Citrix Scout

Source: Citrix Scout – Citrix Scout

Sealing a XenApp 7.6 PVS vDisk

Run chkdsk C: and reboot
Clean-up event logs if they are not redirected to the cache disk :
- Via PowerShell -> Get-EventLog -List |%{$_.clear()}
- wevtutil cl system
if vSphere is used, delete « ghost » NICs :
- open elevated prompt
- type : ” SET DEVMGR_SHOW_NONPRESENT_DEVICES=1 “ and validate
- type : ” Start devmgmt.msc ” and validate
- click on View and ” Show Hidden Devices “
- delete « ghost » NICs
run slmgr.vbs /dlv to ensure a proper KMS server and license configuration
If MS Distributed Transaction Service is installed, run msdtc.exe -reset
if MS Message Queuing is installed, clear its cache :
- NET STOP MQAC
- NET STOP MSMQ
Run Disk Cleanup on C: drive as elevated administrator
Delete local profiles that are not required
Stop Citrix Profile Manager service
If Citrix Profile Manager is configured via GPO, check that its INI in C:Program FilesCitrixUser Profile Manager has been renamed
Delete Citrix Profile Manager logs from c:WindowsSystem32LogFilesUser Profile Manager if not redirected to the cache disk
if using App-V or similar technology, check for updated App-V content to update the precache within the vDisk image
Perform required “de-personalization” for your antivirus (refer to their KB, as the process will differ based on the vendor)
Perform required “de-personalization” for your monitoring agent (SCOM, Tivoli..)
Perform required “de-personalization” for your other agents (AppSense, RES, SCCM..)
Perform a full antivirus scan on the virtual machine
Stop Client DHCP service
Run elevated : “regedit /s DHCP_clear.reg” (see Dave’s post)
Perform a Defrag on the virtual machine
PvD only: run inventory (with machine shutdown option ticked)
Shutdown the machine if PvD is not used
Perform a defrag of the VHD by mounting it in a WS2012R2 server

How to back up and restore NetScaler

CTX200418

How to Back Up and Restore NetScaler Appliance

Objective

This article explains how to back up and restore NetScaler appliance.

Background

You can back up the current state of a NetScaler appliance, and later use the backed up files to restore the appliance to the same state. You must use this feature before performing an upgrade or for precautionary reasons. A backup of a stable system enables you to restore the system to a stable point in the event that it becomes unstable.

Points to remember

You cannot use the backup file taken from one appliance to restore a different appliance.
You can back up and restore appliances in an HA setup, but ensure that you restore to the same appliance from which the backup file was created. For example, if the backup was taken from the primary appliance of the HA pair, when restoring ensure that the appliance you are restoring is the same appliance, even if it is no longer the primary appliance.
You cannot perform the back up and restore operation on a NetScaler cluster.

Instructions

Backing Up a NetScaler Appliance

Depending on the type of data to be backed up and the frequency at which you will create a backup, you can take a basic backup or a full backup.

Basic backup: Backs up only the configuration files. You might want to perform this type of backup frequently, because files it backs up change constantly. The files that are backed up are as follows:

Directory	Sub-Directory or Files
/nsconfig/	ns.conf ZebOS.conf rc.netscaler snmpd.conf nsbefore.sh nsafter.sh monitors
/var/	download/* log/wicmd.log wi/tomcat/webapps/* wi/tomcat/logs/* wi/tomcat/conf/catalina/localhost/* nslw.bin/etc/krb.conf nslw.bin/etc/krb.keytab netscaler/locdb/* lib/likewise/db/* vpn/bookmark/* netscaler/crl nstemplates/* learnt_data/*
/netscaler/	custom.html vsr.htm

Full backup: In addition to the files that are backed up by a basic backup, a full backup backs up some less frequently updated files. The files that are backed up when using the full backup are as follows:
Directory Sub-Directory or Files
/nsconfig/

ssl/*

license/*

fips/*

/var/

netscaler/ssl/*

wi/java_home/jre/lib/security/cacerts/*

wi/java_home/lib/security/cacerts/*

Directory	Sub-Directory or Files
/nsconfig/	ssl/* license/* fips/*
/var/	netscaler/ssl/* wi/java_home/jre/lib/security/cacerts/* wi/java_home/lib/security/cacerts/*

The backup is stored as a compressed TAR file in the /var/ns_sys_backup/ directory. To avoid issues because of non-availability of disk space, you can store a maximum of 50 backup files in this directory. You can use the rm system backup command to delete existing backup files so that you can create more backups.

Notes:

While the backup operation is in progress, do not execute commands that affect the configuration.
If a file that is required to be backed up is not available, the operation skips that file.

To back up the NetScaler by using the command line interface

At the command prompt, do the following:

Save the NetScaler configurations using:
save ns config
Create the backup file using:
create system backup [<fileName>] -level <basic | full> -comment <string>

Note: If the file name is not specified, the appliance creates a TAR file with the following naming convention:
```
backup_<level>_<nsip_address>_<date-timestamp>.tgz.
```
For example, to back up the full appliance using the default naming convention for the backup file use:
create system backup -level full
Verify that the backup file was created using:
show system backup

You can view properties of a specific backup file by using the fileName parameter.

To back up the NetScaler by using the configuration utility

Navigate to System > Backup and Restore.
On the Details pane, click Backup.
On the Backup screen, specify the details required to backup the appliance.
Click Backup.

Restoring the NetScaler Appliance

When you restore the appliance from a backup file, the restore operation untars the backup file into the /var/ns_sys_backup/directory. Once the untar operation is complete, the files are copied to their respective directories.
Note: The restore operation does not succeed if the backup file is renamed or if the contents of the file are modified.

To restore the NetScaler by using the command line interface

At the command prompt, do the following:

Obtain a list of the backup files available on the appliance:
show system backup
Restore the appliance by specifying one of the backup files:
restore system backup <filename>

For example, to restore by using a full backup of an appliance.
> restore system backup backup_full_<nsip_address>_<date-timestamp>.tgz
Reboot the appliance:
reboot

To restore the NetScaler by using the configuration utility

Navigate to System > Backup and Restore, right-click the backup file to be restored and click Restore.

Scoring an A+ at SSLlabs.com with Citrix NetScaler

Steven Wright of Citrix Consulting shows again how an A+ score at SSLLabs.com can be achieved in just fifteen minutes using Citrix NetScaler.

Source: Scoring an A+ at SSLlabs.com with Citrix NetScaler (the sequel) | Citrix Blogs

Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell | Carl Webster

A customer site I was at recently needed their new XenApp 6.0 farm documented. I remembered reading about Citrix having some PowerShell “stuff” for XenApp

Source: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell | Carl Webster

Reconfigure XenDesktop Desktop Studio

Reconfigure Desktop Studio Console to select which Desktop Delivery Controller (DDC) you want to connect to

Instructions

Close the Desktop Studio console.

Browse to C:Users<Username>AppDataRoamingMicrosoftMMC

Where <Username> is the name of the account you are using.

Delete or rename the DesktopStudio file.

Start the Desktop Studio console. You will be prompt again to enter the DDC.

Note: In XenDesktop 7.x, the file name is Studio.

Citrix Receiver 4.x deployment comand line install

UNC_PathCitrixReceiver.exe /includeSSON ENABLE_SSON=Yes STORE0=”Primary StoreFront;https://storefront01.domain.local/Citrix/Store/discovery;on;Primary Storefront” STORE0=”Secondary StoreFront;https://storefront02.domain..local/Citrix/Store/discovery;on;Secondary Storefront” ENABLE_DYNAMIC_CLIENT_NAME=Yes /ALLOWSAVEPWD=A /silent /noreboot

XenDesktop 7.6 RemotePC VDA command line install

The following command installs a VDA for Windows Desktop OS to the default location on an office PC that will be used with Remote PC Access.

The machine will not be restarted after the VDA is installed; however, a restart is required before the VDA can be used. The VDA will register initially with the Controllers on the server named ‘xdc01’ & ‘xdc02’ in the domain ‘domain.local’ and will use UDP for audio packets.

HDX ports will be opened if the Windows Firewall service is detected

Note: As an alternative to using the full-product ISO to install VDAs, you can use a standalone VDA installation package as i have in the example below. See Install VDAs using the standalone package

"UNC_PathVDAWorkstationSetup.exe" /components vda /controllers "xdc01.domain.local xdc02.domain.local" /enable_remote_assistance /enable_hdx_ports /optimize /enable_real_time_transport /exclude "Personal vDisk","Machine Identity Service" /quiet /noreboot

Storefront Workspace Control

Using PowerShell

Make sure that you close the Admin Console. Run the following code snippet to import the StoreFront PowerShell modules:

$dsInstallProp = Get-ItemProperty `
 -Path HKLM:SOFTWARECitrixDeliveryServicesManagement -Name InstallDir 
$dsInstallDir = $dsInstallProp.InstallDir 
& $dsInstallDir..ScriptsImportModules.ps1

Workspace control reconnect can then be turned on/off by the PowerShell command Set-DSAllowSessionReconnect. Its syntax is:

Set-DSAllowSessionReconnect [[-SiteId] <Int64>] [[-VirtualPath] <String>] `
    [[-IsAllowed] <Boolean>]

For example, if you would like turn off workspace control reconnect for a store in /Citrix/Store, the following command will configure the store appropriately:

Set-DSAllowSessionReconnect -SiteId 1 -VirtualPath /Citrix/Store `
    -IsAllowed $false

Editing web.config

Open web.config under the Store Service, e.g. /Citrix/Store in a text editor. Locate the line looks like:

<resourcesService id="f01f7dc4-7f28-4bc1-b8fb-7c0db9570d20"
      storeLockedDown="false"
      anonymousStore="false" allowSessionReconnect="true" />

Change the value of allowSessionReconnect to false to disable workspace control reconnect or true to enable it.

Treating All Desktops as Applications in StoreFront 3.0

Note: You have to import the StoreFront PowerShell modules before you can run any PowerShell commands below

The following code snippet does this for you:

$dsInstallProp = Get-ItemProperty -Path HKLM:SOFTWARECitrixDeliveryServicesManagement -Name InstallDir
$dsInstallDir = $dsInstallProp.InstallDir
& $dsInstallDir..ScriptsImportModules.ps1

Desktops are treated differently from applications in StoreFront/Receivers. They are placed in a separate Desktop tab and in the case of Receiver for Web, they are not reconnected with workspace control. In some use cases, it is desirable to treat desktops as applications so that they are placed together with applications and get reconnected as part of workspace control. With StoreFront 2.x, you have to add theTreatAsApp keyword to all published desktops to achieve this effect. This can be error-prone if you simply want all desktops to be treated as applications. It lacks flexibility too, if you want one store to treat desktops as applications and the other to preserve the desktop behaviour. StoreFront 3.0 enables you to configure treating all desktops as applications at the store level without the need of adding the TreatAsAppkeyword to all the published desktops. This is configurable using the PowerShell cmdlet. The syntax is:

Continue reading “Treating All Desktops as Applications in StoreFront 3.0”