.brianmadden.com/blogs/videos/archive/2009/03/23/terminal-services-versus-vdi-brian-s-presentation-from-vmworld-europe-2009.aspx

Advertisements

How to install EMC Navisphere Host Agent on Citrix XenServer 5

If you are integrating Citrix XenServer with EMC Clariion storage the Navisphere Host Agent (naviagent) can be installed in the Linux management OS (domain 0) so that the host registers with Navisphere.

  1. Download the Navisphere Host Agent 6.28 from here (requires Powerlink login) – http://tinyurl.com/n5cbu2
  2. Unzip and copy the RPM to the /tmp folder of the XenServer host. I use a tool from Bitvise called Tunnelier to do this – http://dl.bitvise.com/Tunnelier-Inst.exe
  3. From the SSH shell go to the /tmp folder and give give yourself execute permissions to the rpm with this command “chmod 755 *.rpm”
  4. Type this command to install “rpm -i naviagent-6.28.20.1.40-1.noarch.rpm”
  5. Open the firewall ports using these commands

iptables -D RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6389 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p udp –dport 6389 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6389 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p udp –dport 6389 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6390 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6390 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6391 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6391 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6392 -j ACCEPT –src SPA-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -m state –state NEW -p tcp –dport 6392 -j ACCEPT –src SPB-IP-ADDRESS
iptables -A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
iptables-save >/etc/sysconfig/iptables

Reboot the host and then check Navisphere to see if the host registered.

Citrix Provisioning Server 5.1 and XenDesktop Setup Wizard

With the new version of Provisioning Server Citrix changed the management console ports from 8000 and 8001 to 54321 and 54322. The reason for this change is so that PVS can be installed on the XenDesktop Desktop Delivery Controller without port conflicts.

The port change breaks the the XenDesktop Setup Wizard because by default the setup wizard tries to communicate with PVS on ports 8000 and 8001.

To fix this you must edit the SetupToolApplication.exe.config file that is located in the “C:\Program Files\Citrix\XenDesktop Setup Wizard” folder and change the two ports from 8000 to 54321 and from 8001 to 54322.

The Provisioning Server 5.1 release notes states that you only have to change the 8000 port but in my experience I had to change both.

http://support.citrix.com/article/CTX121336

Citrix XenConvert

Citrix XenConvert is a tool to migrate (P2V) physical (or virtual) Windows systems to XenServer.

XenConvert is similar to VMware Converter but without some of the advanced features and functions differently.

XenConvert is installed and executed on the source system and only one local disk can be converted at a time.

You must have 115% free space to convert a disk, the free space doesn’t have to be on the same local disk but cannot be a mapped network drive. XenConvert creates a local VHD file, mounts it as a new drive and then copies the contents of the local drive you are converting to the new VHD file.

If during the XenConvert wizard you chose to migrate to XenServer it then takes the VHD and creates an XVA (XenServer Virtual Applicance) and then moves it up to the XenServer and creates the new VM.

The process takes at least twice as long as it does with VMware Converter. Most of this time is spent copying the local disk to the local VHD file.

XenConvert does not have a feature that lets you resize the destination VHD, if your local disk is 72 GB then the virtual disk will be 72 GB.

Some other features of XenConvert include the ability to convert an offline VMDK to either a VHD or OVF and Microsoft VMs to OVF.

http://community.citrix.com/blogs/citrite/simoncr/2009/04/16/XenConvert+v2+Tech+Preview+-+OVF+and+VMDK+Support+for+XenServer

Citrix preps Feature Pack 1 for XenDesktop 3

The below is from Brian Madden’s blog.

Citrix will be releasing Feature Pack 1 for XenDesktop 3 at Citrix Synergy in two weeks.

Here is a list of new features.

http://www.brianmadden.com/blogs/brianmadden/archive/2009/04/20/citrix-preps-feature-pack-1-for-xendesktop-3-catapulting-its-ica-features-past-ica-in-xenapp-behold-the-powers-of-competition.aspx

Advanced Access Control and the Citrix Secure Access Client

When using the Citrix Advanced Access Control (AAC) software with the Citrix Access Gateway the Secure Access Client must be installed with some additional command line arguments. The Secure Access Client must be downloaded and insalled with these command line arguments.

CitrixSAClient.exe -Q -D https://cag.company.com -i

After installing there will be a shortcut on the desktop that will take the user to the CAG login page. After login the user will be prompted to install the net6helper.dll add-on in Internet Explorer.

After this add-on is installed the user will then be connected to the VPN.

http://support.citrix.com/article/CTX114917

http://support.citrix.com/article/CTX108757

Citrix XenApp 5 Hotfix Rollup Pack 4

Citrix has released a new hotfix rollup pack for XenApp 5/Presentation Server 4.5 for Windows 2003.

Before you install this latest rollup pack make sure you read through this article http://support.citrix.com/article/CTX119069

One of the most important prerequisites is to update your Citrix Licensing server to 11.6 https://www.citrix.com/English/ss/downloads/details.asp?downloadId=1688507&productId=186%20target=

If you have not yet installed hotfix rollup pack 3 then you first need to install the Microsoft Visual C++ 2005 SP1 Redistributable Package from here http://www.microsoft.com/downloads/details.aspx?familyid=200B2FD9-AE1A-4A14-984D-389C36F85647

Citrix Application Streaming Troubleshooting

Here are some useful resources for troubleshooting Citrix Application Streaming.

Troubleshooting Application Streaming Issueshttp://support.citrix.com/article/CTX113304

Application Streaming FAQs for Administratorshttp://support.citrix.com/article/ctx118181

RadeRunSwitches – Application Streaminghttp://community.citrix.com/blogs/citrite/josephno/2008/03/28/RadeRunSwitches+-+Application+Streaming

Citrix Application Streaming Guide for XenApp 5.0http://support.citrix.com/servlet/KbServlet/download/17820-102-18856/Application-Streaming-Guide.pdf

How to Find the .Rad File that is Used to Launch a Streamed Applicationhttp://support.citrix.com/article/CTX114673

XenApp Plug-in for Streamed Apps – Version 1.3http://www.citrix.com/English/ss/downloads/details.asp?downloadId=1686680&productId=186&c1=sot2755

Application Streaming Utilitieshttp://support.citrix.com/article/ctx115137

How to Enable the Streaming Client Debug Consolehttp://support.citrix.com/article/ctx112472

Application Streaming Licensing Explainedhttp://support.citrix.com/article/ctx112636

XenServer Troubleshooting for VMware Engineers Part 1

I thought it would be helpful for all of the engineers out there that have a VMware ESX background and are starting to implement Citrix XenServer. There are a lot of similarities between the two virtualization platforms.

One of the issues I ran into recently was the changes made to a host via the cmd line not displaying in the XenCenter management console. To fix this you can issue the “xetoolstackrestart” command to restart the management stack on the XenServer host.

This command is the first thing you should try if there is any type host connectivity or pool issue in XenCenter.

This is similar to the VMware ESX cmd “service mgmt-vmware restart”.

Mandatory User Profiles in Windows 2008 Terminal Server and XenApp 5

Some of you may have already known about the mandatory profile change in Windows 2008 but I had no idea. I recently did my first Citrix XenApp 5 – Windows 2008 project and had a hard time getting the mandatory profile working.

After some searching I found that the mandatory profile folder name has to have a “.v2” appended to the end of the folder name. The reason Microsoft made this change is because the user profile sturcture in Vista and Windows 2008 is a lot different than in previous versions of Windows. By forcing you to append .v2 to the end of the folder prevents Windows 2008 from trying to load a profile from a previous version of Windows.

It was a little tricky configuring Group Policy to point to the mandatory profile with a .v2 on the folder name. When I first configured the “Set path for TS Roaming User Profile” setting I set it to %logonserver%\netlogon\xenapp-prof.v2. This didn’t work, I had to set the profile path to %logonserver%\netlogon\xenapp-prof and then Windows 2008 automatically appends .v2 to the end when looking for the path.

gpots

So to recap,

  1. I created a mandatory profile with the folder name “xenapp-prof.v2”.
  2. I configured my profile path to point to “%logonserver%\netlogon\xenapp-prof”. If you configure the profile path with a .v2 it will not work.

Hotfix Recommendations for Windows 2008 XenApp Servers Streamed with Provisioning Server 5.1

I did a migration last week at a clients site from Windows 2003 Presentation Server 4.5, Provisioning Server 4.5 and Web Interface 4.6 to Windows 2008 XenApp 5, Provisioning Server 5.1a and Web Interface 5.

During the image build for Windows 2008 XenApp I had a few issue that were resolved by installing these 5 Windows 2008 hot fixes from Microsoft.

Upgrading Citrix XenDesktop Virtual Desktop Agent with Citrix Password Manager Agent

I updated the XenDesktop Virtual Desktop Agent from 2.0 to the latest build of 2.1 at a client’s site today. After the upgrade the Citrix Password Manager Agent stopped working properly. It would connect to AD at login and appear OK but when an application configured for Password Manager was opened the credentials were not submitted.

Here is what I did to fix this.

  1. Tried updateting the Password Manager Agent from 4.6.93 to 4.6.94. This didn’t work.
  2. Uninstalled the Password Manager Agent and rebooted.
  3. Uninstalled the Virtual Desktop Agent and rebooted.
  4. Installed the Virtual Desktop Agent and rebooted.
  5. Installed the Password Manager Agent and rebooted. This fixed the issue.

From now on when updating the VDA uninstall both VDA and Password Manager Agent then reinstall the VDA and then the Password Managaer Agent.

How to build and Optimize a Windows XP Image for XenDesktop

1. Use a volume license Windows XP ISO that already has SP2/SP3 on it.

2. Build a new VM that has at least 512 MB and a 6 – 8 GB drive. You may need more or less depending the applications that will be installed.

3. Attach the Windows XP ISO to the CD/DVD drive and set it to connect at power on.

4. Attach the Buslogic driver floppy image “/vmimages/floppies/vmscsi-1.2.0.2.flp” to the Floppy drive.
clip_image002

5. On the VM Edit Settings window go to the Options tab and in the General section uncheck the Enable logging check box.
clip_image004

6. Go to the Boot Options section and check the box to force going into the BIOS on next boot.
clip_image006

7. Power on the VM and when the BIOS appears go to Advanced, I/O Device Configuration.
clip_image008

8. Disable the Serial and Parallel ports.
clip_image010

9. Go to the Boot menu and set the CD-ROM first in the boot order.
clip_image012

10. Save and exit.

11. When the install starts press the F6 key to load a mass storage driver.

12. Press S to load the Buslogic driver.
clip_image014

13. Press Enter to choose the driver.
clip_image016

14. Continue installing Windows XP.

15. During the install you will get a couple of driver install prompts, choose Yes to both.
clip_image018

16. On first boot after the initial install the startup wizard will run. On the 2nd screen choose “Not right now”
clip_image020

17. Choose, “No” and then choose Skip at the bottom.
clip_image022

18. Choose “No, not at this time.”
clip_image024

19. Type “temp” for your name.
clip_image026

20. Go to VM, Edit settings, disconnect the CD and floppy, set them both to Client device.
clip_image028

21. Install VMware Tools, choose to do a Custom install.
clip_image030

22. Do not install the Shared Folders driver.
clip_image032

23. After the install completes reboot.

24. Right-click on the desktop and go to display properties, set the theme to Windows Classic.
clip_image034

25. Set the Screen Saver to none. Click Apply.

26. Go to My Computer properties, Advanced tab, Performance settings. Choose “Adjust for best performance”, click Apply.
clip_image036

27. Go to Startup and Recovery settings. Set the debugging information to none, uncheck the “Send an administrative alert”. Click OK.
clip_image038

28. Go to Error Reporting and choose Disable error reporting and uncheck the notify box.
clip_image040

29. Go to the Remote tab and uncheck both boxes. Click Apply.
clip_image042

30. Go to the Automatic Updates tab and turn off automatic updates. Click Apply.
clip_image044

31. Go to the System Restore tab and turn off System Restore. Click Apply.
clip_image046

32. Click OK, to exit the System Properties window.

33. Right-click on the taskbar and go to properties. Go to the Start Menu tab and choose Classic Start Menu, click apply, click Customize.
clip_image048

34. Scroll to the bottom of the Advanced Start menu options and check the box for “Show Small Icons in Start menu” and uncheck the “Use Personalized Menus” box. Click OK, and click OK.
clip_image050

35. Right-click on the desktop and go to properties. Go to the Desktop tab and click Customize Desktop, uncheck the Run Desktop Cleanup Wizard every 60 days, click OK, click Apply.
clip_image052

36. Go to the Appearance tab and click Advanced, uncheck all of the boxes and click OK. Click OK.
clip_image054

37. Right-click on the taskbar, go to Toolbars and choose Quick Launch.
clip_image056

38. Open the Control Panel, go to the View menu, choose Status bar and List.
clip_image058

39. Right-click on the Go button and uncheck the Go Button.
clip_image060

40. Right-click on the toolbar and choose Customize, set the Text options to No text labels and set Icon options to Small icons.
clip_image062

41. Go to Tools, Folder Options, View tab and check/uncheck the boxes below.
clip_image064
clip_image066

42. Click Apply, click Apply to All Folders and choose Yes.

43. Go to Add/Remove Programs, Add/Remove Windows Components. Go to Accessories and Utilities, remove Games and remove the optional components shown below.
clip_image068

44. Remove MSN Explorer, Networking Services, Outlook Express and Windows Messenger.
clip_image070

45. Choose No to reboot now.

46. Open User Accounts, click Change the way users log on or off, Uncheck both boxes and click apply.
clip_image072

47. Right-click on the taskbar, go to properties and check the box to Display Log Off.
clip_image074

48. Right-click on the Start button and choose Open All Users. Delete the three shortcuts for Set Program Access and Defaults, Windows Catalog and Window Update.
clip_image076

49. Go to Control Panel, Administrative Tools, Right-click Computer Management and choose Author.
clip_image078

50. Maximize the window, Expand Services and Applications, select Services, expand the Name column, go to File Save, choose Yes to the prompt. Close Computer Management.
clip_image080

51. Open Computer Management again, go to Services, Stop and disable these services.

a. Computer Browser

b. Error Reporting Service

c. Help and Support

d. Security Center

e. Task Scheduler

f. SSDP Discovery Service

g. Themes

h. Windows Firewall/Internet Connection Sharing (ICS)

i. Wireless Zero Configuration

52. Go to Start, Run and type regedit, go to this key, HKEY_USERS\.DEFAULT\Control Panel\Desktop and delete the SCRNSAVE.EXE name.
clip_image082

53. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, right-click on Parameters and choose New, DWORD value, type DisableTaskOffload and set the Data to 1.
clip_image084

54. Go to HKEY_CURRENT_USER\Control Panel\Desktop and change the MenuShowDelay to 0.
clip_image086

55. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control, right-click on Control and choose New DWORD value, type ServicesPipeTimeout and set the Data to 120000 decimal.
clip_image088

56. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server and add a new DWORD value called AllowRemoteRPC and set it to 1. This will allow shadowing of the XenDesktop session for remote support. Once this key is set you can shadow a session by running this command “shadow 0 /server:VMNAME.
clip_image090

57. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete the VMware Tools name.
clip_image092

58. Go to Start, Run and type cmd to open the CMD prompt. Type “FSUTIL behavior set disablelastaccess 1” and press Enter.
clip_image094

59. Type “sfc /purgecache”, press enter, type “sfc /cachesize=0” and press enter. Type exit.
clip_image096

60. Reboot and login as temp.

61. Click on the Windows XP Tour in the system tray, click Cancel.
clip_image098

62. Go to Start, Settings, Printers and Faxes. Go to File, Server Properties, Advanced tab and uncheck all of the boxes.
clip_image100

63. Open Internet Explorer, go to Tools, Windows Update. Install the Microsoft Update by clicking the Go button.
clip_image102

64. Install all High Priority updates and under Software, Optional install Root Certificates Update.
clip_image104

65. After the updates complete, reboot.

66. Login as temp.

67. Run Microsoft Update from the Start menu to get any remaining updates.

68. Right-click on the Language bar and choose Settings.
clip_image106

69. Go to the Advanced tab and turn off advanced text services.
clip_image108

70. Go to the cmd prompt and run this command to unregister the language bar.
“Regsvr32.exe /u msutb.dll”
clip_image110

71. Right-click on Internet Explorer on the desktop and go to properties.

72. Set the Home page to blank and click Delete and then click Delete all, check the box to Also delete files.
clip_image112

73. Go to the Advanced tab and check/uncheck the boxes below
clip_image114
clip_image116

74. Open Internet Explorer and go through the first time startup wizard, choose to keep

75. Change the default search provider from Live Search to Google.
clip_image118
clip_image120
clip_image122

76. Go to My Computer properties, Advanced tab, Performance settings, Advanced tab and set the page file on the C drive to No paging file, click Set. Do not reboot yet.
clip_image124

77. Download and install the User Profile Hive Cleanup tool. The fastest way to find this tool is to search Google for uphclean.
clip_image126

78. Reboot and login as Administrator.

79. Open My Computer, go to Tools, Folder options and set the view option to show hidden files and folders.
clip_image128

80. Right-click on My Computer, go to Properties, Advanced, User Profiles Settings, select temp, copy to, browse to c:\documents and settings\default user, change Permitted to use to Authenticated users. Click OK, Click Yes to the confirm copy question.
clip_image130

81. Log out and login as temp.

82. Delete the local administrators profile from the system properties tool.
clip_image132

83. Log out and login as Administrator.

84. Delete the temp user account and user profile.

85. Go to C:\WINDOWS and delete all the folders that start and end with a $
clip_image134

86. Open C:\Documents and Settings\Default User and delete the temp’s Documents folder.
clip_image136

87. Defragment the C drive.
clip_image138

88. Power down the VM and convert it to a template.

89. Use this template to deploy an XP VM for use with any VDI (XenDesktop, VMware) or use it for any purpose that an XM VM is needed.