XenDesktop Deployment Guide With Vsphere

Consulting Solutions | WHITE PAPER | Citrix XenDesktop
XenDesktop Implementation Guide with vSphere 5

Local and Remote Accessed Pooled Desktops
www.citrix.com
Contents
Contents .............................................................................................................................................................. 2 Overview ............................................................................................................................................................. 4 Initial Architecture ............................................................................................................................................. 5 Installation Guide .............................................................................................................................................. 6 SQL Database..................................................................................................................................................... 7
Pre-requisites SQL Database ..................................................................................................................................... 7
Citrix Licensing ................................................................................................................................................15

Pre-requisites ................................................................................................................................................................. 15 Installation - Citrix Licensing 11.9 ............................................................................................................................. 19 Configuration - Citrix Licensing 11.9 ........................................................................................................................ 21
Citrix XenDesktop Desktop Controller .......................................................................................................24

Pre-requisites XenDesktop Controller................................................................................................................... 24 Installation XenDesktop Controller ....................................................................................................................... 33 Configuration Creating a XenDesktop Site .......................................................................................................... 38
Citrix Web Interface ........................................................................................................................................45

Pre-requisites ................................................................................................................................................................. 45 Installation Citrix Web Interface ............................................................................................................................ 50 Configuration Citrix Web Interface ....................................................................................................................... 53
Citrix Merchandising Server ...........................................................................................................................58

Pre-requisites ................................................................................................................................................................. 58 Installation Merchandising Server .......................................................................................................................... 58 Configuration Merchandising Server ..................................................................................................................... 68
Pooled Desktop Image....................................................................................................................................75

Creating a Pooled Desktop Image Virtual Machine ............................................................................................... 75
Citrix Profile Management .............................................................................................................................82

Page 2
Citrix User Profile Manager - Client Side Installation ............................................................................................ 82 Citrix User Profile Manager - Server Side Configuration ....................................................................................... 85
Policies ...............................................................................................................................................................91
Configuration Base Active Directory Policy ......................................................................................................... 91 Configuration Optimized Desktop Policy .......................................................................................................... 102
Citrix Access Gateway Enterprise Edition ................................................................................................ 119

Importing NetScaler Appliance ................................................................................................................................ 119 Installation of Citrix Access Gateway Enterprise Edition ................................................................................... 124 Creating a Request, Key, and Certificate................................................................................................................. 129 Configuring Citrix Access Gateway Enterprise Edition....................................................................................... 134 Creating a Web Interface Site for Access Gateway ............................................................................................... 141
Desktop Groups ........................................................................................................................................... 146

Configuration Desktop Group Creation ............................................................................................................. 146 Configuration Desktop Group Assignment ....................................................................................................... 150
Validation Scenarios ..................................................................................................................................... 152

Internal Access Scenario ............................................................................................................................................ 152 External Access Scenario........................................................................................................................................... 156
Product Versions........................................................................................................................................... 157 Revision History ............................................................................................................................................ 157
Page 3
Overview
Citrix XenDesktop is an enterprise desktop virtualization solution which can be implemented on all major hypervisor platforms such as Citrix XenServer, Microsoft HyperV, and VMware vSphere. Implementation of an enterprise XenDesktop environment involves more than just configuring virtual desktops; Administrators must consider database, remote access and endpoint delivery requirements as well as specific hypervisor considerations. As such, this Deployment Guide can help accelerate the implementation of a fully functioning XenDesktop site providing for a common Enterprise scenario: local and remote access to pooled desktops supported on a VMware vSphere 5 hypervisor infrastructure. A version of this document specific to Citrix XenServer and XenDesktop can be found within this link in the XenDesktop Design Handbook. While the steps in this guide can lead to a fully functioning XenDesktop environment, the installation of XenDesktop should not be performed in a production environment without adequate testing. Citrix Consulting recommends that organizations first validate the solution in a test lab while conducting thorough systems and user acceptance testing to determine the best configuration for the environment. Citrix Services has developed the Success Accelerator program to provide expert guidance to simplify your design, implementation and rollout. In addition to content similar to this document, the Success Accelerator contains decision checklists, peer benchmarks, reference architectures, planning guides, how-to videos and system health check tools. Citrix Success Accelerator kits can be found at http://www.citrix.com/successaccelerator/. This document provides the detailed steps on installing the required components for a fully functioning XenDesktop environment with vSphere 5. This guide assumes that a base VMware vSphere environment has been configured according to VMware best practices. This document contains instructions that will help a System Administrator through the steps to implement many Microsoft and Citrix components based on the Citrix Consulting recommended configurations. These products include Citrix XenDesktop, Citrix Web Interface, Citrix Access Gateway VPX, Citrix User Profile Manager, Citrix Licensing Server, Microsoft SQL Server, and Citrix Merchandising Server.
Page 4
Initial Architecture
The XenDesktop architecture used for this deployment guide is shown in the following figure:
Figure 1: Architecture utilizing using Machine Creation Services
The environment consists of the following components: Remote access provided by Access Gateway VPX Initial authentication and enumeration operations performed by Web Interface License monitor and allocation via the Citrix License Server Desktop management controlled by the redundant XenDesktop controllers Overall system configuration tracking by SQL Server Virtual desktop hosting provided by VMware vSphere 5 Desktop image creation and delivery via Machine Creation Services.
Page 5
Installation Guide
In this phase, various components needed to support and ensure a functioning XenDesktop environment will be configured. These components include: Installing Microsoft SQL Server 2008 R2 Installing & configuring Citrix Licensing Server 11.9 Installation of Citrix XenDesktop Controllers and configuring a XenDesktop Site. Installing and configuring Citrix Web Interface Installing and configuring Citrix Merchandising Server Creating a Pooled Desktop master image Installing & configuring server side and client side components of Citrix User Profile Manager Configuring Active Directory for Base and Optimized Desktop policies. Installing and configuring Citrix Access Gateway Creating Desktop Groups Final validations
Page 6
SQL Database
The SQL Database is the backend foundation for the overall XenDesktop site. Access to the SQL database is critical for user connections, virtual desktop configuration, and site information.
Pre-requisites SQL Database

SQL Server 2008 R2
Prerequisites for SQL Server 2008 R2: SQL Server 2008 R2 Enterprise can only be installed on the following Microsoft OS Version: Windows Server 2003 SP2 64-bit x64 Datacenter Windows Server 2003 SP2 64-bit x64 Enterprise Windows Server 2003 SP2 64-bit x64 Standard Windows Server 2003 R2 SP2 64-bit x64 Datacenter Windows Server 2003 R2 SP2 64-bit x64 Enterprise Windows Server 2003 R2 SP2 64-bit x64 Standard Windows Server 2008 SP2 64-bit x64 Datacenter Windows Server 2008 SP2 64-bit x64 Datacenter without Hyper-V Windows Server 2008 SP2 64-bit x64 Enterprise, Windows Server 2008 SP2 64-bit x64 Enterprise without Hyper-V Windows Server 2008 SP2 64-bit x64 Standard Windows Server 2008 SP2 64-bit x64 Standard without Hyper-V Windows Server 2008 SP2 64-bit x64 Web Windows 2008 R2 64-bit x64 Datacenter Windows 2008 R2 64-bit x64 Enterprise Windows 2008 R2 64-bit x64 Standard Windows 2008 R2 64-bit x64 Web Windows Server 2008 R2 x64 for Windows Essential Server Solutions
Additionally, SQL Server Setup installs the following software components required by the product:: .NET Framework 3.5 SP11 SQL Server Native Client SQL Server Setup support files
For the purposes of this installation guide, it is assumed that Windows Server 2008 R2 Enterprise will be the OS for the SQL 2008 R2 Database for XenDesktop. This database configuration may also be used for VMware vCenter configuration. Appropriate usernames and passwords required to run SQL Database services should be provisioned prior to SQL Server 2008 R2 installation.
Page 7
Screenshot
1
Description
Connect and authenticate to the server selected to run SQL 2008 R2 for XenDesktop.
**NOTE** If service accounts are being used to install SQL Server 2008 R2, ensure that this account possesses elevated privileges. Consult with Active Directory Administrators to ensure compliance with specific enterprise account standards. 2 Navigate to the path where the installation media or files for Microsoft SQL Server 2008 R2 are located. Launch the installer by doubleclicking the setup file.
3 In SQL Server Installation Center, select the Installation option. Start SQL Server 2008 installation by clicking New Installation or add features to an existing installation.
Page 8
Screenshot
4
Description
Review Support Rules for accuracy. Click OK to proceed with installation.
5 Select the radio button appropriate to this installation of SQL Server 2008. Provide a valid Product Key in the appropriate field. Click Next to proceed with installation.
6 Review the entire contents of the License Terms. Select the checkbox marked I accept the license terms. Click Next to proceed with installation.
Page 9
Screenshot
7
Description
Review the details of the Setup Support Files screen. Click Install to proceed with installation.
8 Allow the installation of Support Files to proceed to completion.
9 Review the installation summary and validate that no errors have occurred during the installation of Support Roles. Click Next to proceed with Role setup installation.
Page 10
Screenshot
10
Description
Select the appropriate radio button for SQL Server Feature Installation. Click Next to proceed with installation.
11 In the Feature Selection list, select the required features for this SQL Server 2008 installation by checking the boxes of the required items. Required minimum features that should be checked are: Database Engine Services
***NOTE*** Features installed will vary widely depending on the enterprise. Consult with a SQL Server Administrator to ensure that the appropriate selections are made for this specific installation. 12 Allow the feature installation to proceed to completion. A completion summary screen will be presented once installation is complete. Review the installation summary for errors. If there are no errors presented in the summary screen, click Next to proceed to Instance Configuration. Click Next to proceed with installation.
Page 11
Screenshot
13
Description
On the Instance Configuration screen, select the Default Instance for this installation of SQL Server 2008. Click Next to continue.
14 Validate that the server SQL Server 2008 is being installed to will have enough disk space to complete the installation. Click Next to continue.
15 On the Server Configuration pane, provide appropriate usernames and password for the various SQL Server services. ***NOTE*** Service account names will vary widely depending on the enterprise. Consult with a SQL Server Administrator to ensure that the appropriate credentials are provided for this specific installation of SQL Server 2008. Click Next to continue.
Page 12
Screenshot
16
Description
On the Database Engine Configuration pane, select the appropriate Authentication Mode for this SQL Server Installation. ***NOTE*** Authentication Modes will vary depending on the enterprise. Consult with a SQL Server Administrator to ensure that the appropriate credentials are provided for this specific installation of SQL Server 2008. Click Next to continue.
17 Review the Error Reporting Pane summary and mark the check box to report errors to Microsoft if it complies with enterprise security policies. Click Next to continue.
18 Review the Installation Configuration file summary screen presented. If no errors are presented, click Next to continue.
Page 13
Screenshot
19
Description
Review the overall Installation Configuration summary. Click Install to proceed with file installation.
20 Allow the installation of all files by the setup wizard. Monitor for any errors that may be presented during the installation.
21 Review the completion screen for any warnings or errors. If no warnings or errors are presented, click Close to exit from the SQL Server 2008 installation.
Page 14
Citrix Licensing
The Licensing Server is responsible for managing all the licensing components of XenDesktop 5.5 and vSphere 5.
Pre-requisites
Citrix Licensing Prerequisites
Prerequisites for Licensing Server 11.9: Software System Requirements Citrix License Server can be installed on servers running the following Microsoft operating systems. Citrix recommends that the latest Microsoft Service Pack and updates be installed. Windows Server 2003 Family Windows Server 2008 Family Windows Server 2008 R2 Family Windows 7, 32-bit and 64-bit editions
The License Administration Console manages the license server on the computer on which it is installed. It cannot manage remote license servers. License Administration Console requires a supported Web Browser and .NET Framework Supported Browsers: Internet Explorer Version 6.0 through 8.0 Mozilla Firefox Version 3.x Microsoft .NET Framework Requirements Microsoft .NET Framework 3.5 is required. For the purposes of this installation guide, it is assumed that Windows Server 2008 R2 is the host for the Licensing Server and License Administrative console. The guide will include guidance on installing a compatible version of Microsoft .NET Framework.
Screenshot
1
Description
Connect and authenticate to the server selected to run Citrix Licensing Server.
**NOTE** If using a service account to install Citrix Licensing 11.9, ensure that the user account has elevated privileges. Consult with Active Directory Administrators to ensure compliance with specific enterprise account standards.
Page 15

2 Launch Server Manager from the Start Menu. The path to Server Manager is Start > Administrative Tools > Server Manager
3 In the left hand navigation pane, select the Features node in the selection tree. Click Add Features in the Features Summary area.
4 From the Features List, select .NET Framework 3.5.1 Features in order to begin the installation of prerequisite features.
Page 16

5 Agree to the prompt to add role services required for .NET Framework 3.5.1. Features by clicking Add Required Role Services. Hit Next to proceed with the installation.
***NOTE*** The Web Server (IIS) Role will be installed as art of .NET Framework 3.5.1 feature installation. Consult with Web Administrator and Security teams to ensure compliance with enterprise requirements. 6 Click Next at the Web Server (IIS) information pane.
7 Ensure that .NET Extensibility & Request Filtering is selected in the Role Services selection tree. Click Next to proceed with the Web Server (IIS) Role installation.
Page 17

8 Review the installation summary screen for accuracy. Ensure that all values are correct for the installation being performed. Confirm selections by clicking Install.
9 Allow the installation wizard to proceed to completion. Review for any errors that may be presented.
10 Once the installation wizard has completed, validate that the installation completed without errors. If successful, click Close to complete the installation of .NET 3.5.1. Exit from Server Manager and return to the system. It is now possible to proceed with the installation of Citrix Licensing 11.9.
Page 18
Installation - Citrix Licensing 11.9

Installing Citrix License Server 11.9 Screenshot
1 Connect and authenticate to the server selected to run Citrix Licensing.
Description
**NOTE** If using a service account to install Citrix Licensing Server 11.9, ensure that the user account has elevated privileges. Consult with Active Directory Administrators to ensure compliance with specific enterprise account standards.
2 Locate the Licensing Server 11.9 installation media and launch by selecting CTX_Licensing.
***NOTE*** If the installation files cannot be located, Citrix Licensing can be obtained from http://download.citrix.com. Use MyCitrix credentials to log in and obtain the required software. 3 Read the Citrix Licensing License Agreement Select the checkbox marked I accept the terms in the License Agreement Click Next to continue
Page 19

4
Description
Specify the path to install Citrix Licensing 11.9. ***NOTE*** The default installation path will be: C:\Program Files (x86)\Citrix\ This path should be used for the majority of installations. Change this value only if there is a specific reason to do so.
5 Allow the installation to proceed to completion.
6 Once the installer has completed, click Finish to launch the License Server Configuration Tool.
Page 20

7
Description
In the License Server Configuration Tool, validate that the proper ports are specified for Citrix Licensing Server 11.9. Set a password for the License Administration Console. Ensure that this password is secure and is known to Citrix Administrators responsible for licensing. Click OK to complete License Server Configuration.
**NOTE** If Windows Firewall is enabled on this server, ensure that appropriate inbound rules are configured to allow communication on default Citrix Licensing Ports 27000, 7279, and 8082. If alternative ports are selected for either License Server, Vendor Daemon, or the Management Console, ensure that Windows Firewall allows for those ports instead.
Configuration - Citrix Licensing 11.9

Configuring Citrix License Server 11.9 Screenshot
1 Connect and authenticate to the server selected to run Citrix Licensing Server 11.9.
Description
**NOTE** If using a service account to install Citrix Licensing 11.9, ensure that the user account has elevated privileges. Consult with Active Directory Administrators to ensure compliance with specific enterprise account standards.
Page 21

2
Description
Launch the License Administration Console from the Start Menu. The default path should for License Administration Console will be: Start > All Programs > Citrix > Management Consoles > License Administration Console
3 Navigate to the Administration link on the top-right corner of the License Administration Console.
4 Provide log on credentials to authenticate. The default username will be admin and the password will be what was established in Installation Citrix Licensing 11.9 Step 7
Page 22

5
Description
Once successfully authenticated, navigate to the Vendor Daemon Configuration tab on the left-hand side of the License Administration Console. Select Import License to being the process of importing the license file.
6 Click Browse and use the file browser to navigate to where license files are located. Select the appropriate license file and click Open. Click Import License to begin the process of importing the license into the Licensing Server.
7 If the license import is successful, a confirmation message will be displayed. Click OK to proceed. Configuration of Citrix Licensing Server 11.9 is now complete. Exit the License Administration Console by clicking the X in the upper right hand corner of the console window.
Page 23
Citrix XenDesktop Desktop Controller

The XenDesktop Controller authenticates users, enumerates resources and directs user launch requests to the appropriate virtual desktop. These steps also include the instructions for installing Desktop Director and Desktop Studio management tools.
Pre-requisites XenDesktop Controller

Desktop Controller Pre-requisites
The requirements for installing XenDesktop Controllers include the Controller software, a database, Desktop Studio, Desktop Director & Active Directory accounts. Active Directory & SQL Database account validations have already been performed as part of Section 1 Environment Validation. This section will focus on prerequisites for installing XenDesktop Controller software, Desktop Studio, and Desktop Director. XenDesktop Controllers must be installed on one of the following operating systems: Microsoft Windows Server 2008, Standard or Enterprise Edition, with Service Pack 2 installed (32- and 64-bit) Microsoft Windows Server 2008 R2, Standard or Enterprise Edition (64-bit only) Disk space requirements: 100 MB for the Controller and SDKs 50 MB for Desktop Studio 50 MB for Desktop Director This scenario will be performed on Windows Server 2008 R2 Enterprise with Controller & SDK installation, Desktop Studio on all Controllers, & Desktop Director installed on one Controller. Microsoft .NET Framework, Version 3.5, with Service Pack 1 is required to be installed on the operating system. If Microsoft .NET Framework Version 3.5 is not installed on this server, it is installed automatically by XenDesktop. The XenDesktop installation media will also contain this installer in the Support\DotNet35 folder. Microsoft Internet Information Services (IIS) and ASP.NET 2.0. IIS are required for Desktop Director. Therefore, it will only be installed on the first Controller in this scenario. For Windows Server 2008, Microsoft IIS Version 7.0. For Windows Server 2008 R2, Microsoft IIS Version 7.5. As Desktop Director will be installed on a Desktop Controller, this guide will be outlining the addition of IIS Version 7.5 with the appropriate roles. Other components may be required depending on variations to the enterprise system environment. Refer to Citrix eDocs for XenDesktop 5.5 Controllers for specific details on Microsoft Visual J# 2.0 Redistributable Package, Second Edition. Microsoft Visual C++ 2008 with Service Pack 1 Redistributable Package. Microsoft Windows PowerShell version 2.0. Internet Explorer 7.0 or later. When VMWare vSphere is used as the hypervisor technology, Citrix recommends securing communications between the vCenter server and the XenDesktop controllers using secure sockets layer (SSL) encryption. A third party or self-signed certificate is required to be installed on both the vCenter server and the XenDesktop controllers to facilitate SSL. For best security, a certificate from a third party Certification Authority is recommended, but for the purpose of this document, the default vCenter self-signed certificate has been used.
Page 24
XenDesktop Controller Pre-requisites Screenshot

1
Description
Connect and authenticate to the server selected to run the Desktop Controller.
**NOTE** If using a service account to install the Desktop Controller, ensure that the user account has elevated privileges. Consult with Active Directory Administrators to ensure compliance with specific enterprise account standards.
Launch Server Manager from the Start Menu. The path to Server Manager is Start > Administrative Tools > Server Manager
Select the Roles tree node in the left hand navigation pane. Click Add Role.
Page 25

4
Description
Agree to the Introductory Screen for the Add Roles Wizard by clicking Next Select Web Server role from the checkboxes available.
5 Agree to the screen that introduces IIS by selecting Next.
Page 26

6
Description
Ensure that all appropriate checkboxes are selected. Many of these will be selected by default. Checkboxes include: Web Server > Common HTTP Features: > Static Content > Default Document > Directory Browsing > HTTP Errors Web Server > Application Development: > ASP.NET > .NET Extensibility > ISAPI Extensions > ISAPI Filters Web Server > Health and Diagnostics: > HTTP Logging > .Request Monitor Web Server > IIS Management Console
7 Confirm installation selections by selecting Install at the prompt.
Page 27

8
Description
Allow the installation to proceed to completion.
9 Validate that the installation completed. If successful, click Close to complete the installation the IIS Server Role. Close out Server Manager and return the system.
10
Using Internet Explorer, connect to https://<vCenter server name> When the warning screen is displayed, click Continue to this website (not recommended).
Page 28

11
Description
Click in the box containing the text Certificate error. Click View Certificates.
12
In the Certificate dialog, click Install Certificate.
Page 29

13
Description
In the Certificate Import Wizard dialog, click Next.
14
Select Place all certificates in the following store. Click Browse.
Page 30

15
Description
Ensure that the Show physical stores checkbox is selected. For Self Signed Certificates: o o o o o o Expand Trusted People Select Local Computer Click OK Expand Third-Party Root Certification Authorities Select Local Computer Click OK
For 3rd Party Certificates:
16
Verify correct certificate store, and click Next.
Page 31

17
Description
Click Finish. On the Import Successful dialog, click OK.
18
Restart the browser and verify connection to the website without error. Repeat the above steps for each XenDesktop Controller to be installed. After these step are complete, install and configure the XenDesktop controller.
Page 32
Installation XenDesktop Controller

Installing a XenDesktop Controller Screenshot
1
Description
Staying on the server selected to be the Desktop Controller, navigate to the location of the XenDesktop Installer Media and launch via AutoPlay. Click Run AutoSelect.exe.
2 Select Install XenDesktop.
3 Read the End User License Agreement and, if acceptable, select I accept the terms and conditions and select Next to continue.
Page 33

4
Description
**NOTE** In this scenario for XenDesktop, web access will be provided via a Web Interface installed on separate server. Also, a separate SQL 2008 R2 database will be used. Lastly, a dedicated License Server has already been installed and will not be needed as part of the Controller installation. Select the appropriate components for installation. This should include: > XenDesktop Controller > Desktop Studio > Desktop Director Uncheck the selections for Web Access, License Server, and Install SQL Server Express. The required components are installed separately. Click Next to continue.
Allow the installation summary to generate. Validate that all appropriate components are included in the summary area and click Install.
6 Uncheck Configure XenDesktop after closing and click Close. Close out the remote connection to the first XenDesktop Controller.
Page 34

7
Description
Connect to the server that is designated as another XenDesktop controller.
8 Navigate to the location of the XenDesktop Installer Media and launch via AutoPlay. Click Run AutoSelect.exe.
9 Select Install XenDesktop.
**NOTE** If using a service account to install the Desktop Controller, ensure that the user account has elevated privileges. Consult with Active Directory Administrator to ensure compliance with specific enterprise account standards.
Page 35

10
Description
Read the End User License Agreement and, if acceptable, select I accept the terms and conditions and select Next to continue.
11 **NOTE** In this scenario for XenDesktop, web access will be provided via a Web Interface installed on separate server. Also, a separate SQL 2008 R2 database will be used. Lastly, a dedicated License Server has already been installed and will not be needed as part of the Controller installation. Furthermore, Desktop Director will not be required as it is already available on the first Controller. Therefore, unselect it. Select the appropriate components for installation. This should include: > XenDesktop Controller > Desktop Studio
Uncheck the selections for Web Access, Desktop Director, License Server, and Install SQL Server Express. These components are installed separately. Click Next to continue.
Page 36

12
Description
**NOTE** As Desktop Director is not installed on the second Controller and the IIS role is not required, a firewall exception may be needed for Port 80 to accommodate incoming Broker requests. Coordinate with Network Security Administrators to ensure appropriate firewall considerations are taken into account for any specific enterprise configuration. Check the box marked Enable these ports to allow Port 80 to be used for Broker connections to this Controller. Click Next to continue the installation.
13 Allow the installation summary to generate. Validate that all appropriate components are included in the summary area and click Install.
14. Allow the Setup Wizard to complete the installation. Once complete, a final summary will be presented. Validate that all appropriate components were installed properly. If proceeding directly to the next section (Configuration Creating a XenDesktop Site), then click Close. Otherwise, uncheck the box marked Configure XenDesktop after closing and click Close.
Page 37
Configuration Creating a XenDesktop Site

Creating a XenDesktop Site Screenshot
1 Connect and authenticate to the server selected to run the Desktop Controller.
Description
2 Launch Desktop Studio from the Start Menu. Desktop Studio should appear under: Start > All Programs > Citrix > Desktop Studio
3 From Desktop Studio, select Desktop Deployment in the center pane of the Snap-In.
Page 38

4
Description
Name the Site per enterprise standards. In Database Configuration, enter the name of the SQL 2008 server. Enter the name of the Database in the Database Name field. For the purposes of this scenario, leave the default Database name to have the wizard create the database. ***NOTE*** To validate connectivity to the SQL Server, use the Test Connection button. This test will likely generate an error as the Database for XenDesktop has not yet been created. However, connectivity to the SQL Database will be validated successfully. It is possible to create a Database prior to installing a XenDesktop site; however, this step is beyond the scope of this Implementation Guide. Click Next to continue.
5 Provide the license server information and click Connect. The wizard will present the license types available on the licensing server. Select the appropriate one for this installation and click Next.
Page 39

6
Description
Select VMWare virtualization as the host type. Enter https://<vCenter Server name>/sdk in the Address field. Name the Host connection. Select Use XenDesktop to create virtual machines. Click Next to continue.
7 Specify the resources that will be utilized by the Virtual Machines in this installation by clicking Add.
Click Browse to select the vSphere cluster to be used for the host configuration.
Page 40

8
Description
Expand the vSphere datacenter and select the cluster for this configuration. Click OK.
Select the type of storage to be used for the host configuration (Shared/Local). Select the specific vSphere datastores to be used for the host configuration. Select the guest network to be used. Click Next.
Page 41

10
Description
Review the installation Summary for accuracy. Enter a unique host name for the configuration. Click Finish to continue. Close the remote connection to the first XenDesktop Controller.
11 Connect and authenticate to the server selected to be the second XenDesktop Controller.
12 Launch Desktop Studio from the Start Menu. Desktop Studio should appear under: Start > All Programs > Citrix > Desktop Studio
Page 42

13
Description
From Desktop Studio, select Join existing deployment in the center pane of the Snap-In.
14 In the Select XenDesktop Site dialog box, specify the address of the first controller. Specify either an IP address or Fully Qualified Domain Name (FQDN). Click OK to continue.
15 A pop-up asking whether to allow XenDesktop to update the database automatically will be presented. Click Yes to continue.
16 Allow XenDesktop to configure the Site and add the second controller. A progress bar will be presented until completion.
Page 43

17
Description
Upon successful completion of adding a second controller to the XenDesktop Site, Desktop Studio will return to the Site Dashboard. Settings and information regarding this XenDesktop site will be presented and available for Administration. Configuring the XenDesktop site is now complete. Exit from Desktop Studio and logout from the second controller.
Page 44
Citrix Web Interface

Web Interface provides users with access to XenApp and XenDesktop applications, content, and virtual desktops from a standard web browser.
Pre-requisites
Web Interface Pre-requisites Screenshot
1 Connect and authenticate to the server selected to run Citrix Web Interface.
Description
**NOTE** If using a service account to install Citrix Web Interface, ensure that the user account has elevated privileges. Consult with Active Directory Administrator to ensure compliance with specific enterprise account standards.
Launch Server Manager from the Start Menu. The path to Server Manager is Start > Administrative Tools > Server Manager
Select the Roles tree node in the left hand navigation pane. Click Add Role.
Page 45

4
Description
Agree to the Introductory Screen for the Add Roles Wizard by clicking Next. Select Web Server role from the checkboxes available.
5 Agree to the screen that introduces IIS by selecting Next.
Page 46

6
Description
Ensure that all appropriate checkboxes are selected. Many of these will be selected by default. Checkboxes include: Web Server > Common HTTP Features: > Static Content > Default Document > Directory Browsing > HTTP Errors Web Server > Application Development: > ASP.NET > .NET Extensibility > ISAPI Extensions > ISAPI Filters Web Server > Health and Diagnostics: > HTTP Logging > .Request Monitor Web Server > Management Tools: > IIS Management Console Web Server > Management Tools > IIS Management Compatibility: > IIS 6 Metabase Compatibility
7 Confirm the installation selections by selecting Install at the prompt.
Page 47

8
Description
Allow the installation to proceed to completion.
9 Validate that the installation completed. If successful, click Close to complete the installation the IIS Server Role. Close out Server Manager and return to the system. It is now possible to proceed with the installation of secondary components required for Web Interface.
10 Once Web Server role, navigate to the directory containing Microsoft Visual J# .NET 2.0. The installer is available in the Support folder of XenDesktop 5.5 media. Double click the installer file. For 64-bit systems, the installer will be vjredist64.exe.
Page 48

11
Description
The installation wizard will launch. Read the overview and click Next to continue.
12 Read the entire End-User License Agreement. If agreed to, Check the box marked I accept the terms of the License Agreement. Click Install to proceed.
13 Allow the wizard to install files related to the software.
Page 49

14
Description
Once the installer is completed, a Setup Complete summary screen will be presented. Click Finish to complete the installation.
Installation Citrix Web Interface

Citrix Web Interface Installation Screenshot
1 Navigate to the path where the Web Interface software is available. The latest version of Web Interface is available on http://download.citrix.com Double-click the installer package to begin the setup process.
Description
**NOTE** If using a service account to install Citrix Web Interface, ensure that the user account has elevated privileges. Consult with Active Directory Administrators to ensure compliance with specific enterprise account standards. 2 Select the language for the Web Interface installation. For the purposes of this scenario, English was selected and click OK.
Page 50

3
Description
The installer will present a welcome screen. Read the entirety of the welcome screen text and click Next to continue.
4 Read the entire Citrix License Agreement. If agreeable, select the radio button marked I accept the license agreement and click Next.
5 Choose the file system path to install Citrix Web Interface. The default installation path will be: C:\Program Files (x86)\Citrix\Web Interface. Once the installation path has been specified, click Next to continue.
Page 51

6
Description
Decide whether Citrix Clients will be installed as part of Web Interface setup. As this scenario will be utilizing Merchandising Server, select the radio button marked Skip this step and click Next to continue the installation.
7 Read the summary screen and click Next to begin the setup file installation.
8 The setup program will begin migrating files to the server. Allow the setup to complete.
Page 52

9
Description
Upon successful installation of Web Interface components, review the summary page. Ensure that the checkbox marked Start creating sites now is checked. Click Finish to complete the installation of Web Interface.
Configuration Citrix Web Interface

Citrix Web Interface Configuration Screenshot
1 In the Web Interface Management Snap-In, right-click XenApp Web Site and select Create Site.
Description
***NOTE*** Web Interface Management can be found by navigating to: Start -> All Programs -> Citrix -> Citrix Web Interface Management
Page 53

2
Description
In the Create Site dialog, specify information to label the site. For the purposes of this scenario, the site Path has been made to be /Citrix/XenDesktop and the Name to be XenDesktop. ***NOTE*** Confer with the Web Administration team on whether the enterprise requires Web Interface to be the default IIS Site. If this is a shared web server, this may not be advisable. Click Next to continue.
3 Select the Point of Authentication. For the purposes of this scenario, the Point of Authentication will be At Web Interface. ***NOTE*** Confer with the Web Administration and Security teams to determine this setting. Point of Authentication can vary widely based on enterprise security requirements. Click Next to continue.
4 Review the installation summary for accuracy. If all settings are validated click Next to begin configuration of this XenApp Web Site.
Page 54

5
Description
Allow the setup wizard to complete installation of the Web Interface Web Site. Once the setup wizard has completed, a site summary box will be presented. Ensure that the checkbox marked Configure the site now is checked and click Next to continue.
6 The Farm Setup dialog box will be launched. Specify a Farm Name. In the Servers area, click Add. Specify the XenDesktop Controller address in the field marked server name. Either the fully qualified domain name (FQDN) or the IP address of the Controller can be used. Click OK to add the Server to the Farm. Repeat this step for all of XenDesktop Controllers.
7 Once all Servers in the XenDesktop Site have been added, click Next to continue.
Page 55

8
Description
Configure the Authentication Method appropriate for the enterprise. ***NOTE*** Authentication Methods vary widely depending on enterprise security needs. Consult with Security Administrators to choose the model most appropriate for this installation. For the purposes of this scenario, Explicit authentication should be chosen. Click Next to continue.
9 Configure the Domain Restrictions. ***NOTE*** Domain Restriction settings depend on enterprise security needs. Consult with Security Administrators to choose the model most appropriate. For the purposes of this scenario, Allow any domains will be chosen. Click Next to continue.
10 Choose the most appropriate Logon Screen appearance. For the purposes of this scenario, choose Minimal. Click Next to continue.
Page 56

11
Description
Specify the Published Resource type. As the XenDesktop environment is Pooled Random, the most appropriate Resource Type will be Online. Click Next to continue.
12 Review the Initial Configuration summary for accuracy. Click Finish to complete the installation of XenDesktop Web Interface site. Upon successful configuration, exit from Web Interface management Snap-In.
Page 57
Citrix Merchandising Server

Merchandising Server provides administrators an interface for configuring, delivering, and upgrading plug-ins for Citrix Receiver.
Pre-requisites
Merchandising Server Pre-requisites
Prerequisites for Merchandising Server: The Citrix Merchandising Server is a virtual appliance, which can be downloaded from the Citrix downloads site. The virtual appliance can be found here by selecting the download components for Receiver infrastructure. Download the Merchandising Server for VMware OVA files to your local hard drive. VMware vSphere 5 infrastructure with sufficient resources for the appliance (see Citrix eDocs for information). Active Directory running on Windows Server 2003 Service Pack 2 or above. The corporate directory must be accessible through Active Directory. One of the following browser versions is required to use the Citrix Merchandising Server Administrator Console: Internet Explorer 7 Internet Explorer 8 Firefox version 3.x
Installation Merchandising Server

Merchandising Server Pre-requisites Screenshot
1 Launch the VMware vSphere client and connect to the vCenter instance where the Merchandising Server will be hosted. Click File and then Deploy OVF Template to begin the procedure to import the Merchandising Server virtual appliance.
Description
Page 58

2
Description
Click Browse and specify the path to the downloaded OVA file containing the appliance. Click Next to continue. Accept the OVF template details and click Next to continue.
3 Read the license agreement and, if acceptable, click Accept. Click Next to continue.
Page 59

4
Description
Enter the VM name and location for the virtual appliance. Click Next.
Page 60

5
Description
Select the vSphere cluster to host the virtual appliance. Click Next.
Select the host on which the virtual appliance will reside. Click Next.
Page 61

6
Description
Select the vSphere datastore to host the virtual appliance. Click Next.
If required, select the disk format to be used to host the appliance.
Page 62

7
Description
Configure the virtual network interfaces for the new VM as required by the enterprise network topology. Click Next to continue.
8 Click Finish to begin the virtual appliance import process.
Page 63

9
Description
Once the import process has completed, navigate to the Merchandising Server appliance and select Edit Settings. Configure the VM properties for 2 vCPUs and 4GB of RAM. Click OK.
10 Navigate to the Console tab for the Merchandising Server VM in vSphere Client and start the appliance.
11 Use text input to configure the Merchandising Server per enterprise requirements. Ensure that the network configuration (IP address, gateway, DNS) settings are correct. The Merchandising Server will reboot after configuration. It will also require a change to the default root password prior to reboot. Allow the Merchandising Server to reboot fully.
Page 64

12
Description
Using a web browser, navigate to the Merchandising Server configuration website. The URL should be as follows: https://[server_IP_address]/applia nce Log in username set to root and password C1trix321.
13 Upon successful login, the main setup screen will be presented. Select Configure Active Directory to begin configuring Merchandising Server.
Page 65

14
Description
Enter the appropriate settings for Active Directory environment in the fields provided. o Source Name: An identifier for this connection o Server Address: Provide the IP address for the AD Domain Controller o Server Port: Typically this is 389 o BIND DN: Provide the LDAP string for the account used to connect to Active Directory Base DN: Provide the LDAP string for the Domain Server Sync: Select the timeframe for AD Synch Schedule
Click Save and Synch to finalize settings for Active Directory integration with Merchandising Server.
15 Click the Permissions field to configure access rights to Merchandising Server.
16 Enter an account that will have Administrative privileges in Merchandising Server in the search box. Click Search to locate the account in Active Directory.
Page 66

17
Description
Once the account desired has been located, select the radio button and click Edit. Grant the appropriate role merchandising Server. In this scenario, grant Administrator. Once the account is configured, exit from the screen by clicking the x in the upper right corner of the window.
18 Log off of the Merchandising Server by clicking Log off in the upper right hand corner of the window.
19 Enter the administrative account credentials in the User Name and Password field. Ensure that this account exists and is active in the Active Directory Domain.
Page 67

20
Description
Allow the Administrator Console in Merchandising Server to load. Validate that all desired and required console functions are available. Once validation is complete, proceed to configuring Merchandising Server.
Configuration Merchandising Server

Configuring Merchandising Server Screenshot
1 In the Administrator Console for Merchandising Server, click the Get New hyperlink under Plug-ins.
Description
Page 68

2
Description
Select the radio button of the Plug-in(s) appropriate for this installation of Merchandising Server and XenDesktop. For the purposes of this Implementation Guide, the Citrix Online Plug-in and Citrix Receiver are to be selected. Click Download to Server.
***NOTE*** An active internet connection must be available and for Merchandising Server to be able to download and import the appropriate plug-ins.
3 Acknowledge the warning regarding extended download times by clicking Confirm. Allow the selected Plug-Ins to download to the Merchandising Server.
4 Once the requested all of the Plug-Ins have downloaded, click Close to complete.
Page 69

5
Description
From the Merchandising Server Administration Console, navigate to: Deliveries > Rules
6 Populate the required data for the creation of a delivery rule. Provide a: Name Description Field (this is used as a criteria for enforcing a rule) Value (this is used as validation criteria for a rule) Once all required fields have been populated, click Save.
7 Validate that the delivery rule has been saved. If successfully saved, it will appear in the Rules Management screen pane with summary information presented.
Page 70

8
Description
From the Merchandising Server Administration Console, navigate to: Deliveries > Create/Edit
9 On the General tab, provide the following information for a Merchandising Server Delivery: Delivery name Evaluation Order Silent Install (Boolean value: yes/no) Check for updates (optional) Completion text (optional) Support email address (optional) Support phone number (optional) GoToAssist sever (optional)
10 On the Plug-Ins tab, Click Add.
Page 71

11
Description
Select the radio buttons of the Plug-Ins to be included. Once selections have been specified, click Add.
12 Click the Configuration tab. Ensure that there is a value provided in the field labeled: Address of the XenApp Server hosting the XenApp Services (Which will be the same as the Path value provided in Step 2 of Configuration Citrix Web Interface)
13 Click the Rules tab. To add a delivery rule, click Add.
Page 72

14
Description
Select a delivery rule by clicking the radio button associated with the rule desired. To add a delivery rule, click Add.
15 Validate the delivery rule has been selected. If successfully selected the desired rule will appear in the Rules pane in the Merchandising Server Administrator Console.
16 Click the Schedule tab. Specify a schedule if one is desired. Click Schedule to proceed.
Page 73

17
Description
Validate that the delivery has been entered into the Merchandising Server and scheduled. If successful, the delivery will appear in the Deliveries pane with a green background.
18 Upon successful validation of Delivery creation, log off of the Merchandising Server Administrator Console by Clicking the Log off link in the upper right hand corner of the browser window.
Page 74
Pooled Desktop Image

Creating a pooled desktop image allows administrators to centrally manage one desktop image for multiple virtual desktop users. The image created in this section will be utilized by Machine Creation Services.
Creating a Pooled Desktop Image Virtual Machine

Creating a Desktop Image VM Screenshot
Prerequisites for a Desktop Image Virtual Machine suitable for XenDesktop Ensure that there is a vSphere host with sufficient memory and CPU resources available to host a Windows 7 Virtual Machine. Recommended configuration is: 2 Virtual CPUs and 2048 Mb. of Memory. A Workstation running vSphere Client in order to manage the creation of the Virtual Machine.
Description
1 From a management workstation, launch the vSphere Client and connect to the target environment for the desktop virtual machines.
Page 75

2
Description
Select the vSphere cluster or host that will contain the Pooled image Virtual Machine. Right click and select New VM.
Verify default of typical configuration and click Next.
3 Specify a name and location for the VM template.
Click Next to continue. .
Page 76

4
Description
Specify the cluster location for the VM and click Next.
Specify the specific host where the VM will start and click Next.
Page 77

5
Description
Specify the datacenter storage for the VM and if necessary, the specific datastore. Click Next to continue.
6 Specify the Operating System and version to be installed in the VM. Click Next to continue.
Page 78

7
Description
Specify the NIC interfaces to assign to the virtual machine. Click Next to continue.
Note: For best performance, select VMXNET3 as the adapter type for the virtual machine.
8 Select the virtual disk size and, if applicable, the type of provisioning for the VM disk. Click Next to continue.
Page 79

9
Description
Review the configuration for the VM. Click Finish to create the virtual machine.
10 Right click the newly created VM and select Edit Settings. In the properties for the VM, select CD/DVD drive/1 and edit the following values: o o o Check Connect at power on Select Datastore ISO File radio button Browse for your Windows 7 ISO file
As required, set memory and CPU settings for the VM. Click OK.
Page 80

11
Description
Select the new virtual machine and navigate to the Console tab. Right click the VM and select. Proceed with the installation of the OS and all required software before shutting down the virtual machine.
Page 81
Citrix Profile Management

Citrix Profile Management provides administrators with an easy and high-performance way of managing personalized settings within a virtual desktop.
Citrix User Profile Manager - Client Side Installation

Citrix User Profile Manager Client Side Installation Screenshot
1 Connect and authenticate to the machine that will be the Master image.
Description
2 Navigate to the path where the installation files for Citrix User Profile Manager are located. Launch the appropriate installer for the Windows OS type. For the purposes of this scenario, a 64-bit version of Windows 7 has been selected as the Master Image. Therefore, right click profilemgt3.2.2_x64 and select Install.
Page 82

3
Description
The Citrix Profile Management Setup screen will launch. Proceed with the installation by clicking Next.
4 Read through the entire End-User License Agreement. If agreeable, check the box marked I accept the terms in the License Agreement. Click Next to continue.
5 Specify the path to install Citrix User Profile Manager. **NOTE** The default is C:\Program Files\Citrix\User Profile Manager and should be used for the majority of installations. Change this value only if relevant reason to do so exists.
Page 83

6
Description
Allow the Summary screen to appear. Click Install to allow Citrix Profile Management to install.
7 The Citrix Profile Management setup will begin installing on the local file system. Allow it to proceed to completion.
8 Once installation to the file system has completed, a final acknowledgement screen will be presented. Click Finish to complete the client installation.
Page 84

9
Description
The installer will require a reboot of the Windows 7 Master Image. Click Yes to allow the workstation to reboot.
***NOTE*** The Windows 7 workstation will automatically reboot upon clicking Yes. Ensure that any unsaved work is saved prior to executing this step.
Citrix User Profile Manager - Server Side Configuration

Citrix User Profile Manager Server Side Configurations Screenshot
Prerequisites for Citrix Profile Management Server Side Configuration Citrix User Profile Management software. Version 3.2.2 will be utilized for this scenario A network path to store user profiles Workstation or Server running Group Policy Management administrative console.
Description
1 Connect and authenticate to the machine on the domain that has Group Policy Management console installed on it.
Page 85

2
Description
From the Start Menu, launch Group Policy Management. The full path will be: Start > Administrative Tools > Group Policy Management
3 Navigate to the Organizational Unit (OU) where the Virtual Desktop accounts will be created. ***NOTE*** The location of Virtual Desktop Computer objects varies widely based on enterprise requirements. Work closely with Active Directory Administrators to determine the best location for this specific environment. Right Click on the OU and select Create a GPO in this domain, and Link it here
4 Specify a Name for the policy. It is not necessary to specify a Source Starter GPO. Click OK to create the Group Policy Object that is linked to the OU containing the Virtual Desktop Computer objects.
Page 86

5
Description
Once the Group Policy Object has been created, right click the name of the object and select Edit. ***NOTE*** If this is the first time this Group Policy Object has been selected for editing, a Group Policy Management Console advisory message may be presented. This message states that the changes being made will impact all objects that are linked to this Group Policy Object. Acknowledge this message by clicking OK.
6 Expand the navigation tree in Group Policy Management Editor to the following path: Computer Configuration > Policies > Administrative Templates Right click Administrative Templates and click Add/Remove Templates
7 Click Add in the Add/Remove Templates box
Page 87

8
Description
Navigate to the path where Citrix Profile Management installation files are located. Open the folder where the ADM Templates are located. The typical path for ADM Templates is: ProfileMgmt3.2.2\ADM_Templates\en
Select the Citrix Profile Management ADM file. The filename will be ctxprofile3.2.0.adm. Click Open to import the ADM file into the Add/Remove Templates dialogue box.
9 Click Close to import the Citrix Policy ADM template into Group Policy Management Editor. The ADM Template will now be imported.
10 Navigate to the path of the Citrix Profile Management ADM Template. Default path is: Computer Configuration > Policies > Administrative Templates > Classic Administrative Templates > Citrix > Profile Management Right click the setting for Enable Profile management and select Edit
Page 88

11
Description
Configure the policy setting by selecting the Enable radio button. Click Apply to put the policy into effect. Click OK to accept the changes to policy and return to the Group Policy Management Editor.
12 In the same path, right click the setting for Path to user store and select Edit.
13 Configure the policy setting by selecting the Enable radio button. In the Options area, provide an absolute path or path to the location where user profiles will be stored. Click Apply to put the policy into effect. Click OK to accept the changes to policy and return to the Group Policy Management Editor.
Page 89

14
Description
Navigate to the path of the Citrix Profile Management ADM Template. Default path is: Computer Configuration > Policies > Administrative Templates > Classic Administrative Templates > Citrix > Profile Management > Streamed user profiles. Right click the setting for Profile streaming and select Edit
15 Configure the policy setting by selecting the Enable radio button. Click Apply to put the policy into effect Click OK to accept the changes to policy. Close out the Group Policy Management Editor & exit from Group Policy Management.
Page 90
Policies
Active Directory policies can be configured to implement Windows 7 optimizations for the virtual desktops.
Configuration Base Active Directory Policy

Windows 7 Desktop Optimizations Screenshot
1
Description
***CAUTION*** The following sub-section contains optimizations that may not be advisable for all enterprises. Review the contents of Citrix Knowledge Base article CTX127050 with the Enterprise IT team carefully before implementing changes. All registry setting changes present risk. Modifying the registry incorrectly can cause serious problems that may require reinstallation of the operating system. Ensure proper best practices are followed before making any changes, including but not limited to backing up the registry or disk image before making changes. Disabling services may alter behavior of certain windows features and installed software. Ensure thorough testing of all application features is performed prior to deploying to a Production environment. Connect and authenticate to the machine on the domain that has Group Policy Management console installed.
Page 91

2
Description
From the Start Menu, launch Group Policy Management. The full path will be: Start > Administrative Tools > Group Policy Management
3 Navigate to the Organizational Unit (OU) where Virtual Desktop accounts will be created. ***NOTE*** The location of Virtual Desktop Computer objects varies widely based on enterprise requirements. Work closely with Active Directory Administrators to determine the best location for this specific environment. Right Click on the OU and select Create a GPO in this domain, and Link it here
4 Specify a Name for the policy. It is not necessary to specify a Source Starter GPO. Click OK to create the Group Policy Object that is linked to the OU containing the Virtual Desktop Computer objects.
Page 92

5
Description
Once the Group Policy Object has been created, right click the name of the object and select Edit ***NOTE*** If this is the first time selecting this Group Policy Object for editing, an advisory message may be presented by Group Policy Management Console. This message states that the changes being made will impact all objects that are linked to this Group Policy Object. Acknowledge this message by clicking OK.
6 Expand the navigation tree in Group Policy Management Editor to the following path: Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Error Reporting Right click the setting for Disable Windows Error Reporting and select Edit.
7 Configure the policy setting by selecting the Enable radio button. Click Apply to put the policy into effect. Click OK to accept the changes to policy and return to the Group Policy Management Editor.
Page 93

8
Description
Expand the navigation tree in Group Policy Management Editor to the following path: Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Update Right click the setting for Configure Automatic Updates and select Edit.
9 Configure the policy setting by selecting the Disable radio button. Click Apply to put the policy into effect. Click OK to accept the changes to policy and return to the Group Policy Management Editor.
10 Expand the navigation tree in Group Policy Management Editor to the following path: Computer Configuration > Policies > Administrative Templates > System > System Restore Right click the setting for Turn off System Restore and select Edit.
Page 94

11
Description
Configure the policy setting by selecting the Enable radio button. Click Apply to put the policy into effect. Click OK to accept the changes to policy and return to the Group Policy Management Editor.
12 Expand the navigation tree in Group Policy Management Editor to the following path: User Configuration > Policies > Administrative Templates > Control Panel > Personalization Right click the setting for Enable Screen Saver and select Edit.
13 Configure the policy setting by selecting the Enable radio button. Click Apply to put the policy into effect. Click OK to accept the changes to policy and return to the Group Policy Management Editor.
Page 95

14
Description
Repeat Step 12 and 13 for the following Group Policies under Personalization
Prevent changing screen saver: Enabled Password protect screen saver: Enabled Screen saver timeout: Enabled: 600 seconds Force specific screen saver: Enabled Configurating a specific screen saver: scrnsave.scr.
15 Expand the navigation tree in Group Policy Management Editor to the following path: Computer Configuration > Preferences > Windows Settings > Registry Click the Add a new item icon to create a new entry.
16 Configure the New Registry Properties for Disable Last Access Timestamp as follows: Action: Update Hive: HKEY_LOCAL_MACHINE
Page 96

17
Description
Use the tree browser to navigate to the following Registry Key Path: SYSTEM > CurrentControlSet > Control > FileSystem > NtfsDisableLastAccessUpdate Click Select to modify settings for this Registry Key
18 Configure the New Registry Properties for Disable Last Access Timestamp as follows: Value Type: Value data: Base: REG_DWORD 00000001 Hexadecimal
Click OK to save settings for this Registry Key.
19 Expand the navigation tree in Group Policy Management Editor to the following path: Computer Configuration > Preferences > Windows Settings > Registry Click the Add a new item icon to create a new entry.
Page 97

20
Description
Configure the New Registry Properties for Disable Large Send Offload as follows: Action: Create Hive: HKEY_LOCAL_MACHINE
21 Enter the following value in the Key Path: SYSTEM\CurrentControlSet\Service s\BNNS\Parameters Configure the Properties as follows: Value Name: Value type: Value data: Base: EnableOffload REG_DWORD 00000000 Hexadecimal
Click Apply and then OK to save settings for this Registry Key.
Page 98

22
Description
***NOTE*** As Windows 7 Installation methods and features for various enterprises can vary, the following step contains a list of Registry Key additions and updates that should be made to optimize the base image for XenDesktop. As such, System Administrators should validate whether the following keys exist or not in the base image using regedit, then use the procedure outlined in Steps 15 18 to add registry keys *OR* Steps 19 21 to update registry keys for the following entries: Disable TCP/IP Offload o [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ Parameters] "DisableTaskOffload"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control] "ServicesPipeTimeout"=dword:0002bf20 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows] "ErrorMode"=dword:00000002 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]"NoRe moteRecursiveEvents"=dword:00000001 [HKEY_USERS\.DEFAULT\Control Panel\Desktop] "ScreenSaveActive"="0" HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management] "ClearPageFileAtShutdown"=dword:00000000
Increase Service Startup Timeout o
Hide Hard Error Messages o
Disable CIFS Change Notifications o
Disable Logon Screensaver o o Disable Clear Page File at Shutdown
Page 99

22 (Step 22 Continued from prior page)
Description
Disable Offline Files o [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ NetCache] "Enabled"=dword:00000000
Disable Background Defragmentation o [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction] "Enable"="N" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ OptimalLayout] "EnableAutoLayout"=dword:00000000
Disable Background Layout Service o
Disable Bug Check Memory Dump o [HKLM\SYSTEM\CurrentControlSet\Control\CrashControl] CrashDumpEnabled"= dword:00000000 "LogEvent"=dword:00000000 "SendAlert"=dword:00000000
Disable Hibernation o [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ Session Manager\Power] "Heuristics"=hex:05,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,3f,42,0f,00
Disable Memory Dumps o [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl] "CrashDumpEnabled"=dword:00000000 "LogEvent"=dword:00000000 "SendAlert"=dword:00000000
Disable Mach. Acct. Password Changes o [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\ Parameters] "DisablePasswordChange"=dword:00000001
Redirect Event Logs o o o HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application] "File"="D:\EventLogs\Application.evtx" [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security] "File"="D:\EventLogs\Security.evtx" [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System] "File"="D:\EventLogs\System.evtx"
Reduce Event Log Size to 64K o o o HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application] "MaxSize"=dword:00010000 [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security] "MaxSize"=dword:00010000 [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System] "MaxSize"=dword:00010000
Disable Move to Recycle Bin o [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Explorer\BitBucket] "UseGlobalSettings"=dword:00000001 "NukeOnDelete"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Force Offscreen Composition"=dword:00000001
Page 100

22 (Step 22 Continued from prior page) Force Offscreen Composition for Internet Explorer o
Description
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Force Offscreen Composition"=dword:00000001
Reduce Menu Show Delay o [HKEY_CURRENT_USER\Control Panel\Desktop] "MenuShowDelay"="150"
Disable all Visual Effects except "Use common tasks in folders" and "Use visual styles on windows and buttons" o o o [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Explorer\VisualEffects] "VisualFXSetting"=dword:00000003 [HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics] "MinAnimate"="0" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Explorer\Advanced] "ListviewAlphaSelect"=dword:00000000 "TaskbarAnimations"=dword:00000000 "ListviewWatermark"=dword:00000000 "ListviewShadow"=dword:00000000 o [HKEY_CURRENT_USER\Control Panel\Desktop] "DragFullWindows"="0" "FontSmoothing"="0" "UserPreferencesMask"=binary:90,12,01,80 ,10,00,00,00
Page 101
Configuration Optimized Desktop Policy

1 In the vSphere Client, select the Master Image VM. Right click the VM and select Open Console.
Description
2 Connect and authenticate to the machine that will be the Master image. On the console menu, select VM -> Guest -> Install/Upgrade VMware Tools.
3 Click OK to accept the VMware tools warning.
Page 102

4
Description
Click Next to begin the VMware tools installation.
5 Select Typical installation of VMware tools. Click Next to continue.
Page 103

6
Description
Click Next to begin the installation.
7 When the installation has completed, click Finish. Click OK to restart your virtual machine.
Page 104

8
Description
Once the Client VM has fully rebooted, in the vSphere Client, right click the Master Image VM and select Open Console. Click the DVD icon and connect to the ISO file containing the XenDesktop 5.5 media.
9 Login to the virtual machine.
10 Open My Computer and navigate to the DVD-Rom. Right Click the XenDesktop media select Open AutoPlay. Select Run AutoSelect.exe from the AutoPlay prompt.
Page 105

11
Description
Select Install Virtual Desktop Agent.
**NOTE** Ensure that the user account being used to install the XenDesktop Virtual Desktop Agent has elevated privileges.
12 Select Advanced Install at the screen to select the type of installation.
13
**NOTE** In this enterprise scenario, all applications will be installed locally. Therefore, XenApp Application Delivery plug-ins will not be required. Uncheck the box marked Support for XenApp Application Delivery Verify that the install location for the Virtual Desktop Agent is appropriate for the environment. The default will be C:\Program Files\Citrix Once the installation location is verified, click Next to begin the Virtual Desktop Agent installation.
Page 106

14
Description
**NOTE** In this enterprise scenario, the Desktop Controllers will be configured into the Virtual Desktop Agent. This can be done at a later time by using Group Policy or the setup wizard. Select the radio button labeled Manually enter controller location(s). In the input box, specific the fully qualified domain name (e.g. controller1.domain.com) of the Desktop Controllers configured earlier in this guide. If there are multiple controllers, enter each controllers FQDN separated by a space. Click Check to allow the setup wizard to validate the network presence of the specified controllers. This check does not validate whether the FQDN provided is actually a Controller, so ensure that the actual Desktop Controllers is specified and not another server. After specifying the Desktop Controllers, click Next to proceed to the next step in the Virtual Desktop Agent installation.
15 Validate all settings for the Virtual Desktop Agent Configuration. Default settings will have the following checked (enabled): XenDesktop Controller Communications Optimize XenDesktop Performance User Desktop Shadowing Real Time Monitoring **NOTE** These settings will create various exceptions for ports in Windows Firewall. Consult with the Desktop Security team to ensure that settings comply with enterprise standards. Refer to the Citrix Knowledgebase article CTX126969 for more information regarding these settings. Once all settings have been validated, click Next to proceed to installation Summary validation for the XenDesktop Virtual Desktop Agent.
Page 107

16
Description
Review the installation Summary for accuracy of Install Location and Components. If the Summary is correct, click Install to proceed with the installation.
17 Allow the wizard to install components and perform post install validation.
18 Upon successful completion of the wizard, a screen will be presented showing which components were installed. Validate that the XenDesktop Virtual Desktop Agent is presented. Ensure that the checkbox marked Restart Machine (required to complete install) is selected and click Close to end the installation of the XenDesktop Virtual Desktop Agent.
***NOTE*** The Windows 7 workstation will automatically restart upon clicking Close. Ensure that any unsaved work is saved prior to clicking Close.
Page 108

19
Description
***CAUTION*** The following sub-section contains optimizations that may not be advisable for all enterprise environments. Review the contents of Citrix Knowledge Base article CTX127050 with the Enterprise IT team carefully before implementing changes. All registry setting changes present risk. Modifying the registry incorrectly can cause serious problems that may require reinstallation of the operating system. Ensure proper best practices are followed before making any changes, including but not limited to backing up the registry or disk image before making changes. Disabling services may alter behavior of certain windows features and installed software. Ensure thorough testing of all application features is performed prior to deploying to a Production environment. Connect and authenticate to the machine that is the Master Image VM.
20 From the Start Menu, launch the Services MMC Snap-In by typing Services.msc from the Search Bar and hitting Enter
Page 109

21
Description
From the Services MMC Snap-In, locate the Background Intelligent Transfer Service service and doubleclick it in the Name area. Configure the service properties for Background Intelligent Transfer Service as follows: Startup type: Service status: Disabled Stop Service
***NOTE*** The Service status may be grayed out if the service is not running. Simply ensure that the status is Stopped in this field. Click Apply and then OK to save settings for this Service.
22 From the Services MMC Snap-In, locate the Desktop Windows Manager Session Manager service and double-click it in the Name area. Configure the service properties for Desktop Windows Manager Session Manager as follows: Startup type: Service status: Disabled Stop Service
23 From the Services MMC Snap-In, locate the Function Discovery Resource Publication service and double-click it in the Name area. Configure the service properties for Function Discovery Resource Publication as follows: Startup type: Service status: Disabled Stop Service
Page 110

24
Description
From the Services MMC Snap-In, locate the HomeGroup listener service and double-click it in the Name area. Configure the service properties for HomeGroup listener as follows: Startup type: Service status: Disabled Stop Service
***NOTE*** The Service status may be grayed out if the service is not running. Simply ensure that the status is stopped in this field. Click Apply and then OK to save settings for this Service.
25 From the Services MMC Snap-In, locate the HomeGroup provider service and double-click it in the Name area. Configure the service properties for HomeGroup provider as follows: Startup type: Service status: Disabled Stop Service
26 From the Services MMC Snap-In, locate the Windows Search service and double-click it in the Name area. Configure the service properties for Windows Search as follows: Startup type: Service status: Disabled Stop Service
Page 111

27
Description
From the Services MMC Snap-In, locate the Security Center service and double-click it in the Name area. Configure the service properties for Security Center as follows: Startup type: Service status: Disabled Stop Service
28 From the Services MMC Snap-In, locate the SuperFetch service and double-click it in the Name area. Configure the service properties for SuperFetch as follows: Startup type: Service status: Disabled Stop Service
29 From the Services MMC Snap-In, locate the Themes service and double-click it in the Name area. Configure the service properties for Themes as follows: Startup type: Service status: Disabled Stop Service
Page 112

30
Description
From the Services MMC Snap-In, locate the Windows Defender service and double-click it in the Name area. Configure the service properties for Windows Defender as follows: Startup type: Service status: Disabled Stop Service
31 From the Services MMC Snap-In, locate the Windows Media Player Sharing Service service and doubleclick it in the Name area. Configure the service properties for Windows Media Player Sharing Service as follows: Startup type: Service status: Disabled Stop Service
32 From the Start Menu, launch the Command Line by typing CMD from the Search Bar and hitting Enter.
**NOTE** Ensure that the user account being used to perform the following optimizations is entitled elevated privileges.
Page 113

33
Description
At the Command Line prompt, type the following: bcdedit /set bootux disabled Hit Enter to execute the command.
If the operation is successful, close Command Line by clicking the X in the upper right corner of the window.
34 Navigate to the Programs and Features from the Control Panel. Click Turn Windows features on or off.
35 Ensure the following Windows Features are unchecked: Media Features > Windows DVD Maker Media Features > Windows Media Center Tablet PC Components Click OK to uninstall features. This may take time to execute and will require a restart of the workstation once complete. ***NOTE*** The Windows 7 workstation will automatically restart upon clicking Restart Now. Ensure that any unsaved work is saved prior to clicking Close.
Page 114

36
Description
Connect and authenticate to the machine that will be the Master image.
**NOTE** Ensure that the user account being used login to perform the following optimizations has elevated privileges.
37 Navigate to System Properties by going to: Control Panel > System > Advanced System Settings **NOTE** Ensure that the user account being used login to perform the following optimizations has elevated privileges.
38 In the Performance area, click Settings. Navigate to the Advanced tab. Click Change in the Virtual Memory Settings area.
Page 115

39
Description
Uncheck Automatically manage paging file size for all drives. Select the radio button marked Custom Size. Click Custom Size in the Virtual Memory Settings area and enter *THE EXACT SAME* value for Initial size and Maximum size. ***NOTE*** The hardcoded values for their page file are determined by many factors including Memory Resources available to the VM and application profile that is run on the virtual desktop. This setting varies widely from customer to customer. Incorrectly determining this value can result in system instability. Consult with Desktop Administrators and thoroughly test this setting before determining and implementing in a production environment.
40 Click OK to allow the computer to reboot.
***NOTE*** The Windows 7 workstation will automatically restart upon clicking Restart Now. Ensure that any unsaved work is saved prior to clicking Close. 41 Connect and authenticate to the machine that will be the Master image.
Page 116

42
Description
Run the following Windows Tools in order to prepare the Master Image to join the domain. Windows Disk Cleanup Windows Disk Defragmenter Optimize the Antivirus program to scan writes and disable the scheduled scans. The base image should be scanned before being deployed within production.
43
If the VM is using the VMware VMXNET 3 network interface driver, the following Microsoft hotfix must be applied. Note this hotfix requires that the Windows 7 VM be at SP1 or later, and that Windows Update be temporarily enabled on the master VM. Download and install the fix referenced in Microsoft Knowledge Base 2500978.
44
Log on to the master image and run the executable downloaded from the Microsoft support site. Select Yes to install the update.
Page 117

45
Description
When the update has completed installation, click Restart Now to reboot the VM.
46 Once all optimizations have been completed, join the Master Image to the Domain. The procedure to join a machine to the Domain varies by enterprise and can be done in multiple ways. Choose the procedure that is approved by the enterprise, ensuring that the Master Image Computer account in an OU that will have all appropriate Group Policy applied.
Page 118
Citrix Access Gateway Enterprise Edition

Citrix Access Gateway is a secure application access solution that provides administrators granular application-level policy and action controls to secure access to applications and data. The virtual appliance can be downloaded from the Citrix website.
Importing NetScaler Appliance

Citrix Access Gateway Pre-requisites Screenshot
1 Launch the vSphere client and connect to a cluster where the NetScaler appliance will be hosted. Click File and then Deploy OVF Template to begin the procedure to import the NetScaler virtual appliance.
Description
2 Click Browse and specify the path to the downloaded OVF file containing the appliance. Click Next to continue.
Page 119

3
Description
Accept the OVF template details and click Next to continue.
Enter the VM name and location for the virtual appliance. Click Next.
Page 120

5
Description
Select the vSphere cluster to host the virtual appliance. Click Next.
Select the host on which the virtual appliance will reside. Click Next.
Page 121

6
Description
Select the vSphere datastore to host the virtual appliance. Click Next.
If required, select the disk format to be used to host the appliance.
Page 122

7
Description
Configure the virtual network interfaces for the new VM as required by the enterprise network topology. Click Next to continue.
8 Click Finish to begin the virtual appliance import process.
Page 123
Installation of Citrix Access Gateway Enterprise Edition

7 Once the VM has imported, switch to the Console for the VM. Right click the virtual machine and select Power -> Power On. Begin following the onscreen instructions to perform basic configuration of the NetScaler VPX.
Description
8 Provide the following information to the VPX per on-screen instructions: IPv4 Address Network Mask (Subnet Mask) Gateway Address (IPv4)
9 Once the last network setting has been provided, a summary screen will be presented. Review for accuracy. Press 4 to save settings on the NetScaler and reboot the device.
10 Watch the console and await the VM state to be Up. Once the State is Up, launch a web browser.
Page 124

11
Description
In the URL area of the Web Browser, navigate to the IP address for the NetScaler VPX. Authenticate using default credentials: User Name: Password: nsroot nsroot
12 Upon authenticating to the VPX, a Setup Wizard will be launched validating and configuring the VM. Click Next to continue.
13 Confirm the networking addresses provided earlier. Provide a Host Name. Ensure appropriate values are entered into the MIP/SNIP Configuration. ***NOTE*** The MIP/SNIP address will be what is used to communicate with XenDesktop Controllers. Ensure that routing and firewall configurations allow network communications to occur on this IP address. Click Next to continue.
Page 125

14
Description
In the Chose Application, select the radio button marked Skip this Step. Click the hyperlink marked Manage Licenses.
15 In the license dialog box, click Add to add the license file to the NetScaler device.
16 Browse to the location of the license file. Choose the license file and click Select to continue.
Page 126

17
Description
Importing the license fill will require the NetScaler device to reboot. Click Yes to allow the device to reboot.
18 The Web Browser will need to be closed and restarted once the license file import reboot is processed. Close the Web Browser by clicking the X in the upper right corner.
19 Return to the vSphere Client and find the NetScaler VM. Go to the Console tab to monitor the progress of the NetScaler reboot procedure. Wait until the NetScaler displays a message showing State Up.
Page 127

20
Description
Launch a Web Browser and return to the IP address of the NetScaler. Authenticate with nsroot / nsroot The Setup Wizard will launch again at the starting point. Validate the settings and click Next on each screen to return to the point in the installation prior to the reboot. The screen after license import will be a Summary screen. Validate all settings at the Summary and click Exit to complete NetScaler setup
21 In the Setup User Interface for NetScaler, navigate to NetScaler VPX {IP_ADDRESS} > System > Licenses Validate that the Access Gateway displays the icon
22 In the Setup User Interface for NetScaler, navigate to: NetScaler VPX {IP_ADDRESS} > Access Gateway Right-click Access Gateway and click Enable Access Gateway Feature.
Page 128
Creating a Request, Key, and Certificate

Creating a Request, Key, and Certificate Screenshot
1 In the URL area of the Web Browser, navigate to the IP address for the NetScaler VPX. Authenticate using default credentials: User Name: Password: nsroot nsroot
Description
2 In the Setup User Interface for NetScaler, navigate to NetScaler VPX {IP_ADDRESS} > SSL
Page 129

3
Description
From the SSL Pane, click the link marked Create RSA Key.
4 Populate the following required fields: Key Filename specify a file name Key Size - specify 1024 Public Exponent Value select F4 Key Format select PEM PEM Encoding Algorithm select DES3 PEM Passphrase specify a passphrase and verify Once required fields have been populated, click Create. Click Close to return to the SSL configuration pane.
5 From the SSL Pane, click the link marked Create CSR (Certificate Signing Request).
Page 130

6
Description
Provide the following items or required information: Request File Name Click Browse in the Key File Name area. Using the file browser, select the key file created in Step 5. Provide the following items or required information: Key Format - select PEM PEM Passphrase specify the passphrase created in Step 4 Distinguished Name Fields specify all relevant fields Leave the Attribute Fields blank. Once all required fields have been populated, click Create. Click Close to return to the SSL configuration pane.
7 Open a new Web Browser window. Navigate to the URL of the enterprise certificate authority.
Authenticate with domain credentials.
Page 131

8
Description
From the Microsoft Active Directory Certificate Services web page, click the hyperlink labeled Request a Certificate.
9 From the Request a Certificate page, click the hyperlink labeled advanced certificate request.
10 On the Advanced Certificate Request web page, select the hyperlink labeled Submit a certificate request by using base-64-encoded CMC or PKCS #10 file, or submit a renewal request using a base-64-encoded PKCS #7 file.
Page 132

11
Description
Using an FTP Program or Secure Shell (SSH) application, navigate to the path of the Certificate Request file that was submitted in Step 6. Open or view in order to see the entire request string. Copy the entire Certificate Request string to the clip-board, ensuring that the contents starting with: -----BEGIN NEW CERTIFICATE REQUEST----and -----END NEW CERTIFICATE REQUEST----- are included in the string copied to the clip-board.
12 Return to the web browser with the Microsoft Active Directory Certificate Services page open. Paste the entire string copied to the clipboard in Step 11 in the field labeled Base-64-encoded certificate request (CMC or PKCS#10 or PKCS #7) In the field marked Certificate Template, select Web Server. Click Submit to proceed.
13 A new certificate will now be available to download. Ensure that the Base 64 encoded radio button is selected. Click the Download Certificate hyperlink.
Page 133

14
Description
Save the certificate to a known location on the file system and proceed to the section labeled Configuring Citrix Access Gateway Enterprise Edition.
Configuring Citrix Access Gateway Enterprise Edition

Configuring Citrix Access Gateway Enterprise Edition Screenshot
1 In the URL area of the Web Browser, navigate to the IP address for the NetScaler VPX. Authenticate using default credentials: User Name: Password: nsroot nsroot
Description
2 In the Setup User Interface for NetScaler, navigate to NetScaler VPX {IP_ADDRESS} > Access Gateway
Page 134

3
Description
In the Access Gateway pane, click the Access Gateway Wizard link.
4 Review the Welcome Screen. Click Next to continue.
Page 135

5
Description
Select the radio button labeled New in order to create a new virtual server for Citrix Access Gateway Enterprise Edition. Specify the following information for the virtual server: IP Address specify an available static IP address Port ensure that the value is 443 Virtual Server Name provide a name ***NOTE*** Work with enterprise Network Administrators to ensure remote access to this IP address is possible. Configuring enterprise remote access is beyond the scope of this document. Once all required information has been provided, click Next to continue.
6 In the Certificate Options drop down of the Access Gateway Wizard, select the value marked Install a signed certificate and private key. Provide a value in the Certificate-Key Pair Name.
Page 136

7
Description
In the field labeled Certificate File Name, click the Browse button and select Local.
8 Using the directory browser, navigate to the local file system path where the certificate generated in Step 14 of Creating a Request, Key, and Certificate. Select the certificate file and click Open.
9 At the Access Gateway Wizard screen, locate the field area labeled Private Key File Name. Click the Browse button and select Appliance.
Page 137

10
Description
Using the directory browser, navigate to the local file system path where the key file generated in Step 4 of Creating a Request, Key, and Certificate. Highlight the key file and click Select.
11 At the Access Gateway Wizard screen, provide the key file password which was specified on Step 4 of Creating a Request, Key, and Certificate. Ensure that the radio button marked PEM is selected. Click Next to continue.
12 On the Name Service Providers screen, provide the IP address of a DNS server in the Configured DNS Server field. Select DNS in the Name Lookup Priority field. Click Next to continue.
Page 138

13
Description
In the Configure Authentication screen, select LDAP in the Select an authentication type. Specify the following information associated with Active Directory : IP Address Port typically 389 Base DN (i.e. CN=Users, dc=ABC, dc=LOCAL) Administrator Bind DN Administrator Password Confirm Administrator Password Leave all settings unchanged. Click Next to continue. In the Configure Additional Settings screen, ensure that the Configure Authenticate radio button is set to Allow. In the Redirect Requests for Port 80 to a Secure Port area, ensure that the Web Address, specify the address of the Web Interface site for Citrix Access Gateway. ***NOTE*** This Web Interface site has yet to be configured. Specify the full URL and reserve for upcoming steps. Click Next to continue.
14
15 On the Configure clientless access screen, select the mode of clientless access appropriate for this installation. For the purposes of this guide, select use the Access Gateway Plugin and allow access scenario fallback. Leave all other settings unchanged. Click Next to continue.
Page 139

16
Description
Review all items on the Summary page. Click Finish if all settings are appropriate.
17 Allow the setup and configuration of Access Gateway. Once completed, a final summary screen will be presented. If there are no errors, click Finish to exit from the configuration wizard.
Page 140
Creating a Web Interface Site for Access Gateway

Web Interface for Access Gateway Enterprise Edition Screenshot
1 Connect and authenticate to the server selected to run Citrix Web Interface.
Description
**NOTE** If using a service account to configure Citrix Web Interface, ensure that the account possesses elevated privileges. Consult with Active Directory Administrators to ensure compliance with specific enterprise account standards.
2 Launch the Web Interface Management console by navigating to: Start > All Programs > Citrix > Management Consoles > Citrix Web Interface Management
3 From the Web Interface Management Console, right click XenApp Web Site and click Create Site
Page 141

4
Description
In the Specify IIS Location screen, populate the required fields.
5 At the Specify Point of Authentication screen, select At Access Gateway in the drop-down.
6 Provide the Authentication Service URL for the Access Gateway in the required field. Ensure that the Explicit is selected in the Authentication Options.
Page 142

7
Description
Review the Summary screen for the Web Interface site. Click Next to continue.
8 Allow the installation wizard to create the Web Interface site.
9 Once the site has been created, a summary page will be presented. Ensure the checkbox marked Configure this site now is selected.
Page 143

10
Description
On the Specify Initial Configuration screen, provide a unique Farm Name. Click Add.
11 Specify a server that will be in the farm for this Web Interface site. Click OK.
12 Validate that a farm name has been provided and that a server is specified. Click Next to continue.
Page 144

13
Description
Choose a Logon Screen Appearance by selecting the appropriate radio button. Click Next to continue.
14 Select the appropriate radio button for the Published Resource Type. Click Next to continue.
15 Review the summary screen for accuracy. Once all settings have been validated, click Finish.
Page 145

16
Description
Validate that the Web Interface site has been created by looking to see if it appears in the XenApp Web Sites area. Once successful validation has occurred, exit from Web Interface Management Console and logoff the Web Interface server.
Desktop Groups
Desktop Groups are a group of virtual desktops that are either pooled, pre-assigned or assigned on first use. Pooled desktops are used in this guide.
Configuration Desktop Group Creation

XenDesktop Group Creation Screenshot
1 Connect and authenticate to the server selected to run the Desktop Controller.
Description
Page 146

2
Description
Launch Desktop Studio from the Start Menu. Desktop Studio should appear under: Start > All Programs > Citrix > Desktop Studio
3 From Desktop Studio, select Machine Creation setup. Select Machine Creation the center pane of Desktop Studio.
4 In Machine Type, select Pooled. For Machine Assignment, select Random.
Page 147

5
Description
Select the Master Image VM name expansion tree. Click Next to continue.
6 Configure the Site settings as appropriate to this enterprise. Ensure that the correct numbers of VMs are selected and that sufficient resources are available on the vSphere Host to support the desired hardware specifications. Click Next to continue.
7 Select the Active Directory O-U from the expansion tree to create the Virtual Machine Computer accounts. Use the naming masks to input a naming convention for the Virtual Machines.
Page 148

8
Description
Provide a description for this Desktop Catalog. Validate that the Administrators permitted to use this Catalog is correct. Click Next to continue.
9 View the Summary and verify all settings. Provide a Catalog name for this XenDesktop Catalog. Click Finish to allow the wizard to create VM account. Allow the Setup Wizard to Copy the master image and complete the installation process. Once the desktop group creation has completed, the wizard will return to Desktop Studio.
Page 149
Configuration Desktop Group Assignment

XenDesktop Group Assignment Screenshot
1 Ensure that machine creation now states as complete in the center of the screen with the correct number of Virtual Desktops created. In the User Assignment area of Desktop Studio, click Configure to begin the process of assigning users to desktops.
Description
2 In the Create Desktop Group dialogue, select the Catalog from which to provision Virtual Desktops for Assignment. Specify the number of machines by entering the value in Add machines textbox. Click Next to continue.
3 Enter the number of Desktops to be assigned per user and place it in the text box at the bottom of the screen. This setting is specific to this enterprise. Click Add to add users to this Desktop Group. This will bring up the Active Directory user selection screen.
Page 150

4
Description
Select the appropriate groups and users from Active Directory. Click OK when complete.
5 Validate that the settings for users and number of desktop are correct. Click Next to proceed.
6 Ensure delegation settings are set correctly for the administrator of this desktop group. Click Next to proceed.
Page 151

7
Description
Provide a Display Name and Desktop Group Name for the Desktop Catalog. Click Finish to complete the Desktop Assignment.
8 Validate that the User Assignment appears in Desktop Studio. If successful, exit from Desktop Studio by clicking the X in the upper right corner of the Snap-In.
Validation Scenarios
The virtual desktop environment build is complete. The following scenarios highlight internal access to the virtual desktop environment using Merchandising Server, Receiver, and Web Interface. The external access scenario leverages Access Gateway and Receiver.
Internal Access Scenario

Internal Access Validation Screenshot
1 From a workstation within the enterprise network, navigate to the Merchandising Server site.
Description
Page 152

2
Description
From the Merchandising Server, ensure that the checkbox marked I agree to the Terms of Use is selected. Click the Download button.
3 Execute the preconfigured Citrix Receiver to the local filesystem by selecting Run. ***NOTE*** Consult with the enterprise Desktop team prior to installing any software on a Company workstation.
4 Once completed, a Citrix Receiver icon will appear in the system tray.
5 Right click the Citrix Receiver icon and select Check for Updates. Provide the credentials associated with an account with access.
Page 153

6
Description
Allow Plug-Ins to install/update. A success prompt will be presented once completed. Click OK to proceed.
7 From a web browser, navigate to the Web Interface XenDesktop site.
8 If all installation and configuration steps have been performed successfully, a XenDesktop logon site should be presented. Provide a username and password of an account with a Virtual Desktop provided by XenDesktop. Click Log On to continue.
9 Observe if any virtual desktops are available for end-user use. Click the icon representing an assigned virtual desktop to initiate the connection.
Page 154

10
Description
Allow the virtual desktop to fully load.
11 A splash screen will be presented once the virtual desktop has fully loaded. Proceed with general usage of this new virtual desktop.
Page 155
External Access Scenario

External Access Validation Screenshot
1 From a workstation outside of the enterprise network, launch a web browser and navigate to the Citrix Access Gateway virtual server IP address. ***NOTE*** The remote access workstation should already have Citrix Receiver installed as well as the Citrix Access Gateway and Citrix Online Plug-Ins. 2 Present the credentials that are enabled for remote access and click Log On.
Description
3 Upon successful Log On, assigned virtual desktops will be presented. Select an assigned virtual desktop and proceed to Steps 10 and Step 11 in Internal Access Scenario
Page 156
Product Versions
Product XenDesktop VMWare vSphere Version 5.0 / 5.5 5.0
Revision History
Revision 1.0 Change Description Document created Updated By Rich Meesters Architect Date 12/16/2011
About Citrix Citrix Systems, Inc. (NASDAQ:CTXS) is the leading provider of virtualization, networking and software as a service technologies for more than 230,000 organizations worldwide. Its Citrix Delivery Center, Citrix Cloud Center (C3) and Citrix Online Services product families radically simplify computing for millions of users, delivering applications as an on-demand service to any user, in any location on any device. Citrix customers include the worlds largest Internet companies, 99 percent of Fortune Global 500 enterprises, and hundreds of thousands of small businesses and prosumers worldwide. Citrix partners with over 10,000 companies worldwide in more than 100 countries. Founded in 1989, annual revenue in 2010 was $1.9 billion.
2011 Citrix Systems, Inc. All rights reserved. Citrix, Access Gateway, Branch Repeater, Citrix Repeater, HDX, XenServer, XenApp, XenDesktop and Citrix Delivery Center are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners.
Page 157

XenDesktop Deployment Guide With Vsphere

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

XenDesktop Deployment Guide With Vsphere

Hochgeladen von

Copyright:

Verfügbare Formate

Consulting Solutions | WHITE PAPER | Citrix XenDesktop

XenDesktop Implementation Guide with vSphere 5

Citrix Licensing ................................................................................................................................................15

Citrix XenDesktop Desktop Controller .......................................................................................................24

Citrix Web Interface ........................................................................................................................................45

Citrix Merchandising Server ...........................................................................................................................58

Pooled Desktop Image....................................................................................................................................75

Citrix Profile Management .............................................................................................................................82

Citrix Access Gateway Enterprise Edition ................................................................................................ 119

Desktop Groups ........................................................................................................................................... 146

Validation Scenarios ..................................................................................................................................... 152

Figure 1: Architecture utilizing using Machine Creation Services

Pre-requisites SQL Database

8 Allow the installation of Support Files to proceed to completion.

Citrix Licensing Prerequisites

Citrix Licensing Prerequisites

Citrix Licensing Prerequisites

Installation - Citrix Licensing 11.9

Installing Citrix License Server 11.9 Screenshot

5 Allow the installation to proceed to completion.

Installing Citrix License Server 11.9 Screenshot

Configuration - Citrix Licensing 11.9

Configuring Citrix License Server 11.9 Screenshot

Configuring Citrix License Server 11.9 Screenshot

Citrix XenDesktop Desktop Controller

Pre-requisites XenDesktop Controller

XenDesktop Controller Pre-requisites Screenshot

XenDesktop Controller Pre-requisites Screenshot

5 Agree to the screen that introduces IIS by selecting Next.

XenDesktop Controller Pre-requisites Screenshot

7 Confirm installation selections by selecting Install at the prompt.

XenDesktop Controller Pre-requisites Screenshot

XenDesktop Controller Pre-requisites Screenshot

In the Certificate dialog, click Install Certificate.

XenDesktop Controller Pre-requisites Screenshot

Select Place all certificates in the following store. Click Browse.

XenDesktop Controller Pre-requisites Screenshot

For 3rd Party Certificates:

Verify correct certificate store, and click Next.

XenDesktop Controller Pre-requisites Screenshot

Installation XenDesktop Controller

2 Select Install XenDesktop.

Installing a XenDesktop Controller Screenshot

Installing a XenDesktop Controller Screenshot

9 Select Install XenDesktop.

Installing a XenDesktop Controller Screenshot

Installing a XenDesktop Controller Screenshot

Configuration Creating a XenDesktop Site

Creating a XenDesktop Site Screenshot

Creating a XenDesktop Site Screenshot

Creating a XenDesktop Site Screenshot

Creating a XenDesktop Site Screenshot

Creating a XenDesktop Site Screenshot

Creating a XenDesktop Site Screenshot

Citrix Web Interface

Web Interface Pre-requisites Screenshot

5 Agree to the screen that introduces IIS by selecting Next.

Web Interface Pre-requisites Screenshot

7 Confirm the installation selections by selecting Install at the prompt.

Web Interface Pre-requisites Screenshot

Web Interface Pre-requisites Screenshot

13 Allow the wizard to install files related to the software.

Web Interface Pre-requisites Screenshot