Nov 132020
 

We recently purchased a 28 Node Nutanix setup. We currently have a good chunk of Citrix VAD in VMware. During the design, I was a bit confused about what plugin went where. After looking back, It’s straightforward now. I wanted to take the opportunity and help put this little quick guide together. That people who go through this can understand what the plugins are and where they go. These plugins are what allow you to integrate Nutainx into CVAD Infrastructure.   Thank you Kees Baggerman and Jarian Gibson for all the advice.

  1. To get to the Nutanix Plugs for Citrix:

https://portal.nutanix.com/page/downloads?product=ahv

Machine generated alternative text:
Search Anything 
Downloads 
AHV 
Hypervisor Bundles 
Hypervisor Bundles 
Products 
Eliminate the complexity 
Citrix 
Virt-Who 
Starting from ADS 5.16, 
For dark-site AHV upgra 
You have not configured Support 
rce delivery via comprehensive app- 
hrough the Life Cycle Manager (LCM) 
nload the latest Nutanix Compatibilf 
Releases prior to ADS 5.16 can be upgraded using LCM, or by One-Click using the 20170BG 
AHV ISO files are used for (re)imaging AHV (Foundation, Expand Cluster, manua 
Additional resources: 
AHV integration packages for 
VirtIO 
Virt-Who 
and 
Citrix 
can be found in the drop-down box
  1. The link will discuss 

https://portal.nutanix.com/page/documents/details?targetId=NTNX-AHV-Plugin-Citrix:ahv-plugin-prereq-ahv-pvs-r.html

  1. FEATURES & SUPPORTED SOFTWARE | NUTANIX AHV PLUG-IN FOR CITRIX XENDESKTOP

https://portal.nutanix.com/page/documents/details?targetId=NTNX-AHV-Plugin-Citrix:nut-ntnx-ahv-plugin-features-mcs-r.html

  1. Director

https://portal.nutanix.com/page/documents/details?targetId=AHV-Plugin-Citrix-Director-Installation-Guide-v1_1_2_0:AHV-Plugin-Citrix-Director-Installation-Guide-v1_1_2_0

Nutanix Plugin for Delivery Controllers

You need to install the Nutanix AHV plugin for Citrix XenDesktop setup wizard on all of your delivery controller. Download the plugin as the screenshot above.

  1. install this for the MCS (Host connection Integration.)
  1. You need to open PowerShell as an admin and install it in my experience lately.
  2. This part is for the HOST Connection for Studio 
Machine generated alternative text:
Nutanix AHV plugin for Citrix XenDesktop Setup Wizard 
x 
Setup Type 
Ci-mse he type hat nits yar '*eds 
KS Citix Xe•OeÖttop wa hstüd 
'KS Citix Ca7*ctr be hst&d 
C) pvs 
PVS PkJ# for Citrix be

This plug is what will allow you to add the host connections for the Nutanix Hypervisor.

Machine generated alternative text:
Add Connection and Resources 
Connection 
Studio 
o 
use an existing Connection 
XA XO HyperVisor Connection to VSIVCO 
Storage Management 
Storage Selection 
Network 
Scopes 
Summary 
Microsoft' AzureN Classic (Deprecated) 
• Create a new Connection 
Connection type: 
Connection address: 
user name: 
Connection name: 
Citrix Hyper.'isor@ 
Citrix Hyper.'isorS 
Microsoft' System Center Virtual Machine Manager 
VMware Sphere S 
CloudPIatform 
Microsoft' AzureN 
Amazon EC2 
Create virtual machines usi Microsoft' Configuration Manager Wake on LAN 
• Studio tools (Machine Creation Sewices) 
Select this option When using AppDisks, even ifyou ere using Citrix Provisioning, 
o 
Other tools

Nutanix Director plugin

https://portal.nutanix.com/page/downloads?product=ahv

Issue 1

https://discussions.citrix.com/topic/398878-nutanix-ahv-information-not-available-in-director/

Issue 2

Citrix Director plugin “Unable to connect to the host.”

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA00e000000LKiBCAW

 How to:

Nutanix integration with Citrix Director

Issue 3

 To run this plugin, you need to run as admin. Right-click run as admin (It through errors when connecting for me when I didn’t this)

  1. The install is straight forward.
  2. Create a local account in PE/PC
  1. To run this plugin, you need to run as admin. Right click run as admin (It through errors when connecting for me when I didn’t this
Machine generated alternative text:
Windows Server 
Citrix 
Citrix Director AHV Connection... 
Nutanix Connection Configu 
Pin to Start 
Microsoft Endpoint Manager 
Uninstall 
Search 
Server Manager 
Event VI ewer 
Settings 
•ja service re VI cluster , Exception : System.Net.WebExceptior 
n nection, String apiCategory, Boolean isManagementApi, String qu 
Windows 
rSheIl ISE 
Pin to taskbar 
Run as different user 
Run as administrator 
Open file location 
e Expl
  1. Setup the Connection
Machine generated alternative text:
ttempting stop.

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA00e000000LKiBCAW

The documentation says. I am a bit confused—however, it’s ok for me. I am submitting a feature request to get this adjusted.

Nutanix Plugin for PVS

Now, Select the install for MCS. For PVS, Select the install. This will allow you to integrate into the PVS console.

MCS and PVS Plugin overview

https://portal.nutanix.com/page/documents/details?targetId=NTNX-AHV-Plugin-Citrix:ahv-plugin-overview-c.html

Machine generated alternative text:
Administrator: Command Prompt 
"C: \Program Files\Common 
Files\Common -PluginsRoot \ Files\Common Files\Citrix 
\HCLPI ugins \CitrixmachineCreation \ VI . e. e. 8" 
Unexpected argument: C: \Program Files\Common 
Options : 
-Rebuild 
Rebuild, rather than update, the specified directory cache 
-Pipeline (path to directory> 
Path to pipeline directory 
-PluginsROOt (path to directory > 
Path to plugins root directory (plugins within subdirectories of the root) 
Required: one of -Pipeline or -PluginsRoot, but not both simultaneously 
Example : 
RegisterP1ugins -PluginsRoot Files\Common 
PluginsRoot \ C:\Program Files\Common .e.e.e: Failed to parse {8} 
Files\Common -PluginsROOt "C: \ Progr•am Files\Conmon 
Cl. plugins e. e" 
Update cache mode 
Files\Common .a.e.ø: UpdatePluginDirectory: {e} 
Directory registration output. Errors from on-plugin/ adapter/contract assemblies may appear, and are usually benign: 
Complete. Check the output above for errors relating to adapter/contract/plugin assemblies . 
C: \Pmjgram Files\Common

Deploying Machines with XD wizard.

 If you are used to using the streaming setup in PVS, this section will help you. 

https://docs.citrix.com/en-us/provisioning/1912-ltsr/citrix-provisioning-1912-ltsr.pdf

Important considerations when using Nutanix Acropolis hypervisors

When using Nutanix, consider the following:

  • Please do not delete the NIC of a provisioned VM and then re-add them.
  •  Linux VMs and BDM partitions are not supported.
  • Only the Citrix Virtual Apps and Desktops Setup Wizard is supported, not the Streamed VM Wizard.
  • Acropolis hypervisors use snapshots for setup wizard device creation and not templates (like VMware) for VMs.
  •  Ideally, a snapshot that will be used as a template for VDI does not have an attached hard disk because the Nutanix Acropolis hypervisor does not remove the hard disk during provisioning.
  • When you deploy machines that boot from BDM ISOs, the ISO is mounted in the snapshot. The
  • provisioned VMs are set to use PXE boot and must be manually changed to boot from virtual
  • optical Drive.
  •  For PXE booting, you must use a command-line option to set the VM boot order to network before

imaging.

  •  When manually adding a Nutanix AHV host using the Virtual Host Connection Wizard, not

enough information exists to communicate with the Nutanix AHV hosting unit effectively. This

information, provided by the Citrix Virtual Apps and Desktops DDC, is not shared with the

Virtual Host Connection Wizard. As a result, this information is not used to verify credentials.

Therefore, the Verify Connection button in the Virtual Host Connection Wizard is disabled for

Nutanix AHV hosts.

  • Acropolis hypervisors use snapshots and not templates for VMs. So, a snapshot will reflect in the PVS wizard as a template when using Acropolis 
  • If using BDM iso, attach it and then the way it is deployed with all the PVS Target.

 Process Change from VMware Streamed to PVS XD Deployment Wizard.

The problem I had

Typically, we attached a D drive to a VMware Image, then copy the machine and convert it to a template. Then use that template when deploying devices. We used the awesome BIS-F to move logs, WEM and add some 3rd party tools integrated into BIS-F. What we found that during my experience was that because the Xendesktop wizard adds a D drive during the creation of the PVS targets (which was cool) Before that, when I tried to seal it, it wouldn’t work and would error out because the Snapshot (Which is a template in AHV) didn’t have a Drive. When I changed it not to use a D Drive in the BIS-F GPO settings, it would seal but leave everything in place on the C Drive. There may be a better way to do this, But I was used to how I did it and wanted some similar. I could have created a GPO and placed it on the targets, and maybe it would have moved it? I am not sure. So, we came up with these steps to achieve what we wanted.

  1. Take a snapshot of the VM in AHV before adding the Drive. We don’t want the template pushing the D Drive because once you provision machines, you will have a D Drive and an E drive (PVS will create it write cache in the wizard)
  2. Now after the snapshot, Add the Drive-in Prism Elect
  3. Make sure you put the vDisk in Private mode so that we can add the Drive. 
  4. Log in as Local Admin 
  5. When adding the D drive, only MBR is supported GPT will not work. )
  6. The Cache disk must be Basic Disk, not Dynamic 
  7. The format is with NTFS. 
  8. Please give it a Drive letter, Shutdown the machine, Put it back into Standard mode.
  9. Boot back up into a maintenance
  10. Now you can run the BIS-F, and this will get moved to the D Drive.
  11. Now when deploying new machines, Select the Snapshot in the that PVS wizard shows form AHV (Which doesn’t have the Drive) You took this before adding the hard disk
  12. Deploy the machines. They allow PVS to create its unique write-cache drive.
  13. Once the PVS Targets are up, you will see it has a D Drive (created by the PVS wizard). You will also notice it will have what you did in the image with the logs ect.

Machine generated alternative text:
• vDisk Pocl 
All vDisks defined fcr this site. 
e 
vDisk Update Ma... Manage vDisk updates for this site. 
Citrix Desktops Setup 
aril Mrtud 
Select the Citrix Virtual Desktops Hoä Resourcesyou wart to use 
Citnx Virtual Desktops Host Resources 
XA XO Connectiorto VS II'COI MFA 
XA XO connectionto VSIVCOI-PROD 
XA_XD Connection
Machine generated alternative text:
e 
aril Mrtud 
Select the Citrix Virtual Desktops Host Resourcesyou wart to use 
Citnx Virtual Desktops Host Resources 
XA XO Connectiorto VS I I'COI MFA 
XA_XD Netwtk connectionto VSIVC01 PROD 
Citrix Virtual Desktops Host Resources Credentials 
credenti± Deaktop.

This is really a Snapshot, AHV will use it as a template from the PVS side.

Machine generated alternative text:
this 
Citrix Desktops Setup 
e 
Select the Tenplateyou we-it to use. 
Select a template forth* anx VMuaI Host Resources. 
before pvs 
Task Sequence 
Evolve and Upd*ed Venrt In—alled 
Fresh Image 
Fresh Image 
emolat± - F S VDI Lesk:op 
Select the VOA vet*lon in—alled on this template: 
7.9 to access the latest features)
Machine generated alternative text:
e 
Citrix Desktops Setup 
Select an existhg v C*sk 
•andard•mode v Disk 
XA7-8as s 
'-Vardor 
XO 7CTSX07CTS
Machine generated alternative text:
vDisk Update Ma... Manage vDisk updates for this site. 
Citrix Desktops Setup 
e 
dog 
Select yow Col og p réererces_ 
C) Cre*e a new catalog 
@ Use an existing catalcg 
Catalog name' 
Descnpttn 
Machine type 
Al ocatim type' 
data : 
Call Suw De"top 
Call su 
Wirdows Client OS 
Rardom 
ual)
Machine generated alternative text:
e 
Citrix Desktops Setup 
Wtud 
Select you virtual machine prefs-ances 
Number of machines to create 
vCPl_ly 
Memory: 
Local 
god mode 
moo 
GGB 
@ PXEboot a nnning P XE service) 
83M disk icreäte boot device marager pattior;
Machine generated alternative text:
vDisk Update Ma... Manage vDisk updates for this site. 
Citrix Desktops Setup 
e 
Select a tuarix Acropolis hyper•tiscrcortainer 
Cont ner: 
defa airier-8524950594030 
uanix VS It" TXFSCI ctr 
SefServiceCcntainer
Machine generated alternative text:
Citrix Desktops Setup 
Hive 
Select computer account option. 
@ new ECOuntS 
C) import existing accounts
Machine generated alternative text:
vDisk Update Ma... Manage vDisk updates far this site. 
Citrix Desktops Setup 
e 
Ctnx 'vinual is installing the follc•ning settings and components 
Catalog name 
type 
VOA version 
Citrix Desktops 
Netwods for N TX Remunze3 
Virtual machine template 
Ex—ng 
vcpus 
Memory per VM 
Local cache 
80ct mode 
Active Ctrectory accounts 
Curren vrual machine: 
CS Sl_pport Desktcg 
VDI PVS Random 
7 S (recommen&d to access the latest features) 
N TX 
XOHypAConnectiom\NTX 
Templ*e - RVS VDI Desktop 
XD7CALLMSTR 
8192 MB 
10GB 
Create I
Oct 272020
 

This document was built on Slack, Citrix URLs, and Citrix Consultants from the field that shared how they successfully were able to get teams working 100% within Citrix. If you disagree and find something different then let’s update it. But the information Is shared among many people and it is showing good results. I’ll try to keep it updated around new blogs and actual experience in the area of installing teams in a CVAD environment.

  1. Different installer for Teams
  • If you install Team.exe, this is the user installer. It will either install in the user profile or program data. 
  • If you install the MSI version of Team, this is the Machine Wide installer. Citrix states they need the machine-wide installer.
  1. Uninstall Teams per user -clean up and redeployment procedure
  • Uninstall user per team’s installer before proceeding on Team machine installer
  • You can have Citrix WEM run this for the user, inside their profile.
  • Location: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
  • Option 1: 
  • %LOCALAPPDATA%\Microsoft\Teams\Update.exe –uninstall –msiUninstall –source=default
  • %Programdata%\Microsoft\Teams\Update.exe –uninstall –msiUninstall –source=default
  • C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -command set-executionpolicy bypass -Scope CurrentUser
  • C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -File “\\domain\NETLOGON\CitrixScripts\WemExternalTask\TeamsUninstall-Users\TeamsUser-Uninstall.ps1” -NoProfile -Noninteractive
  • But I changed the part in the Script to do it while the user is logged in.

$TeamsStartMenuShortcut = “c:\users\$env:USERNAME.$env:USERDOMAIN\Start Menu\Programs\Microsoft Corporation”

$TeamsDesktopShortcut = “c:\users\$env:USERNAME.$env:USERDOMAIN\Desktop\Microsoft

Teams.lnk”

  • originally it was

$TeamsStartMenuShortcut = “\\domain\share\$env:USERNAME.$env:USERDOMAIN\Start Menu\Programs\Microsoft Corporation”

$TeamsDesktopShortcut = “\\domain\share\$env:USERNAME.$env:USERDOMAIN\Desktop\Microsoft Teams.lnk”

  • Then I used a WEM external Task to run it.
  1. Block user installs
  • Deny access to C:\Users\*\AppData\Local\Microsoft\Teams
  • Use Fslogix appmasking
  1. Citrix
  • Minimum Version1906.2:
  • Best results are 1912
  • Virions -Optimization for Microsoft Teams requires a minimum of Microsoft Teams version 1.2.00.31357.
  • We recommend you follow the Microsoft Teams machine-wide installation guidelines and avoid using the .exe installer that installs Teams in Appdata. Instead, install in C:\Program Files (x86)\Microsoft\Teams by using the ALLUSER=1 flag from the command line. In this mode, the 
  •  Teams application doesn’t auto-update whenever there is a new version. We recommend this mode for non-persistent environments. For more information, see Install Microsoft Teams using MSI (VDI Installation section).
  1. Microsoft VDI

https://docs.microsoft.com/en-us/microsoftteams/teams-for-vdi#install-the-teams-desktop-app-on-vdi

These examples also use the ALLUSERS=1 parameter. When you set this parameter, Teams Machine-Wide Installer appears in Programs and Features in Control Panel and in Apps & features in Windows Settings for all users of the computer. All users can then uninstall Teams if they have admin credentials. It’s important to understand the difference between ALLUSERS=1 and ALLUSER=1. The ALLUSERS=1 parameter can be used in non-VDI and VDI environments and the ALLUSER=1 parameter is used only in VDI environments to specify a per-machine installation.

  1. Dedicated VDI (updated)

You have Windows 10 dedicated persistent VDI environments. You want the Teams application to auto-update and would prefer Teams to install per-user under Appdata/Local, use the .exe installer or the MSI without ALLUSER=1.  (I don’t know if they will be optimized for Citrix though?)

Updated 8/18/2020

I confirmed that it’s still optimized as well on the user install. I was wondering this and now I know.

Non-Presisten VDI or RDSH (XenApp)

ALLUSERS=1:  Teams Machine-Wide Installer appears in Programs and Features in Control Panel and in Apps

ALLUSER=1: used only in VDI environments to specify a per-machine installation

  1. Per-machine installation for VDI

/l*v  ALLUSER=1 ALLUSERS=1

“msiexec /i <path_to_msi> /l*v <install_logfile_name> ALLUSER=1 ALLUSERS=1

“msiexec /i Teams_windows_x64.msi ALLUSER=1 ALLUSERS=1”

  1. FSlogix Profile exclusions

<Exclude Copy=”0″>AppData\Local\Microsoft\Teams\Packages\SquirrelTemp</Exclude>

<Exclude Copy=”0″>AppData\Roaming\Microsoft\Teams\Service Worker\CacheStorage</Exclude>

<Exclude Copy=”0″>AppData\Roaming\Microsoft\Teams\Application Cache</Exclude>

<Exclude Copy=”0″>AppData\Roaming\Microsoft\Teams\Cache</Exclude>          

<Exclude Copy=”0″>AppData\Roaming\Microsoft Teams\Logs</Exclude>

<Exclude Copy=”0″>AppData\Roaming\Microsoft\Teams\media-stack</Exclude>

AppData\Local\Microsoft\Teams as it will break some pieces in the Citrix discussion below.

https://discussions.citrix.com/topic/406559-fslogix-vhd-size-dramatically-different-from-actual-file-content-size-and-will-not-compress/page/6

Source: https://virtualwarlock.net/microsoft-teams-in-citrix/

Source2: https://james-rankin.com/articles/quickpost-how-to-stop-fslogix-profile-containers-bloating-when-running-microsoft-teams/

  1. Warning and issues (Darn Json Files are just a pain and don’t seem to get honored very well.)

Running the MSI in VDI mode by using the switch Alluser=1 makes teams completely ignores the JSON files.  It ignores the setup.json and it ignores the desktop-config.json file. It must be a bug. Redirecting it to any other JSON file anywhere else won’t help as it doesn’t respect JSON files. Still trying to work through this.

  1.   Disable Teams auto-launch

Disable Teams auto-launch after installation

Delete Teams regkeys following locations

HKEY_LOCAL_MACHINE \SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run 

HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_CURRENT_USER \SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Then apply GPO not to auto Launch Teams. 

  • Note that currently, it is not possible to disable Auto-start even if using the command line flag OPTIONS=”noAutoStart=true” with the machine-wide MSI and the ALLUSER=1 property. Deleting the reg key described in bullet#2 should fix this.

Source: 

https://support.citrix.com/article/CTX253754

https://docs.microsoft.com/en-us/microsoftteams/scripts/powershell-script-teams-reset-autostart

  • If you have profiles that have auto-launch already set, then you will have to run this script to clear out the settings. If you want to use the “Prevent Microsoft Teams from starting automatically after installation. Group Policy setting, make sure you first set the Group Policy setting to the value you want before you run this script. 

Teams-AutostartResetCU

  • Some are saying do the auto-launch with teams because it not as CPU intensive.

Source: https://virtualwarlock.net/microsoft-teams-in-citrix/

  1. James Ranklin method of disable auto-setup, enable auto-start once the setup is triggered manually by the user, and also make sure that the openAsHidden flag is actually respected.  Scroll down to “Solving It”
https://james-rankin.com/articles/microsoft-teams-on-citrix-virtual-apps-and-desktops-part-1-installing-the-damned-thing/
  1. Disable GPU offload, because teasm will have HIGH CPU usauge 

(Run this with WEM)

Source: https://www.itexperience.net/fix-performance-issues-teams-high-cpu-memory-usage/

Source: Slack

$ErrorActionPreference = ‘SilentlyContinue’

$JsonFile = [System.IO.Path]::Combine($Env:AppData, ‘Microsoft’, ‘Teams’, ‘desktop-config.json’)

$ConfigFile = Get-Content -Path $JsonFile -Raw | ConvertFrom-Json

Try {

    $ConfigFile.appPreferenceSettings.openAtLogin = $False

    $ConfigFile.appPreferenceSettings.disableGpu = $True

} Catch {

    Write-Host  “JSON element doesn’t exist”

}

$ConfigFile | ConvertTo-Json -Compress | Set-Content -Path $JsonFile -Force 

Update as of October 21st 2020.  This seems to work really well.

https://github.com/Mohrpheus78/Microsoft/blob/main/Teams%20User%20Settings.ps1?s=03

  • For this I did a WEM external Task that does the following

C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -command set-executionpolicy bypass -Scope CurrentUser

C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -File “\\domain.org\NETLOGON\CitrixScripts\WemExternalTask\DisableGPUTeams_VDI\disableGPUTeams.ps1” -NoProfile -Noninteractive

  1. Monitoring Teams with HDX Monitor

    On 1912 VDAs (or higher), you can monitor an optimized active call using HDX Monitor (3.5.2 or higher).
    To turn this on, create the following WebrtcDirectorIntegration regkey on the VDA:

    HKLM\Software\Citrix\HDXMediaStream\
    Or
    HKLM\SOFTWARE\WOW6432Node\Citrix\HdxMediaStream
    – reg key value:
    name: WebrtcDirectorIntegration
    type: DWORD
    value: enable(1), disable(0)
  1. Enable Team in Citrix

Enable optimization of Microsoft Teams

To enable optimization for Microsoft Teams, use the Studio policy described in Microsoft Teams redirection policy (it is ON by default). In addition to this policy being enabled, HDX checks to verify that the version of the Citrix Workspace app is equal to or greater than the minimum required version. If you enabled the policy and the Citrix Workspace app version is supported, the HKEY_CURRENT_USER\Software\Citrix\HDXMediaStream\MSTeamsRedirSupport registry key is set to 1 automatically on the VDA. The Microsoft Teams application reads the key to load in VDI mode.

NOTE:

If you are using version 1906.2 VDAs or higher with older Controller versions (for example, version 7.15), which do not have the policy available in Studio, you can still be optimized because HDX optimization for Microsoft Teams is enabled by default in the VDA.

If you click About > Version, the Citrix HDX Optimized legend displays:

Optimized for Citrix legend

Recommended version – Citrix Workspace app 2006.1 for Windows and Minimum version – Citrix Workspace app 1907 for Windows:

Source: https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/multimedia/opt-ms-teams.html

  1. Troubleshooting MS teams in Citrix

https://support.citrix.com/article/CTX253754

  1. To prevent Teams from installing in Office updates.

If your organization isn’t ready to deploy Teams and you use Group Policy, you can enable the Don’t install Microsoft Teams with new installations or updates of Office policy setting. You can find this policy setting under Computer Configuration\Policies\Administrative Templates\Microsoft Office 2016 (Machine)\Updates.

It will add this key.

All of this is references from Slack and conversations, virtual Warlock Site and Citrix Troubleshooting Docs

https://support.citrix.com/article/CTX253754

  1. Outlook Plugin appears to break at times or may never load.

For it not loading, Please follow Kasper’s guide here

Search for “Teams Outlook Add-in” on his page.

  1. Outlook Plugin appears to break at times and this is what I have found so fart that fixes it.

Copy the two folders from C:\Program Files (x86)\Microsoft “TeamMeetingAddin” and TeamsPresenceAdmin” to C:\Users\%username%\AppData\Local\Microsoft.
The run this
%SystemRoot%\System32\regsvr32.exe /s /n /i:user %LocalAppData%\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll
%SystemRoot%\SysWOW64\regsvr32.exe /s /n /i:user %LocalAppData%\Microsoft\TeamsMeetingAddin\1.0.19317.2\x86\Microsoft.Teams.AddinLoader.dllthis version number in I pasted might be different, Based on what you have installed. (edited) 

Then about 5 minutes later, this was showing

Sep 032020
 

This is a guide on how I upgraded my site from 7.15 flat all the way to 1912. I also included moving off 2012R2 to 2016 DDCs with some troubleshooting situations you might run into. I covered the basics of upgrading Licensing, DDC upgrades, Storefront upgrades with NS VIP configuration, PVS upgrades, WEM upgrades, VDA upgrades, and some re-configuration of Snap-ins with Director for ADM and session recording.

  1. References for detailed instructions
  2. https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/upgrade-migrate/upgrade.html
  3. https://www.carlstalhood.com/delivery-controller-1912-ltsr-and-licensing/#licensingupgrade
  1. Upgrade the licensing Server
  2. Go download the version you need. In this case, it’s 11.16.3.0 Build 29000
  3. Run the CTX_licesning installer
  1. Check the box to agree
  1. After upgrading Citrix Licensing Server, in Citrix Studio, go to Configuration and Licensing.
  2. On the right, click Authenticate Certificate.
  1. Open Citrix licensing Manager
  2. I was prompted to register my licensing server with Citrix Cloud.
  3. Licensing Manager might prompt you to register with Citrix Cloud.
  1. On the Settings > Usage and Statistics page, in the Share usage statistics with Citrix section, click Register.
  1. You’ll see a screen with a registration code. Click the Copy button and then click Register to be taken to Citrix Cloud.
  1. After logging in to Citrix Cloud, on the top left, click the menu (hamburger) icon and then click License & Usage. If you don’t see this link, you might have to logout and log back in.
  1. In the License & Usage service, switch to the Registrations tab.
  1. Click the blue Register button in the middle of the page to register
  1. Paste in the copied code and then click Continue. Click Register.
  1. On-premises Licensing Manager, it will eventually show as Registered.
  1. On the same Usage & Statistics page, scroll down, and then click Upload now. This should cause data to upload to Citrix Cloud and show up in Citrix Cloud License & Usage.
  1. Citrix.cloud.com reporting
  1. *Note*For me I always check and make sure it shows activated within Studio and is set to the right product edition
  1. Upgrade VDA to 1912
  2. I also upgrade my VDAs ahead of time. It’s easy and something I just do.
  3. Depending on your provision side. PVS, MCS or old fashion servers( which is still used)
  4. Mount ISO and upgrade
  1. Upgrade Delivery Controllers 7.15.5000
  1. Snapshot your Delivery controller
  2. Backup your SQL databases
  3.  Attach the 7.15 CU5 media
  4. Run the Studio and Server Components for the upgrade
  5. Read and Accept
  6. Read and make sure you take the correct actions you need in your environment.
  7. Start your Preliminary Test and make sure you are good!
  1. Firewall Ports
  2. Summary
  1. Upgraded process started
  1. Connect to Call home if you need to
  2. 13 Launch Studio
  1. **NOTE**
  2. “If you already have 2 controllers then In Load Balancing, reactivate the servers with the new Delivery Controller version and set the second half of the servers to Down. Follow the top steps on the second half of the Delivery Controller Server Activate each server with the new Delivery Controller Server version in Load Balancing again.”
  1. 14. For me, I am adding a 2016 server to move off 2012R2. I will add the Second 2016 server in, then make sure 2016 is handling the connections. Then Decom 2012R2 and add a new second (replacement of 2012R2 as 2016 server.
  2. 15. Attach the 7.15.5000 ISO, click on XenDesktop or XenApp (depends on your deployment)
  3. 16. XenDesktop allows for both XenApp and XenDesktop. XenApp is only XenApp.
  4. 17. Select Delivery Controller
  5. 18. Read and Understand, accept
  1. 19. We only want, Delivery Controller, Studio and Director
  1. 20.  I don’t want SQL express in the step, Uncheck it
  2. 21. Review and make sure the firewall is configured based on your environment
  1. 22. Installs
  2. 23. This will take about 5-7 minutes
  1. 24. Select call home options
  2. 25. Finish, reboot and then launch Studio
  3. 26. After Studio is opened, select “Connect this Delivery Controller to an existing site”
  4. 27. Add the primary DDC
  1. 28. It will ask to update the DB automatically, I select yes and will put in my SQL creds
  1. 29. Studio will open and show the Site
  2. 30. Run a Site check to make sure it’s good.
  3. This will take 10 minutes
  4. Looks good.
  5. At this point, I have the following.
  1. 2012R2 715.5000 Deliver Controller
  2. 2016 7.15.5000 Delivery Controller.
  3. Bother are upgraded from 7.15 to 7.15.500
  1.  Now we will begin the 7.15.500 upgrade to 1912 LTSR.
  2. Snapshot your Delivery controller
  3. Backup your SQL databases
  4.  Attach the 1912 media
  5. Run the Studio and Server Components for the upgrade
  1. Read and accept
  1. Make sure the following has been completed to ensure an upgrade will go smooth
  2. Licensing Error I received when I clicked next. Even though I upgraded my licensing version to 11.16.3.0 build 29000, I had to update my licensing files past November 2019. I logged into my Citrix Licensing manager. Https://yourCTXlicServer.FQDN:8083, then selected check for available renewals. Follow the prompts to get an updated timestamp.
  1. Before 
  2. After
  3. Being this is not production; my specs are lower than what it wants. However, I will meet the minimum to ensure the upgrade is solid
  1. Server specifications
  2. https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/system-requirements.html
  3. Let pick back up where I left off. Preliminary Site Test( Run this to ensure no errors exist)
  1. Test in progress
  2. b. 2 test will not run, as they don’t apply
  1. Results go through and test all the orchestrations of the environment.
  1. Firewall ports 
  1. Summary, then click upgrade
  1. Upgrade progress
  1. Upgraded, but Reboot needed
  2. After Reboot it will resume. Now on Post Install….
  3. Connect to Citrix Cloud for Diagnostics data if needed in your environment.
  1. Finish and now open studio.
  2. Now upgrade the Database through Studio (my service account has permissions)
  1. It will ask you again, about backing up the DB
  2. Add the Creds, unless you are logged into the server as the account (Account needs proper permissions, in Citrix, and on the servers)
  3. It’s now started.
  4.  Going, 9 successful… GOOOD so far.
  5. Still going well
  6. Finished
  1. You now need to do the second Delivery controller we added early in the process. It’s the 2016 server.
  1. Remote to the Server, Attach the Media, and I double click on the mounted ISO from my hypervisor
  2. Click Upgrade on Studio and Server components.
  3. Read and Agree
  4. Ensure the following is completed, although it’s a second DDC.
  5. Firewall for DDC and Director
  1. Summary
  2. Warning pop up about not being able to stop it once it starts.
  1. Upgrading has started ( The Time says 13 minutes) Sometimes it’s accurate, or not accurate.
  2. The machine needs to be rebooted to apply some .Net settings/updates
  3. Rebooted, and now it’s still applying them.
  4. Log back in, and it will resume back to the place it was at. Be patient!
  1. Connect to Citrix Cloud for Diagnostics data if needed in your environment.
  1. Now launch Studio
  1. Start the automatic site upgrade
  2. Being this has already ran, it shouldn’t take long.
  1. Studio is now launched.
  2. Lets to a site Test on the Delivery controller.
  3. Things passed, and look good
  1. Let’s do a Machine Catalog and Delivery group test. (Failed)?!! Looks like my Delivery controllers, doesn’t have the updated vcenter cert. Let me fix this. I simulated a failure to show the value of running the tests.
  2. I fixed my cert by following this
  3. https://support.citrix.com/article/CTX138640
  1. Now once both had updated 1912 Software, go into the first Delivery Controller and finish the “upgrade remaining delivery Controllers”
  2. Once all the Delivery Controllers and VDAs are upgraded, within Citrix Studio, view your Catalog for the current functional level (Set to VDA version you have in the catalogs). Citrix Virtual Apps and Desktops (CVAD) 1912 lets you upgrade your Catalogs and Delivery Groups to functional level 1811 if needed.
  3. **WARNING****
  4. Don’t upgrade the Catalog or Delivery Group until all VDAs with the Catalog and Delivery Group are VDA version 1811 or newer.
  1. Then upgrade the Delivery Groups by right-clicking on a Delivery Group and clicking Upgrade Delivery Group.
  1. This concludes the upgrade for the Delivery controller.
  2. Now let’s Decom one Delivery controller, which is 2012R2.
  1. *Note*
  2. https://discussions.citrix.com/topic/388816-decommission-delivery-controller/
  3. https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/manage-deployment/delivery-controllers.html
  4. Active connections should not be dropped if you remove a delivery controller from the site. Remove the controllers from Storefront first, then from studio. Any VDAs registered to the controller should re-register with the remaining controllers, however this may take a few minutes, so a resource that hasn’t registered yet might be unavailable for a relatively short time.
  5. You could also stop the Broker service on the redundant controllers which would also cause any registered VDAs to de-register.
  6. Whilst doing this during business hours should be OK, there’s always a risk that for some reason a VDA doesn’t register with the remaining controllers, so unless you can’t avoid it, doing it out of hours, or during low use phases is always preferable.
  1. Remove the controllers from Storefront first
  2. Then from studio
  3. Make sure the Controller is powered on so that Studio loads in less than one hour. Once Studio loads the Controller you want to remove, power off the Controller when prompted to do so.
  4. Select Configuration > Controllers in the Studio navigation pane and then select the Controller you want to remove.
  1. Select Remove Controller in the Actions pane. If you do not have the correct database roles and permissions, you are offered the option of generating a script that allows your database administrator to remove the Controller for you.
  1. This errored out. So, I did it and selected no, here.
  2. Then it asked to generate a DB script, for the Database guys
  3. This still didn’t remove it. So, at this time I found the CTX link, 
  4. https://support.citrix.com/article/CTX139505
  5. https://www.jgspiers.com/remove-orphaned-delivery-controller-xenapp-xendesktop-site/
  1. Run “Get-BrokerController”
  1. Then run this POSH Script
  1. It will put an Evict.txt file in either your profile %userprofile% or C:\windows\system32. Give this file to your DBA 
  1. Then run it on the database.
  1. Check Studio and its gone.
  1. Any VDAs registered to the controller should re-register with the remaining controllers
  1. Adding a second 2016 Delivery controller now to slit the broker balancing out
  2. Install Virtual Apps and Desktops
  1. Select Delivery Controller
  2. Read and accept
  1. Select the components you need.
  1. Install the Feature you need (NO Local SQL for me)
  2. Firewall ports
  1. Summary
  2. Extracting Files
  3. The machine needs to reboot
  4. Collect diagnostic Information
  5. Finished, now launch Studio
  6. Connect the delivery controller to an existing site
  7. Add the delivery controller address that is already a part of the site.
  8. For this part, in my environment, I selected yes
  9. Enter my creds to add to the database, then let the process begin.
  10. I now have 2 controllers that are 2016
  1. Both servers are 
  1. Remember to update the List of DDCs for the new DDC to register the machines.
  2. https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/manage-deployment/vda-registration.html
  1. Finalize Citrix Director
  2. Finalize Director upgrade run this.c
  3. C:\inetpub\wwwroot\Director\tools\Directorconfig.exe /upgrade
  1. If you use Citrix ADM, and Citrix Session Recorder you will need to register the Snapin back after all the upgrades. This is so you can control the feature in Director
  1. Register Director ADM MAS back
  2. 21. If using HTTPS to connect to Insight Center then the Insight Center certificate must be valid and trusted by both the 22.
  3. 22. Director Server and the Director user’s browser.
  1. 23. To link Citrix Director with NetScaler HDX Insight, on the Director server run
  2. 24.  C:\inetpub\wwwroot\Director\tools\DirectorConfig.exe /confignetscaler.
  1. 25. Enter Machine name or IP: Netscaler Insights machine or IP vs1ctxadm01.jaxnavy.org
  2. 26. Enter 1 for Citrix ADM (aka MAS).
  3. 27. Rest is self-explanatory
  1. Register Director Snapin back for Session recording
  1. 17. Run C:\inetpub\wwwroot\Director\tools\DirectorConfig.exe /configsessionrecording
  2. 18. Enter the Session Recording FQDN (server.FQDN) 19. Enter 1 for HTTPS.
  3. 20. Enter 443 as the port

Upgrading or replacing the SQL Local DB for Local Host Cache for 1912 or 1912 CU1

There has been some recent change to the LTSR article around Local Host Cache upgrades

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/upgrade-migrate/upgrade.html#replace-sql-server-express-localdb
  • When upgrading Delivery Controllers to Citrix Virtual Apps and Desktops version 1912 or 2003: Upgrading SQL Server Express LocalDB is optional. Local Host Cache works properly, with no loss of functionality, regardless of whether you upgrade SQL Server Express LocalDB. We added the option to move to a newer version of SQL Server Express LocalDB in case there are concerns about the end of support from Microsoft for SQL Server Express LocalDB 2014.
  • When upgrading Delivery Controllers to Citrix Virtual Apps and Desktops versions newer than 2003: The minimum supported version is SQL Server Express 2017 LocalDB Cumulative Update (CU) 16. If you originally installed a Delivery Controller earlier than version 1912, and have not replaced SQL Server Express LocalDB with a newer version since then, you must replace that database software now. Otherwise, Local Host Cache will not work.

As you can see here, at one time it stated you needed to upgrade, or it would not work. However, it doesn’t seem that it 100% anymore. I think that’s why Citrix updated the doc. 

As can see here some had the same concerns or questions around it. I most certainly did. 

  1. So, let’s get started. I always do a snapshot first. Which is completed. 
  1. Complete the upgrade of your Citrix Virtual Apps and Desktops components, databases, and site. (Those database upgrades affect the site, monitoring, and configuration logging databases. They do not affect the Local Host Cache database that uses SQL Server Express LocalDB.)
  1. As you can see, I am on 1912 CU1 and have MSQL Express 2014
  1. On the Delivery Controller, download PsExec from Microsoft. See the Microsoft document PsExec v2.2.
  1. Stop the Citrix High Availability Service
  1. Open CMD as Admin and open PsExec.exe

psexec -i -u “NT AUTHORITY\NETWORK SERVICE” cm

  1. Move to the folder containing SqlLocalDB.

cd “C:\Program Files\Microsoft SQL Server\120\Tools\Binn”

  1. Stop and delete CitrixHA (LocalDB).

If you don’t stop is you will get this error  ( Me not paying attention)

SqlLocalDB stop CitrixHA

SqlLocalDB delete CitrixHA

  1. Remove the related files in C:\Windows\ServiceProfiles\NetworkService
  1. Uninstall SQL Server Express LocalDB 2014 from the server, using the Windows feature for removing programs
  1. Install SQL Server Express LocalDB 2017. In the Support > SQLLocalDB folder on the Citrix Virtual Apps and Desktops installation media, double-click sqllocaldb.msi
  1. Reboot the server and make sure this is started “Citrix High Availability Service”.
  1. Logged on and it took about 15 seconds to show up
  1. Then 60 seconds or so on this

11. Check if the CitrixHA Db is created.

 CitrixHA is re-created the next time a configuration sync occurs. After a minute or two, use the SqlLocalDB utility to confirm that CitrixHA has been re-created.

SqlLocalDB i

CitrixHA

MSSQLLocalDB

Example

While still in the PsExec session run this

C:\Program Files\Microsoft SQL Server\120\Tools\Binn>SqlLocalDB i

CitrixHA

MSSQLLocalDB

  1. You will see this until you do the second broker
  1. After I did my second Broker this was in the logs
  1. But then I see this almost every 2 minutes. I remember reading about this. But I thought it was fixed many versions ago. 

Did some google on the Errors and came up with the 2 links below.

https://support.citrix.com/article/CTX230775
https://blog.citrix24.com/xendesktop-7-15-local-host-cache-troubleshooting/
  1. LHC DB upgrade reference
https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/upgrade-migrate/upgrade.html#replace-sql-server-express-localdb
  1. Turns out some AD account was deleted over time, and it had some bad SIDs.
  2. So, I ran the quick script, to get the output.

Get-BrokerApplication |foreach {if ($_.AssociatedUserNames -match “S-1-5-21”) {$_.Name; $_.AssociatedUserNames -match “S-1-5-21”; “”}}

  1. Went into Studio and deleted them from the location it displayed above. Which was in Published application visibility.
  1. Then based on CTX230775 had needed to redo the LHC DB. So quickly ran through the process and it fixed the error. 

So, in summary, this is how I upgraded the LHC DB and some minor troubleshooting. Hope it helps someone

  1. Citrix StoreFront 7.15 to 1912 (Example I did on one SF server on the upgrade. But you would want 2 servers)
  1. If you have a load balancer, disable it in your load balancer. This way traffic doesn’t route to it. (Assuming you have 2 or more storefront servers)
  2. In my case, I have an LB Vserver and IP is X.X.X.X  and back end servers are A.A.A.A  and B.B.B.B
  3. Server A.A.A.A is disabled
  4. Browse the ISO
  5. Accept the terms
  1. Ready to install
  2. Installing
  3. Upgrade has finished
  1. I am adding a new StoreFront Server, so this will be a new install and add to the Storefront store. I just browse to the StoreFront application and run it.
  2. License agreement
  3. Review prerequisites
  4. Ready to install
  1. Installing Software
  2. Successfully installed Storefront
  3. Join existing server group
  4. On the Primary StoreFront Server click “Add Server” here to get an Authorization Code
  1. Take this information and input it on the secondary StoreFront Server
  1. Inputted information on the Second server
  1. Joining
  2. Sever joined
  3. Now Add IIS Cert and Bind it to 443 in IIS
  1. Add this second server into NetScaler LB(I already have the one added in NS)
  2. https://docs.citrix.com/en-us/storefront/current-release/integrate-with-citrix-gateway-and-citrix-adc/load-balancing-with-citrix-gateway.html
  3. https://docs.citrix.com/en-us/storefront/current-release/integrate-with-citrix-gateway-and-citrix-adc/load-balancing-with-citrix-gateway.html#citrix-service-monitor
  1. Add Server in netscaler>Traffic Management>Load Balancing>Servers
  2. Add Server
  3. Add service
  4. Add monitor 
  1. Now go bind it, once you bind it to the Service you will notice it’s down. Which is normal, from what I have gathered.
  1. The StoreFront monitors by default are only via HTTP. I created earlier is trying to probe the backend services of our server through HTTPS.
  1. To fix this do this:
  1. Run PowerShell as an administrator.
  2. PS C:\Program Files\Citrix\Receiver StoreFront\Scripts> .\ImportModules.ps1
  1. PS C:\Program Files\Citrix\Receiver StoreFront\Scripts> Get-DSServiceMonitorFeature http://localhost:8000/StorefrontMonitor
  1. Now run the command Set-DSServiceMonitorFeature -ServiceURL https://localhost:443/StoreFrontMonitor.
  1. All steps outlined in Red
  1. Now you will see the monitor come alive on the Service.
  1. Now bind it to the main Vserver
  1. Provisioning Server 1808 to 1912
  1. Please check for if the previous version needs to be uninstalled first. Some version, Citrix wanted you to uninstall the older version first. But most of the time you don’t. 
  2. Example here: https://discussions.citrix.com/topic/400292-pvs-server-upgrade-1808-to-1811-please-uninstall-pvs-server/
  3. We are updating 1808 to 1912 so an in-place upgrade is good.
  4. Before I start I make sure I use a service account that is tied to the database so it can upgrade the database.
  5. I put the account in the local admin of the PVS servers and use it to do the upgrades
  1. Machine generated alternative text:
•I Panel 
All Control Panel Items Programs and Features 
Uninstall or change a program 
Search Programs and Fei 
To uninstall a program, select it from the list and then click Uninstall, Change, or Repair. 
Orga nize 
Uninstall Repair 
Citrix Diagnostics Facility 
Citrix Host Service PowerSheII snap-in 
Citrix Provisioning Consolexæ 1811.1.0 
Citrix Provisioning Server x64 1808.1.0 
Publisher 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Installed On 
8/30/2017 
12/28/2018 
12/28/2018 
10/16/2018
  1. After the uninstall has completed restart the server. When it comes back up, log back in with the service account.
  1. Attach the ISO.  Run Server installation
  1. Machine generated alternative text:
Citrix Provisioning 
Console Installation 
Server Installation 
Larget Device Installation 
Help and Support 
DVD 
Install the Server and its dependencies. 
O Exit
  1. Click “Install”, the process will begin and then the window will disappear for a couple of minutes while it installs some of the pre-requisites. 
  1. Machine generated alternative text:
Citrix Provisioning Server x64 1906.1.0 InstallShieId Wizard 
Citrix Provisioning Server x64 1906.1.0 requires the following items to be installed on 
your computer Click Install to begin installing these requirements. 
Status 
succeeded 
Succeeded 
Installing 
Pending 
Pending 
Pending 
P ending 
Requir ement 
CDF x64 
Telemetry Service x64 
Broker Snapin v2 x64 
Host PovverSheII Snapln v2 x64 
DelegatedAdmin PonerSheII Snapln x64 
ConfigLogging_PonerSheIISnapInx64 
Con figur a ton _P o n er ShellSnapInx64 
Installing Broker Snapin v2 x64
  1. When the window pops back up Click “Next”. 
  1. ” src=”https://lh5.googleusercontent.com/7C4sP7aadWMqyYGpaCOco_qIMOBbd79j50VO_FyY2d3Ff7xwCLBWlq-CAU0nC7Gb-7d9Q6jUufRMI1jGWzyODhAZ3m18Ua4kRPXV5BpZdmYPDhe7HX_qZFFJBoJEpDKaJFWkEE4″ width=”501″ height=”383″>
  1. Accept the License Agreement and click “Next”
  1. ” src=”https://lh6.googleusercontent.com/IQsY9l7j57UxaNk8W4iYAbX24GNy0nHuXscDTpyq4MgLrj1ZWGLjLGpCbp5ooqDoRtFX-T1psd3Xgu0AWk_iRyOyZ8LVbZE1t_6gX9ErQHUty_femXqGsNrr22kiQsyhCVb8aAg” width=”503″ height=”377″>
  1. ” src=”https://lh3.googleusercontent.com/gaWPA4LP02vEnYsCg_dUi7TLsHzrmqcGrtbSGVUrJ9TaaI2ZL3UKC8KKPVtNlx0ZxvQDbJPYRpzCn1etKq4wuuCQVnNgE1TLH6pq7gvW2FzlQ1IH1T4v255He3Y9ohlE6uOCGfA” width=”503″ height=”378″>
  1. Enter “Something” in the User Name and Organization fields, then click “Next”
  1. CiTRlX ” src=”https://lh5.googleusercontent.com/MnV-mvcbmBN3VQswaq2p4eEg6ibKwp_ufu3RYKnET_KFn2afkr1Ca_bu7U2UHW9uFnJtvEgSIGICIqCAh9ihsdTt5Jd_FqxujFZJf58TtlXlOXqhrkTQ3qr8Qxr00h3uhbNCTqs” width=”501″ height=”387″>
  1. Click “Next”.
  1. CiTRlX ” src=”https://lh5.googleusercontent.com/l0r_yaEuPOE7R2PwO8k8uD-Al8YKTHc5p-pxVpf5SoUTzXovFaJyb4_gCzQDnXHzd6r6LajFNycElO1wL7HvsKIWwoKSf03yXdxcDMKQe8js4d4OWoHPwYf53mPoSGQryc4RxHo” width=”502″ height=”379″>
  1. Click “Install”. 
  1. Machine generated alternative text:
Citrix Provisioning Server x64 19120.0 LTSR 
Ready to Install the Program 
The Wizard is ready to begin installation. 
Click Install to begin the installation. 
CiTRlX 
If pu want to review or change any of your installation settings, dick Back. Click Cancel to 
exit the wizard. 
InstallShieId 
Install
  1. Installing
  2. Machine generated alternative text:
Installing Citrix Provisioning Server x64 1912.0.0 LTSR 
CiTRlX 
The program features you selected are being installed. 
Please vvait while the Installation Wizard fistalls Citrix Provisioning Server 
x64 1912.0.0 LTSR. This may take several minutes. 
Status: 
•stallShieId
    1. Click “Finish”.
  3. Machine generated alternative text:
Citrix Provisioning Server x64 1912.0.0 LTSR 
Installation Wizard Completed 
CiTRlX' 
The Installaton Wizard has successMIy installed Citrix 
Provisioning Server x64 1912.0. O LTSR. Click Finish to exit the 
Wizard.
  1. The configuration wizard will start.
  2. ” src=”https://lh4.googleusercontent.com/xh-LCu4I57aDckar05F60wXOgnSbDJxxgGYqV9hnDfAri-uJdymkbIOMzK_-UcgKROmcIfLLHjMc_6pHBnOGl54zOzazXJ22QVhAOIU2KblOGYc_M1qeuGpEC0fw4echKGTw66M” width=”545″ height=”404″>
  1. ” src=”https://lh6.googleusercontent.com/BHwc9OMVFy3cpO1ShBimlLXYtXLK6Blh8SzLB6TIeRd5to5COK3syNKD3CmxolSLfR1WC5XiXEzArwBspR8O6jG3FhW3W1uip1vvLiJB02gAD5vpJVfhZ0L0cs7XxWLC1ZfHYQk” width=”480″ height=”358″>
  1. ” src=”https://lh3.googleusercontent.com/YKZPYfPTMw06sVh-HkQrdm9Arld_vleQelTyJM2o-f2rmQOIQV0x8UDAeA99O0NmetXO3SDP7xnrYUxTuAhLWYLCqma0CzP-wpcevrAb6Fe9Y3Pm72molSx1FUX1EsPI0PvPDho” width=”480″ height=”357″>
  1. ” src=”https://lh5.googleusercontent.com/J5uHb9mqGhyL2B7do9kVq8ZSH4VOx9_Vl_xF_BEmgF83T3Sq3WDdCuKLt7B85a4UlB1TKCQmcafQO3gN8kvtOf0b112wjyN-vwr9EOZqzrwV_u6hOWC1ggKqhcfOip85UY_8M88″ width=”480″ height=”360″>
  1. ” src=”https://lh6.googleusercontent.com/QFTbGfxA2S1NB8mBMMVSO2nUNDRDzKkLXHlYedovVMf2p6yEt_WlAupGcnZs4cbvBKBbQVj2Z8kSgPw4Sp_qhPY2tJxTGL_8rUw5FackGePj3Vvh9f5MqBxcTT2_TLi2Pdh7nIw” width=”544″ height=”400″>
    1.  
    2. ” src=”https://lh6.googleusercontent.com/qPsx3OJS_5xCuLFpyX5TRR9wVrg8y5IuG25cqLNteU7GYGossW5iuSF_gjh2wjRAS2fmr8ptPdBjG9JPws2X4E4uGPmI7LMk0r3N7PvvsAEhXj98PWYD6IVsSFWER-t9nvxdOV8″ width=”537″ height=”404″>
  1. ” src=”https://lh4.googleusercontent.com/sex_N8Z8rmBTPOa_Hl2wCEnjfMGPozGpNP71uUmYwApiS4ILCD57PBEq0SEcxY3Nb_K4fmgPXSeaK3pwjdJlabBDY2ZvKfHFs5RqruuChg7jOGL5PYNXOgJDb_gi2CWOL408bLw” width=”480″ height=”354″>
  1. ” src=”https://lh5.googleusercontent.com/mPFK49PTHp6eT2y6yjRXH5FwnQti1o3F27ywBMqJ-t6fNTvah3AWNLCzK3TbpMKhuX4JX7-NopW21_oaR9AfYImREviYswtxA9HZYr_gqvdlVtZqFT58VbYA7CgAZn3wdH0wUG0″ width=”480″ height=”346″>
  1. ” src=”https://lh6.googleusercontent.com/HsXUjFXOXxm-V17XOApQJfBxu_AtB1GjvVGCSQIFplSkYGoZ611ftgjlnYutLhJo5E7Bg5TSRaZii116ECC1Flbkk8k4g6Qa9A8afiI75HiGh12_Uh9yFps14qsKUvD42hkD5vU” width=”480″ height=”348″>
  2.  
  1. For this screenshot I have 2 PVS servers, depending on your Farm you could have 1 or more. The PVS server IP address will show here. If you have 1 server then  1 Ip will show. If you have 2 then 2 will show. 
  2. ” src=”https://lh6.googleusercontent.com/ggB1u7TVp6GNroZ6r2x_2NQXkyWl_BUCoiRDiFP7wcCSJnLMPIO4oX1PhoSlw12sxZHNNO1f1hfpPmQNLfsPghVvE-2PJPl25mJxzzBhLNlyK_lpeQSbpR3MBzMjhDmdgkKv79o” width=”551″ height=”405″>
  3.  
  4. ” src=”https://lh4.googleusercontent.com/VISIgho2Np3DNMYuF66dn01K8PZX_q-y6g-RkTWpOgQpnnoe1t5YPa0Hg3S3MpgfuKajEfrgVtb1Mhgq4lw_vv0AkhtgO9LRO65NeswcfQrUdiM7ck4coOmDw3lM8x4ZWOB2NzM” width=”548″ height=”399″>
  1. ” src=”https://lh3.googleusercontent.com/KJt9rFHUoPepZOctpuoCUMHOnlgG9FiXGYZ2qlqS0psoQ_IUFqBLXV6ge5ZnhMv1airHZgcvtJPLTczzDJiPvZ8XXBMHr72E9EL4KITcKuE277K71M_JWMq3G5hwh5tSXJQlsN4″ width=”547″ height=”405″>
  1. Machine generated alternative text:
Citrix Provisioning Configuration Wizard 
Confirm con figuration se tbngs. 
XE - Install Service 
icense Server:Port = VS : 27000 
ser Account = Jaxnavy.org\gtxpvs 
omputer account passnord changes every 7 days 
ommunicatons - First Port = 6890, Last Port = 6gog 
onsole - Soap Port = 54321 
IC - selected IP = 10.50,210.8 
anagement NIC - Selected IP = 10. SO. 210.3 
- Install Service 
File = ServicesTftpbootVARD8P32.81t . 
tream Service - Server IP, Server Port, Device Subnet, Device 
10.50.210.8, 6910, o.o.o.o, o.o.o.o 
10.50,210.9, 6910, o.o.o.o, o.o.o.o 
v Citrix Username= davisra 
Z] Automatcally Start Services
  1. Machine generated alternative text:
Citrix Provisioning Configuration Wizard 
Confirm con figuration settings. 
Stopping Neb,Nork Services 
Stopping Software Stream Service 
Con figuring Services 
Starting Software Stream Services 
Starting Neb,Nork Services 
Stopping Citrix PVS Stream Service 
Cancel
    1. Backup your database before starting.
    2. Machine generated alternative text:
Citrix Provisioning Configuration Wizard 
erequ 
Confirm con figuration settings. 
Nones 
user 
Comm 
The database will be upgraded. A backup should be done before the 
database is upgraded. Should the database upgrade be done now? 
Stre 
My Citrix Username= davisra1983 
Z] Automabcally Start Services
  1. Machine generated alternative text:
Citrix Provisioning Configuration Wizard 
Confirm con figuration settings. 
Stopping Neb,Nork Services 
Stopping Software Stream Service 
Con figuring Services 
Starting Software Stream Services 
Star ting Neb,Nork Services
  1. Machine generated alternative text:
Programs and Features 
Control Panel 
Control Panel Home 
View installed updates 
Turn Windows features on or 
Programs Programs and Features 
Uninstall or change a program 
To uninstall a program, select it from the list and then click Uninstall, Change, or Repair. 
Organize • 
Install a program from the 
network 
Uninstall Repair 
O 
Publisher 
Carbon Black, Inc. 
Carbon Black, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Citrix Systems, Inc. 
Microsoft Corporation 
Microsoft Corporation 
Microsoft Corporation 
Microsoft Corporation 
Microsoft Corporation 
Microsoft Corporation 
Microsoft Corporation 
Microsoft Corporation 
Trend Micro Inc. 
Installed On 
4/28/201 g 
4/7/201 g 
3/19/2019 
9/14/2019 
4/7/201 g 
3/19/2019 
3/1/2019 
3/1/2019 
3/19/2019 
3/19/2019 
3/18/2019 
3/18/2019 
3/19/2019 
Size 
Carbon Black Sensor 
Cb Protection Agent 
Citrix Broker PowerSheII Snap-In 
Citrix Configuration Logging Service PowerSheII snap... 
Citrix Configuration Service PowerSheII snap-in 
Citrix Delegated Administration Service PowerSheII sn... 
Citrix Diagnostics Facility 
Citrix Host Service PowerSheII snap-in 
Citrix Provisioning Consolex64 1811.1.0 
Citrix Provisioning Server x64 1906.1.0 
Microsoft Silverlight 
d 
Microsoft SQL Server 2012 Native Client 
Microsoft Visual C++ 2008 Redistributable - x64 9.03... 
Microsoft Visual C++ 2008 Redistributable - x86 9.03... 
Microsoft Visual C++ 2012 Redistributable (x64) 
Microsoft Visual C++ 2012 Redistributable (x86) 
Microsoft Visual C++ 2013 Redistributable (x64) 
Microsoft Visual C++ 2013 Redistributable (x86) 
• Trend Micro OfficeScan Agent 
Citrix Systems, Inc. Product version: 
Help link: 
-11.0... 
-11.0... 
- 12.0... 
- 12.0... 
243 MB 
11.6 MB 
166 MB 
1.78 MB 
0.97 MB 
156 MB 
305 MB 
241 MB 
50.7 MB 
4.88 MB 
876 KB 
20.5 MB 
173 MB 
20.5 MB 
17.1 MB 
Version 
6.12.71 log 
800.2562 
7.22.0.10 
7.22.0.7 
7.22.o.g 
7.22.0.8 
7.1.5.o 
7.22.0.8 
1811.1120018 
1906.1022028 
5.1 50918.0 
1112100.60 
9030729.6161 
9030729.6161 
110.60610.1 
110.60610.1 
12040660.0 
120.406600 
12.0.4430 
1906.102028 
http://www.citrix.com 
Support link: 
Size: 
http://www.citrix.com 
241 MB
  1. PVS console upgrade
  1. Log in to the server with the service account.
  1. In C:\SRC\1906 open the “Console” Folder. 
  1. Right-click on “PVS_Console_x64.exe” and run as administrator. 
  1. Once the .exe has launched Click next through the installation.
  1. ” src=”https://lh6.googleusercontent.com/_yXLKhs_rAW1tGQZMjHNZV7We3AdZnnSqEsoCtNvEkKxttBScEHUySDow3-2FE0-E-554rBapzOzEaSnkTZIncmkh0fDDveTbxcbKQY7CwXs73fCJFu6oAxng1Gko03YnwnEWOY” width=”501″ height=”380″>
  1. (Additional Screenshots of steps)
  1. If you run into any issues during the installation of the pre-requisites refer to 
  2. https://www.carlstalhood.com/provisioning-services-server-install/
  1. Accept the licensing term.
  1. ” src=”https://lh5.googleusercontent.com/xSy7W_jVc66n9FMVQBl_P4njXDywZ0Z3zn5Sv-yRssBrMtDdDDC1pcKpww7hawViXA-L5EgXNdGpjzV2jhdjlc9Ddhh1XIU_DTNc9Hp7aBI_zOr4t03r85EAjHs-FccgfXM3pfE” width=”502″ height=”378″>
    1. Fill in the names
  2. ” src=”https://lh3.googleusercontent.com/oHu9eTUy7kpiGqjZOdzJryfSN7-cU34frvHBbkWGRdvY650WPtg9Tx7PFY3ZYruj3fgVD_8bewkFMdj_tVSLZUUvo3Yv2Knoyb2n_gjZAKeLbXq1aUO9UrFJMPOPKHCC4aLe9g4″ width=”501″ height=”376″>
  1. Install in the default directory
  2. CiTRlX ” src=”https://lh4.googleusercontent.com/dvU_20Lia7RPdhE4OpyigAW4CdYnescVq1kTxgkkpg9rra5BhZLz27hBJowsLriBzRfHHiQiBJSZsHLq5Om1h0ol-HPn7Oxq7D5ZVLinFx_VSt_iHNT4O0ERjRonCKbPDdgsSuA” width=”500″ height=”378″>
  1. Install
  2. Machine generated alternative text:
Citrix Provisioning Consolex64 19120.0 LTSR 
Ready to Install the Program 
The Wizard is ready to begin installation. 
Click Install to begin the installation. 
- InstallShieId Wizard 
CiTRlX 
If pu want to review or change any of your installation settings, dick Back. Click Cancel to 
exit the wizard. 
InstallShieId
    1. Installing
  3. Machine generated alternative text:
Citrix Provisioning Consolex64 19120.0 LTSR - InstallShieId Wi... 
Installing Citrix Provisioning Console x64 1912.0.0 LTSR 
The program features you selected are being installed. 
CiTRlX 
Please nait while the InstallShieId Wizard installs Citrix Provisioning Console 
x64 1912.0. O LTSR. This may take several minutes. 
Status: 
Updating comgu)nent registration 
InstallShieId 
Cancel
    1. Finish
  4. Machine generated alternative text:
Citrix Provisioning Consolex64 19120.0 LTSR- Instal[ShieId Wizard 
CiTRIX' 
InstallShield Wizard Completed 
The InstallShieId Wizard has installed Citrix 
Provisioning Console x64 1912.0. O LTSR. Click Finish to exit the 
wizard.
  1. Open the console and check the version.
  2. Machine generated alternative text:
About Citrix Provisioning Console 
Citrix Provisioning Console 
Citrix Systems, Inc. 
Version: 7.24.0.24019 
@ 2001-2019 Citrix Systems, Inc. All rights
  1. You need to re-register those PowerShell snap-ins. Reregistering Citrix.PVS.Snapin.dll is well-known, but ta. here are 5 other snap-ins that are necessary as well.
  2. https://support.citrix.com/article/CTX235079
  3. Citrix.PVS.Snapin
  4. Citrix.Broker.Admin.V2
  5. Citrix.Configuration.Admin.V2
  6. Citric.ConfigurationLogging.Admin.V1
  7. Ctrix.DelegatedAdmin.Admin.V1
  8. Citrix.Host.Admin.V2
  1. On the PVS server, run CMD as Administrator. Then in each of these folders:
  2. CD \Windows\Microsoft.NET\Framework64\v4.0.30319
  3. CD \Windows\Microsoft.NET\Framework\v4.0.30319
  4. Run all of these commands:
  1. .\InstallUtil.exe “C:\Program Files\Citrix\Provisioning Services Console\Citrix.PVS.Snapin.dll”
  1. .\InstallUtil.exe “C:\Program Files\Citrix\Broker\Snapin\v2\BrokerSnapin.dll”
  1. .\InstallUtil.exe “C:\Program Files\Citrix\Configuration\SnapIn\Citrix.Configuration.Admin.V2\Citrix.Configuration.PowerShellSnapIn.dll”
  1. .\InstallUtil.exe “C:\Program Files\Citrix\ConfigurationLogging\SnapIn\Citrix.ConfigurationLogging.Admin.V1\Citrix.ConfigurationLogging.PowerShellSnapIn.dll”
  1. .\InstallUtil.exe “C:\Program Files\Citrix\DelegatedAdmin\SnapIn\Citrix.DelegatedAdmin.Admin.V1\\Citrix.DelegatedAdmin.PowerShellSnapIn.dll”
  1. .\InstallUtil.exe “C:\Program Files\Citrix\Host\SnapIn\Citrix.Host.Admin.V2\\Citrix.Host.PowerShellSnapIn.dll”
  1. PVS Targets upgrades

1. You will need to go to the PVS server that you are working on the upgrades and open the PVS console.

2. Then go to vDisk Pools and create new versions. If you have 5 versions, then the 6th version will need to be merged with the last base and updates or updates only and needs to be Maintenance mode. It will take some time to create the merge-base.

3. Now go into your Hypervisor and power on the Master VM up that has the new version.

4. Open the console so you can see the VM.

5. It will ask you to press 1 for the new Maintenance version. Press 1, and it will boot into windows.

6. Now bring over the PVS software, and put it on the C or D drive of the Target

Step 3 – Click Next at Welcome to the Installation Wizard for Citrix Provisioning Service Target Device x64

Step 4 – Select I accept the terms in the license agreement, Click Next

Step 5 – Leave as default, Click Next

Step 6 -Leave as default, Click Next

Step 7 -At Ready to install the program, Click Install

Step 8 -Installation will begin and take a few minutes to complete.

Step 9 – Click Finish at Installation Wizard Completed.

At this stage, the vDisk should be re-sealed ( based on your sealing techniques and re-distributed/Coped to each Provisioning Server

Update the BDM iso 

We use the BDM ISO 

Information

• Remember don’t check this unless your troubleshooting

• 

• https://support.citrix.com/article/CTX230333

• Reason why is here.

https://discussions.citrix.com/topic/363293-pvs-76-xa65-tds-taking-10mins-to-boot/

Upload to your hypervisor storage. Datastor/Container

Now attach that ISO to the PVS Targets you upgraded on 4c. It will need to new ARDBIN file. ( If you forget this step, it will still boot. But will be slower and could get stuck in a loop.

  1. Citrix WEM 1811 upgrade to 1912 LTSR
  1. Upgrade Deployments
  2. The data below is from Citrix Workspace Environment Manager 1912 Citrix Systems.
  3. https://docs.citrix.com/en-us/workspace-environment-management/current-release/upgrade.html
  1. The Workspace Environment Management components must be upgraded in the following order:
  2. Infrastructure services
  3. https://docs.citrix.com/en-us/workspace-environment-management/current-release/upgrade.html#step-1-upgrade-the-infrastructure-services
  1. Database
  2. https://docs.citrix.com/en-us/workspace-environment-management/current-release/upgrade.html#step-2-upgrade-the-database
  1. Administration console
  2.  https://docs.citrix.com/en-us/workspace-environment-management/current-release/upgrade.html#step-3-upgrade-the-administration-console
  1. Agent
  2.  https://docs.citrix.com/en-us/workspace-environment-management/current-release/upgrade.html#step-4-upgrade-the-agent
  1. The following changes are going to occur so be ready:
  1. A new clean installation of the WEM Agent will result in a complete change of Service Names and Folder Structures as below
  2. The new Service name is: Citrix WEM Agent Host Service
  3. The new process name is: Wem.Agent.Service.exe
  4. The new path structure is: %ProgramFiles%\Citrix\Workspace Environment Management Agent
  5. An upgraded installation of the WEM agent will result in partial changes to your environment:
  6. The new Service name is: Citrix WEM Agent Host Service
  7. The new process name is: Wem.Agent.Service.exe
  8. The path on the file system will not be altered and will remain as it was: %ProgramFiles%\Norskale\Norskale Agent Host
  9. Be aware also that in both clean and upgraded deployments, the Windows Event logs will change from Norskale Agent Service to WEM Agent Service 
  10. Source:
  11. https://jkindon.com/2019/09/11/citrix-wem-updated-start-up-scripts/
  1. Infrastructure services

  1. I need .Net 4.7.1
  2. For me, I selected yes now.
  3. Reboot and logged in
  1. Database
  1. Open the database management Utility
  1. I at this point just restarted the server
  1. 2a. Check Database parameters (open the WEM Infrastructure Service Configurations)
  1. You will notice the Port and old name (1811)
  2. You will notice the Port and new name -1912
  1. *One thing to note on Port* 
  2. Cache synchronization port. (Applicable to Workspace Environment Management 1909 and earlier; replaced by Cached data synchronization port in Workspace Environment Management 1912 and later.) The port on which the agent cache synchronization process connects to the infrastructure service to synchronize the agent cache with the infrastructure server. The cache synchronization port must be the same as the port you configured for the cache synchronization port (WEM Infrastructure Service Configuration > Network Settings) during the infrastructure services configuration. The port defaults to 8285 and corresponds to the AgentCacheSyncPort command-line argument.
  3. Cached data synchronization port. (Applicable to Workspace Environment Management 1912 and later; replaces Cache synchronization port of Workspace Environment Management 1909 and earlier.) The port on which the agent cache synchronization process connects to the infrastructure service to synchronize the agent cache with the infrastructure server. The cached data synchronization port must be the same as the port you configured for the cached data synchronization port (WEM Infrastructure Service Configuration > Network Settings) during the infrastructure services configuration. The port defaults to 8288 and corresponds to the CachedDataSyncPort command-line argument. Alternatively, you can specify the port using a command-line option in the silent installation of the WEM agent 
  4. Wayne Lui states its backward compatible and still listens, But I would add this into your Firewall Ruleset. 
  1. Admin Console
  1. Agents
  2. Upgrade the Agent on the machines 
  3. I did this with the GUI, but I do this in production.
  4. ##Install CMDLine with an SCCM task
  1. Task 1
  2. “Citrix Workspace Environment Management Agent Setup.exe” Cloud=0 VUEMAppCmdDelay=5 WaitForNetwork=30 SyncForegroundPolicy=1 GpNetworkStartTimeoutPolicyValue=5 /log WEM2003.txt /quiet
  1. Task 2
  2. ##Copys Startup script 
  1. xcopy “\\server\Citrix\Upgrade Files\WEM\2003\Workspace-Environment-Management-v-2003-01-00-01\WemRefreshCache\RefreshWEMAgentonReboot.bat” c:\scripts\refreshWemAgent /h /i /c /k /e /r /y
  1. Task 3
  2. Then it runs a 
  3. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe update
  4. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe eqi 3
  1. I took James Kindon Script he made here https://jkindon.com/2019/09/11/citrix-wem-updated-start-up-scripts/
  1. Then it’s called it the same name as my older script was (RefreshWEMAgentonReboot.bat), does an xcopy, and placed it in the same location. This way the scheduled task, will still have the same name it runs. The CLI parameters are different but will do the same deal
  1. We use BISF to handle this during our sealing process
  1. Agents are completed.

There is a lot of material here, and I hope it helps out someone.

Aug 122020
 

There has been some recent change to the LTSR article around Local Host Cache upgrades

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/upgrade-migrate/upgrade.html#replace-sql-server-express-localdb

  • When upgrading Delivery Controllers to Citrix Virtual Apps and Desktops version 1912 or 2003: Upgrading SQL Server Express LocalDB is optional. Local Host Cache works properly, with no loss of functionality, regardless of whether you upgrade SQL Server Express LocalDB. We added the option to move to a newer version of SQL Server Express LocalDB in case there are concerns about end of support from Microsoft for SQL Server Express LocalDB 2014.
  • When upgrading Delivery Controllers to Citrix Virtual Apps and Desktops versions newer than 2003: The minimum supported version is SQL Server Express 2017 LocalDB Cumulative Update (CU) 16. If you originally installed a Delivery Controller earlier than version 1912, and have not replaced SQL Server Express LocalDB with a newer version since then, you must replace that database software now. Otherwise, Local Host Cache will not work.

As you can see here, at one time it stated you needed to upgrade, or it would not work. However, it doesn’t seem that it 100% anymore. I think that’s why Citrix updated the doc. 

As can see here some had the same concerns or questions around it. I most certainly did. 

  1. So, let’s get started. I always do a snapshot first. Which is completed. 
  1. Complete the upgrade of your Citrix Virtual Apps and Desktops components, databases, and site. (Those database upgrades affect the site, monitoring, and configuration logging databases. They do not affect the Local Host Cache database that uses SQL Server Express LocalDB.)
  1. As you can see, I am on 1912 CU1 and have MSQL Express 2014
  1. On the Delivery Controller, download PsExec from Microsoft. See the Microsoft document PsExec v2.2.
  1. Stop the Citrix High Availability Service
  1. Open CMD as Admin and open PsExec.exe

psexec -i -u “NT AUTHORITY\NETWORK SERVICE” cm

  1. Move to the folder containing SqlLocalDB.

cd “C:\Program Files\Microsoft SQL Server\120\Tools\Binn”

  1. Stop and delete CitrixHA (LocalDB).

If you don’t stop is you will get this error  ( Me not paying attention)

SqlLocalDB stop CitrixHA

SqlLocalDB delete CitrixHA

  1. Remove the related files in C:\Windows\ServiceProfiles\NetworkService
  1. Uninstall SQL Server Express LocalDB 2014 from the server, using the Windows feature for removing programs
  1. Install SQL Server Express LocalDB 2017. In the Support > SQLLocalDB folder on the Citrix Virtual Apps and Desktops installation media, double-click sqllocaldb.msi
  1. Reboot the server and make sure this is started “Citrix High Availability Service”.
  1. Logged on and it took about 15 seconds to show up
  1. Then 60 seconds or so on this

11. Check if the CitrixHA Db is created.

 CitrixHA is re-created the next time a configuration sync occurs. After a minute or two, use the SqlLocalDB utility to confirm that CitrixHA has been re-created.

SqlLocalDB i

CitrixHA

MSSQLLocalDB

Exmaple

While still in the PsExec session run this

C:\Program Files\Microsoft SQL Server\120\Tools\Binn>SqlLocalDB i

CitrixHA

MSSQLLocalDB

  1. You will see this until you do the second broker
  1. After I did my second Broker this was in the logs
  1. But then I see this almost ever 2 minutes. I remember reading about this. But I thought it was fixed many versions ago. 

Did some google on the Errors and came up with the 2 links below.

https://support.citrix.com/article/CTX230775

https://blog.citrix24.com/xendesktop-7-15-local-host-cache-troubleshooting/

  1. LHC DB upgrade reference

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/upgrade-migrate/upgrade.html#replace-sql-server-express-localdb

  1. Turns out some AD account were deleted over time, and it had some bad SIDs.
  2. So, I ran the quick script, to get the output.

Get-BrokerApplication |foreach {if ($_.AssociatedUserNames -match “S-1-5-21”) {$_.Name; $_.AssociatedUserNames -match “S-1-5-21”; “”}}

  1. Went into Studio and deleted them from the location it displayed above. Which was in a Published application visibility.
  1. Then based on CTX230775 had needed to redo the LHC DB. So quickly ran through the process and it fixed the error. 

So, in summary, this is how I upgraded the LHC DB and some minor troubleshooting. Hope it helps someone

May 062020
 

I recently ran into having to create a chunk of MCS dedicated machines for this COVID-19 situation the world is in. MCS Dedicated machines are very different from MCS Pool machines. One of the HUGE differences is updating the machine’s images and updating the targets. As your aware MCS Pooled is very similar to PVS and it’s a nice update feature for the PVS/MCS targets. But MSC dedicated machines are not the same. 

This Blog is around MCS Dedicated Full Clones only and updating the Master image to update only new created machines.

Dedicated desktops are assigned to individual users and the data and settings will persist on the desktops. Optionally, the Citrix Profile Management solution can be used to store the user profile and data on central file servers. For dedicated desktops there is a new option available under Desktop OS Catalogs virtual machine copy mode, “Use full copy for better data recovery and migration support, with potentially reduced IOPS after the machines are created”.

“When you deploy the image, you will notice that MCS will do a full VMDK copy of your snapshot chain into a folder of every datastore that is defined in your hosted XenDesktop environment. This makes desktop creations extremely quick when scaling out additional VMs because it 1) negates the need to potentially copy VMDKs across datastores during desktop creation and 2) negates the need to consolidate snapshots during creation. The folder will typically be the machine catalog name + basedisk + random datastore identifier assigned by XenDesktop. This applies to all MCS images; static and pooled.”

You can see the base Snapshot MCS created called Citrix_XD_Name. This is the initial snapshot Studio-MCS makes. But ideally can keep them all around. So my steps are as outline below

Deleting all Snapshots. (Deleted All Yes) I didn’t want any old stuff floating around.

Create new snapshot

Now I’ll update all tools, software and whatever I need to update.

Let check the Provision Scheme so I can get the Provisioning Scheme and the XDhyp information and display the list of snapshots on the virtual machine:

I copied it from PowerShell and put it in OneNote so I could see what I was looking for. As you can see here it still shows my old snapshots. We will update that.

Note to find the ProvisiongSchemeName   (Its list in the Get-ProveSheme) Command. Keep this name for later

  1. Now at this time, I need to run this

a. Get-ChildItem -Recurse -Path ‘XDHyp:\hostingunits\%hostName%\%vmName%.vm’

b. This will list the Snapshot that is associated with the VM itself

c. For me it’s this:

d. get-childitem -Recurse -Path “XDHyp:\HostingUnits\XA_XD Netwrk Connection VS1VC01_PROD_176\XD7MSTRHR.vm”

  1. Then my output is

*Note* you can see that it shows my snapshot listed

  1. I need to take the “Full Path” and note it for the next command.
  1. Second command is:
  1. Publish-ProvMasterVmImage -ProvisioningSchemeName “%provisioningSchemeName%” -MasterImageVM “%templatePSPath%”
  2. For me Its:
  3. Publish-ProvMasterVmImage -ProvisioningSchemeName “Citrix Human Resources Desktop” –masterimagevm “XDHyp:\HostigUnits\XA_XD Netwrk Connection VS1VC01_PROD_176\XD7MSTRHR.vm\ImageUpdate.snapshot”

While this is running in my Hypervisor you will see this.

Once it’s completed you will see

Now Run Get-ProvScheme

These updates will only apply to new machines created from the MCS full Clones. It will not update previously created ones. That is the downfall of MCS Dedicated full clones. 

References

https://docs.citrix.com/en-us/tech-zone/design/reference-architectures/image-management.html

Mar 072020
 

UDP over Audio for Citrix

Many people use Audio in Citrix VAD. It works well, but at times it can be choppy, jittery, and lagging.

I wouldn’t say it’s hard, but Citrix is kind of all over the place with the docs. The Tech Zone does a nice job on the material. One of the reasons I started blogging is I see all kinds of blogs, but I want to do something different. I want to share my settings and get feedback on your experience. Then update my blog with your professional experience. Of course with your approval and your credit for the work. This will allow each one to share different configurations and what works. My intention isn’t to redo blogs or Techzone but to show ALL configurations around a specific topic, like this one. I want more than. Just links, I want detailed setups from start to finish. So, let’s start.

  1. Studio default Citrix policies
  2. So, as you can see 3 policies are set by default within Citrix Studio. The reason I am showing this is that I just wanted to ensure people that no Studio Policies need to be configured.

  1. Another thing I found is that if the Audio is set to medium, the quality is better, and it helps for MICS that us Optimized USB ICA virtual channel.

  1. Once these are set, they are by default. Then you need to tell the Workspace Clients how to use this policy. If these are not set, UDP will not work over audio.
  • Enable audio
  • Sound quality medium
  • Enable Real-Time transport (16500 – 16509)
  • Allow Real-Time transport through Gateway

2. Client settings for UDP

Workspace GPO, setting that reflects the bullet points above.

  1. The next question will be, how does this work for non-domain, BYOD devices?
  2. For this to take effect, you must update the Default.ICA on your storefront servers.
  3. On the StoreFront machine, open C:\inetpub\wwwroot\Citrix\<Store Name>\App_Data\default.ica with an editor such as notepad ++
  4. Some people may not like editing the default.ica file. I understand and get it. But after all, that is what really makes up the ica packet from launching resources. It would be nice for Citrix to add a GUI option. Such as In storefront for this, some drop down the says enable UDP for all workspace clients. Checkbox =enable. 
  5. Anyways let continue. So, for me, it’s this…. C:\inetpub\wwwroot\Citrix\MFA\App_Data
  1. Make the entries below under the [Application] section.

  1. Firewall requirements
  2. The Audio UDP port range specifies the range of port numbers that the Virtual Delivery Agent (VDA) uses to exchange audio packet data with the user device.
  1. By default, the range is 16500 – 16509
  2. Base Citrix Layout. I took this from the EDT CTX Article.
  3. Some people think that these ports need external as well. But in fact, it is from SNIP to the VDA Network. Then it’s wrapped up in the ICA packet.

  1. I have seen some documentation stating you need these ports open, however that is from the NSG gateway to the VDA backend. This isn’t what they mean.
  1. This is what it will look like in terms of an ICA packet.
  2. Internet Firewall: Additional rules must be added to your firewall(s) to allow the following UDP traffic.
  • Client/Citrix Receiver > NetScaler Gateway – UDP/443
  • NetScaler Gateway > XenDesktop VDA – UDP/16500-16509  

h. Ideally, if you could blow up the ICA packet, and analyze the data inside it, It would look like this

  1. NetScaler Settings needed
  • Enable the DTLS flag on the NetScaler Gateway Virtual Server.

              *NOTE*

            I didn’t have to do this But based on my research people have done this and then it would work.

  • Unbind the SSL certificate pair from the NetScaler Gateway Virtual Server.
  • (Re)bind the SSL certificate pair to the Netscaler Virtual Server.  (Note: when rebinding the SSL certificate 
  • I didn’t get any message saying, “No usable ciphers configured on the SSL vServer/service.” This is a known issue and can be ignored). Some say they have, but I didn’t.
  1. Go to the Gateway settings, then click the desired Gateway and edit
  2. Go to the Gateway, and Edit the vServer

  1. After this select DTLS (checkbox), under Basic settings. This is right at the top after you are in the Gateway settings.
  1. Now go down to the SSL local and unbind the SSL cert. After you unbind it, go down and press done to the NetScaler will commit the changes.
  1. Go back into the Gateway, and now Bind again. After you bind it, go down and press done to the NetScaler will commit the changes.

  1. Now at this point, you will see this in the DTLS setting 
  1. As you can see here, once the user starts connecting in, you will see the Client port and XenApp/XenDesktop port show the UDP audio port.

  1. Finally results
  1. 2016 Windows Server/Windows 10 1608 LTSC
  2. VDA 19122016 Windows Server /VDA1909 Windows 10 LTSC
  3. Logitech h570 headset (Optimized USB support)/ SONY PS3 Mic
  4. Citrix Workspace 1911
  5. FSLogix profiles (Just in case anyone asks)

UDP

TCP

UDP

TCP

*Update* For XenDesktop 3/7/2020

I needed to show Xendesktop Settings based on a Slack conversation I had. My settings are the same, nothing changed other than ( I had to enable USB support for this VDA) Even though Citrix is picking it up as optimized. It’s not integrated, and it’s still a USB device. (Which Reminds me I need to update My USB Blog….http://www.citrixirc.com/?p=1070) Also make sure “Client USB Plug in Play device redirection is enabled, or nothing will not happen.

My only headset laying around was my old PS3 Mic. Dang Citrix picked it right up, and optimized it  but restricted it. I must be blocking it.

I am 🙂

Allowed now.

I have to restart my session, for the restriction to go away. The sound would go through to the mic.

Then check and see if optimized is right for this mic

Ok so it’s open now.

Still no Audio through Mic, as I am talking into it here.

Toggle it to Generic

Windows 10 will install a drive for me. 🙂

Generic it is… ( This is also how I test optimized and Generic) 

See more here http://www.citrixirc.com/?p=1075

My testing was around XenApp (Virtual Apps) XenDesktop (VD), and this is for Avaya OneXcommunicator without VDI equinox communicator on the client.

Here are some blogs I picked through to get my information.

  • This was on Windows 8 and Citrix Receiver 4.2

As you can see, UDP is far more valuable and is a must. Seems like Citrix nailed this and did a wonderful Job from a bandwidth perspective. But is the audio really better?  

Some discussions around this.

https://discussions.citrix.com/topic/394148-any-tips-for-configuring-audio-in-xenapp-715/

This article states to use High

https://support.citrix.com/article/CTX210284

Avaya states UDP and medium

https://support.citrix.com/article/CTX233747

UDP with the multi-stream set, interesting Article talks about multi-stream and how it can help

https://www.citrix.com/blogs/2019/06/10/tips-to-optimize-voip-performance/

Multi-Stream

https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/policies/reference/ica-policy-settings/multistream-connections-policy-settings.html

References and data, I collected for this blog

https://www.citrix.com/blogs/2015/04/03/udp-audio-through-a-netscaler-gateway/
https://docs.citrix.com/en-us/tech-zone/design/reference-architectures/optimizing-unified-communications-solutions.html

7.15

https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/multimedia/audio.html#audio-over-udp-real-time-transport-and-audio-udp-port-range

1912

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/1912-ltsr/multimedia/audio.html

But as you can see, the data is scattered and it’s tough to get it all. Well, in my opinion. If you have a different configuration and did something different please share and with your permission, I’ll update this with you steps outlined for your setup In your environment. I feel that a master blog would benefit everyone.

Feb 292020
 

DPI scaling and Citrix workspace Client-side issues are such a pain

There are times, a user will have 2,3 or maybe 4 monitors.

  • You will see at times when they launch an application you will see this.
  • You also will Mouse Cursor offset by a few millimeters on an external display 
  • You also will see the display is really off and the users can’t do much
  • You will also, go crazy!

Why is this? It’s the local clients’ DPI settings, that are passed from their client into the Citrix session. 


The application is cut off. Now the first thought is something is wrong with Citrix. Send it to Engineer. But in fact, it’s the local client screen resolution and DPI settings.

Example: Monitor 3

Example: Monitor 2

Example: Monitor 1

To address this, you have 2 options.

1. Make all DPI settings the same on the local client they are connecting from. But most users, complain about changing things, as they are not tech-savvy, and don’t like change. I get that as well, I don’t like change either ☺

2. Option 2, adjust the workspace to see this.

  • How do you ask? 

3. In the menu option right click on Citrix workspace and select Advanced.

Click High DPI 

4. Now select use High DPI or “YES” You will have to log the user out of the Citrix session all the way. Important., Or you can click “no, use my native resolution” as well.

Let’s try this method now! 😉

6. Now after we change it, we need to log the user out of the session, But the DPI setting is jacked up and we can’t form the client-side. Or can we? Right-click on the Workspace and go to connections. Select the Server and logoff. Simple as that. Of course, you can do it from the director, but this will allow you to do it faster.

7. Relaunch application now with it set to HIGH or “yes”

  • Hey look, it matched my DPI settings, and my Mouse is spot on.

Let’s face it, at times Citrix is confusing and can be any tech support nightmare. But it doesn’t have to if you have the correct support and proper team.

Reading material to better understand this concept.

Check out CTX202319, it looks like DPI, not matching can cause this too.

https://support.citrix.com/article/CTX202319

https://support.citrix.com/article/CTX230017

Use case: Operating System Scaling (also known as DPI scaling)
OS scaling is the default and is identical in behavior to previous receiver versions. This corresponds to the UI setting “Let the operating system scale the resolution”, or the High DPI policy set to disabled. This lets Windows handle all DPI scaling. The resolution on the VDA will be scaled and based on the DPI, resulting in a smaller resolution than the client device. This works well for single monitor sessions, and is efficient when connecting to XenApp 6.5 hosts, or supported XenApp/XenDesktop VDAs configured for Legacy Graphics.

This method does not support Mixed DPI; all monitors must have the same DPI or the session will not work. Scaling can cause blurriness in the images, particularly in the case of the text. This setting is recommended for users on Windows 7 endpoints if DPI matching is not possible, or those connecting to Legacy VDAs. It can also be used on Windows 10 if there is no Mixed DPI. 

Problem Cause

The use of different DPIs between monitors is not supported in Citrix XenDesktop and XenApp environments for receiver versions older than 4.10, as documented in CTX201696 – Citrix XenDesktop and XenApp – Support for Monitors Including 4K Resolution and Multi-monitors.

You can verify the DPI (% scaling) by going to the Windows Control Panel > Display options.

Feb 292020
 

How to send a group of users to a single desktop or a group of Desktops

This would come in handy if you have a piece of software that can only register on desktop “Name” Depending on the vendor licensing schemes.

C:\Users\LOCAL_~1\Temp\2\msohtmlclip1\02\clip_image015.png

On the right hand side click manage tags

Machine generated alternative text:
Deli Grou 
Create Delivery Group 
View 
Help 
Add Machines 
Edit Delivery Group 
Manage AppDtsks 
Ma ge Tags 
n Maintenance Mode 
Rename Delivery Group 
Delete Delivery Group 
View Machines 
Test Delivery Group 
Help

Create a tag name

Machine generated alternative text:
Mana e T 
Manage Tags for the Machine 
VSIXAIO' 
Use the checkboxes to attach tags to the selected item. You can also add edit or 
delete existing tag definitions. 
Description 
AppPro Print.. 
Citrix Test 
LCC-Cert Test 
Ray & Mike-Test 
Red Gate 
OPM Test 
Via-Center 10„. 
For the DBAS Only 
Limit Users for LIPM Testing 
Vid-Center 10-1-5 TEST

On the machines right-click the machine and click manage tags

Machine generated alternative text:
ciTR!X 
—'Its fu Catalcg. 
OS V&t-ires 
Sm OS (6) 
Sessions 1 
De ivety 
LIQr 
Discard 
O i scare 
Reg State 
Regi red 
Registered 
Reg red 
Log Off 
Delete 
Suspend 
Restart 
Sh Down 
Manage Tsgs 
Turn On 
Delivery 
'vr•ew Sessions

Add the Tag for the machines you would like to send the users to.

Machine generated alternative text:
ciTR!X 
Search results for '(Delivery Group Is "DG-MFA-IT-2016')' 
Name 
VSIXAIO 
Details - VSIXAIO.jaxnavy.org 
Details 
Machine 
Server OS Machines (9) 
Machine Catalog 
MC-IT-MFA-2016 
MC-IT-MFA-2016 
MC-IT-MFA-2016 
MC-IT-MFA-2016 
MC-IT-MFA-2016 
MC-IT-MFA-2016 
MC-IT-MFA-2016 
-IT-MFA-2016 
MC-IT M 
DeDivery Group 
Maintenance MO... 
Mana e Ta s 
Persist user Cha... 
Power State 
Manage Tags for the Machine 'JAXNFCU\VSIXAIO' 
use the checkboxes to attach tags to the selected item. You can also add, edit, or 
delete existing tag definitions. 
Tag 
LCC 2012R2 
OpCon 
Ray & Mike-Test 
Red Gate 
Vid-Center 10... 
Description 
For the DBAs Only 
Viz-Center 10-1-5 TEST 
Sessions

Edit the Deliver Controller, and create a new Desktop, with the Tag

Machine generated alternative text:
•e Catalogs 
y Groups 
atlons 
uration 
ministrators 
ntrollers 
enslng 
reFront 
p-V Publishing 
ciTR!X 
Delivery Group 
DG-ExecTeam-2016 
Server OS 
DG-HS-FSBA-Win10 
Desktop OS 
DC-ISD-Win10 
Desktop OS 
DC-IT-SE-Win10 
Desktop OS 
CHS -Maint-Servers 
Server OS 
CHS-Merger-WinIO 
Desktop OS 
DC-MFA-FIN-2016 
Server OS 
DC-MFA-IT-2016 
Server OS 
DG-MFA-XD7-APPSUPPORT 
Desktop OS 
CHS-Ramquest-WinIO 
Desktop OS 
DG-Ramquest-Win10-MCS 
Desktop OS 
CHG -VendorAp ps 
Server OS 
CHS -Vendor-Win 10 
Desktop OS 
Delivering 
Applications and Desktops 
D esktops 
(Static machine assignment) 
Deskto ps 
(Static machine assignment) 
(Static machine assignment) 
Applications and Desktops 
D esktops 
Applications and Desktops 
Add Machines 
Add Applications 
Edit Delive Grou 
Manage AppDisks 
Manage Tags 
Turn On Maintenance Mode 
Rename Delivery Group 
Delete Delivery Group 
View Machines 
View Applications 
Test Delivery Group 
No. of machines 
Total: 2 
Unregistered: O 
Total: 25 
Unregistered: 
Total: 6 
Unregistered: 
Total: O 
Unregistered: 
Total: 6 
Unregistered: 2 
Total: 19 
Unregistered: 
Total: 2 
Unregistered: O 
Total: 9 
Unregistered: 
Total: I 
Unregistered: 
Total: 4 
Unregistered: O 
Total: O 
Unregistered: 
Total: I 
Unregistered: I 
Total: 15 
Unregistered: O 
Sessions in use 
Total: O 
Disconnected: 
Total: O 
Disconnected: 
Total: 4 
Disconnected: 
Total: O 
Disconnected: 
Total: I 
Disconnected: 
Total: O 
Disconnected: 
Total: O 
Disconnected: 
Total: 33 
Disconnected: 
Total: O 
Disconnected: 
Total: O 
Disconnected: 
Total: O 
Disconnected: 
Total: O 
Disconnected: 
Total: O 
Disconnected: 
AppDisks 
- : -ns and Desktops 
h ine assignment) 
h ine assignment) 
h ine assignment) 
h ine assignment) 
Details - 
Details 
Dc-MFA-IT-2016 
lications Desktops 
Machine Catalogs 
Usage 
Tags 
Application Groups 
Administrators

Add Desktop

Machine generated alternative text:
dio 
'lication Prelaunch 
'lication Lingering 
Settings 
ess Policy 
tart Schedule 
Apply 
Desktops 
Add users or groups who can launch a desktop from this Delivery Group. 
Users 
Re m cwe.„ 
Tag restriction 
Cancel

Check to Restrict launch to Machines with Tag “Select the Tag from the Drop Down” Click ok

Machine generated alternative text:
Display name: 
Description: 
it Deskto 
MFA-Published Desktop DBAs 
Example.' Assigned desktops for Finance Dept. 
The name and description are shown in Receiver. 
Restrict launches to machines with tag: 
Red Gate 
o 
Allow everyone with access to this Delivery Group to use a desktop 
• Restrict desktop use to: 
ISAE Database Maint 
Enable desktop 
Clear this check box to disable delivery of this desktop.

Go to workspace and Refresh apps.

Before 

Machine generated alternative text:
Desktops 
All (10) 
Favorites (2) 
DG -Ramquest- 
Win10 (1) 
DG-Ramquest- 
Win10 (2) 
DG-Ramquest- 
Win10 (3) 
DG -Ramquest- 
Win10 (4) 
DG.XD7.MFA. 
APPSUPPORT 
EA-Win10.Desktop 
Maintenance Test 
MFA-Buisness- 
Desktop 
MFA-Published 
Desktop 
VyStar Desktop

After

Machine generated alternative text:
Desktops 
All (11) 
Favorites (2) 
DG-Ramquest- 
Win10 (1) 
DG-Ramquest- 
Win10 (2) 
DG-Ramquest- 
Win10 (3) 
DG-Ramquest- 
Win10 (4) 
HOME 
DG.XD7.MFA. 
APPSUPPORT 
oo 
oo 
EA-Win10.Desktop 
Maintenance Test 
MFA-Buisness- 
Desktop 
MFA-Published 
Desktop 
MFA-Published 
Desktop DBAs 
VyStar Desktop 
Recycle Bin 
Acrobat 
Reader DC 
81ueJeans 
Chet-well 
Administra... 
Excel 201 
Firefox 
Outlook 2( 
VyStar Il 
Support

Launch it to make sure it the number 10 Server

Machine generated alternative text:
MFA-Published Desktop DBAs - Desktop Viewer 
MFA-Published Desktop DBAs 
Connecting

The Tag took me to the desktop that I needed for special Software that has to do with machine licensing.

Machine generated alternative text:
MFA-Published Desk-too DBAs - Desk-too Viewer 
icrosoft Windows [Version 18.8.14393] 
(c) 2816 microsoft Corporation. All rights reserved 
ostname 
s xa 
Google 
Chrome 
e 
837 AM 
2/19/2020

I am sure there is more ways to do this, but this helps me. Maybe it will help you.

Dec 152019
 

First way
For Scanner settings, this is needed on the Local PC first.

  1. Go here 
  2. Create the Key for the VID and PID like this.
  1. Inside the Registry Key add a DWORD32 with AutoRedirect 0x0000001 (On the same Client)
  1. In Studio, you will need a USB Policy Like this….

Make sure this is checked.

Second way
Citrix Studio Policy
https://support.citrix.com/article/CTX123015
https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/general-content-redirection/usb.html

Go here and enable this registry Key (client PC)

When logging into windows

Dec 132019
 

Contents

Generic VS Optimized USB Support.

This is one of those deals that can drive you mad. USB devices in Citrix. In my experience, this is big in health care, and Banks. Typically, users that interact with users a lot! I must admit, the USB docs are here, there, sideways, upside, and backward. The Docs point everywhere, and Citrix has done a great job providing all the information. But at times, I find it hard to put it all together.  I am going to try to put this all in one place, as I know I struggle with this at times.

Optimized vs. generic USB device

Citrix does a good job on this and just touches at a high level the difference.

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/devices.html

Optimized USB ICA Channel

An optimized USB device is one for which Citrix Workspace app has specific support. For example, the ability to redirect webcams using the HDX Multimedia virtual channel.

This means Citrix has worked with the vendors to build the hardware classes inside the Virtual channels to provide superior low bandwidth support. This is geared around Citrix workspace and VDA Virtual Channels.

HDX technology

“HDX technology provides optimized support for most popular USB devices. Optimized support offers an improved user experience with better performance and bandwidth efficiency over a WAN. Optimized support is usually the best option, especially in high latency or security-sensitive environments.”

This link talks about Optimized for 3 sentences only. Then goes straight to Generic.

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/general-content-redirection/usb.html

This link is labeled as Generic USB devices but mostly talks about Optimized.

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/devices/generic-usb-devices.html

Generic USB ICA Channels

 A generic device is a USB device for which there is no specific support in Citrix Workspace app.

This doesn’t mean it will not work, it just saying it’s not optimized and the USB device might not be as fast and will take more bandwidth. They still work, just not as good especially over WAN connections with Remote Offices.

“HDX technology provides generic USB redirection for specialty devices that don’t have optimized support or where it is unsuitable”

Examples

  • The USB device has more advanced features that are not part of optimized support, such as a mouse or webcam having more buttons.
  • Users need functions that are not part of optimized support, such as burning a CD.
  • The USB device is a specialized device, such as test and measurement equipment or an industrial controller.
  • An application requires direct access to the device as a USB device.
  • The USB device only has a Windows driver available. For example, a smart card reader might not have a driver available for Citrix Workspace app for Android.
  • The version of Citrix Workspace app does not provide any optimized support for this type of USB device.
  1. This link talks about Generic USB but is listed under General Content redirection. Which makes sense. It goes in good detail on Generic USB Support.
  2. https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/general-content-redirection/usb.html
  1. Here is another link “Citrix Generic USB Redirection Configuration Guide”
  2. https://support.citrix.com/article/CTX137939
  1. Here is another spin-off for Generic USB, it has some Optimized. But mainly around enabled the auto-redirect setting so users don’t have to inside Desktop Viewer. 
  1. https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/policies/reference/ica-policy-settings/usb-devices-policy-settings.html

There is a lot of information out there, which is where TechZone is going to make this all good. Who knows maybe this will come in handy for them? 

Desktop Viewer legends

https://help-docs.citrix.com/en-us/citrix-workspace-for-windows/display-view-desktops-in-desktop-viewer.html

USB Classes

Another good link is the USB classes and such. This helps me when I am configuring for generic as well.

https://www.usb.org/defined-class-codes

USB device rules

USB device rules use one or more of six identifiers for USB devices. For specific rules, refer to www.usb.org. This website has the identifiers to use with XenDesktop.

User-added image

At times when I need deep information about a USB device, I use a tool called USBDeview. As you can see here it gives some handy information. http://www.nirsoft.net/ is my source for this.

All these setting is from about 6-7 years’ worth of USB situations I been in. 

I break down many options around Generic USB settings. The reason why is it seems to be what a lot of users use due to older devices. But when optimized devices are used, its GOOD! I prefer using the optimized USB virtual channel when I can as the experience is the best for me.

Working Actions and testing

Base settings, No Policies set in Studio, or Receiver/Workspace

No Registry hacks meaning nothing inserted for the Client (local clients)

This is a normal meaning Stock Client (local clients) with in Citrix Workspace

Nothing edited here (local clients) You will often at times see that this location, has a default device rules on what allow or blocked by defaults. 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\GenericUSB

From my experience, I have seen this stop USB device, even when Studio policies are in place.

# Syntax is an ordered list of case insensitive rules where # is line comment

 #  and each rule is (ALLOW | DENY) : ( match )*

 #  and each match is (class|subclass|prot|vid|pid|rel) = hex-number

 # Maximum hex value for class/subclass/prot is FF, and for vid/pid/rel is FFFF

DENY: vid=17e9 # All DisplayLink USB displays

DENY: class=02 # Communications and CDC-Control

DENY: class=09 # Hub devices

DENY:vid=045e pid=079A # Microsoft Surface Pro 1 Touch Cover

DENY:vid=045e pid=079c # Microsoft Surface Pro 1 Type Cover

DENY:vid=045e pid=07dc # Microsoft Surface Pro 3 Type Cover

DENY:vid=045e pid=07dd # Microsoft Surface Pro JP 3 Type Cover

DENY:vid=045e pid=07de # Microsoft Surface Pro 3_2 Type Cover

DENY:vid=045e pid=07e2 # Microsoft Surface Pro 3 Type Cover

DENY:vid=045e pid=07e4 # Microsoft Surface Pro 4 Type Cover with fingerprint reader

DENY:vid=045e pid=07e8 # Microsoft Surface Pro 4_2 Type Cover

DENY:vid=03eb pid=8209 # Surface Pro Atmel maXTouch Digitizer

ALLOW:vid=056a pid=0315 class=03 # Wacom Intuos tablet

ALLOW:vid=056a pid=0314 class=03 # Wacom Intuos tablet

ALLOW:vid=056a pid=00fb class=03 # Wacom DTU tablet

DENY: class=03 subclass=01 prot=01 # HID Boot keyboards

DENY: class=03 subclass=01 prot=02 # HID Boot mice

DENY: class=0a # CDC-Data

DENY: class=0b # Smartcard

DENY: class=e0 # Wireless controller

DENY: class=ef subclass=04 # Miscellaneous network devices

ALLOW: # Otherwise allow everything else

This is an article Citrix has that will explain it better

HID and some other type of USB device fail to redirect

https://support.citrix.com/article/CTX234916

Let’s launch a Citrix ICA session

So, as you can see the defaults are taken over based on this article

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/general-content-redirection/usb.html

HDX technology provides optimized support for most popular USB devices.  This includes:

  • Monitors
  • Mice
  • Keyboards
  • VoIP phones
  • Headsets
  • Webcams
  • Scanners
  • Cameras
  • Printers
  • Drives
  • Smart card readers

So, it redirected them as it should as Optimized. 

But if you read here…

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/general-content-redirection/usb.html

Optimized support offers an improved user experience with better performance and bandwidth efficiency over a WAN. Optimized support is usually the best option, especially in high latency or security-sensitive environments.

  1. HDX technology provides generic USB redirection when optimized support is not available or unsuitable, for example: Some device just will not work with Optimized enabled
  • The USB device has additional advanced features that are not part of optimized support, such as a mouse or webcam with additional buttons.
  • Users need functions which are not part of optimized support, such as burning a CD.
  • The USB device is a specialized device, such as test and measurement equipment or an industrial controller.
  • An application requires direct access to the device as a USB device.
  • The USB device only has a Windows driver available. For example, a smart card reader may not have a driver available for Citrix Receiver for Android.
  • The version of Citrix Receiver does not provide optimized support for this type of USB device. 
  1. With generic USB redirection:
  • Users do not need to install device drivers on the user device.
  • USB client drivers are installed on the VDA machine.

At the time I written the article, optimized will not work for the scanners in the environment I was in. Generic will have to be set here. The Policies Below can be done to achieve this.

Remember to note this (Will come back to it soon)

Another Leading Missed concept

This doesn’t apply to us as we enable USB support but more information for the future when re-reading this

https://support.citrix.com/article/CTX123015

(Link was moved to here below)

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/policies/reference/ica-policy-settings/usb-devices-policy-settings.html#configure-automatic-redirection-of-usb-devices

USB devices are automatically redirected when USB support is enabled, and the USB user preference settings are set to automatically connect USB devices

So, what I take from this if I have USB enable then it will redirect devices. If I don’t then I can set this reg devices to only allow certain ones.

Note: In Receiver for Windows 4.2, USB devices are also automatically redirected when operating in Desktop Appliance mode, and the connection bar is not present. In earlier versions of Receiver for Windows, USB devices are also automatically redirected when operating in a desktop appliance mode or with Virtual Machine (VM) hosted applications.
However, it is not always best to redirect all USB devices, and this article describes how to configure whether a device must be automatically redirected or not.
Users can explicitly redirect devices from the USB device list that are not automatically redirected. To prevent USB devices from ever listed or redirected, you can use Device Rules on either the client endpoint or the Virtual Desktop Agent (VDA). See Administration Guides for further details.

So, in other words, if I disable USB Device Redirection, I can control it more?

Or does USB have to be enabled but I can stop the auto Redirection? At the time of writing this article, I didn’t fully understand what this mean. OPtimzied USB setting don’t rely of the “USB Enabled? If Citrix Workspace has a Optimized ICA channel it will redirect and appear on the device viewer.

Let’s test this

Testing…..So, I disabled this

Now I will log in and it should not PASS anything.

Nothing passed as expected

Now let’s enable 1 reg setting back on the CTX123015 article. So, I want all Scanners to come through.

Now enable the (Connect USB Device)

Do a gpupdate /force the machine you’re on.

Check the registry to make sure the GPO changed on the client the GPO is applied to.

Reg Setting Set, Receiver GPO Set, log out then back in and it should come through as generic according to Citrix

I couldn’t get this to work, I am uncertain at this time what Citrix means by this.

Updated as of 3/2020) The reason that didn’t work was that I disabled USB redirection (Screenshot above) and at the time I thought by setting the device redirection on the client-side registry it would come through. But that’s not what those settings were for. They were for if USB is enabled, and it has them set up as Generic without the user having to click it every time, they logged in under Desktop Viewer.

I will re-enable USB redirection back and put things the way I had it.

Generic USB Redirection pieces.

https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/configure.html

https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/general-content-redirection/usb.html

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/policies/reference/ica-policy-settings/usb-devices-policy-settings.html#configure-automatic-redirection-of-usb-devices

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/policies/reference/ica-policy-settings/usb-devices-policy-settings.html

Again

With generic USB redirection:

  • Users do not need to install device drivers on the user device.
  • USB client drivers are installed on the VDA machine.

Generic USB Way 1

To Enable a USB device to be redirected in as a Generic Driver within receiver Preference

The purpose of this is to allow it to be saved within the settings of receiver/Workspace.

Generic Drivers Set by default when it’s set to the location here on the local Client

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\GenericUSB\Devices

The default key is 0, meaning all optimized is my assumption.

Then it comes in as optimized.

By setting these Registry Settings with a DWORD as 1

Is supposed to use the Generic Driver inside the VDA for XenDesktop.

Desktop Viewer Shows.

But when this popped up

If I clicked on it and selected the devices, then they came through as Generic.

(Note I need no user’s interaction so I will set it to pass through and connection as default on the receiver_workspace GPO)

But continue with the method anyways.

Log out then back in and it should do it by its self now. It worked.

Generic USB Way 2

This is intended to make it seamless for the end-user and to make them like Citrix again.

  1. Please get the VID and the PID of the device.
  2. Plugin the device on the local workstation.

Open device manager

Find your device

Right click and go to properties

Click the details tab

Change the property to Hardware Ids

The format you need is this

VID0711 PID5200

Now take this VID0711 PID5200 and create a key in the local registry of the local desktop.

64bit

32 bit

Take out the wow6432Node and it’s the same path

Create a key under Devices. With the VID and PID number

Now add a DWORD called AutoRedirect and a value to 1

Now when you sign in to the XenDesktop Session you will need to open of the Citrix Receiver Preference. And select when a session start, connect the device. THIS IS A MUST for Generic to work (GPO is another option for this setting)

Not to get sidetracked but For that setting, you can do this

Now back to the session…

Log out and back in and you will now see your device redirected in as Generic 

Now if you don’t want to connect the device automatically you have this option. When you first log in you will see this pop-up. Click on it.

Now you get this.

If I select my Fujitsu device, I will still get the generic option. Because I have the Generic Reg setting to 1. Meaning this.   

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\ICA Client\GenericUSB\Devices

Issues I had because of GPO are scoped correctly

My USB mouse and Keyboard keep redirecting in. I couldn’t figure this out. Citrix seen that this policy.

Which applies to….

Then forcing this on my Local Machine.

ALLOW:03 is a global HID for Mouse and Keyboards.

https://msdn.microsoft.com/en-us/library/windows/hardware/ff538820(v=vs.85).aspx

I created a Group and Put the XD7-BUS-### along with my machines and select deny.

Then when through on my machine and delete the orphaned keys. 

Now things work as normal on my machine.

Generic USB Way 3

Citrix Discussion 376957 a user had the same issue. He solved it by doing this.

http://discussions.citrix.com/topic/376957-usb-redirection-and-auto-switching-from-optimized-to-generic-mode/

The problem was that in “Client USB device redirection rule” I have manually inserted some rules like “Allow: class=08”; after I have enabled “Use default value” and with your suggestion, the redirection works as I wanted.

NOTE: https://support.citrix.com/article/CTX137939

 In this article, it talks about adding the PID and VID in the Generic USB settings. It would appear that the Checkbox “Use default values” isn’t the only thing needed. By adding the PID and VID will redirect it as Generic. But I want all scanners to be generic. How do I achieve this? Follow the screenshots below.

This will do it for all Storage devices, or any device that is considered in the Generic Coding within these settings.

Then add registry AutoRedirectStorage=dword:1 ,  mass storage will behave as generic device for redirection 

But for all generic device to be redirected you always have to select below options in cdviewer Preferences:

1. When session start connect device automatically

2. When new device attached connect device automatically

 So overall you have to add registry and set checkboxes in preference, connections tab for auto redirection to work smoothly

Generic USB Way 4

Another Test I did, was I needed to Redirect Mass Storage, But Block my USB Video input for an extra monitor I had.

ALLOW: VID=ABCD PID=1234 #Mass Storage Device as Generic

(With this allow rule above I had to enable this as well)

http://support.citrix.com/article/CTX123015?_ga=1.249948033.660250984.1475149031

DENY: VIP=0711 PIC=5200 #Block USB Video connection from Local PC to VDA

This is somewhat confusing, and Citrix E-docs aren’t the best for explaining all this. They have a lot of great information, but it runs together.

On the Windows 7 VDA you can see this. So it’s working as it should. ( Same on windows 10- validated up to 1809) 

Generic USB Way 5

Another Test I would like to do is configure this on the receiver side.

I will remove my Studio USB ALLOW and DENY RULE.

Then apply it to my Citrix Receiver 4.5 ADMX in GPO.

Created the Citrix Receiver 4.5 Rule

Made sure the AutoRedirectStorage is still intact and set to 1 which redirects generic USB according to Citrix

Now on my Desktop (local Client)

Now let login to the VDA

This looked like it works as well.

Little GOTCHA

One thing I noticed that if you use the Citrix Receiver/workspace ADMX for Generic USB Remoting. If you don’t have an ALLOW RULE for your devices. It will pass through but will be optimized by default. It’s like if you use the receiver GPO then use it all the way through.

For example, I am denying USB Video, but my scanner is coming through as Optimized and policy is set and I cannot override it.

I added this rule

Now on my VDA you can see, the Scanner came in great.

 As you can see if I don’t have the USB allow Rule for my Mass Storage device, it come in as optimized and restricted.

Let’s update Citrix Receiver ADMX policy

Allow must before DENY, Like a Firewall ACL

Allow: VID=1DCC PID=482B #Ambir Scanner; Allow: class=08 subclass=06 prot=50 # Mass Storage; DENY: VIP=0711 PIC=5200 #Block USB Video connection from Local PC to VDA

Another of the noted example of Rules. Not applied here though

Allow: VID=1DCC PID=482B #Ambir Scanner; DENY: Class=08 Subclass=06 # Mass Storage; DENY: VIP=0711 PIC=5200 #Block USB Video connection from Local PC to VDA

DENY: VID=0781 PID=5202

Now he is not restricted but still no generic. I can enable generic. But I rather force it. So USB rule is allow me to use it in my session as generic or optimized.

Set my registry key storage for

Log of and back on.

USB Rule Gotchas

One thing I had to figure out was the Optimize policy setting for the USB device. This was geared around the Client drive redirection.

I would apply a USB rule within the Receiver ADMX file to deny a USB device.

Example: DENY: VID=0781 PID=5202

It then would redirect in and say this.

The device would still come it.

But I found out that I have to disable this policy in studio.

I went ahead and added this too

Now it will show policy restricted and allow the user to redirect it, which is good. For approved thumb drive devices our company will allow them to use.

But let’s say a Vendor has a security flaw on a USB Thumb drive, and I had the VID and PID.

Yes I have seen it were a thumb drive comes with a piece of software on the thumb drive, and it can be used for an entry point in your network. A lot of people I see, don’t take this seriously. This won’t happen to me. But if can and it will one day. I understand we have to provide users a good experience, but I see where a lot of sloppy IT guys just make it work to get them off the phone or are lazy and don’t want to deal with it. This isn’t good. So control it from a higher point will prevent this.

I can now apply the deny rule, and the Redirect option will be grey out.

This will ensure the USB Thumb drive (Mass Storage) device will not be used in the session. XA or XD

Now at this point, you control want is inserted.

http://www.usb.org/developers/defined_class
https://support.citrix.com/article/CTX129558
http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/hdx/usb.html

Generic USB reg settings

https://support.citrix.com/article/CTX123015?_ga=1.77053973.1604117216.1478717880

To use generic USB redirection rather than optimized support, you can either:

  • In Citrix Receiver, manually select the USB device to use generic USB redirection, choose Switch to generic from the Devices tab of the Preferences dialog box.
  • Automatically select the USB device to use generic USB redirection, by configuring auto-redirection for the USB device type (for example, AutoRedirectStorage=1) and set USB user preference settings to automatically connect USB devices. For more information, see CTX123015
  • This can bite you if you have USB video cards, just put a deny rule in. So, it will not try to double-dip and redirect again.
  • Example: DENY: VID=0711 PIC=5200 #Block USB Video connection from Local PC to VDA

USB split devices.

There are times where you will need to split the composite USB device. A USB Composite Device is a peripheral device that supports more than one device class. Many different devices are implemented as composite devices. An example of this would be a Jabra or Plantronics headset.

How It Works

“When a user plugs in a simple USB device, the host device checks it against each policy rule consecutively until a match is found. The first match for any device is considered definitive. If the first match is an Allow rule, the device is redirected to the virtual desktop. If the first match is a Deny rule, the device is available only to the local desktop (that is its not redirected). If no match is found, default rules are used.”

“When a user plugs in a composite USB device (a device with multiple functions (interfaces) for example audio headset with speaker, mic and HID button) the host device checks for all functions (interfaces) against each policy rule. If the first match for any function(interface) is a Deny rule, the rule is considered definitive for the composite device and device is denied. If the first match for a function (interface) is an Allow rule, the host device continues to match the rules against next function (interface). The composite device is allowed if no function (interface) is denied by a policy rule. If definitive match for composite device is a Deny Rule, the device is available only to the local desktop otherwise the device is remoted to the virtual desktop. If no match is found, default rules are used.”

Citrix CVAD Troubleshooting.

  • Review the device on the client computer.  Record the class, subclass, VID and PID settings. This setting will block USB devices not matter what you have applied in a policy
  • If USB devices prompting to connect on each session, Enable Connect automatically, and When a device is plugged in connect it. ( you can configure this with GPO/workspace GPO)

Summary and conclusion

As you can see, there are a lot of USB settings. More than I would like to configure. But USB devices have come along way. Users have many options now. This blog is and was to help with the ease and confusion.  If you see something that doesn’t make sense and doesn’t work. Please let me know. I may need to update the base of the setting on a new CR or LTSR release. But I follow this a lot when I forget how to do certain USB options. My experience is around Windows 10 devices or Windows 10 IoT.