1Y0-A19 Citrix XenDesktop 5 Study Guide

Configuring a XenDesktop Environment

For pooled machine catalogs, maintain users' desktops by applying global updates, such as Windows updates, antivirus software updates, or configuration changes, to the master VM and modifying the catalog to use the updated master VM so that users receive the updated desktop the next time they log on. This approach enables you to make significant changes to users' desktops, including upgrading to a new operating system, for large numbers of users in a matter of minutes.

The HDX Multimedia for Flash (server side) section contains policy settings for handling Flash content on session hosts. The setting is: Flash quality adjustment.

The HDX MediaStream for Flash (client side) section contains policy settings for handling Flash content in user sessions. The settings include: Flash acceleration, Flash event logging, Flash latency threshold, Flash server-side content fetching whitelist and Flash URL blacklist.

When implementing HDX MediaStream Flash Redirection, Adobe Flash Player must be installed on the user device so that Flash content can be redirected to the user device to free up resources on the XenApp server.

The "Client clipboard redirection" setting allows or prevents the Clipboard on the user device to be mapped to the Clipboard on the server. To prevent cut-and-paste data transfer between a session and the local clipboard, select "Prohibit". Users can still cut and paste data between applications running in sessions.

By setting up a XenApp Services site, users access applications, virtual desktops, and online content by clicking icons on their desktop or the Start menu, or by clicking in the notification area of their computer desktop.

By setting up a XenApp Web site, you can provide users with a Web site to which they can log on using a Web browser. Once authenticated, users can access online resources and offline applications using a Citrix client.

Desktop Director provides a detailed and intuitive overview of XenDesktop environments. It enables support and helpdesk teams to quickly and seamlessly perform crucial support tasks. It provides a dashboard that crisply summarizes real-time machine issues, usage metrics, and host and controller health information for your XenDesktop environment.

From Desktop Director, you can manage from user session and machine management features such as log off or disconnect user sessions, start, stop, suspend, and resume machines, enable or disable maintenance mode, assign machines to users, and start a Microsoft Remote Assistance session.

A buffer is an extra, standby set of unallocated machines that are turned on, ready for users to connect. For shared desktop groups and unallocated machines in private desktop groups, desktops in the buffer are turned on when the number of machines in the pool drops below the threshold set by the buffer size. This is a percentage of the desktop group size. The default is 10%.

An example for calculating the number of desktops that will be in standby mode with the default buffer setting of 10%: A desktop group contains 250 desktops. 120 of the desktops are in use by users. If power management is left at the default buffer setting, 25 desktops are on standby. Add the 120 desktops that are in use to the 25 that are in standby and that makes 145 desktops, leaving 105 that are not in standby or in use.

Using power state times, you can configure desktops to suspend after users have disconnected for a defined time. The time can be configured separately for weekdays and weekends, and for peak and off-peak periods.

When configuring power state timers, to have desktops shut down rather than suspend, you must use the SDK. The same holds true if you want the timers to be based on logoffs, rather than disconnections.

While creating a master image for deployment to target devices, install any third-party tools that you want to run on users' desktops. This holds true especially if the tools have a small enough footprint and are easy enough to manage that there is no need to run it from a XenApp environment.

To assign vDisks to target devices: In the collection folder where the target device is a member in the Console tree, right-click on the desired target device and select Properties. In Properties on the General tab, select from the "Boot from" options. From there you can assign the vDisk to the target device. Use the Console to select either Private Image or Standard Image for the vDisk.

Pooled machines can be imported into a catalog and are arbitrarily allocated to users when they log on.

Pooled-random machines are temporarily assigned to users. Pooled-static machines are permanently assigned to users.

Dedicated machines are individually assigned to users.

To load balance Web Interface sites, share the master site's configuration, set up appropriate file sharing permissions to allow access over the network to the configuration file. Change the setting of the ConfigurationLocation parameter to specify the absolute network path to the master site’s configuration file in the bootstrap.conf file in the sites that will obtain its configuration from the shared configuration file.

To create a catalog using existing machines, you need VMs or dedicated blade PCs hosting user desktops that you have already migrated to the data center and Active Directory user and computer accounts to assign to the VMs or blade PCs.

To create a catalog with pooled or dedicated machines, you need a host with sufficient resources to accommodate the number of machines you plan to create, a master VM from which to create the desktops, and either a sufficient number of unused Active Directory computer accounts for the machines you plan to create or access to an Active Directory domain administrator account for the domain of which you want the desktops to be members.

To create a catalog of streamed machines, you need A Provisioning services deployment with a vDisk that you have imaged from the master target device, device collections configured to load the vDisk over the network and Active Directory computer accounts managed by Provisioning services for each target device in the device collections.

Provisioning Server optimizes XenApp application delivery with benefits such as adding new XenApp servers to a farm in a matter of minutes, guaranteeing server consistency across similar XenApp workloads and being able to quickly rollout changes to an entire farm.

When preparing a master virtual machine for streamed machines, prepare a master target device from which to image the vDisk in Provisioning services. Install an operating system, drivers, service pack updates, the Virtual Desktop Agent and Provisioning Services target device software. If applications will be accessed from XenApp, install the appropriate plug-in.

XenDesktop 5 Quick Deploy is the fastest way to deploy a fully functional XenDesktop installation. You specify a master VM and select some users and Quick Deploy creates virtual desktops, makes them available for the users and shows you how to access your desktops.

Master Target Device Installation Wizard installs the target device software on a Master Target Device. The Master Target Device is used to create the golden image, which is then saved to a vDisk file using the Imaging Wizard.

Provisioning services target device software must be installed on a master virtual machine that will be delivered via a Provisioning Server.

Citrix EdgeSight is a performance and availability management solution for that monitors applications, devices, sessions, license usage, and the network in real time, allowing users to quickly analyze, resolve, and proactively prevent problems. EdgeSight for XenApp Agent monitors the performance of XenApp and Presentation Server systems.

 

Managing a XenDesktop Environment

To only allow users to access their client’s default printer during sessions, be sure that “Client printer redirection” is enabled after enabling the setting “Auto-create the client’s default printer only”.

“Client printer redirection” allows client printers to be mapped to a server when the user logs on to a session. It is enabled by default, so unless it’s been disabled by someone, it will already be active.

Putting a connection into maintenance mode prevents any new power action affecting any machine stored on hosts accessed through this connection. No user can connect to a machine in this state. If a user is already connected, maintenance mode takes effect as soon as they log off. You can then perform administrative tasks on the associated image, such as applying patches and upgrades using your image management tools.

XenDesktop 5 relies upon the Virtual Desktop Agent on each on each virtual desktop to be in communication with one of the controllers in the XenDesktop site. This state is referred to as the Virtual Desktop Agent being registered with a controller. If communication fails for any reason, the Virtual Desktop Agent is said to be unregistered. When the Virtual Desktop Agent is unregistered, it is not possible for a user to connect to the virtual desktop.

To enable logging on a Virtual Desktop Agent, edit the <appSettings> section of the WorkstationAgent.exe.config file.

To enable logging on a Controller, edit the <appSettings> section of the CdsController.exe.config file and the <appSettings> section of the CdsPoolMgr.exe.config file.

To enable USB support in a XenDesktop 5 environment, enable the USB policy rule, which is in the USB Devices Policy Settings section of the ICA Policy Settings, and enable USB support when on the client on the user device.

Isochronous USB devices are supported in low latency, high speed LAN environments.

"Client fixed drives" allows or prevents users from accessing or saving files to fixed drives on the user device. When allowing this setting, make sure the "Client drive redirection" setting is enabled.

To ensure drives are automatically connected when users log on, configure the "Auto connect client drives setting".

Enabling "Preserve client drive letters" allows mapping of client drives to have the same drive letter while in a session as when disconnected from a session. “Client drive redirection” must be enabled for each of this policy settings to work.

A rollback file can be used to revert an updated image back to the original image. The rollback file is created in a sub-folder of the vDisks folder of the modified vDisk called 'rollback'. Copy the rollback file to the updates folder and use the "Schedule Automatic Disk Updates" option. Select "Check for incremental updates" to apply the rollback file to the correct vDisk file.

To reallocate individual desktops, in Desktop Studio, find the desktop in the desktop group and click "View machines". Select the desktop and click "Change user". Add and remove users as required.

To view the percentage of machines to which user sessions are connected, in Desktop Director, in the Usage panel, click a desktop group name to go to the Desktop Group Details page with a view filtered for the desktop group.

If all of the desktops in a desktop group must be put in maintenance mode, in Desktop Studio, select the desktop group and click "Enable maintenance mode".

To allow Windows XP users to see their local time you need to give them rights to change the time on the system on which the desktop is running. To do this, set up a Group Policy with rights given to non-privileged users to change system time settings. Also, change the time zone registry area on the desktops. After you do this, users who connect to Windows XP desktops see their local time zone reflected in the desktop.

In Active Directory environments, the Citrix policy takes precedence over the local policy on the server in the event policy settings conflict and the Active Directory GPO policy takes precedence over the Citrix policy.

In a XenDesktop 5 environment, it's possible to manage Citrix policies with Desktop Studio or with the Group Policy Editor in the Citrix Policies node.

The Machine administrator owns the catalogs and is responsible for building the virtual desktops. The machine administrator can specify which assignment administrators can consume the images created. This administrator can also see other aspects of the XenDesktop site.

To automatically update a vDisk, enable automatic updates on the original vDisk image file, make a copy of the original vDisk to use to update another vDisk, add the new vDisk file to the database, change the disk access mode to private, assign the new vDisk, boot the target device from the new vDisk, add software or data files to the vDisk, change the vDisk access mode of the new vDisk to that of the original vDisk image, increment the version number and update the vDisk.

A user can be assigned multiple desktops, but if the “Concurrent logon limit” policy doesn’t allow that many sessions, the user will not be able to connect to all of the desktops he is assigned.

Policies are sorted into priority order, with the higher priority taking affect when users are assigned conflicting policies.

 

Troubleshooting

If a Virtual Desktop Agent is not registering with the Controller, check on each of the following until the problem is found: The virtual desktop might not be added to the correct site; DNS might not be properly configured; Time synchronization might not be properly configured; Multiple network adapters on the virtual desktop might be causing problems; The virtual desktop might not have a Service Principal Name (SPN) assigned to it; It might appear that the virtual desktop or Controller is part of a domain when it is not.

The Virtual Desktop Agent logs problems with registration in Event Log, therefore entries in the Event Log will give evidence of an unregistered Virtual Desktop Agent. If the virtual desktop in question has been added to a desktop group in your XenDesktop site, evidence will also be seen in the administration consoles, such as Desktop Director.

When TCP Large Send Offload is enabled on the target device network interface card, it can cause slow performance and excessive retries from the target device. TCP Large Send Offload allows the AIX TCP layer to build a TCP message up to 64 KB long and send it in one call down the stack through IP and the Ethernet device driver. The adapter then re-segments the message into multiple TCP frames to transmit on the wire which causes latency and  time-outs in the Provisioning Server.

If TCP Large Send Offload can’t be disabled on the NIC, it must be disabled in the registry. Edit the DisableTaskOffload key with the value of “1” on both the target device and Provisioning Server. Edit the EnableOffload key with the value of “0” on the target device only.

To create virtual machines, the Machine Identity Service is needed to manage the storage of the virtual machines, the Host Service is needed to manage the host connection that is selected during virtual machine creation, and of course, the Machine Creation Service is needed to create new virtual machines.

Active Directory is used to discover and authorize controllers and virtual machines. The AD Identity Service manages Active Directory computer accounts. If this service isn’t running, the Controller and virtual machine wouldn’t be authorized to make a connection to the target device.

Among many other tasks, the XDPing tool can check the time synchronization between the Virtual Desktop Agent and the client, perform DNS lookup and reverse lookup on the device, and check that the Virtual Desktop Agent’s firewall is configured correctly.

The Stream Service is the service that is used to stream vDisks to target devices. If the Stream Service is stopped, a starting target device will not be able to connect to the Provisioning Server and will become unresponsive with the “Connecting to Provisioning services. Please wait…” message.

If one of multiple controllers goes offline in an Active Directory-Based Controller discovery environment, the Virtual Desktop Agents will use Active Directory to connect to another controller and there will be no noticeable effects.

Before creating new virtual machines, ensure that the virtualization infrastructure hosting the master VM specified for the catalog has sufficient processors, memory, and storage to accommodate the additional machines you plan to create. If you don't have a sufficient number of unused Active Directory computer accounts for the machines you plan to create, you have an opportunity to create the Active Directory computer accounts during virtual machine creation.