XenDesktop | Daniel Ruiz - Blog

User Profiles on your Golden image

January 23, 2013 Leave a comment

Following my previous post about user profiles not removed at logoff, I noticed every now and then a temporary user profile will be utilized rather than the roaming/mandatory profile.

When connecting with specific accounts, I noticed the following error “You have been logged on with a temporary profile…”

Environment:

Windows 2008 R2
XenApp 6.5
XenDesktop 5.6
UPM 4.1

Issue:

When connecting to XenApp/XenDesktop, the user will receive an the error “You have been logged on with a temporary profile…”
All user customization are lost when connecting with the temporary profile.

Cause:

In this case, the user accounts “not working” were stored in the Golden PVS image, even though the profile was NOT listed under “User Profiles” located under “Control Panel\System and Security\System\Advanced system settings\User Profiles Settings”, however the profile was still stored in the registry, even after the profile directory was deleted.

Solution:

Launch regedit.
Navigate to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. Within the ProfileList hive, each account has a directory with a name similar to S-1-5-*.
Click each directory and check the ProfileImagePath key to determine the user account name.
Note the accounts that you want to remove and their associated GUID.
Remove these GUIDs from both these locations:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileGuid

After the changes above, everything worked as expected.

Filed under XenApp, XenDesktop Tagged with Your user profile was not loaded correctly

XenApp 6.5 Session Limits

December 28, 2012 1 Comment

This seems to be a bit confusing, and I think Citrix needs to do a much better job explaining/providing details how this works. Since session policies do not apply to XenApp 6.x and only XenDesktop 5.x, there are multiple forums detailing how Citrix Admins are experiencing challenges with session handling.

Why are they there then? My gut feeling tells me that the reason why you see these policies in place, but they actually don’t work for XenApp, is that they are made for the new version of XenApp, which based on the information that is available, it will communicate to the backend via the Virtual Desktop Agent (VDA) and will be managed via the Desktop Director in the same way XenDesktop is currently managed.

Environment:

Windows 2008 R2
Citrix XenApp 6.5

Issue:

Session policies do not apply to XenApp 6.5 applications

Background:

In previous versions of XenApp, configuring the Idle and Disconnected session limits was done either from the ICA listener, or through Microsoft Terminal Services group policies. If you have a GPO set up for your XenApp Servers (located under “Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits”) you will see that the “Override user settings” is grayed out. If that is the case, make sure you take a look at the GPO and disable it.

Important:

The session limits settings in a user policy only apply to XenDesktop! so when things are not working and you scratching your head, it is not you, it is the way that things work for now.

From Citrix Support “In XenApp 6, Disconnected Session policies cannot be configured on the Console since they only apply to XenDesktop”

Solution:

Click the Start menu, select All Programs, Citrix, Administration Tools, and ICA Listener Configuration.

Select the ICA listener, and click the Edit option.

On the Session Limits tab, configure the desired value for disconnected sessions in the drop down menu in the End Disconnected Sessionsection. Click the Apply button and then click Ok.

Head over to CTX126775 to read further information and additional registry information

Filed under XenApp, XenDesktop Tagged with XenApp 6 session limits

XenApp 6.5 Desktop Director 2.1 installation and configuration

December 6, 2012 6 Comments

Looks like Citrix will be getting rid of the AppCenter console (I still call it CMC :)) for application management.

They are finally looking into centralizing both application and virtual desktop management with a single interface. Specially with the next version of XenApp, you will no longer need AppCenter for your app deployments. You can read more on Project (Avalon) Excalibur Technology on one of my previous posts

Citrix has released a nice install guide to install and configure Desktop Director 2.1 to use with XenApp 6.5 and would like to share it with you.

Requirements

A XenApp 6.5 Farm
An available server to install Desktop Director, it can also be added to the XenApp 6.5 Controller
An install Media for XenDesktop 5.6 Feature pack 1
IIS 7 installed on the server that hosts the Desktop Director
.NET Framework 3.5 Sp1
Adobe Flash 10.x or above
Firewall exceptions for port 80, 2513 and 5985

Procedure

Ensure you have downloaded the ISO for XenDesktop 5.6 Feature pack 1; it is needed this for the DesktopDirector install.

If it is not already installed on the operating system, install .NET 3.5 Sp1 and Adobe Flash 10.x or above

Mount the XenDesktop ISO and launch the autorun option from the media and select the XenDesktop Option. Agree to the Licensing Agreement on the next page.

Select Desktop Director on the Select Components to Install and input the XenApp 6.5 controller FQDN in the Enter the address of the XenDesktop Controller field. Note: If the XenDesktop Controller option is not displayed, you are installing on a XenApp 6.5 server.

Click Next, at the install prompt, click the Install tab. When the installation completes, click Close.

Open IIS Manager on the Desktop Director Server to be able to log on to the Desktop Director Console. Select the Desktop Director site under Default Web Site

Locate Service.AutoDiscoveryAddresses in Application Settings. Double click this option and rename it to Service.AutoDiscoveryAddressesXA and ensure the controller FQDN is present. Note: If you have installed this on a XenApp 6.5 server and you are not able to enter the FQDN of the controller at installation, you can change it from Localhost to Your 6.5 Controller FQDN here, refer following image:

Run an IIS reset in the command prompt after the above options are updated. Note: You will be able to log in now, however you will not be able to view user-session specific details yet. You must follow the subsequent steps to be able to log in and view user-session specific details.

On the XenApp 6.5 controller, setup the WinRM permissions using a tool in the XenDesktop 5.6 FP 1 ISO (previously called ConfigRemoteMgmt.exe which was used to access information about session).

Open the command prompt window, browse to the following directory and run the application <Drive Letter>:\x64\Virtual Desktop Agent\ConfigRemoteMgmt.exe. Use the switch – ConfigRemoteMgmt.exe /configwinrm Domain\User.

The user-session specific information can be viewed if the XenApp 6.5 Controller has its permissions set for remote management.

Note: If you are not setting up certificates on the server for SSL, you can disable the SSL verification by changing the UI.EnableSslCheck to false.

View the original article for more information.

Filed under XenApp, XenDesktop Tagged with XenApp 6.5 with Desktop Director

XenApp 6.5 Universal Print Server

November 26, 2012 1 Comment

Traditionally… one of the biggest hurtles for me over the last 12 years have been around ICA print management (Policies, Universal Printer Driver, native drivers, 3rd party tools, native print spool, Citrix print manager, etc).

Although printing via ICA is now pretty darn good with a combination of native drivers and the Universal Printer technology, I always felt there was a need for a 3rd party tool such as ThinPrint or Tricerat for those special cases. As you are aware, Citrix released the Universal Printer Server to make printing a lot easier with XenApp 6.5 Hotfix Rollup Pack (HRP01) and now for XenDesktop 5.6 FP1

What is UPS?

The Universal Print Server introduces the EMF functionality to the print server as the client. Sweet!

That means, again, no native or 3rd party printer driver must be installed on the XenApp server for any printer on the Windows print server. In many environments that should help reduce the installation of printer drivers on the XenApp server dramatically. Having only the Citrix EMF would keep the XenApp farm stable and help with user logon times.

This also resolves two common issues that administrators are faced with today. Leveraging the UPS means the no printer drivers have to be managed on the VDA or XenApp servers at all. Universal Print Servers also can be placed in branch offices to optimize print WAN traffic.

You can read further information on UPS by clicking here as well as Thomas koetzing’s FAQ

Installed correctly?

With the release of Citrix Universal Print Server, Citrix released a new KB article which clearly describes how to check whether Citrix Universal Print Server has been installed and enabled correctly on your XenApp 6.5 HRP01 environment and would like to share with you

The Universal Print Server feature comprises a client component – Universal Print Client (UPClient) that needs to be installed on the XenApp server along with Hotfix Rollup Pack 1 (HRP01) that provides the necessary updates implementing support for the UPS. When installed, the two items will appear in the installed programs list in the server Control Panel->Programs->Programs and Features

Note: The Citrix Universal Print Server package also contains Group Policy Management software that Administrators can install on the system from where they wish to manage the UPS policies. It can be a XenApp server (see Citrix Group Policy Management (x64) item).

After configuring the use of the UPS and the Citrix Universal Print Driver (UPD) in the relevant Citrix policy rules:

Review the following registry locations on the XenApp server to verify the implementation:

scription: Ups enable reg2.png

In this example, value 2 indicates UPS has been enabled with no fallback to Windows native remote printing.

Installing the UPClient software modifies the print provider order list to be as expected.

escription: Untitled.png

The Citrix universal printing provider module filename and location can be checked here.

It is also possible to verify if the Citrix UpProv.dll is in use and loaded into the Print Spooler by issuing the following command in the command line window.

tasklist /m /fi “imagename eq spoolsv.exe”

Here’s the link to the original document.

Filed under XenApp, XenDesktop Tagged with XenApp 6.5 UPS

Citrix VDI-in-a-Box – 1030 Connection Error

November 23, 2012 2 Comments

Issue:

Was helping out a friend with a deployment of Citrix VDI-in-a-Box for their company. After setting up the environment we kept receiving a 1030 Connection error when accessing the virtual desktops from an external connection which utilized CAG 5.04. After thinking that some ACL in the firewall was missing and waited around for the network folks to return emails, I noticed a very important step you need to configure inside vdiMgr.

Checked all the usual places

Is the STA generated from the vdiMrg in the CAG.
Used an SSL checker to see if the SSL was created correctly.
Checked that the vDesktop DHCP range is in the ICA access control list on the CAG.
CHecked that the correct ports are opened up on the firewall.

I found the issue by looking at the default.ica file from WI, and noticing the “Internal HDX gateway IP Addresses” is wrong inside the ICA file and seeing if it has been marked with the internal IP address.

Fix:

If you log in to the vdiMgr console and go to advance properties and look under gateways ensure that you have specified the “Internal HDX gateway IP Addresses” which HAS TO point to the internal IP address of the CAG.