Tag Archives: AppDisks

Understanding What’s New with the latest XenApp & XenDesktop 7.15 LTSR

The following content is a brief and unofficial prerequisites guide to setup, configure and test accessing secure by design virtual apps and desktops powered by XenApp & XenDesktop 7.15 prior to deploying a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessarily conform to industry descriptions or leading best practises. The views expressed here are my own and do not necessarily reflect the views of Citrix.

Shortened Names
WEB INTERFACE – wif
LONG TERM SERVICE RELEASE – ltsr
CURRENT RELEASE – cr
FEDERATED AUTHENTICATION SERVICE – fas
SECURITY ASSERTION MARKUP LANGUAGE – saml
IDENTITY PROVIDER – idp
NETSCALER UNIFIED GATEWAY – nug
XENAPP – xa
PROVISIONING SERVICES – pvs
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
STOREFRONT – sf

What is the difference between LTSR vs. CR for XenApp & XenDesktop 7.x?
The Long Term Service Release (LTSR) program for XenApp and XenDesktop provides stability and long-term support for XenApp/XenDesktop releases while the Current Release (CR) provides customers with the very latest version of XenApp and XenDesktop which includes the latest innovations e.g EDT v2

XenApp & XenDesktop 7.15 LTSR Feature Summary Comparison with 7.6 LTSR
The following is a simple one PDF page document that lists all the feature capabilities from initial first LTSR which was XenApp & XenDesktop 7.6 Feature Pack (FP) 1-3 through to the current LTSR XAD 7.15 including the CR releases in-between so its absolutely worth booking marking in your browser or better yet download it to keep it to hand for customer conversations – https://www.citrix.com/content/dam/citrix/en_us/documents/data-sheet/xenapp-xendesktop-715-ltsr-feature-summary-comparison-to-76-ltsr.pdf.

Noteworthy Points What’s New vs. Excluded
I’d very strongly recommend that your read the following CTX article – https://support.citrix.com/article/CTX205549 entitled “CTX205549 FAQ: XenApp, XenDesktop, and XenServer Servicing Options (LTSR)” and to ensure that you remain compliant post your update/migration to 7.15 LSTR you should download the “CTX209577 Citrix LTSR Assistanthttps://support.citrix.com/article/CTX209577

Its also worth noting the following that are classed as “Excluded Features/Components/OSes” from the XAD 7.15 LTSR but I’d like to stress PLEASE PLEASE refer for eDocs for full caveats vs. supporting statements at – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/whats-new/7-15-ltsr-initial-release-.html+ and these listed notes are based upon the initial release however there is now a Cumulative Update 1 (CU1) already available so be sure to read through it as well at – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/whats-new/cumulative-update-1.html.

OSes+
– Windows 2008 32-bit (for Universal Print Server)

Behavioural Changes
– Upgrading a XA 6.5 worker to a new 7.15 VDA is now slightly different and the detailed process is listed at – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/upgrade-migrate/upgrade/upgrade-xenapp-6-5-to-vda.html and also be sure to review the XenApp 6.x Migration Tool at – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/upgrade-migrate/xenapp-worker-upgrade.html and you review the migration tool by watching the embedded YouTube video below.

Finally while your planning your migration to XA 7.15 (FMA) from 6.5 (IMA) you will mostly likely be upgrading vs. migrating away from WIF so please be sure to read and how to migrate features to StoreFront from your WIF environment at – https://docs.citrix.com/en-us/storefront/3-12/migrate-wi-to-storefront.html. Equally I’d encourage any organisation reading this to review how-to setup and configure the “unified user experience” for Citrix Receiver vs. the Green Bubbles which will provide a much better experience for users you can enable it by quiet easily once you’ve read through the following article in eDocs at – https://docs.citrix.com/en-us/storefront/3-12/manage-citrix-receiver-for-web-site/unified-receiver-experience.html.
– Follow the supported leading best practises for upgrading the 7.15 LTSR by reviewing the following node within Citrix’s eDocs – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/upgrade-migrate/upgrade.html
– VDA installation failures for Win 10 N Editions that don’t include Microsoft Media Foundation can now be acknowledged via the installation GUI of the VDA vs. automated deployed (unattended) there is a new option “/no_mediafoundation_ack“.

Excluded Features & Compoments+
– HDX Graphics Mode – Framehawk
– StoreFront Citrix Online Integration
– AppDisks
– Personal vDisk is excl for Win 7, 10
– Load balancing of Session Recording which was an experimental feature in 7.14

What’s Deprecated in the 7.15 LSTR
A full list of what is deprecated is available at – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/whats-new/removed-features.html and I am only going to list a few points that I believe of most interest to those whom read my blogs or if your just a Citrix SysAdmin vs. Consultant reading this blog post.

No VDA installations on Windows XP will be supported
– Flash Redirection ++Hello HTML5 GOODBYE Flash wahoo!
– Citrix Receiver for Web classic experience (“green bubbles” user interface) ++Oh YES double wahoo!
– VDAs on Desktop – Windows 10 version 1511 & Windows 7, 8.1 and for Server – Windows Server 2008 R2 and Windows Server 2012
Legacy Thinwire + DirectX Command Remoting (DCR) switch to Thinwire ECM or Adaptive Display v2 see – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/graphics/thinwire.html
– In-place upgrades of certain XAD infrastructure components aren’t supported!
– Studio on Windows 7
– Azure Classic support

++ Personal comment vs. note from the author of the post

XenApp and XenDesktop 7.15 LTSR baseline components
VDA for Desktop OS 7.15
VDA for Server OS 7.15
Delivery Controller 7.15
Citrix Studio 7.15
Citrix Director 7.15
Group Policy Management Experience 3.12
StoreFront 3.12
Provisioning Services (PVS) 7.15
Universal Print Server 7.15
Session Recording 7.15 (Platinum Edition only)
Linux VDA 7.15 (See the Linux VDA documentation for supported platforms)
Profile Management 7.15
Federated Authentication Service 7.15

7.15 LTSR Compatible Components and Platforms
AppDNA 7.15
Citrix SCOM Management Pack for License Server 1.2
Citrix SCOM Management Pack for Provisioning Services 1.19
Citrix SCOM Management Pack for StoreFront 1.12
Citrix SCOM Management Pack for XenApp and XenDesktop 3.13
HDX RealTime Optimization Pack 2.3
License Server 11.14.0 Build 21103
Workspace Environment Management 4.4
App Layering 4.3
Self-Service Password Reset 1.1

What’s New
– Machine Catalog’s functional level within your Site from 7.9 do not require an upgrade
– Machine Creation Services (MSC) now supports generation 2 VMs with Microsoft System Center Virtual Machine Manager SCVMM
– The FMA or 7.x version of Local Host Cache (LHC) is now enabled by default BUT note that if it was disabled from a prior release of the XAD 7.x then you need to enable it and disable Connection Leasing (CL) https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-9/manage-deployment/connection-leasing.html which was initially introduced into the 7.x platform to provide a fallback if your SQL database connection was lost or unavailable until LHC was re-introduced in XAD 7.12 – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-12/manage-deployment/local-host-cache.html but was not enabled by default in the 7.12 release CL was primarily utilised.
– Director App Failure Monitoring – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/policies/reference/virtual-delivery-agent-policy-settings/monitoring-policy-settings.html#App_Failure_Policy_Settings

Security Leading Best Practises
– General Overview https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/best-practices.html.
– Securing your StoreFront 3.12 environment – https://docs.citrix.com/en-us/storefront/3-12/secure.html
– Standardise on a single organisation user identity platform e.g AAD by leveraging NetScaler + + StoreFront + FAS which can convert SAML vs. OAuth tokens into virtual smartcards per configured Store within StoreFront to then SSO a user onto there intended virtual apps & desktops without requiring to re-enter his/her in a directory username + password for that resource location (What’s this? Read – https://docs.citrix.com/en-us/citrix-cloud/citrix-cloud-resource-locations.html).
– Slightly obvious to an Citrix expert vs. Citrix Partner but its worth highlighting for newbies to Citrix virtualisation technologies is that XAD management provides Delegated Administration to manage just enough access for different members of the IT vs. compliance departments/business units to have just enough access to complete there daily vs. weekly vs. monthly activities vs. tasks – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/delegated-administration.html and for remote secure access to virtual apps & desktops you will need implement NetScaler Unified Gateway – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/storefront-netscaler.html which can also enable and allow your organisation to control authentication at the edge of your network e.g 2FA vs. MFA vs. using Biometrics with supported 3rd Citrix Ready solutions so check out – https://citrixready.citrix.com. Finally you can also engage with SmartAccess capabilties when fronting XAD for R/A with NUG so check out the following resources for NS 11.x.n – https://docs.citrix.com/en-us/netscaler-gateway/11/integrate-web-interface-apps/ng-smartaccess-wrapper-con/ng-smartaccess-xd-config-con.html and NS 12.x.n – https://docs.citrix.com/en-us/netscaler-gateway/12/integrate-web-interface-apps/ng-smartaccess-wrapper-con/ng-smartaccess-xd-config-con.html and there is also a CTX article entitled “CTX227055 Smart Access Guide for NetScaler Gateway, StoreFront and XenDesktop” to review at – https://support.citrix.com/article/CTX227055 and finally you can configure Pre-Authentication scans to check that the connecting end-point is compliant (Refer to VDI Handbook section below).
Enabling TLS or Transport Layer Security for ICA/HDX Session – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/tls.html for a detailed how-to from the first LTSR check out the following blog article at – https://www.citrix.com/blogs/2014/12/11/how-to-secure-ica-connections-in-xenapp-and-xendesktop-7-6-using-ssl/ or download the white paper entitled “Citrix XenApp and XenDesktop 7.6 LTSR FIPS 140-2 Sample Deployments” from – https://www.citrix.com/content/dam/citrix/en_us/documents/about/citrix-xenapp-and-xendesktop-76-fips-140-2-sample-deployments.pdf. During some research I also came across the following CTX article to disable TLS 1.0 for XAD 7.6 LTSR which may or may not be useful to you check out – https://support.citrix.com/article/CTX215447.
– How do I assign the right vs. relevant security or UX policy? Refer to the built-in policy templates which you can read at – https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/policies/policies-templates.html which include the same policy type for modern vs. legacy OSes.

Citrix VDI Handbook for the 7.15 LTSR
Recommended pages of interest to read from “Citrix VDI Best Practices for XenApp and XenDesktop 7.15 LTSR” – https://docs.citrix.com/content/dam/docs/en-us/xenapp-xendesktop/7-15-ltsr/downloads/Citrix%20VDI%20Handbook%207.15%20LTSR.pdf which I am commonly asked about so I thought it makes sense with the current LTSR to list them out here for everyone to focus on what is right vs. relevant for PoC’s e.t.c

– Page 11 which focus on CCS Methodology
– Page 32 Five-Layer Design Model and Conceptual Architectures for XAD environments
– Page 35-37 Site topology covering latency, bandwidth vs. number of users
– Page 50-52 covers StoreFront keywords to the behaviour of the delivery of virtual resoucres
– Page 52 Scaling vs. sizing of your StoreFront cluster
– Page 54 Calculate what NetScaler required SSL through-put however i’d strong recommended engage with your Citrix rep for leading best practise vs. guidance as this can/may differ dependant upon your choose appliance vs. firmware version.
– Page 58 Implement GSLB with HDX Optimised routing to ensure connecting users in a regional vs. global deployment connect to better NUG by proximity.
– Page 63 HDX Display Protocol
– Page 66- User Profile types for Local, Roaming, Mandatory & Hybrid vs. virtual apps & desktop chooses model
– Page 79 Built-in Policy templates to optimise the UX based upon your organisational requirements
– Page 88-93 vCPU/RAM/Storage I/O vs. User workload types light, medium and heavy
– Page 94-97 SQL database sizing vs. scaling 5K up to 15K including expected database growth
– Page 98-99 PVS SQL database guidance for suggested sizing
– Page 104 XAD Controller sizing vs. scaling per 5K users which also includes a calculation
– Page 105 LHC considerations if enabled to re-size your control infrastructure for XAD
– Page 107 Citrix Cloud connector sizing for 5K users in private vs. public cloud
– Page 113-116 SQL Database sizing
– Page 121-129 PVS Accelerator with XenServer
– Page 132-140 Hardware Formulas for sizing vs. scaling including GPU(s)

Deploying a XAD 7.15 LSTR PoC
Coming…

What’s New and Understanding Citrix XenApp & XenDesktop 7.11 (Seven 11)

The following content is a brief and unofficial prerequisites guide to setup, configure and test delivering virtual apps and desktops powered by XenApp & XenDesktop 7.11 (Seven 11) prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessarily conform to industry descriptions or best practises.

Shortened Names
XENAPP – xa
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
VIRTUAL DELIVERY AGENT – vda
HIGH DEFINITION EXPERIENCE – hdx
INDEPENDENT COMPUTING ARCHITECTURE – ica
EXPERIENCE 1st – x1
VIRTUAL DESKTOP – vd
VIRTUAL APPS – va
THINWIRE COMPATIBLE MODE – tcm also known as ecm or thinwire+
UNIVERSAL WINDOWS PLATFORM – uwp
FEDERAL INFORMATION PROCESSING STANDARD – fips
SELF-SERVICE PASSWORD RESET – sspr
PROVISIONING SERVER – pvs
MACHINE CREATION SERVICES – mcs
AZURE RESOURCE MANAGER – arm

What’s New
1. XAD 7.11 infrastructure support on Windows Server 2016 for the Controller, StoreFront, Studio, Director, Server VDA, Session Recording Server & Agent, Universal Print Server.
2. Self-Service Password Reset 1.0 (SSPR) is now part of the StoreFront 3.7 & XAD 7.11 (Platinum feature) release and can be installed on Windows Server 2008 R2, 2012 R2 and 2016* and allows users to unlock or reset their AD passwords through a series of questions. For a detailed overview please read the CTX blog entitled “StoreFront 3.7 has been released!“- https://www.citrix.com/blogs/2016/09/14/storefront-3-7-has-been-released/

3. SQL Server 2014 Express is still installed by default when installing the XAD Controller which became the default in XAD 7.9 release ref – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-9/whats-new.html#par_anchortitle_ddbe so be aware of the installation behavioural changes for SQL and SQL Server 2016 is now supported ref –http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/system-requirements.html#par_anchortitle_384a and for a full list of the supported databases for XAD please refer to http://support.citrix.com/article/CTX114501 which contains and up to date tablised view of XAD versions vs. SQL versions and which are and are’nt supported! Finally DB sizing can be found by referring to the LTSR release of XAD 7.6 at – http://docs.citrix.com/en-us/categories/solution_content/implementation_guides/database-sizing-guidance-for-xendesktop-7-6.html which has great guidance on database sizing for XAD 7.6+.

4. Publish URL’s, documents and media files from network shares (WAHOO!) is now available on as part of the XAD 7.11 release. It currently only supports publishing of content via PoSH cmdlets and all the examples can be found and a detaied overview of the feature is avaiable at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/install-configure/publish-content.html*.

Example Publishing a Word Document from Citrix eDoc’s*
New-BrokerApplication -Name ReadMe -PublishedName”ReadMe Document” -ApplicationType PublishedContent -CommandLineExecutable \\MyFolderShare\Documents\ReadMe.doc -DesktopGroup Content

5. Use of System Center Virtual Machine Manager to provision VMs used to create AppDisks. If you are unfamiliar with AppDisks the following YouTube video from the Citrix channel demonstrates how’s setup, create and assign your AppDisks to users virtual desktops. There is also a fantastic AppDisks FAQ avaiable at – http://docs.citrix.com/content/dam/docs/en-us/xenapp-xendesktop/xenapp-xendesktop-7-8/downloads/AppDisk%20FAQ.pdf

6. Installation behavioural changes for CIS programs entitled “Citrix Customer Experience Improvement Program (CEIP)” and “Citrix Call Home“. For more information please refer to and read – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/manage-deployment/cis.html.
7. New HDX enhancements include:

– A new HDX policy setting combining Thinwire Compatible Mode (ECM) and H.264 can be enabled by selecting the following policy Use video codec for compression and select For actively changing regions. If you do not then the default HDX graphics mode is used which is Use video codec for compression Use video codec when preferred. For a more detailed overview please check out – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/policies/reference/ica-policy-settings/graphics-policy-settings.html.
– Up to 5% bandwidth reduction with the new behavioural enhancements for video content with Thinwire and requires XAD 7.11 with either Windows Receiver 4.5 or Linux 13.4.
– Support for USB generic mass storage devices for XenApp
TWAIN 2.0 scanning protocol support with Windows Receiver 4.5+
– New behavioural changes for the optimisation of client USB devices – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/policies/reference/ica-policy-settings/usb-devices-policy-settings.html
– Support for publishing universal apps for Windows 10, Server 2016 using the Microsoft Universal Windows Platform (UWP).
– Support for H.264 hardware encoding with supported nVidia GPU cards (NVENC hardware encoding – https://developer.nvidia.com/nvidia-video-codec-sdk) and also to read the following entitled “Better Together: Citrix XenDesktop 7.11 + NVIDIA GRID” from – https://blogs.nvidia.com/blog/2016/09/14/citrix-xendesktop-nvidia-grid/!
Default VDA policy settings for XAD 7.11 – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/policies/policies-default-settings.html

8. StoreFront 3.7 includes SSRP 1.0 as mentioned above in point 2., UI support for small form factor devices improving the user’s overall experience when you configur the unified Citrix Receiver experience on StoreFront against your Store(s) which can be configured by reffering to – http://docs.citrix.com/en-us/storefront/3-7/manage-citrix-receiver-for-web-site/unified-receiver-experience.html so when connecting to from e.g Safari on an iPhone your end-users experience is way better try for yourself! Finally a great new addition or rather enhancement to Zones in StoreFront 3.7 & XAD 7.11 is that now client location based zone preference passes the zone information to the controller (required configuration – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/manage-deployment/zones.html#par_anchortitle_1db7) which in turn utilises this information to select the more appropriate workstation/server VDA’s that are closest in proximity to the user so when connecting to virtual apps & desktops there receive the best rich HD experience possible.
9. Windows Server 2016 analysis and reporting including Expanded security analysis with AppDNA 7.11 – http://docs.citrix.com/en-us/dna/7-11/whats-new.html.
10. Automate Director notifications with Citrix Octoblu – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/director/alerts-notifications.html#par_anchortitle_1d19. For a detailed overview and look at this integration be sure to read the blog post – http://horacegoesskiing.com/index.php/2016/09/16/using-xenappxendesktop-7-11-alert-policies-with-octoblu/.
11. Support for Windows Server 2016 as a server and a target platform for PVS 7.11 including an enhanced diagnostic model so much more so be sure to review the PVS 7.11 online documentation at – http://docs.citrix.com/en-us/provisioning/7-11.html.
12. Citrix XenApp and XenDesktop 7.6 FIPS 140-2 Sample Deployments (Technically NOT new but very useful for Citrix customers and partners alike) – http://docs.citrix.com/content/dam/docs/en-us/categories/public-sector/downloads/Citrix%20XenApp%207.6%20and%20XenDesktop%207.6%20FIPS%20140-2%20Sample%20Deployments.pdf
13. Provisioning Citrix workloads in Microsoft Azure using ARM is now available. For a detailed how-to read – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/install-configure/install-prepare/azure-rm.html but before deploying your VM’s be sure to read the following whitepaper entitled “The scalability and economics of delivering Citrix XenApp services from Microsoft Azure” available from – https://www.citrix.com/content/dam/citrix/en_us/documents/white-paper/xa711-scalability-azure-rm.pdf. To get started with deploying and using XenApp 7.x in Azure take a look at deploying the XenApp Trial in the Azure Marketplace at – https://azure.microsoft.com/en-gb/marketplace/partners/citrix/citrix-xacitrix-xa-trial/ which will be you a complete XA 7.x enviromnent in Azure along with StoreFront, NetScaler and 2x VM’s to deliver a server virtual desktop and the other for delivery of just virtual apps.
14. Citrix Receiver 7.1 is ready for iOS 10 – https://www.citrix.com/blogs/2016/09/15/citrix-receiver-ready-for-ios-10/.
15. Finally be sure to check out and be aware of the list of known issues with XAD 7.11 release at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/whats-new/known-issues.html

* Microsoft Windows Server 2016 is currently still in TP and is not officially released as of writing this blog post.

For a completely detailed summary of what is avaiable in XAD 7.11 (Seven 11) check out – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/whats-new.html.

XenApp and XenDesktop 7.x.n (As of this blog post its 7.11) Features
https://www.citrix.com/go/products/xendesktop/feature-matrix.html

Quick upgrade guide to XenApp 7.11 and XenDesktop 7.11 by #Citrix #CTP @ervik
http://www.ervik.as/quick-upgrade-guide-to-xenapp-7-11-and-xendesktop-7-11/

Upgrading My Azure XAD 7.9 environment to XAD 7.11
Coming…

Installing a XAD 7.11 PoC environment on Azure
I have testing installing XAD 7.11 (Seven 11) onto Windows Server 2016 Technical Preview 5 or TP5 on Azure via the Azure Market Place – https://azure.microsoft.com/en-us/marketplace/?term=Windows+Server+2016+TP5. The CLEAN installation that I performed did not have any issues or errors however the when creating the machine catalog for Windows Server 2016 TP5 even installing the Server DVA 7.11 it will revert to recommended VDA release of 7.8 only so you have been warned!

Once Microsoft releases Windows Server 2016 officially I will follow-up with an overview of setting up and configuring XAD 7.11 on Windows Server 2016 hosted on Microsoft Azure.

Scheduled & Coming…