Skip to content

Citrix XenDesktop / XenApp 7.x PowerShell Documentation Script

Hi everyone,

I think you all know the absolute fantastic PowerShell Documentation Scripts for Citrix XenApp (up to 6.5) and PVS created by Carl Webster. With these scripts it’s absolutely easy to create a Documentation of a XenApp- or PVS-Farm. Unfortunately Carl didn’t create (or release) a documentation script for XenDesktop / XenApp 7.x yet, so I decided to create my own script. It’s not comparable (and actually that’s not my intention) to Carls scripts but documents the following things (in a more basic way):

  • General Site Informations
  • Logging Settings
  • Licensing
  • Controllers
  • Databases
  • Administrators
  • Machine Catalogs
  • Applications
  • Storefront Servers (not the StoreFront Servers)
  • App-V Server

The following main things are missing:

  • Policies
  • Hosting

The script is divided into two files:
jhmeier-xd7-xa-7.x-documentation-v03.ps1
en-US.xml

The first file is the script himself, while the second file is for an easy modification of the script-output for other languages.

Script Usage

To use the scripts a few prerequisites must be fulfilled:

  • XenDesktop / XenApp PowerShell Extensions
  • Microsoft Word
  • XenDesktop / XenApp Admin Account (with at least Read privileges)
  • PowerShell Execution Policy
  • The script and the language file need to be in the same location.

That should it be – just execute the script. The script starts and creates an (invisible) Word-Document in the background. When it’s finished it saves the document with the name XD-XA-SITE-NAME.docx in the script folder.

Parameters

The script supports (but doesn’t need) the following parameters:
-TextLanguage en-US
If you don’t want to have an output in the default language (English) you need to define the wanted language. Attention: Therefore you need a separate language xml file – see Language Files.
-DeliveryControllerAddress DeliveryControllerFQDN
If you run the script without this parameter it tries to connect to localhost – but if that’s not a Delivery Controller you need to specify it

Language Files

If you run the script – without creating a language specific xml file – the output looks like this:
Description: Description in the System language
If that’s ok for you – you have nothing to do – but if you prefer a complete output in your language like (in German):
Beschreibung: Beschreibung in Deutsch
you need to copy the file en-US.xml and rename it to e.g. de-DE.xml. After that open the new file with an editor of your choice. You now find a lot of entries which look like the following:
<Description>Description</Description>
Now you need to translate the middle for every necessary line so that it looks like this:
<Description>Beschreibung</Description>

License

The script is published under the GPL.

Download

jhmeier-xd-xa-7.x-documentation-v03.zip

Feedback

Any feedback would be really welcome – if you have something to make the script better or have any questions – feel free to contact me.

That’s it – hopefully the script is useful for some of you.

Upgrading the Nvidia Grid Card Firmware

During the last days I was able to start some testings of the new XenServer vGPU feature – thanks to my colleague Benny Tritsch for allowing me to use his Test-System with a Nvidia Grid K2 Graphics Card. During my tests I had some problems so we decided to upgrade the Firmware – well but the description of the update process looks like:

1. Create Bootable USB-Stick with Linux
2. Copy Firmware to USB stick
3. Boot from USB stick and open the update file

As you can see it’s a realy short description. Furthermore I had some problems during the update process – so I would like to share with you how I was able to upgrade the Firmware:

1. Download the Universal-USB-Installer
2. Download the Ubuntu Desktop Version (I used 12.04.4)
3. Open the Universal-USB-Installer and agree to the license
2014-02-21 08_39_17-Universal USB Installer 1.9.5.2 Setup

4. Choos Ubuntu as the Linux distribution, the downloaded iso and the USB-Stick to be used for creating the bootable USB stick
WARNING: All data on the USB stick will be removed!
2014-02-21 11_06_43-Universal USB Installer 1.9.5.2 Setup

5. After starting the USB installation with “Create” you need to confirm the start.
2014-02-21 11_06_54-Muster-DB01 on W2012-LENOVO - Virtual Machine Connection

6. When everything is done you can see the following message:
2014-02-21 11_46_25-Universal USB Installer 1.9.5.2 Setup

7. Now you need to copy the Firmware Files to a second USB stick. You should have two files – one named gridpro-update_R1.0.run and the other one named gridpro-update-auto_R1.0.run.
[Update]
You can also copy the files to the root directory of the first USB stick. Then they will be available on /cdrom after booting”. Thanks to @shawnbass
[/Update]
8. The next step is to boot server (which contains the Grid Card) from the just created USB stick. You don’t need to install Ubuntu – so choose "Try Ubuntu” to start Ubuntu directly from the stick.
2014-02-20 07_47_26-DVI2USB Solo [D3U51862]  - 1440x900 60.2 Hz 

9. After Ubuntu is started you attach the second USB stick and copy the Firmware files to Documents.
2014-02-20 08_34_10-DVI2USB Solo [D3U51862]  - 1440x900 60.2 Hz

10. Open the properties of both files and change all “Access” types to “Read and write”. Furthermore activate “Allow executing files as a program”.
2014-02-20 08_44_04-DVI2USB Solo [D3U51862]  - 1440x900 60.2 Hz

11. Time to switch to the console – press the upper left icon and enter “Ter” to find the “Terminal”.
2014-02-20 08_16_36-DVI2USB Solo [D3U51862]  - 1440x900 60.2 Hz

12. Inside the Terminal you first switch to the root account (sudo su) and then you open the folder Documents (cd Documents). To start the update you enter “./gridpro-update_R1.0.run” (without quotation marks). Alternatively you can enter “./gridpro-update-auto_R1.0.run”. The second one runs an autoupdate without userinteraction while the first asks you for every update if you would like to install the update.
2014-02-20 08_45_11-DVI2USB Solo [D3U51862]  - 1440x900 60.2 Hz

13. If you didn’t choose the Auto-Update-Version confirm the updates (dependen on the installed version it’s possible that you are asked more than once) with “y”.2014-02-20 08_45_31-DVI2USB Solo [D3U51862]  - 1440x900 60.2 Hz

14. After all updates are installed the following message is displayed:
Update successful.
No more matches found.

2014-02-20 08_47_58-DVI2USB Solo [D3U51862]  - 1440x900 60.2 Hz

15. That’s it – shut down Ubuntu – remove the USB sticks and start your normal OS.

PS:
Until now I only found the Firmware Updates on the IBM-Website….

Citrix Receiver: The configuration manager cannot be initialized

Today I would like to describe you an interesting problem I had during my last receiver deployments. The start of the installation always failed with the message:

The configuration manager cannot be initialized.

2014-02-12 22_02_41-win7-en on W2012-LENOVO - Virtual Machine Connection

After removing all old Receiver Installations the error still occurred. I cleaned up the registry and file system and removed everything which contained Citrix – but still the same error.
The next step was to use the Citrix Receiver Clean-Up Utility (CTX137494) – normally this tool removes everything related to old Receiver or Online Plugin Versions. But this time this didn’t fix the problem – after using the tool the same error was displayed like before. Time for a more intensive debug and check with procmon which files and registry keys are accessed during the setup start. And there it was – the setup tried to access the following registry key:

HKEY_CLASSES_ROOT\Installer\UpgradeCodes\9B123F490B54521479D0EDD389BCACC1

2014-02-12 22_01_03-win7-en on W2012-LENOVO - Virtual Machine Connection

I removed the complete registry key and tried again to install the receiver – this time the setup started without any error messages and I was able to install the receiver.

2014-02-12 22_14_37-win7-en on W2012-LENOVO - Virtual Machine Connection

(Initial) StoreFront Configuration Replication Fails with error 31

In one of my last projects I had an interesting problem with Storefront. Neither the initial configuration replication nor following ones worked. 2014-01-10 09_51_04-storefront01 (24.4.21) on W2012-LENOVO - Virtual Machine Connection

On the first StoreFront Server the following error was logged:

Log Name:      Citrix Delivery Services
Source:        Citrix Configuration Replication Service
Event ID:      31

An error has occured during the all server configuration update process.
Citrix.DeliveryServices.ConfigurationReplication.Exceptions.ServerUpdateConfigurationException, Citrix.DeliveryServices.ConfigurationReplication, Version=2.4.0.0, Culture=neutral, PublicKeyToken=e8b77d454fa2a856
An error occured running the command: ‘Add-DSFeatureInstances’
RemoteEndpoint: net.tcp://storefront02/Citrix/ConfigurationReplication

2014-01-10 09_51_27-storefront01 (24.4.21) on W2012-LENOVO - Virtual Machine Connection

On the second Server I found the following three errors:

Log Name:      Citrix Delivery Services
Source:        Citrix Configuration Replication Service
Event ID:      1

An error occured running the command: ‘Add-DSFeatureInstances’
Exception of type ‘Citrix.DeliveryServices.Framework.Web.Deployment.Exceptions.WebApplicationAlreadyExists’ was thrown.
Citrix.DeliveryServices.PowerShell.Command.Runner.Exceptions.PowerShellExecutionException, Citrix.DeliveryServices.PowerShell.Command.Runner, Version=2.4.0.0, Culture=neutral, PublicKeyToken=e8b77d454fa2a856
An error occured running the command: ‘Add-DSFeatureInstances’

2014-01-10 09_52_37-storefront02 (24.4.22) on W2012-LENOVO - Virtual Machine Connection

Log Name:      Citrix Delivery Services
Source:        Citrix Configuration Replication Service
Event ID:      12

Failure to notify of configuration update.
Citrix.DeliveryServices.PowerShell.Command.Runner.Exceptions.PowerShellExecutionException, Citrix.DeliveryServices.PowerShell.Command.Runner, Version=2.4.0.0, Culture=neutral, PublicKeyToken=e8b77d454fa2a856
An error occured running the command: ‘Add-DSFeatureInstances’
   at Citrix.DeliveryServices.PowerShell.Command.Runner.PowerShellCommandRunner.RunCommand(IPowerShellCommand command)
   at Citrix.DeliveryServices.ConfigurationReplication.PowerShell.ConfigurationWriterBL.AddFeatureInstances(List`1 instancesToCreate, List`1 featureClasses)
   at Citrix.DeliveryServices.ConfigurationReplication.BL.Synchronisation.ConfigurationSync.SynchroniseInstances(FeatureInstancesInfo instances)
   at Citrix.DeliveryServices.ConfigurationReplication.BL.Synchronisation.ConfigurationSyncController.Update(Guid primarySynchronisationLevel)
   at Citrix.DeliveryServices.ConfigurationReplication.BL.Synchronisation.ConfigurationSyncController.UpdateHostConfiguration(Guid synchronisationLevel, IConfigurationSync sync, IConfigurationReplication proxy, IPersistServiceState store)
   at Citrix.DeliveryServices.ConfigurationReplication.BL.Synchronisation.ConfigurationSyncController.UpdateHostConfiguration(Guid synchronisationLevel, String proxyEndpoint)
   at Citrix.DeliveryServices.ConfigurationReplication.WCF.ConfigurationReplication.<>c__DisplayClass3.<BeginUpdateConfiguration>b__1(Object asr)

2014-01-10 09_53_19-storefront02 (24.4.22) on W2012-LENOVO - Virtual Machine Connection

Log Name:      Citrix Delivery Services
Source:        Citrix Configuration Replication Service
Date:          10.01.2014 09:50:53
Event ID:      19

Failed to get the end status of the sever configuration update.
System.ServiceModel.FaultException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
An error occured running the command: ‘Add-DSFeatureInstances’
   at Citrix.DeliveryServices.ConfigurationReplication.WCF.ConfigurationReplication.EndUpdateConfiguration(IAsyncResult asyncResult)

2014-01-10 09_53_57-storefront02 (24.4.22) on W2012-LENOVO - Virtual Machine Connection

If you google for problems like these you find hints like:

  1. Delete some specific files on the secondary StoreFront Server and synchronize again
  2. Remove StoreFront from the secondary StoreFront Server – don’t forget do manually delete C:\inetpub\wwwroot\Citrix and C:\ProgramFiles\Citrix\Receiver StoreFront – Remove second StoreFront Server from StoreFront Group – Reinstall second StoreFront Server and join again
  3. Uninstall StoreFront on both Servers – remove folders mentioned in two – reinstall StoreFront and create a new StoreFront Group

None of them worked for us – but if you read the first Event on the secondary StoreFront Server carefully you already get a got hint why the replication fails:

‘Citrix.DeliveryServices.Framework.Web.Deployment.Exceptions.WebApplicationAlreadyExists’

Though we also checked the StoreFront Log-Files in C:\ProgramFiles\Citrix\Receiver StoreFront\Admin\logs and then we found an interesting entry in the file Add-DSWebReceiver :

There is already a web app at 1 /Citrix/StoreWeb
WebReceiverInstance:Deploy failed due to exception: Citrix.DeliveryServices.Framework.Web.Deployment.Exceptions.WebApplicationAlreadyExists: Exception of type ‘Citrix.DeliveryServices.Framework.Web.Deployment.Exceptions.WebApplicationAlreadyExists’ was thrown.

Ok – we removed StoreFront (on the second Server) again completely (with all files) and opened the IIS-Management-Console:
2014-01-10 10_00_41-storefront02 (24.4.22) on W2012-LENOVO - Virtual Machine Connection
What’s that? StoreFront is removed but there’s still a “StoreWeb” available? After checking the file-system – there was no StoreWeb availble – we removed the folder in the IIS console.

After reinstalling StoreFront and joining to the StoreFront Group the configuration synchronization worked without any problems.
2014-01-10 10_00_59-storefront01 (24.4.21) on W2012-LENOVO - Virtual Machine Connection

Hope this helps some of you if you have problems with your StoreFront synchronization.

Just one more hint at the end – StoreFront also supports a more intensive verbose logging. The usage is described in CTX139592.

Citrix WorxMail (iOS) connection fails with SLL Error

In one of my Citrix XenMobile implementations I had an interesting problem with WorxMail for iOS. If we tried to connect WorxMail to the internal Exchange Servers we always received the error:

Not trusted SSL Certificate.
not trusted

We started to check the connections but everything was working fine. Also we didn’t have any problem with WorxMail for Android. For the connection we used the STA-Method and not a Micro VPN. After checking everything deeper we found that WorxMail still was initiating a direct connection to the internal Exchange-Server through the NetScaler Gateway. Of course the internal servers used a certificate from the internal Root-Ca. After importing the Root-CA-Certificate into our iOS-Devices everything was working fine.

Actually that was not really a solution for us – deploying the internal Root-CA-Certificate to BYOD devices would have been a lot of work (people with BYOD devices don’t want to connect their device to the companies owned MDM-Solution for an automatic deployment). We started to look for other solutions and luckily Citrix just published the new WorxMail Version 1.3. After importing this version into the AppController a new Application Policy was available:
Accept all SSL certificates

image

After activating the policy and deploying the new WorxMail Version connections to our internal Exchange Servers worked without any problems (and of course without deploying the internal Root-CA-Certificate).

Citrix Receiver Single-Sign-On (Pass-through Authentication) does not work with StoreFront

During the last weeks I did a lot of testing with Citrix XenDesktop 7. There was one thing which was quite hard to figure out why it wasn’t working:

A connection from Citrix Receiver 4.X to StoreFront always failed while I was using the Domain-Credentials (or Domain-Pass-through). No Single-Sign-On (SSON) – even for the configuration of the store – was possible. I was only able to connect the Receiver to StoreFront using the Authentication-Methods “Username and Password” or “Smartcard”. If I tried to configure a Store I always received the message “Select an account to continue”.
2013-09-29 15_04_29-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection
The problem with this message was that I didn’t receive a Dialog to choose a Store…
After a lot of testing’s I found the necessary steps so that SSON was working.

1. Open a command prompt and start the Receiver Installation with the argument /includeSSON
2013-09-29 14_59_45-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection
Without this option the necessary SSON Components are not installed.

2. At the end of the installation don’t choose “Add Account” – SSON is not yet working.
2013-09-29 15_02_16-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection

3. Open “Internet Options” in Internet Explorer an switch to Security.
2013-09-29 15_05_01-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection
Choose “Trusted Sites”, “Sites” and add the StoreFront FQDN (beginning with https://)
2013-09-29 15_05_21-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection
After adding the StoreFront-Address to the "Trusted Sites” open “Custom Level” to change the “Security Settings”. Scroll down to “Authentication” and activate“Automatic logon with current user name and password”,
2013-09-29 15_05_47-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection

[EDIT]
Instead of adding the StoreFront-Adress to the Trusted Sites you can also add it to the “Local Intranet” Zone –than you don’t need to edit the Security Settings. Thanks to Neal Dolson (@ndolson816) for the tip.
[/EDIT]

4. Now you have to logout and login again – otherwise the necessary ssonsvr process is not started. After login open the Task Manager and check if the ssonsvr.exe is running.
2013-09-29 15_03_04-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection

5. That’s it – you can now configure your Store and connect to the store using Domain Pass-through,

If it’s still not working you can configure a Group Policy to activate SSON on your clients. Create a new Policy and add the adm file icaclient.adm. You can find the file on a client with an installed receiver in the folder “C:\Program Files\Citrix\ICA Client\Configuration” or “C:\Program Files (x86(\Citrix\ICA Client\Configuration” on 64Bit systems.

Navigate to “Computer Configuration, Policies, Classic Administrative Templates (ADM), Citrix Components, Citrix Receiver. User Authentication
2013-09-29 20_37_05-dc01 (24.1.1) on W2012-LENOVO - Virtual Machine Connection

Enable “Local user name and password” with “Enable pass-through authentication” and “Allow pass-through authentication for all ICA connections” activated.
2013-09-29 20_39_37-dc01 (24.1.1) on W2012-LENOVO - Virtual Machine Connection

Link the group policy to your client OU and reboot your clients to apply it. That’s it.

SSONSVR is not starting

If the ssonsvr process is not starting you have to check the network provider order. Open the registry and navigate to
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
Edit “ProviderOrder” and make sure that “PnSson” is the first entry.
2013-09-29 15_03_49-Muster-Client04 on W2012-LENOVO - Virtual Machine Connection
Reboot your system – after login the process is started.

Published Desktop shows logon screen or connection is directly closed

Another problem that might happen is that a pass-through login to Citrix Receiver is working – but after starting a published desktop the logon screen appears or the connection is directly closed. Furthermore you may find the following error in the event-log:
Source: ICA Service
ID: 34
Description: ICA connection is cancelled because auto-logon is enforced and auto-logon failed.

To fix this you have to add another setting in the above created GPO. Open “…,Citrix Receiver, User Authentication” and enable “Kerberos authentication”.
richtlinie - kerberos
Wait until your clients applied the updated GPO (or do a “gpupdate /force”) – starting a published desktop now works without pass-through authentication.

Mapping of a printer from a Citrix Universal Printer fails

In one of our customer environments I found a really interesting error – the mapping of a printer from a Citrix Universal Print Server failed if we tried to use the Citrix Universal Printer Driver in XenApp. We always received the error message “It was not possible to create a connection to the printer. Check the printer name….” and so on.

First of all we checked if the Universal Print Server client and the necessary Rollup Pack 1 was installed:
ts03-software - Copy

Now we started to check if the necessary Citrix policies have been activated:
Computer: Printer => Universal Print Server => “Universal Print Server enable”
User: Printing => Drivers => Universal Printer driver usage
Both policies had been configured correctly.

Ok – time to check the registry:
image
The Universal Printer Driver was enabled with no fallback to a native Windows driver.

image 
Although the “Universal Printer Client” was the first print provider.

image 
And (of course) the filename of the provider module was correct….

Well – ok – let’s check if the Print Spooler loaded and uses the UPS module:
tasklist /m /fi “imagename eq spoolsv.exe”
image
Loaded and available.

Everything seemed to be correct and working – but printer mappings still failed.

After searching more and more into different directions (not worth to mention here) we found the problem – the customer has a big active directory and his users are member of many security groups. And this caused the problem. In CTX134758 you can find a solution for this. You have to modify the Apache webserver configuration on the Universal Print Server to accept bigger Kerberos tickets.

Open “C:\Program Files\Citrix\XTE\conf\httpd.conf”
Add the following line:
LimitRequestFieldSize 65535
It’s extremely important that you add this line either directly as a first line – or at the end of the file – otherwise it’s not going to work. And don’t choose a higher value Zwinkerndes Smiley
Save the file and restart the UPS-Server-Service.

That’s it – now mapping of printers using the “Universal Printer Driver” from a “Universal Print Server” shouldn’t fail any longer.

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: