Beruflich Dokumente
Kultur Dokumente
5 Advanced
Administration
Mark Owner
Adobe®, Flash®, Acrobat® Adobe Systems Incorporated
Toolwire® Toolwire
Other product and company names mentioned herein might be the service marks, trademarks or
registered trademarks of their respective owners in the United States and other countries.
Credits
Instructional Designers: Jeremy Boehl, Dustin Clark, Ben Colborn, Lydia
Kellman, Karla Stagray
Troubleshooting the
XenApp Environment
14 © Copyright 2011 Citrix Systems, Inc.
About Coolidge Consolidated Holdings, Ltd.
Coolidge Consolidated Holdings, Ltd. (CCH) is a large, privately-held financial company that is the
parent company to many smaller banking and investment companies that specialize in different
services that make up the CCH service portfolio. CCH currently has 300 employees who work
directly for the company but has thousands more that work in the child companies. As the parent
company, CCH oversees the child companies to provide a broad range of financial and investment
services to its clients. It also helps to support each child company with business services, including
IT services. The only CCH office is located in San Francisco, California.
CCH has been using Citrix XenApp 6 to host several tactically important applications for their
employees. To address the increasing technical and business needs for the company, the CTO
recently secured funding to upgrade to XenApp 6.5 and expand the XenApp environment to meet
strategic needs within the organization. The CTO also purchased licenses for Citrix Netscaler and
Citrix Access Gateway to augment the functionality and robustness of the environment.
In addition to using XenApp 6.5 for more strategic purposes, CCH management wants to
consolidate the IT infrastructure for all of the child companies by the end of next year. At present,
each of the child companies host and maintain its own XenApp farm and other key pieces of the IT
infrastructure. To lay the foundation for this consolidation, management wants to begin building a
XenApp infrastructure that is easily and quickly scalable.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 15
Lab Scenario
CCH does not have the expertise to complete the transition from XenApp 6 to XenApp 6.5 within
the company so they needed to reach out to you, a XenApp Advanced Administrator, to help bring
their environment up to their needs. Due to business needs, CCH needs to get their environment
up-to-speed to fit their needs within the next 5 days. CCH has communicated that there may be a
few pitfalls along the way, so hopefully you are up to the challenge.
CCH’s Citrix team used the Citrix Migration tools to create a copy of their current XenApp 6
production environment into a staging environment running XenApp 6.5. During their migration
they encountered a few hiccups that prevented the environment from immediately coming up.
Unfortunately, an overzealous member of the team began attempting to troubleshoot the issues and
ended up further damaging the environment. They do not know how to recover and need you to
help troubleshoot the environment and bring it back to health.
16 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Lab Environment
The following table provides descriptions and roles of each virtual machine in the lab environment:
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 17
Virtual Machine Role OS Hostname
XenAppController-1 A full XenApp server, Windows Server 2008 XAC-1
with IMA services. It R2
also is the Power and
Capacity Management
Concentrator.
18 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
User Credentials
Please use the following credentials as you complete these exercises:
CCH\CitrixAdmin
• Username: CCH\CitrixAdmin
• Password: Password1
• Member of: CCH\Domain Admins; CCH\TestAccounts
• Description: This account was created to facilitate the initial phase of deployment for all Citrix
administrators. When the environment is launched, it will be replaced by specific accounts for
each administrator. This is the account that will be used most often throughout the initial
deployment.
XAC-1\Administrator
• Username: XAC-1\Administrator
• Password: Password1
• Member of: Local Administrators
• Description: This account is a local administrator for the XenAppController-1 virtual machine.
CCH\Administrator
• Username: CCH\Administrator
• Password: Password1
• Member of: Administrators; CCH\Domain Admins
• Description: This account is the main administrator in the CCH domain.
CCH\TestAdmin
• Username: CCH\TestAdmin
• Password: Password1
• Member of: CCH\Domain Admins
• Description: This account simulates a another admin in the farm.
CCH\TestUser
• Username: CCH\CitrixUser
• Password: Password1
• Member of: CCH\TestAccounts
• Description: This account simulates an account of the average user of the XenApp farm.
citrixadmin@cch.local
• Username: citrixadmin@cch.local
• Password: Password1
• Description: This account is used exclusively to log on to and manage EdgeSight.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 19
Exercise 1-1: Troubleshooting an AppCenter
Issue
Scenario
Other administrators are complaining that they are unable to connect to the farm with Citrix
AppCenter. You sense it may have something to do with user permissions. You need to verify and
resolve this issue.
Estimated time to complete this exercise: 35 minutes
After several moments an error appears, specifying that an error occurred. It suggests
checking to make sure that XenApp is installed and that the MFCOM service is running.
3. Navigate to the Uninstall a program control panel and verify that Citrix XenApp 6.5 appears to
be installed correctly.
a. Click Start > Control Panel and click Uninstall a program.
b. Verify that Citrix XenApp 6.5 appears in the list of installed programs.
Citrix XenApp 6.5 is listed as installed along with all of the other XenApp components.
4. Navigate to the Services control panel and ensure that the MFCOM is started. Attempt to
restart the service.
a. Click Start > Administrative Tools > Services.
b. Verify that the Citrix MFCOM Service appears in the list with a Starting status.
c. Right-click the Citrix MFCOM Service and attempt to click the Restart option.
20 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
The option to restart the service is not present.
Because you are unable to start or control the service, check for error logs.
5. Navigate to the Error Viewer console and view the Administrative Events. View the displayed
errors.
a. Click Start > Administrative Tools > Event Viewer.
b. Expand the Custom Views node and click Administrative Events.
c. View the General and Details tabs for the errors that appear.
With the large volume of errors in the log, you suspect that the issue is much more serious
than anticipated. You spot an IMAService error which supports your theory.
6. View one of the IMAService errors from the last several days.
a. Find an Error level IMAService event.
b. Double-click the IMAService event.
c. Read the error listed and click Close.
d. Repeat substeps a-c on the nearby IMAService error events.
The errors indicate that it may that the IMA Service is not configured correctly or could
be otherwise broken. The error events state that an ACCESS.mdb file is missing. Because
the IMA Service is integral to the proper functioning of a XenApp farm this issue requires
further investigation.
7. Within the Services console, verify whether the Citrix Independent Management Architecture
service is started and running correctly.
a. Select the Citrix Independent Management Architecture service from the Services
console.
b. Verify that the Status field is empty and Automatic appears in the Startup Type field.
There is an issue with the Citrix Independent Management Architecture. Though it is set
to run automatically, the service is not running.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 21
An error message appears specifying that the IMA service could not start.
2. View the log on credentials of the Citrix Independent Management Architecture service.
a. Right-click the Citrix Independent Management Architecture service and click
Properties.
b. Click the Log On tab.
It appears that all settings are set correctly.
c. Click OK to close the Citrix Independent Management Architecture Properties.
Because all the settings of the service appear okay, you need to confirm that the local host
cache is not corrupt.
3. Access the C:\Program Files (x86)\Citrix\Independent Management
Architecture directory and view the file metadata for the imalhc.mdb file.
a. Navigate to the C:\Program Files (x86)\Citrix\Independent Management
Architecture folder.
b. View the file information for the imalhc.mdb file.
The imalhc.mdb file does not exist! It appears that the other administrator was working
in this area and deleted the local host cache database file.
4. Use a command prompt to run the dsmaint command to recreate the Local Host Cache
database.
a. Click Start > Command Prompt.
b. Type dsmaint recreatelhc and press Enter.
c. Verify that the "Recreating LHC database finished successfully" message appears.
5. Use the Services console to start the Citrix Independent Management Architecture Service, and
Citrix WMI Service services.
a. Right-click Citrix Independent Management Architecture Service in the Services console
and select Start.
b. Right-click Citrix WMI Service and select Start.
6. Restart the XenAppController-1 virtual machine.
7. Log on to the XenAppController-1 virtual machine as the CCH\CitrixAdmin user.
8. Open Citrix AppCenter and allow the console to discover the CCH farm. View any errors that
occur.
a. Click Start > Administrative Tools > Citrix > Management Consoles > Citrix
AppCenter.
b. Double-click Errors occurred when using XAC-1 in the discovery process to view the
error details.
22 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
An error occurs stating that this user account is not a member of the farm. The
administrator who installed XenApp must have installed it as a local administrator.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 23
The CCH\CitrixAdmin user is able is now able to view the farm in Citrix AppCenter. Just to
verify that the farm is working correctly you want to launch an application from Web
Interface.
8. Use Internet Explorer to connect to the Web Interface at http://wis-1.cch.local.
The Web Interface does not come up. A standard IIS page is displayed indicating issues
with the configuration of the Web Interface server.
24 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 1-2: Troubleshooting Web Interface
and XML Issues
Scenario
You recently fixed issues with the IMA Service and Citrix AppCenter console. But when trying to
access applications from Web Interface, you noticed that you could not. You need to troubleshoot
and fix the issues to access applications through Web Interface.
Estimated time to complete this exercise: 25 minutes
3. Switch to the EndUserSimulator virtual machine and log on as the CCH\CitrixAdmin user.
4. Use Internet Explorer to attempt to access the XenApp Web site directly at http://wis-
1.cch.local/Citrix/XenApp. Verify that the site is available and then close Internet Explorer.
The site is accessible when connecting through its direct URL. The issue must be in the
redirection page of this site.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 25
The web site displays as intended.
9. Log on to Web Interface using the CCH\CitrixAdmin user.
If you are unable to log on, verify that the credentials are being typed correctly and try only
once more.
An error continues to appears asking you to verify your name and password.
Web Interface displays several error messages indicating that the XML Services are failing
to respond.
3. Use the Citrix Web Interface Management console to view the farm settings for the "XenApp"
XenApp Web site. Verify that all XML settings are correct.
a. Right-click the XenApp Web site in the Citrix Web Interface Management console and
select Server Farms.
b. Verify whether all of the settings appear correct.
All of the XML and farm information appears to be correct, except for the server name.
No server named "xml.cch.local" exists.
26 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
c. Type xac-1.cch.local in the Server name field and click OK.
d. Click OK in the Edit Farm dialog box and click OK to close the Manage Server Farms
dialog box.
5. Switch to the EndUserSimulator virtual machine.
6. Log on to Web Interface using the CCH\CitrixAdmin user.
If you are unable to log on, verify that the credentials are being typed correctly and try only
once more.
An error continues to appears asking you to verify your name and password.
Everything appears to be working correctly. You think it may have to do with the XML
port in use.
9. Use the netstat utility from a command line to view the current XML Port.
a. Click Start > Commant Prompt.
b. Type netstat -nab and press Enter.
c. Scroll to the ctxxmlss.exe entry and verify if port 80 is being used.
The local address of the port is listed as 0.0.0.0:8080 indicating that 8080 is the port in use. You
need to change the port to 80.
10. Stop the Citrix XML Service from the Services console and use the ctxxmlss command line
utility to unregister the XML Service.
a. Select the General tab in the Services console and click Stop.
b. Click OK.
c. Type ctxxmlss /u at the command prompt and press Enter.
11. Refresh the Services console to verify that the Citrix XML Service is no longer present. Re-
register the Citrix XML Service to run on port 80 using the ctxxmlss command at the
command prompt.
a. Click Actions > Refresh in the Services console.
The Citrix XML Service is no longer present.
b. Type ctxxmlss /r80 at the Command Prompt and press Enter.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 27
The Citrix XML Service is now registered on port number 80.
12. Refresh the Services console to verify that the XML Service is present and then start the XML
Service.
a. Click Actions > Refresh in the Services console.
b. Right-click Citrix XML Service and select Start.
13. Use the netstat utility to verify that the Citrix XML Service is now listening on the correct port
(80).
a. Type netstat -nab in the command prompt and press Enter.
b. Scroll to the ctxxmlss.exe entry and verify if port 80 is being used.
The local address of the port is listed as 0.0.0.0:80 indicating that 80 is the port in use.
14. Close all open windows.
28 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 1-3: Troubleshooting Launching a
Hosted Application
Scenario
You recently fixed issues with the IMA Service, Citrix AppCenter, Web Interface, and XML Service,
but you are still unable to launch a hosted application from Web Interface. You need to continue
troubleshooting the problems as they happen until you can successfully launch an application.
Estimated time to complete this exercise: 30 minutes
5. Use Citrix AppCenter to check if any users who are connected to XAC-1 may be causing a
high load on the server.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 29
a. Click Start > All Programs > Administrative Tools > Citrix > Management Consoles >
Citrix AppCenter.
b. Expand the Citrix Resources > XenApp > CCH > Servers node and click XAC-1.
c. Click the Users tab and view any connected users.
No ICA users are connected to the xac-1 server. There must be another reason why xac-1
is showing a full load.
6. Use the Group Policy Management console to edit the "Old_XA_GPO" policy and view the
Unfiltered Citrix Computer Policy.
a. Click Start > Administrative Tools > Group Policy Management.
b. Expand the Forest: cch.local > Domains > cch.local > Group Policy Objects node.
c. Right-click Old_XA_GPO and click Edit.
d. Expand the Computer Configuration > Policies nodes and click Citrix Policies.
e. View the Summary tab for the Unfiltered policy.
The application will not launch and Receiver seems to halt. An error eventually appears
indicating that a XenApp server does not exist at the specified address.
30 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Troubleshooting a Network Issue
Use the XenAppController-1 virtual machine logged in as the CCH\CitrixAdmin user for this task.
1. Switch to the XenAppController-1 virtual machine.
2. Use the Event Viewer console to view any related error events.
a. Click Start > Administrative Tools > Event Viewer.
b. Expand the Custom Views tab and click Administrative Events.
c. View the General and Details tabs for the recent errors.
There are no new error events related that seem to relate to this issue.
3. Use the Services console to verify that the Citrix XTE Server service is started and appears to
be running normally.
a. Click Start > Administrative Tools > Services.
b. Double-click the Citrix XTE Server.
c. Verify that the Service status is Started.
The test for port 80 is successful, but the utility is unable to connect to xac-1 on 1494 and
2598. This indicates that networking is set up correctly, but the utility still cannot connect
on either the ICA or Session Reliability ports. This needs further investigation.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 31
9. Use a Command Prompt and access the
C:\Users\CitrixAdmin\Desktop\PortCheck folder. Use the CtxPrtChk command
in this folder to check ports 80,1494, 2598 on the XAC-1 server.
a. Type cd Desktop\PortCheck in the command prompt and press Enter.
b. Type CtxPrtChk xac-1 80 and press Enter.
c. Type CtxPrtChk xac-1 1494 and press Enter.
d. Type CtxPrtChk xac-1 2598 and press Enter.
The CtxPrtChk utility is able to make successful connections to all three ports. Because
the ports are accessible locally but not from another machine on the network, the issue
might likely be a firewall blocking ports to other machines on the network.
10. Use the Windows Firewall with Advanced Security console and view the inbound rules. Verify
that the Citrix ICA and Citrix Session Reliability rules allow traffic.
a. Click Start > Administrative Tools > Windows Firewall with Advanced Security.
b. Click Inbound Rules.
c. View the Action column for the Citrix ICA and Citrix Session Reliability rules.
Rules for inbound traffic are configured to block both Citrix ICA and Citrix Session
Reliability.
11. View the properties of both rules and allow all connections.
a. Right-click the Citrix ICA rule and click Properties.
b. Select Allow the connection, click Apply, and then click OK.
c. Repeat substeps a and b for the Citrix Session Reliability rule.
12. Close all open windows.
Another administrator who is also troubleshooting issues with the farm noticed that an
incorrect Group Policy Object linked to the All XenApp Servers OU is responsible for
many of the problems. You need to delete this GPO.
32 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
4. Close all open windows.
5. Switch to the XenAppController-1 virtual machine.
6. Access the Group Policy Management console and view the group policy objects attached to
the All XenApp Servers organizational unit. Delete the Old_XA_GPO group policy object.
a. Click Start > Administrative Tools > Group Policy Management.
b. Expand the Forest: cch.local > Domains > cch.local nodes and click the All XenApp
Servers node.
c. Right-click the Old_XA_GPO group policy and click Delete.
d. Click OK to delete the GPO link.
7. Use the GPUpdateALL script on the desktop to update the group policy on all XenApp servers.
8. Close all open windows.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 33
Exercise 1-4: Troubleshooting Streaming
Applications
Scenario
You recently fixed all issues so that hosted applications can be launched through Web Interface.
But you noticed another problem: published streamed applications are not being displayed in the
Web Interface. You need to troubleshoot this issue and ensure that streamed applications can
launch successfully for both administrators and users.
Estimated time to complete this exercise: 30 minutes
34 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
7. Log on to Citrix Receiver using the CCH\CitrixAdmin and verify if the Firefox application
appears in the Start menu.
8. Navigate to the Uninstall a Program section of the Control Panel and verify that the Offline
Plug-in is installed.
a. Navigate to Start > Control Panel and click Uninstall a program.
b. Scan the list of installed programs for the Offline Plug-in.
The Offline Plug-in is not currently installed. You need to install it now.
Firefox is still not listed on the XenApp Web site. A streaming application is available on
the XenApp Service site but not the XenApp Web site, indicating that something is wrong
with the XenApp Web site.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 35
Implementing and Verifying a Fix for Absent Streaming
Applications
Use the WebInterfaceServer-1 virtual machine logged in as the CCH\CitrixAdmin user for this task.
1. Switch to the WebInterfaceServer-1 virtual machine.
2. Use the Citrix Web Interface Management console to view the "XenApp" XenApp Web site's
summary information and see if anything looks incorrect in the configuration.
a. Click Start > All Programs > Citrix > Management Consoles > Citrix Web Interface
Management Console.
b. Click XenApp Web Sites node and view the information from the Summary tab.
The Resource types for the site specifies only Online content. This could be an issue
preventing streaming applications from appearing on the Web Interface site.
3. Change the resource type of the "XenApp" XenApp Web site to dual mode.
a. Right-click the XenApp Site Name and select Resource Types.
b. Select Dual Mode and click OK.
4. Close all open windows and switch to the EndUserSimulator virtual machine.
5. Use Internet Explorer to access and log on to Web Interface at http://wis-1.cch.local using the
CCH\CitrixAdmin user. Verify whether Firefox is listed in the applications.
The Firefox streaming application shows up as intended within Web Interface.
6. Attempt to launch Firefox and verify if it can be launched correctly.
7. Attempt to launch Firefox through the Start menu to see if the same error appears.
The same error appears as before. There must be an issue with the profile path.
8. Close all open windows.
36 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
The profile address is incorrect. The profile address must be a UNC path and not a local
path.
3. Change the Z:\ in the profile address to the share's UNC path \\dc\filer\ and select
Mozilla Firefox as the application to launch.
a. Select Z:\ from the Citrix streaming application profile address field and type
\\dc\filer.
The updated path is now \\dc\filer\AppHub\Firefox\Firefox.profile.
b. Select Mozilla Firefox from the Application to launch menu.
c. Click Apply and then click OK.
4. Close all open windows.
5. Switch to the EndUserSimulator virtual machine.
6. Launch the Firefox streaming application from the Start menu and verify whether it now
launches as expected. If it does, specify not to import any data.
a. Click Start > All Programs > Mozilla Firefox.
b. Select Don't import anything and click Next.
Firefox launches correctly for an administrator account. You now need to verify that a non-
administrator can access streaming applications.
7. Log off of the EndUserSimulator virtual machine and log back on as the CCH\TestUser
account.
8. When prompted enter the URL for the Web Interface (http://wis-1.cch.local) and log on to
Citrix Receiver using the CCH\TestUser credentials.
a. Click I will enter the URL now.
b. Type http://wis-1.cch.local and click Update.
c. Log on to Citrix Receiver using the CCH\TestUser credentials.
9. Launch Firefox from the start menu and verify that you are able to launch the application
successfully. When prompted, enter the CCH\TestUser credentials.
Windows Security reports that access is denied. There must be a permissions issue on the
\\dc\filer share.
© Copyright 2011 Citrix Systems, Inc. Module 1: Troubleshooting the XenApp Environment 37
2. Access the C:\Filer folder and view its file sharing permissions. Verify whether everything
seems to be correct.
a. Click Start > Computer and navigate to C:\.
b. Right-click the Filer folder and select Properties.
c. Select the Sharing tab and click Share.
d. Verify the file sharing permission levels for each user.
e. Click Cancel and then Close to exit File Properties.
All permissions seem to be correct. The Domain Users group has permissions to read/write to
the share.
3. Access the C:\Filer\ folder and view the AppHub folder file sharing permissions. Verify if
everything seems to be correct.
a. Double-click the Filer folder, right-click AppHub, and select Properties.
b. Select the Sharing tab and click Share.
c. Verify the file sharing permission levels for each user.
There appears to be an issue. This folder is only available to administrators when it must
be available for all Domain users.
4. Add the CCH\Domain Users group and give it a read level permission.
a. Type CCH\Domain Users in the File Sharing and click Add.
b. Verify that the Permission level drop-down arrow for CCH\Domain Users is Read.
c. Click Share, click Done, and then click Close.
5. Close all open windows.
6. Switch to the EndUserSimulator virtual machine.
7. Launch Firefox from the Start menu and verify that it launches correctly.
The application launches successfully.
8. Close all windows and log off of the EndUserSimulator virtual machine.
9. Switch to the DomainController virtual machine and restart it.
38 Module 1: Troubleshooting the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Module 2
© Copyright 2011 Citrix Systems, Inc. Module 2: Scaling the XenApp Environment 41
b. Expand the amd64_Microsoft-Windows-UnattendedJoin > Identification nodes in the
Answer File pane.
The Identification properties are displayed in the right pane.
c. Click JoinDomain field in the Settings node, type cch.local and press Enter.
5. Specify the Domain as "cch.local," password as "Password1", and username as
"CCH\Administrator" within the credentials node.
a. Click the Credentials node in the Answer File pane.
The Credentials Properties are displayed in the right pane.
b. Click the Domain field in the Settings node and type cch.local.
c. Click the Password field in the Settings node and type Password1.
d. Click the Username field in the Settings node and type CCH\Administrator.
This component provides information to automatically join the Active Directory domain
during Sysprep.
7. Add the amd64_Microsoft-Windows-IE-ESC setting to the specialize node. Specify "false" for
both the IEHardenAdmin and IEHardenUser.
a. Right-click the amd64_Microsoft-Windows-IE-ESC setting and select Add setting to pass
4 specialize.
b. Click the amd64_Microsoft-Windows-IE-ESC node in the Answer File pane.
The Microsoft-Windows-IE-ESC properties are displayed in the right pane.
c. Click the IEHardenAdmin field in the Settings node and select false.
d. Click the IEHardenUser field in the Settings node and select false.
This component disables the Internet Explorer enhanced security control that is usually
on by default.
42 Module 2: Scaling the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
a. Right-click the amd64_Microsoft-Windows-Shell-Setup setting and select Add setting to
pass 7 oobeSystem.
b. Expand the amd64_Microsoft-Windows-Shell-Setup node in the Answer File pane.
c. Select the OOBE node.
The OOBE properties are displayed in the right pane.
d. Click the HideEULAPage field in the Settings node and select true.
This component sets the "oobe" or Out of Box Experience for the system. It is being set to
not display the EULA on first startup.
This component sets the default language information for the system. By setting this
information during Sysprep, it will bypass a prompt for this information during first
startup.
© Copyright 2011 Citrix Systems, Inc. Module 2: Scaling the XenApp Environment 43
a. Click Start > All Programs > Administrative Tools > Citrix > Management Consoles >
Citrix AppCenter.
b. Expand the CCH > Servers node, click the Servers node, and observe the servers listed.
3. Switch to the XenAppWorker virtual machine.
4. Use the Citrix XenApp Server Role Manager to edit the XenApp configuration.
a. Click Start > All Programs > Administrative Tools > Citrix > XenApp Server Role
Manager > XenApp Server Role Manager.
b. Click Edit Configuration.
After a few moments, the Citrix XenApp Server Configuration tool opens.
5. Prepare the server for imaging using the default provisioning options. Do not restart the virtual
machine.
a. Click Prepare this server for imaging and provisioning.
b. Click Next to accept the default provisioning options and click Apply.
c. Click Finish to complete the configuration.
The XAW-1 virtual machine is no longer present, because it was removed from the farm
for provisioning.
8. Switch to the DomainController virtual machine and log on as the CCH\Administrator user.
9. Use the Active Directory Users and Computers console to delete the XAW-1 computer object
from the domain.
a. Click Start > Administrative Tools > Active Directory Users and Computers.
b. Expand the cch.local node and click the Computers node.
c. Right-click the XAW-1 server in the right pane.
d. Click Delete and click Yes to confirm.
44 Module 2: Scaling the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 2-2: Cloning a XenApp Server
Scenario
A member of your team performed testing and troubleshooting on your Microsoft Sysprep answer
file and returned to you a verified version of the file.
Previously, you prepared the machine for imaging by creating the Sysprep answer file and running
the XenApp imaging sequence. Now you must complete the process by performing a Sysprep on
the machine. Once completed, you will be able to provision a XenApp server from this template
and bring it online with no additional user intervention.
Estimated time to complete this exercise: 20 minutes
The restart will simulate bringing up a brand new clone of the system.
© Copyright 2011 Citrix Systems, Inc. Module 2: Scaling the XenApp Environment 45
To create a template from this virtual machine, specify the /shutdown command
instead of the /reboot command.
It may take as long as ten minutes for the XenAppWorker to recover from the sysprep
and rejoin the domain.
It may take several more minutes for the XenAppWorker add itself back into the farm.
This technique can be used to add new XenApp servers to the farm without any additional action.
If the virtual machine was made into template while in its sysprepped state, a virtually unlimited
number of these virtual machines could be provisioned from it and added to the farm quickly and
without any OS or networking conflicts.
46 Module 2: Scaling the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 2-3: Preparing a XenApp Server for
Scripted Configuration
Scenario
The Citrix Engineer also wants to create a sysprepped template that uses scripting to configure
XenApp on the system so administrators can customize the configuration to perform additional
actions as need arises.
Another administrator has prepared a virtual machine for this purpose. He has installed Citrix
XenApp 6.5 on a Windows Server 2008R2 SP1 virtual machine but has not started the XenApp
configuration. You need to perform the steps to prepare an answer file and the PowerShell script to
perform the configuration. Then you need to perform a Sysprep so that the virtual machine can
become a unique template.
Estimated time to complete this exercise: 20 minutes
4. Specify the relative location of the XenAppConfigConsole tool on the next line and add the
flags to specify the join execution mode, the farm name as CCH, and the IMA worker mode to
false by typing:
© Copyright 2011 Citrix Systems, Inc. Module 2: Scaling the XenApp Environment 47
5. Continue on the same line, adding flags to specify the database username as
CCH\Administrator, password as Password1:
/OdbcUserName:CCH\Administrator /odbcPassword:Password1
6. Continue on the same line, adding flags to specify the license server name as dc and the
location of the DSN file as C:\Scripts\database_info.dsn:
/LicenseServerName:dc /DsnFile:'C:\Scripts\database_info.dsn'
7. Continue on the same line, adding flags to add all authenticated users to the Remote Desktop
User Group but to not add the anonymous users or the users group. Type
/AddAuthenticatedUsersToRemoteDesktopUserGroup:true
/AddAnonymousUsersToRemoteDesktopUserGroup:false
/AddUsersGroupToRemoteDesktopUserGroup:false
8. Type the Restart-computer PowerShell command on the next line to restart the computer
and then save the script.
a. Type Restart-computer on a new line.
b. Click File > Save.
The final code should look like the following:
cd 'C:\Program Files (x86)\Citrix\XenApp\ServerConfig'
.\XenAppConfigConsole.exe /ExecutionMode:Join /FarmName:CCH
/IMAWorkerMode:false /odbcUserName:CCH\Administrator
/OdbcPassword:Password1 /LicenseServerName:dc
/DsnFile:'C:\Scripts\database_info.dsn'
/AddAuthenticatedusersToRemoteDesktopUserGroup:true
/AddAnonymousUsersToRemoteDesktopUserGroup:false
/AddUsersGroupToRemoteDesktopUserGroup:false
restart-computer
9. Close all open windows.
The script above is designed to initiate the XenAppConfigConsole tool and provide the parameters
to configure and join the virtual machine to the farm. Once this is completed, the computer must
be restarted to complete joining the farm.
48 Module 2: Scaling the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
a. Click Start > All Programs > Accessories > Notepad to open Notepad.
b. Click File > Save As.
c. Type \\dc\filer and press Enter.
d. Navigate to the LoginScripts\Scripts_untested folder.
e. Name the file FirstLogonScript_untested.bat and click Save.
2. Type powershell.exe -command "& {Set-ExecutionPolicy unrestricted -
Force}" to run a PowerShell command, forcing the initial execution policy to be
unrestricted.
The PowerShell's default execution mode is set to "Restricted", which prevents all non-
Microsoft scripts from running for security reasons. In order to run custom scripts, the
execution mode needs to be changed to unrestricted mode first.
© Copyright 2011 Citrix Systems, Inc. Module 2: Scaling the XenApp Environment 49
2. Add the AutoLogon and FirstLogonCommands nodes from the amd64_Microsoft-Windows-
Shell-Setup component to the "7 oobeSystem" pass.
a. Expand the Components > amd64_Microsoft-Windows-Shell-Setup node in the
Windows Image pane.
b. Right-click the AutoLogon and click Add Setting to Pass 7 oobeSystem.
c. Right-click FirstLogonCommands and click Add Setting to Pass 7 oobeSystem.
3. Repeat the previous step for the x86_Microsoft-Windows-Shell-Setup component.
4. Specify the domain settings within the AutoLogon node as "CCH.local," and set the username
to "CitrixAdmin," and set Enabled to "true."
a. Click the AutoLogon node in the Answer file pane.
The AutoLogon properties pane appears.
b. Click the Domain field and type CCH.local.
c. Click the Enabled field and type true.
d. Click the Username field and type CitrixAdmin.
5. Specify "Password1" as the setting value for the Password node.
a. Expand the Autologon node and click Password.
b. Click the Value field in the Settings pane and type Password1.
6. Create a new SynchronousCommand in the FirstLogonCommand node. Specify the script
location C:\Scripts\FirstLogonScripts.bat as the command line, the order setting
as 1, and the RequiresUserInput setting to false.
a. Right-click FirstLogonCommands in the Answer File pane and click Insert New
Synchronous Command.
b. Click Synchronous Command.
The Synchronous Command Properties pane appears.
c. Click the CommandLine field and type C:\Scripts\FirstLogonScript.bat
d. Click in the Order field in the Synchronous Command Settings in the right pane and type
1.
e. Click in the RequiresUserInput field and type false.
7. Repeat the previous three steps for the x86_Microsoft-Window-Shell-Setup component.
8. Save the file and close all open windows.
50 Module 2: Scaling the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 2-4: Performing a Scripted
Configuration
Scenario
A member of your team performed testing and troubleshooting on your batch, PowerShell scripts,
and the Sysprep answer file and returned to you tested versions of the files to use.
Previously you prepared the machine for imaging by creating the Sysprep answer file, created a
PowerShell script to perform the configuration, and created a batch script to initiate the process.
Now you must complete the process by performing a Sysprep on the system.
Estimated time to complete this exercise: 20 minutes
© Copyright 2011 Citrix Systems, Inc. Module 2: Scaling the XenApp Environment 51
b. Type cd C:\Windows\System32\sysprep and press Enter to change your current
directory.
7. Run the sysprep utility specifying for the utility to generalize the system, set to an out of the
box experience, reboot, and to run through an unattended install using the xac2_tested.xml
answer file.
a. Type sysprep /generalize /oobe /reboot /unattend:xac2_tested.xml
and press Enter.
b. Allow the sysprep process to complete and restart the system.
The restart will simulate bringing up a brand new clone of the system. To create a
template from this virtual machine, specify the /shutdown command instead of the
/restart command.
It may take up to ten minutes for the XenAppController-2 to recover from the sysprep
and rejoin the domain.
It may take several more minutes for the XenAppController-2 virtual machine to add
itself back into the farm.
This technique can be used to add new XenApp servers to the farm without any additional action.
If the virtual machine was made into a template while in its sysprepped state, a virtually unlimited
number of these virtual machines could be provisioned from it and added to the farm quickly and
without any OS or networking conflicts.
52 Module 2: Scaling the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Module 3
Creating Farm
Redundancy
54 © Copyright 2011 Citrix Systems, Inc.
Exercise 3-1: Load Balancing Web Interface
and XML Services Using Citrix NetScaler
Scenario
CCH has standard 09:00 to 17:00 working hours, which means that traffic dramatically increases at
09:00 as employees come into the office, start up their computers, access the Web Interface, and
launch their applications. To ensure that the request load is spread evenly during this time, you
decide to load balance the Web Interface servers as well as the XML service.
Another administrator created a domain user account called "HealthMonitor" for you to use in
configuring the Health Monitoring feature.
Estimated time to complete this exercise: 20 minutes
The Health Monitoring feature will verify the existence of this application within the feed
from the XML service to determine the health of the XML Broker.
2. View the Load Balancing Service Groups and verify that the Web Interface and XML entries
show green and "up" as their State and Effective State, respectively.
a. Click the Service Groups sub-node in the left-hand pane.
b. Verify that the service groups titled XA_WI_EXT_192.168.1.180_80_svcg and
XA_XML_192.168.1.185_80_svcg appear and show "enabled" and "up" as their State and
Effective State, respectively.
These service groups indicate the state of the servers that the NetScalers will forward
connections to for each service.
3. View the network IP addresses of the NetScaler and verify that there are new virtual IP
addresses 192.168.1.180 and 192.168.1.185 and that they are listed as "Active" and "Enabled."
a. Expand the Network > IPs node in the left-hand pane.
b. Verify that virtual IP addresses 192.168.1.180 and 192.168.1.185 appear and that they are
listed as "Active" and "Enabled."
7. View the XA_XML_192.168.1.185_svcg service group and notice that now both servers are
listed as "down." Close the window.
a. Double-click the XA_XML_192.168.1.185_80_svcg service group.
b. Verify that both services are "down."
c. Click Close to close the Configure Service Group dialog box.
8. Switch to the EndUserSimulator virtual machine.
9. Use Internet Explorer to navigate to http://webinterface.cch.local.
a. Click Start > All Programs > Internet Explorer and browse to
http://webinterface.cch.local/.
Now that both Web Interface servers are completely offline, the NetScaler is unable to
load balance, which causes a complete loss of connectivity.
It may take a few moments before the XML service group registers as "up." The
XA_WI_EXT_192.168.1.180_80_svcg service group is still listed as "down."
6. Perform a cold restart of the NetScaler. Close Internet Explorer and allow several minutes for
the NetScaler to restart before continuing.
a. Click the System node and click Reboot.
b. Click Yes to confirm and click No to perform a cold restart.
c. Close Internet Explorer and allow several minutes for the NetScaler to restart.
© Copyright 2011 Citrix Systems, Inc. Module 4: Maintaining the XenApp Environment 71
Preparing the Firebug Extension
Use the Profiler-Win7 virtual machine logged in as the local CitrixAdmin user for this task.
1. Log on to the Profiler-Win7 virtual machine as the local CitrixAdmin user.
2. Launch 7-Zip and open the Firebug extension file located at
\\dc\filer\Software\firebug.xpi.
a. Click Start > All Programs > 7-Zip > 7-Zip File Manager.
The 7-Zip File Manager opens.
b. Type \\dc\filer\Software\ in the 7-Zip File Manager navigation bar and press
Enter.
3. Extract the firebug.xpi file into a folder called "firebug" within the
\\dc\filer\Software folder.
a. Select firebug.xpi and click Extract on the 7-Zip File Manager toolbar.
b. Verify that the default extract location \\dc\filer\Software\firebug and click
OK to accept all other defaults.
The firebug.xpi file is extracted to a newly created firebug folder.
4. Copy the firebug folder to the desktop and rename it to "firebug@software.joehewitt.com".
a. Drag the firebug folder to the Desktop and close all open windows.
b. Right-click firebug and click Rename.
c. Type firebug@software.joehewitt.com and press Enter.
72 Module 4: Maintaining the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
4. Navigate the Current files pane to C:\Program Files\Mozilla Firefox\extension.
5. Copy the firebug@software.joehewitt.com folder to the extensions folder.
a. Select the firebug@software.joehewitt.com folder in the Select files pane.
b. Click the green Arrow button.
After a few moments, the firebug@software.joehewitt.com folder appears in
the Current files pane.
6. Navigate to C:\Program Files\Mozilla Firefox\searchplugins in the current
files pane. Permanently delete all of the files except google.xml and bing.xml.
a. Navigate to C:\Program Files\Mozilla Firefox\searchplugins in the
Current Files pane.
b. Control-click amazondotcom.xml, ebay.xml, wikipedia.xml, and yahoo.xml.
c. Click the red X button to delete the files and click Yes to confirm the deletion.
7. Finish the Update Profile wizard using the default settings and save the profile.
a. Click Next, select Finish installations, and click Next.
b. Click Next in the Run Application, Select Applications, and Add Virtual Hard Disk
screens.
c. Click Next in the Sign Profile screen and click Finish.
The Firefox profile is updated.
d. Click File > Save.
The profile is saved to the AppHub on the filer.
8. Close all open windows.
© Copyright 2011 Citrix Systems, Inc. Module 4: Maintaining the XenApp Environment 73
4. View the Mozilla extensions and confirm that Firebug is now installed.
a. Click Firefox > Add-ons to open the Add-ons Manager.
b. Click the Extensions tab.
c. Verify Firebug is listed as an enabled extension.
5. Close Mozilla Firefox, log off the Web Interface, and close all open windows.
74 Module 4: Maintaining the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 4-2: Performing Data Store
Maintenance Commands
Scenario
The new XenApp 6.5 farm has been up for quite some time at this point, and there have been
many configuration changes. In order to verify that things are running smoothly, you want to run a
few maintenance commands to check and optimize the data store and Local Host Cache on the
XenApp servers.
A member of your team is working on a script to perform most of these commands automatically
at regular intervals, but until this script is complete, you must run them yourself.
In addition, another member of your team noticed a strange issue on the XenAppController-2
virtual machine. You have investigated it without finding anything, but you want to delete and
recreate the Local Host Cache on this machine just to be sure.
Estimated time to complete this exercise: 5 minutes
© Copyright 2011 Citrix Systems, Inc. Module 4: Maintaining the XenApp Environment 75
Typically, the data store should be backed up before performing this command.
76 Module 4: Maintaining the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 4-3: Configuring Power and
Capacity Management
Scenario
Due to the variation in demand for XenApp resources throughout any given day or week, you want
to set up Power and Capacity Management for all XenApp servers to enable the Power
Management and Load Consolidation features. Using these features will also allow you to free up
server resources when they are not required so they can be used for other work.
The Power and Capacity Management Concentrator has already been set up on the
XenAppController-1 virtual machine and the Agents have been installed on each of the XenApp
server virtual machines by another member of your team. You just need to add each server to the
Power and Capacity Management farm and then configure Power Management and Load
Consolidation. Testing done by your consultant indicates that you should have at minimum three
servers running during the hours of 08:00 and 18:00 on weekdays and one server running on the
weekends.
Estimated time to complete this exercise: 20 minutes
© Copyright 2011 Citrix Systems, Inc. Module 4: Maintaining the XenApp Environment 77
a. Click Workload name in the right pane and click Add.
b. Type Regular in the Value field and click OK.
c. Click OK to close the Edit Policy dialog box.
The Summary tab displays the changes to the active settings.
6. Close all open windows.
If all servers are not in the farm, restart any servers that are not present and wait for them
to join. The Power and Capacity Management console will auto-refresh when new servers
join the farm.
78 Module 4: Maintaining the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
b. Right-click the VM: IntelXeon L5420 server profile and click Server Profile Properties.
c. Type 10 in the Typical Session Capacity field.
d. Click OK.
© Copyright 2011 Citrix Systems, Inc. Module 4: Maintaining the XenApp Environment 79
Exercise 4-4: Creating a Restart Schedule
for the XenApp Servers
Scenario
As part of the default maintenance of the XenApp farm, you want to implement a regular restart
schedule to ensure that the servers are running free of memory leaks, print spooler problems, and
other issues that commonly arise with a computer that stays running for long periods of time.
Upon analysis of the work habits of CCH employees, your team finds that the most opportune time
to perform the restarts is weekly on Sunday mornings around 03:00. You need to implement this
restart schedule on all XenApp servers.
Estimated time to complete this exercise: 10 minutes
80 Module 4: Maintaining the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
b. Enter the date for the upcoming Sunday in the MM/DD/YYYY format and click OK.
7. Add a new setting to set the reboot schedule time to 03:00.
a. Click the Reboot schedule time setting and click Add.
b. Type 3:00 AM in the Time field and click OK.
8. Add a new setting to set a Reboot schedule randomization interval to 30 minutes.
a. Click the Reboot schedule randomization interval setting and click Add.
b. Type 30 in the Minutes field and click OK.
9. Add a new setting to disable logons to a server to 15 minutes before a restart.
a. Click the Reboot logon disable time setting and click Add.
b. Select Disable 15 minutes before reboot from the Value menu and click OK.
10. Add a new setting to start warning the users 30 minutes before a reboot.
a. Click the Reboot warning start time setting and click Add.
b. Select Start 30 Minutes Before Reboot in the Value menu and click OK.
11. Add a new setting to enable reboot warnings to users.
a. Click the Reboot warning to users setting and click Add.
b. Select Enabled in the Add Setting menu and click OK.
12. Add a new setting to warn users of the reboot every 10 minutes.
a. Click the Reboot warning interval setting and click Add.
b. Select Every 10 Minutes from the Value menu and click OK.
13. Add a new filter to apply the policy to the All Servers worker group.
a. Click Next to access the filters screen.
b. Click the Worker Group filter in the Filters pane and click Add.
The New Worker Group Filter dialog box opens.
c. Click Add, ensure that Allow is selected in the Mode menu, and then click Browse.
After a few moments, the Select a worker group dialog box opens.
d. Double-click All Servers from the Worker groups pane and click OK.
14. Finish the New Policy Wizard and enable the policy.
a. Click OK in the New Filter dialog box.
b. Click Next in the New Policy Wizard.
c. Ensure that Enable this policy is selected and click Create.
15. Close all open windows.
© Copyright 2011 Citrix Systems, Inc. Module 4: Maintaining the XenApp Environment 81
82 © Copyright 2011 Citrix Systems, Inc.
Module 5
© Copyright 2011 Citrix Systems, Inc. Module 5: Optimizing the XenApp Environment 85
a. Click the Audio UDP Port Range setting and click Add.
b. Ensure that the ports 16500,16509 are in the Value field.
c. Click OK.
7. Add a new filter to apply the policy to the All Servers worker group.
a. Click Next, click the Worker Group filter, and click Add.
b. Click Add, ensure that Allow is selected in the Mode menu, and then click Browse.
After a few moments, the Select a worker group dialog box opens.
c. Select All Servers from the Worker groups pane and click OK.
The New Worker Group Filter dialog box opens.
d. Click OK to close the New Filter Element screen.
8. Finish the New Policy Wizard and enable the policy.
a. Click OK in the New Filter dialog box.
b. Click Next in the New Policy Wizard.
c. Ensure that Enable this policy is selected and click Create.
86 Module 5: Optimizing the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
c. Ensure that Enable this policy is selected and click Create.
5. Restart the XenAppController-1 , XenAppController-2 , and XenAppWorker virtual machines.
© Copyright 2011 Citrix Systems, Inc. Module 5: Optimizing the XenApp Environment 87
Exercise 5-2: Enabling CPU and Memory
Optimization
Scenario
In the short term, memory is going to be limited within the environment. To make more efficient
use of each XenApp server memory allocation, you decide to implement memory optimization.
In addition, two different groups of users have been identified as requiring special CPU resource
requirements. The CCH web team's graphic designers need more CPU resources to run their CPU-
intensive graphics suites, while the Customer Support Representative team require lower CPU
resources.
You need to enable the CPU and Memory Optimization features in order to better make use of
XenApp server resources.
Estimated time to complete this exercise: 10 minutes
88 Module 5: Optimizing the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
6. Add a setting that schedules the memory optimization to occur at 03:00.
a. Click the Memory optimization schedule: time setting and click Add.
b. Verify that 3:00 AM is in the Time field and click OK.
7. Add a setting to specify the preferential load balancing CPU management server level.
a. Click the CPU management server level setting and click Add.
b. Select Preferential Load Balancing from the Value menu and click OK.
8. Add a new filter to apply the policy to the All Servers worker group.
a. Click Next, click the Worker Group filter, and click Add.
b. Click Add, ensure that Allow is selected in the Mode menu, and then click Browse.
After a few moments, the Select a worker group dialog box opens.
c. Select All Servers from the Worker groups pane and click OK.
The New Worker Group Filter dialog box opens.
d. Click OK to close the New Filter Element screen.
9. Finish the New Policy Wizard and enable the policy.
a. Click OK in the New Filter dialog box.
b. Click Next in the New Policy Wizard.
c. Ensure that Enable this policy is selected and click Create.
© Copyright 2011 Citrix Systems, Inc. Module 5: Optimizing the XenApp Environment 89
d. Click Add, type CCH\Domain Admins in the User or group name field, and click OK.
4. Finish the New Policy Wizard and enable the policy.
a. Click OK in the New Filter dialog box.
b. Click Next in the New Policy Wizard.
c. Ensure that Enable this policy is selected and click Create.
5. Create a new Citrix User policy called "Low Session Importance to Customer Support Group".
a. Click New in the right pane to create a new Citrix User policy.
b. Type Low Session Importance to Customer Support Group in the Name field
and click Next.
6. Add a setting to set Session importance to Low.
a. Click Server Session Settings in the Categories pane, click the Session importance setting,
and click Add.
b. Select Low from the Value menu and click OK.
7. Add a new filter to apply the policy to the CCH\Customer Support group.
a. Click Next, click the User or Group filter, and click Add.
The New User or Group Filter dialog box opens.
b. Click Add. Ensure that Allow and Enable this filter element are selected.
c. Type CCH\Customer Support in the User or group name field and click OK.
8. Finish the New Policy Wizard and enable the policy.
a. Click OK in the New Filter dialog box.
b. Click Next in the New Policy Wizard.
c. Ensure that Enable this policy is selected and click Create.
9. Use the GPUpdateALL script on the desktop to update the group policy on all XenApp servers.
10. Close all open windows.
90 Module 5: Optimizing the XenApp Environment © Copyright 2011 Citrix Systems, Inc.
Module 6
© Copyright 2011 Citrix Systems, Inc. Module 6: Optimizing the User Environment 93
b. Verify that Full control is allowed and applied to this folder, subfolders, and files, and click
OK.
7. Add the Domain Users group to the permission entries.
a. Click Add.
b. Type CCH\Domain Users in the Enter object name to select field and click Check
Names.
c. Click OK.
8. Grant the Domain Users group the rights to list folder / read data, create folders / append data,
and create files /write data for this folder only.
a. Select This folder only is selected from the Apply to menu.
b. Select Allow for the List folder / read data permission.
c. Select Allow for the Create folders / append data permission and click OK.
d. Click OK to exit the Permissions Entry screen.
e. Click OK to close the Advanced Security Settings and click Close.
94 Module 6: Optimizing the User Environment © Copyright 2011 Citrix Systems, Inc.
b. Expand the Domains > cch.local > All XenApp Servers.
c. Right-click the All XenApp Servers organization unit and click Create a GPO in this
domain, and Link it here.
d. Type ProfileManagement in the Name field and click OK.
e. Right-click the ProfileManagement group policy object in the right pane and click Edit.
3. Add the ctxprofile4.0.adm administrative template located in the
C:\Filer\Software\ProfileManagement\ADM_Templates\en folder to the
Administrative Templates for the Computer configuration.
a. Expand the Computer Configuration > Policies node.
b. Right-click Administrative Templates and click Add/Remove Templates.
c. Click Add and browse to
C:\Filer\Software\ProfileManagement\ADM_Templates\en.
d. Select ctxprofile4.0.0.adm and click Open.
e. Click Close.
4. Access the Citrix Profile Management policy settings and enable profile management.
a. Expand the Computer Configuration > Policies > Administrative Templates > Classic
Administration (ADM) > Citrix nodes and click Profile Management.
b. Double-click Enable Profile management.
c. Click Enabled and click OK.
5. Add the CCH\Domain Users group to the processed groups for profile management and
enable the processed groups.
a. Double-click Processed groups.
b. Click Enabled and click Show.
c. Type CCH\Domain Users in the Value field and click OK.
d. Click OK to close the Processed groups dialog box.
6. Specify \\DC\Profiles$\%username%\ as the path to the user store.
a. Double-click Path to user store.
b. Click Enabled.
c. Type \\DC\Profiles$\%username%\ in the Absolute path or path relative to the
home directory field and click OK.
7. Close all open windows.
8. Switch to the XenAppController-1 virtual machine and log on as the CCH\CitrixAdmin user.
9. Use the GPUpdateALL script on the desktop to update the group policy on all XenApp servers.
© Copyright 2011 Citrix Systems, Inc. Module 6: Optimizing the User Environment 95
1. Switch to the EndUserSimulator virtual machine. Log off from the current user and log on as
the CCH\TestUser user.
2. Use Internet Explorer to navigate to http://webinterface.cch.local and log on using the
CCH\TestUser credentials.
a. Click Start > Internet Explorer.
b. Navigate to http://webinterface.cch.local.
c. Log on using the CCH\TestUser credentials.
3. Use Notepad to save a blank text file called Test.txt to the Desktop. Close Notepad and log
off from Web Interface.
a. Click Notepad to open the published Notepad application.
b. Click File > Save and click Desktop.
c. Type Test.txt and click Save.
d. Click File > Exit to close Notepad.
e. Click Log Out on the Web Interface.
4. Close all open windows.
5. Switch to the DomainController virtual machine.
6. Verify that a new folder called testuser was created. View the
TestUser\UPM_Profile\Desktop folder for the Test file.
a. Click Start > Computer and navigate to C:\Profiles.
b. Verify that a folder called testuser exists.
c. Navigate to TestUser\UPM_Profile\Desktop and verify that the Test file is
present.
7. Switch to the EndUserSimulator virtual machine.
8. Use Internet Explorer to navigate to http://webinterface.cch.local and log on using the
CCH\TestUser credentials.
a. Click Start > Internet Explorer.
b. Navigate to http://webinterface.cch.local.
c. Log on using the CCH\TestUser credentials.
9. Launch the XenApp Server Desktop and verify that the Test.txt file is present on the
Desktop.
a. Click the Desktops tab in Internet Explorer.
b. Click XenApp Server Desktop to launch the server desktop.
c. Verify that the Test.txt file is located on the desktop.
10. Log off from the server desktop and Web Interface and close all open windows.
11. Log off from the EndUserSimulator virtual machine.
96 Module 6: Optimizing the User Environment © Copyright 2011 Citrix Systems, Inc.
Exercise 6-2: Profiling an Application
Requiring a Service
Scenario
The CCH Graphic Design department occasionally has to print from streamed applications to
special high-quality printers using Bonjour Print Services. The Bonjour print services make use of a
Windows service in order to work correctly. The Citrix Engineer wants you to profile Bonjour so
that the service can be linked into other profiles. You need to then test it to ensure that the
Windows service works correctly when streamed through XenApp.
Estimated time to complete this exercise: 20 minutes
The Windows Vista and Windows Server 2008 are also selected by default.
e. Select All languages for the Target language and click Next.
4. Use the Quick Install option to specify the
\\dc\filer\Software\BonjourPSSetup.exe installer.
a. Select Quick Install is selected as the installation option and click Next.
b. Click Browse and navigate to \\dc\filer\Software\.
c. Double-click BonjourPSSetup.exe and click Next.
© Copyright 2011 Citrix Systems, Inc. Module 6: Optimizing the User Environment 97
5. Launch the Installer, agree to the license agreement, and install Bonjour Printing Services using
the default options.
a. Click Launch Installer.
Please wait for the Bonjour Print Services installer to open before continuing. This may
take a few moments.
b. Click Next, accept the terms in the license agreement, and click Next.
c. Click Next and click Install to begin the installation process.
6. Finish the installer and complete the New Profile wizard using the default options. You may
need to terminate processes that are still running.
a. Click Finish and then click Next.
b. Click Next and click OK in the Invalid Shortcuts screen.
c. Click Next again to accept the defaults in the Add Virtual Hard Disk screen and click Next
in the Sign Profile screen.
d. Click Terminate All to terminate any running processes and then click Next.
e. Click Finish.
7. Access the Windows Vista target properties in the Bonjour profile and view the Windows
services installed in the profile. Verify that the Bonjour Service is listed and it will be run using
the local system. Close the Target Properties.
a. Expand the Bonjour node, right-click Windows Vista [All service packs], and click
Properties.
b. Click Services and verify that Bonjour Service appears in the List of Services and it is
designated as LocalSystem.
c. Click OK to exit the Target Properties dialog box.
8. Save the profile to the \\dc\filer\AppHub folder and close the Streaming Profiler.
a. Click File > Save.
b. Type \\dc\filer\AppHub in the Profile directory field and click Save.
9. Close all open windows.
98 Module 6: Optimizing the User Environment © Copyright 2011 Citrix Systems, Inc.
a. Click Start > All Programs > Administrative Tools > Citrix > Management Consoles >
Citrix AppCenter.
b. Expand the XenApp > CCH > Applications nodes.
c. Right-click Applications and click Publish application.
d. Click Next to begin the Publish Application wizard.
e. Type Bonjour Print Services in the Display Name field and click Next.
3. Specify the application to be streamed to client by using the \\dc\filer
\AppHub\Bonjour\Bonjour.profile profile. Specify Bonjour Printer wizard as the
application to launch from the profile.
a. Select Streamed to Client and click Next.
b. Click Browse, navigate to the \\dc\filer\AppHub\Bonjour folder and double-click
the Bonjour.profile file.
c. Select Bonjour Printer wizard from the Application to launch from the Citrix streaming
application profile menu and click Next.
d. Click Next to use the default settings for offline access.
4. Publish Bonjour Printing Services to all Domain Admins and the Graphic Design group.
a. Click Add to open the Select Users or Groups screen.
b. Click Add List of Names and type CCH\Domain Admins;CCH\Graphic Design.
c. Click Check Names and click OK if the name validates successfully.
d. Click OK to close the Add List of Names window and then click OK.
5. Complete the Publish Application wizard using the default settings.
a. Click Next to proceed to the Shortcut presentation screen.
b. Click Next and click Finish to complete the Publish Application wizard.
© Copyright 2011 Citrix Systems, Inc. Module 6: Optimizing the User Environment 99
The error indicates that the Bonjour Service is not available and therefore the application
cannot start.
100 Module 6: Optimizing the User Environment © Copyright 2011 Citrix Systems, Inc.
The names of streamed Windows services begin with an 8-digit portion of the app's
isolation environment unique id. This key is unique for each student. For example, a
running Bonjour Service may appear as "fd5e45b9-Bonjour Service" within the Services
console.
© Copyright 2011 Citrix Systems, Inc. Module 6: Optimizing the User Environment 101
102 © Copyright 2011 Citrix Systems, Inc.
Module 7
Optimizing Printing
104 © Copyright 2011 Citrix Systems, Inc.
Exercise 7-1: Verifying Printer Driver
Compatibility with XenApp
Scenario
CCH recently established a new support contract with Brother Industries Ltd. to provide printers
and support for the CCH offices. Brother representatives and the CCH IT department deployed
several new printers of varying models around the office. However, some of the models included in
the deployment were printers with non-native printer drivers. In addition to the new Brother
printers, one HP printer model is still in limited use within the organization due to a specific
required feature.
Though the Citrix Universal Printer driver will be used predominately throughout the company, IT
wants to use the vendor-supplied drivers for these three specific printers because of a few features
specifically offered through these drivers.
Your job is to verify whether these printer drivers are compatible for production use within
XenApp or whether the Citrix Universal Printer Driver must be used.
Estimated time to complete this exercise: 10 minutes
The test returns 0 errors, which indicates that it is safe for use with XenApp.
4. Run the test on the HP LaserJet 4350 PCL 5e printer. Allow the test to run and display the
results. View the log to see if there are any errors reported.
a. Clear the Brother DCP-9055CDN and Brother MFC-9970CDW printers.
b. Select the HP LaserJet 4350 PCL 5e printer and click Run.
c. Click OK after the test completes.
d. View the log and click Close when finished.
The HP LaserJet 4350 PCL 5e printer test returns several errors in the results.
You can copy the name of the printer by highlighting the name from the printer list and
then paste it by right-clicking where it needs to be pasted.
It may take several minutes for the replication to complete and display in the list.
5. Perform the printer replication of the Brother MFC-9970CDW Printer to the XAW-1 machine
using the following compound PowerShell command:
Start-XAPrinterDriverReplication -DriverName "Brother MFC-9970CDW
Printer" -TargetServerName XAW-1
6. After a few moments, view the printer drivers available on the XAC-1, XAC-2, and XAW-1
machines. Verify that the Brother MFC-9970CDW Printer is now available in the list.
a. Type Get-XAPrinterDriver -Servername XAC-1, XAC-2, XAW-1 and press
Enter.
b. Verify that the Brother MFC-9970CDW Printer appears three times in the DriverName
list: once each for the XAC-1, XAC-2, and XAW-1 machines.
It may take several minutes for the replication to complete and display in the list.
You can copy the name of the printer by highlighting the name from the printer list and
then paste it by right-clicking where it needs to be pasted.
3. Use the command to verify that auto replication was set up correctly. Verify that the Brother
DCP-9055CDN printer is now available in the list.
It may take several minutes for the replication to finish and display the printer driver in
the list.
The setting being applied to this user appears to be incorrect. The winning GPO says it is
being applied by the "Do Not Auto Create Client Printers for Accounting Department"
policy.
Upon further reflection, you have determined that this issue exists because the Finance group is
part of the Accounting department. Perhaps the policy applied to the Accounting department is
overriding the one assigned to the Finance group. A test fix is required.
Securing XenApp
116 © Copyright 2011 Citrix Systems, Inc.
Exercise 8-1: Creating and Distributing Root
CA Certificates
Scenario
The staging of the new XenApp 6.5 farm is going very well and is on schedule. The last step is to
enable the security layers to ensure that the farm is taking advantage of the state-of-the-art security
technology. Before you can start securing XenApp, you must create the security certificates.
The Citrix Engineer wants to create an in-house Certificate Authority instead of purchasing
certificates from an outside source. To satisfy this request you need to install the Active Directory
Certificate Services, create the root CA, and then distribute it to all servers through Group Policy.
Estimated time to complete this exercise: 20 minutes
Because you were able to log on successfully and view the user's Application list, then SSL
Relay has been configured correctly.
© Copyright 2011 Citrix Systems, Inc. Module 9: Monitoring XenApp with Standard Utilities 135
d. Type xac-1.cch.local in the Value field and click OK.
e. Close the Internet Information Services (IIS) Manager
6. Switch to the XenAppController-1 virtual machine.
7. Use the winrm command to enable it using a quick configuration of Windows Remote
Management service.
a. Click Start > Command Prompt.
b. Type winrm quickconfig and press Enter.
c. Type y to perform the action when prompted and press Enter.
d. Close Command Prompt.
8. Repeat the previous step using the XenAppController-2 and XenAppWorker virtual machines.
9. Switch to the XenAppController-1 virtual machine.
10. Use Internet Explorer to navigate to http://wis-1.cch.local/DesktopDirector and log on as the
CCH\CitrixAdmin user.
a. Click Start > Internet Explorer.
b. Navigate to http://wis-1.cch.local/DesktopDirector.
It will take a few moments for the Desktop Director log on page to appear.
136 Module 9: Monitoring XenApp with Standard Utilities © Copyright 2011 Citrix Systems, Inc.
a. Click on the header of the HDX section to minimize that field.
b. Drag the Activity section to the right column.
7. Send a message to the TestUser's session indicating that the user will be logged off soon.
a. Click Send Message.
b. Type You will be disconnected soon! and click Send.
8. Switch to the EndUserSimulator virtual machine, acknowledge the message, and switch back to
the XenAppController-1 virtual machine.
9. Disconnect the TestUser session and verify that the session now indicates disconnected.
a. Click Session Control and click Disconnect.
b. Verify that the CCH\TestUser session now indicates that it is disconnected.
10. Log off of Desktop Director and close all open windows.
© Copyright 2011 Citrix Systems, Inc. Module 9: Monitoring XenApp with Standard Utilities 137
Exercise 9-2: Monitoring XenApp using
Performance Monitor
Scenario
The Citrix Engineer wants you to start performing some basic monitoring of the XenApp farm to
collect some preliminary data on memory and bandwidth on the performance hit of a single user
performing an average workload on a server.
To obtain this preliminary data, you decide to use Microsoft Performance Monitor to estimate the
single-user impact numbers.
Estimated time to complete this exercise: 15 minutes
138 Module 9: Monitoring XenApp with Standard Utilities © Copyright 2011 Citrix Systems, Inc.
7. Switch to the XenAppController-1 virtual machine.
8. Use the Citrix AppCenter console to view the connected users and verify that the CitrixAdmin
user is using Notepad on the XAC-1 server.
a. Click the Servers node in the Citrix AppCenter console.
b. Click the Users tab in the XAC-1 pane.
c. Verify that the Notepad application is running for the CitrixAdmin user.
© Copyright 2011 Citrix Systems, Inc. Module 9: Monitoring XenApp with Standard Utilities 139
Many counters will not appear on the graph because their values are too high or too low
to be visible.
6. Use Internet Explorer to access the Web Interface at http://webinterface.cch.local, and log on as
the CCH\CitrixAdmin user.
a. Click Start > All Programs > Internet Explorer.
b. Navigate to http://webinterface.cch.local/.
c. Log on to the Web Interface as CCH\CitrixAdmin user.
7. Open Notepad to transfer and view the Performance Monitor as the session is transferred from
the EndUserSimulator virtual machine. Adjust the windows so that Notepad is on top but
Performance Monitor can been seen in the background. Then manipulate Notepad and view
how the values change.
a. Click Notepad to open the application.
b. Bring Performance Monitor into focus and view how the numbers change as the session is
transferred.
Notice that the Notepad window says "Hello World!", which indicates that this is the same
session as previously used.
c. Adjust the windows so that Notepad is in the foreground and Performance Monitor in the
background.
d. Manipulate Notepad and watch how the numbers change on the Performance Monitor
screen.
8. Switch back to the Graph view and verify that there is activity in the ICA Session counters.
a. Click the Change graph type menu and click Line.
b. Verify that the ICA Session values reflect the recent activity.
9. Close Internet Explorer and Performance Monitor.
After viewing the bandwidth, latency, and memory counters on the server, you report to the Citrix
Engineer that ICA bandwidth does not seem to be a problem. However, due to the large amounts
of page faults and the low memory available on the servers you recommend that each XenApp
server be given additional memory before putting the farm into production.
140 Module 9: Monitoring XenApp with Standard Utilities © Copyright 2011 Citrix Systems, Inc.
Exercise 9-3: Monitoring XenApp Using
Command-Line Utilities
Scenario
The Citrix Engineer is very pleased with the recommendations you have given him. He wants some
more information about what kind of a load a single standard user would generate on the servers in
their current configuration.
To get this recommendation, you decide to use command utilities such as qfarm.
Estimated time to complete this exercise: 10 minutes
© Copyright 2011 Citrix Systems, Inc. Module 9: Monitoring XenApp with Standard Utilities 141
e. Verify that the server load for XAC-1 did not change.
6. Use the Citrix AppCenter to completely reset the CitrixAdmin Notepad connection and view if
there are any results in the load of XAC-1 by using the qfarm command.
a. Right-click the CitrixAdmin user running the Notepad application in Citrix AppCenter
and click Reset.
b. Click Yes to confirm.
c. Type qfarm /load in the command line and press Enter.
d. Verify that the server load for XAC-1 has been lowered significantly.
7. Switch to the EndUserSimulator virtual machine. Log out of the CitrixAdmin user and log back
on as the CCH\TestUser user.
8. Log on to Citrix Receiver using the CCH\TestUser credentials and open the XenApp Server
Desktop.
a. Log on using the CCH\TestUser credentials when the Citrix Receiver logon prompt
appears.
b. Click Start > All Programs > XenApp Server Desktop.
9. Within the XenApp Server Desktop open Paint, Wordpad, and Calculator.
a. Click Start > All Programs > Accessories > Paint within the XenApp Server Desktop.
b. Click Start > All Programs > Accessories > Wordpad within the XenApp Server Desktop.
c. Click Start > All Programs > Accessories > Calculator within the XenApp Server
Desktop.
10. Switch to the XenAppController-1 virtual machine.
11. Use the qfarm command to view changes to the XAC-1 server load.
a. Type qfarm /load in the command line for the XenAppController-1 virtual machine
and press Enter.
b. Verify that the server load for XAC-1 has increased.
12. Switch to the EndUserSimulator virtual machine and open the hosted Notepad application
from the Start menu.
13. Switch to the XenAppController-1 virtual machine and use the qfarm command to view
changes to the XAC-1 server load.
a. Type qfarm /load in the command line for the XenAppController-1 virtual machine
and press Enter.
b. Verify that the server load for XAC-1 has increased.
14. Switch to the EndUserSimulator virtual machine.
15. Close all applications in the XenApp Server Desktop and then log off of the Desktop. Close all
open windows and log off the virtual machine.
142 Module 9: Monitoring XenApp with Standard Utilities © Copyright 2011 Citrix Systems, Inc.
16. Switch to the XenAppController-1 virtual machine and use the qfarm command to view
changes to the XAC-1 server load.
a. Type qfarm /load in the command line for the XenAppController-1 virtual machine
and press Enter.
b. Verify that the server load for XAC-1 has decreased.
© Copyright 2011 Citrix Systems, Inc. Module 9: Monitoring XenApp with Standard Utilities 143
144 © Copyright 2011 Citrix Systems, Inc.
Module 10
© Copyright 2011 Citrix Systems, Inc. Module 10: Monitoring XenApp with EdgeSight 147
Exercise 10-2: Viewing EdgeSight Real-Time
Data
Scenario
Since the farm has been opened for testing, you want to check how well it is doing with the
increase in traffic. You need to check the real-time data pertaining to logon times and see if there
are any farm alerts.
In addition, you want to set an EdgeSight alert and subscribe to some EdgeSight reports.
Estimated time to complete this exercise: 10 minutes
148 Module 10: Monitoring XenApp with EdgeSight © Copyright 2011 Citrix Systems, Inc.
a. Click the Configure tab and click Real-Time Dashboard from the Company
Configuration menu.
b. Click New Real Time Configuration.
c. Type XenApp Basics in the Configuration name field, accept all other default values,
and click Create the Configuration.
2. Access the existing devices from all departments and add XAC-1 and XAC-2 to the
configuration.
a. Click Go to search for all existing devices.
b. Double-click each of the devices listed in the Existing Devices list.
c. Click Next.
3. Add the following counters with their default thresholds and then finalize the configuration:
• % Total Processor Time
• % Committed Bytes in Use
• Page Faults per Second
• Average ICA Round Trip Time
• Peak ICA Round Trip Time
a. Select the % Total Processor Time, % Committed Bytes in Use, Page Faults per Second,
Average ICA Round Trip Time, and Peak ICA Round Trip Time counters.
b. Click Next and view the final configuration.
c. Click Finish.
4. View the Dashboard. Start the dashboard update and view the results.
a. Click the Monitor tab and click Dashboard from the Monitor menu.
b. Click Start Updating in the Dashboard pane.
It appears as though the "% Committed Bytes" counter is red, indicating that the
committed memory is over the set threshold of 40%.
© Copyright 2011 Citrix Systems, Inc. Module 10: Monitoring XenApp with EdgeSight 149
a. Type Email CitrixAdmin in the Name field.
b. Select citrixadmin@cch.local from the Existing Addresses menu.
c. Type Major XenApp Issue in the Subject field.
d. Click Next.
3. Verify the current settings and add the action to the CCH department. Assign the action to the
alert that indicates that the IMA service is unresponsive.
a. Verify the Alert Action Settings and click Next.
b. Click CCH and click Next.
c. Select Assign Actions to Alerts and click Next.
d. Select IMA Service is Unresponsive and click Next.
4. Use the Email CitrixAdmin alert action for this rule and finish the wizard.
a. Select Email CitrixAdmin and click Next.
b. Click Finish.
5. View the alert actions to verify that the action was created successfully.
a. Click Alerts > Actions in the Company Configuration menu.
b. Verify Email CitrixAdmin appears in the Alert Action list.
6. Close all open windows.
150 Module 10: Monitoring XenApp with EdgeSight © Copyright 2011 Citrix Systems, Inc.
© Copyright 2011 Citrix Systems, Inc. 151
851 West Cypress Creek Road Fort Lauderdale, FL 33309 USA (954) 267 3000 www.citrix.com
Rheinweg 9 8200 Schaffhausen Switzerland +41 (0) 52 63577 00 www.citrix.com
© Copyright 2011 Citrix Systems, Inc. All rights reserved.