Thursday, December 18, 2014

Change Network Interface in Existing Host Connection with XenDesktop


Open PowerShell as asministrator.

asnp Citrix* to load Citrix Module.

dir XDHyp:\HostingUnits to get Host connection details.

The following is an example of the output for the preceding commands:

PSPath : Citrix.Host.Admin.V1\Citrix.Hypervisor::XDHyp:\Hosting
PSParentPath : Citrix.Host.Admin.V1\Citrix.Hypervisor::XDHyp:\Hosting


PSDrive : XDHyp
PSProvider : Citrix.Host.Admin.V1\Citrix.Hypervisor
PSIsContainer : True
HostingUnitUid : 9b0ee1f0-2b45-45d5-9664-8cad350130f8
HostingUnitName : SERVERXD01
HypervisorConnection : XSG7Pool
RootPath : XDHyp:\Connections\XSG7Pool\
RootId :

NetworkPath: XDHyp:\Connections\XSG7Pool\

NetworkId : d8f21da0-6697-4fce-925b-99c19d4bae70
Storage : {XDHyp:\Connections\XSG7Pool\iSCSI}
VMTaggingEnabled : True
UseLocalStorageCaching : False
Metadata : {}

Copy PSChildName and NetworkPath from the output:

Set-Item -Path xdhyp:\hostingunits\PSChildName

NetworkPath xdhyp:\connections\XSG7Pool\NetworkName

For example, new network interface is Network2 for the host SERVERXD01

Set-Item -Path xdhyp:\hostingunits\XENSERVERXD01 -

NetworkPath 'xdhyp:\connections\XSG7Pool\'

Tuesday, December 16, 2014

Citrix Receiver command line


if any of you have suffered the pain of trying to get all the switches to work when installing the Receiver 4.2 via command line syntax, some case sensitive some not!!, the command below works:


Monday, December 08, 2014

Citrix XenApp 7.x VDA Registration State stuck in Initialising


On October 16th, 2014 Jason Samuel did a really good post on this with a script to restart the affected service on the affected servers.

On XenApp 7x, you notice the registration state of the machine is stuck on “Initializing” in Citrix Studio and no one will be able to launch any apps.

The work around is to restart the “Citrix Desktop Service” on the impacted server.





Dave Colvin,

Wednesday, November 19, 2014

The VPN client agent was unable to create the interprocess communication depot


When attempting to install the Cisco AnyConnect client for UI Anywhere access, you receive the following error message:

The VPN client agent was unable to create the interprocess communication depot.

To resolve this issue:

  • Click on View Network Status and Tasks.
  • Click on Change Adapter Settings.
  • Right-click the shared connection and choose Properties
  • Click the Sharing tab
  • Clear the Allow other network users to connect through this computer’s Internet connection checkbox
  • Click OK.


Continue the install. No reboot required.

Friday, November 07, 2014

Change XenDesktop 7.6 SQL Server

If you setup the SQL Express edition and need to move it for production. This is how.

Open PowerShell as and Administrator:

Add-PSSnapin Citrix*

They BOTH output something like this:

ConnectionString : Server=XDC-PROD01\SQLEXPRESS;Initial Catalog=CTX-XD7-PROD;Integrated Security=True

DataStore        : Site

DatabaseType     : SqlServer

Provider         : MSSQL

SchemaName       : Monitor

Status           : OK

ConnectionString : Server=XDC-PROD01\SQLEXPRESS;Initial Catalog=CTX-XD7-PROD;Integrated Security=True

DataStore        : Monitor

DatabaseType     : SqlServer

Provider         : MSSQL

SchemaName       : MonitorData

Status           : OK

Copy the contents of the BOLD above to a string and change the server name and instance details with server= in the prefix.

$CS = “server=REMOTE-PROD01\SQL02;Initial Catalog=CTX-XD7-PROD;Integrated Security=True”

  • Set-LogSite -State Disabled

  • Set-LogDBConnection -DataStore Logging -DBConnection $null

  • Set-MonitorDBConnection -DataStore Monitor -DBConnection $null

  • Set-MonitorDBConnection -DBConnection $null

  • Set-AcctDBConnection -DBConnection $null

  • Set-ProvDBConnection -DBConnection $null

  • Set-BrokerDBConnection -DBConnection $null

  • Set-EnvTestDBConnection -DBConnection $null

  • Set-SfDBConnection -DBConnection $null

  • Set-HypDBConnection -DBConnection $null

  • Set-ConfigDBConnection -DBConnection $null –force

  • Set-LogDBConnection -DBConnection $null –force

  • Set-AdminDBConnection -DBConnection $null –force

Move the database between the servers.

On the SQL server create the account(s)

sqlcmd -S env3-sql2\AON -q "create login [domainName\ddcName$] from windows"

set-ConfigDBconnection -dbconnection $cs

set-AdminDBconnection -dbconnection $cs

set-LogDBconnection -dbconnection $cs

set-AcctDBconnection -dbconnection $cs

set-BrokerDBconnection -dbconnection $cs

set-EnvTestDBconnection -dbconnection $cs

set-HypDBconnection -dbconnection $cs

set-MonitorDBconnection -dbconnection $cs

set-ProvDBconnection -dbconnection $cs

set-SfDBconnection -dbconnection $cs

set-LogDbConnection -DataStore logging -DbConnection $cs

set-MonitorDbConnection -DataStore monitor -DbConnection $cs

set-LogSite -State Enabled


Monday, November 03, 2014

Nokia 1020 camera verses IPhone 6


With two photos taken in the same spot within a minute, no options, just default point and shot. With my none scientific methods I think the Nokia 1020 still has the better image colours, and of course the resolution / reframe options. So the winner - Nokia 1020 !

Zoomed in 300%

Nokia 1020 High Res


IPhone 6


Nokia 1020 Standard (social media res)


Zoomed out to 25%

Nokia 1020 High Res (was still too large for frame the top is cut)


IPhone 6


Nokia 1020 Facebook Quality


1000 Pixels wide cropped

Nokia 1020 High Res

IPhone 6

Nokia 1020 Facebook







Citrix StoreFront 2.6 error on first use - ManagedPipelineHandler


If you get the error, on Windows Server 2008 R2:

HTTP Error 500.21 – Internal Server Error.
Handler "DefaultPageHandler" has a bad module "ManagedPipelineHandler" in its module list


Run the command:

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -i

To reinstall\re-register


Press F5 to refresh.


hat tip:

Monday, October 20, 2014

Citrix StoreFront for dummies (v2x)

StoreFront key components

Authentication service: An integral part of StoreFront,  authenticates users to XenDesktop sites, XenApp farms. The authentication service ensures that users only need to log on to StoreFront/Receiver once.

Store: Retrieves user credentials from the authentication service to authenticate users to the components providing the resources. The store enumerates and aggregates the resources currently available from XenDesktop sites, XenApp farms. Users access the store through Citrix Receiver or a Receiver for Web site.

Application Subscription Store (Data Store):This store saves and indexes the application or desktop subscriptions of the users on a per - StoreFront Store basis. Tthe new Application Subscription Store uses the built-in Microsoft Windows Extensible Storage Engine to store details of users’ app subscriptions locally on StoreFront servers. When joining a StoreFront server to a Server Group the replication of data between all members is configured automatically.

Receiver for Web site:This site enables users to access stores through a webpage. If a version of Receiver installed locally it can be upgrade or if not detected it can be installed. Where Receiver cannot detected or installed the HTML5 client can start in compatible web browsers (IE over HTTP, Chrome/Firefox over HTTP/S).

Desktop Appliance site: Desktop Appliance sites provide users of non-domain desktops with an experience similar to that of user with domain-joined desktops. The web browsers is configured to start in full-screen mode displaying the logon screen for a Desktop Appliance site.

XenApp Services site: Used as a service to support PNAgent (Receiver for Enterprise), seamless desktop experience, Fast Connect, and Desktop Lock for repurposed PCs. or other devices like IPAD etc.

Authentication to StoreFront
  1. User enters username and password on StoreFront server. The authentication service validates (the user credentials) with a domain controller.
  2. StoreFront checks the data store for existing user subscriptions and stores them in memory
  3. StoreFront forwards the user credentials as part of a XML query to the backend XenApp / XenDesktop
  4. Delivery Controller validates (the user credentials) with a domain controller
  5. Delivery Controller checks which resources have been published to this user within its database
  6. Delivery Controller sends an XML response to StoreFront which contains all resources available for the user from the XenDesktop site
  7. StoreFront sends the list of available resources including the existing subscriptions to the Citrix Receiver installed locally or displays them in Receiver for Web


A Non blank interface for new users

To avoid users from having a blank screen when they first logon, automatically subscribe users to a few core applications. Add KEYWORDS:Auto to the application or desktop description in XenApp or XenDesktop. Another option that can be used to organise applications is KEYWORDS:Featured. The Featured keyword only places apps in the Featured category

Local apps used via StoreFront

In addition the string KEYWORDS:prefer="application" can be used to specify that the locally installed version of an application should be used in preference to the equivalent delivered instance if both are available

Thanks to this white paper for the details, I have simplified it where I thought relevant : 

Thursday, October 16, 2014

Citrix HTML5 client on StoreFront Server

I put this together as official Citrix material is a bit ambiguous on what is needed, it is all there, but obtuse.

What is it? Receiver for HTML5 enables users to access desktops and applications directly within HTML5-compatible web browsers without needing to install Citrix Receiver.


On the StoreFront use the Deploy Citrix Receiver task to configure the behaviour of a Receiver for Web site (HTML5 client) when a Windows or Mac OS X user without the Citrix Receiver installed accesses the site. By default, Receiver for Web sites automatically attempt to determine whether Citrix Receiver is installed when accessed from computers.

Specify the response of the Receiver for Web site if Citrix Receiver cannot be detected on a user's device.

  • If you want the site to prompt the user to download and install Citrix Receiver but fall back to Receiver for HTML5 if Citrix Receiver cannot be installed, select Use Receiver for HTML5 if local install fails. Users without Citrix Receiver are prompted to download and install Citrix Receiver every time they log on to the site.
  • If you want the site to enable access to resources through Receiver for HTML5 without download and install Citrix Receiver, select Always use Receiver for HTML5. With that option selected, users always access desktops and applications on the site through Receiver for HTML5, provided they use an HTML5-compatible browser. Users without an HTML5-compatible browser have to install the native Citrix Receiver.
XenApp and XenDesktop:

For local users on the internal network, access through Receiver for HTML5 to resources provided by XenDesktop and XenApp is disabled by default. To enable local access to desktops and applications using Receiver for HTML5, you must enable the ICA WebSockets connections policy on your XenDesktop and XenApp servers. XenDesktop and XenApp use port 8008 for Receiver for HTML5 connections.

Ensure your firewalls and other network devices permit access to this port.

Client browsers:

Receiver for HTML5 can only be used with Internet Explorer over HTTP connections. To use Receiver for HTML5 with Firefox over HTTPS connections, users must type about:config in the Firefox address bar and set the network.websocket.allowInsecureFromHTTPS preference to true.

Wednesday, October 15, 2014

PVS Soap service member of Local Administrators on Server


For PVS images that use KMS, when you switch modes from Private to Standard and select Key Management Service on the vDisk, the PVS server performs a volume operation on the server that requires elevated privileges, specifically the ability to perform volume maintenance tasks.

If you are running Soap/Stream as Network Service or a custom account, it not have the permissions required.

You can test the GPO \Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\ “Perform Volume Maintenance Tasks” but I have not.


Hat tip:

Tuesday, October 07, 2014

Snapshot of Active Directory in Windows Server 2012 R2

Open a PowerShell window and type:



Note the GUID that is created (above mine is 4f54…….), or just leave the CMD prompt open. You can LIST ALL to see the GUIDs later.

QUIT and QUIT to exit from snapshot or you can mount that GUID

If you did quit, use


If you  just enter the next command it is



QUIT and QUIT to exit from the mount process

To start the ADDS and export files from it find the name of the snapshot with DIR C:\$*.*

Then start it up with



Leave DSAMAIN / CMD running in the background

Open Active Directory Users and Computers (or LDIFDE etc) and select CHANGE DOMAIN CONTROLLER YOURCOMPUTERNAME:6660




This is the old Active Directory from the backup.


Note what you need or export what you need etc.

When finished close the command prompt or press CTRL+C to stop DSAMAIN.EXE

To close the open snapshot issue the following commands


Done. Now you just need a daily, weekly task to do the backup.

Thursday, October 02, 2014

Citrix Adaptive Display moving to GPUs


What is Citrix Adaptive Display and why should I care?

Before adaptive display there was Progressive Display which worked well back in the day, but if you wanted to tune it, it is was a manual dark art. It was often misconfigured resulting in a poor experience, so lets just move on.

Then came Adaptive Display, the first generation. It was based on progressive display but was auto tuning according to the available bandwidth and the capabilities of the client. Simply, it would use a different compression algorithm for moving images and still images and tune it on the fly.

Now there is Adaptive Display Second generation. It is now based on different codecs, the ‘SuperCodec’ from Citrix dynamically decide which compression is used for different parts of the screen. The most important codec is the H.264 deep compression codec known as HDX 3DPro. Add to this Desktop Composition Redirection.

If you want to offload you can also redirect Desktop Composition to the client if supported. This will work with the Microsoft applications like Internet Explorer, Office 2010+. You can also tune the quality of Desktop Composition Redirection can be configured in the following policy: Desktop_Composition_graphics_Quality

HDX 3DPro (H.264 Deep Compression codec) has now evolved and it can completely encode in host CPU. This new version, called the Deep Compression V2, uses even less bandwidth then before but hits the CPU harder. The load on the host side increases and can affect the scalability of the total solution, when CPU resources are limited or scalability is a concern in your environment you may need to tune this down or optimise it.

If you need to bring down the graphics performance you can turn on the legacy graphics mode policy to get the user density you are aiming for and scalability targets but this affects the user experience. And that kind of defeats the purpose of what we are aiming for.

So instead move to a Graphics Processing Units (GPU). The GPU can do the heavy graphics lifting.

In XenDesktop 7x you have the following options:

  • Leverage the GPU directly (Either physically or through the Hypervisor GPU pass-through)
  • Leverage the GPU indirectly through GPU virtualisation (Available by using Nvidia GRID and others)

Leveraging the GPU directly has been available for a while now but was one-to-one solution for Windows 7 VDI (Hosted shared desktops based on 2008 r2 etc. you could share a GPU with multiple sessions on the same server OS)

Graphics are first rendered and compressed in the GPU and then send down the client, so first the output of the GPU needs to be captured, compressed and tuned by the ICA client, this process is called screen scraping. Screen scraping, is not required when using a Nvidia GRID because it comes with an API which allows remote display protocols (ICA client) to access the frame buffer, (the encoding engine of the GRID card) directly. This means to you the job is rendered and sent remotely with almost no delay.

XenServer supports GRID GPU virtualisation and the remote display APIs. This is in early test for VMware and not on the map for HyperV.

So for the best graphics yet on VDI, get XenServer, XenDesktop and a bunch on NVidia GRID K1/2 Cards.

The newest Citrix Receivers supports the new codecs so stay current.

If you want to tune Adaptive Display you have the following settings, BUT ALWAYS leave it default until you have a test bed:

  • Max frames per second
  • Target Minimum Frame rate (up to 60 on newer receiver)
  • Minimum Image Quality
  • Moving Image Compression
  • Extra Colour Compression (Chroma and Luma)
  • Heavyweight Compression
  • Lossy Compression level
  • Legacy Graphics Mode
  • Visual Quality
  • Desktop Composition Redirection
  • Desktop Composition Redirection Quality

Wednesday, October 01, 2014

16, 24 and 32-bit colour...


16-bit colour (High colour, from back in the day), can display 65,536 colours, which is fine for most uses.

24-bit colour (True colour), can display 16,777,215 different colours.

32-bit colour, also supports 16,777,215 colours but also has an alpha channel and using the alpha channel can create gradients, shadows, and transparencies.

To explain the alpha channel? In 32-bit graphics systems there are four 8-bit colour channels, three 8-bit channels for red, green, and blue (RGB) and one 8-bit alpha channel. The alpha channel is a mask not a colour. The alpha channel specifies how the pixels colours should be merged with the next pixel when the two are overlaid, one on top of the other.

Can my eyes tell a difference?

Most users can't. But custom programs that use gradients, shadows, transparency, etc. you may notice a difference with 32-bit colour.

Tuesday, September 30, 2014

XenApp Server that ‘thinks’ it is a farm member?


If you have an orphaned Xenapp 6.5 server, or three you can from the server registry tell it to leave home, move on, get a life and try and participate in society.

First try the nice way.

  • Use XenApp Server Configuration Tool accessed through the Server Role Manager.
  • In XenApp 6.5 the server manager is accessed through Administrative Tools > Citrix.
  • Select Edit Configuration.
  • Select Remove this server from the current farm.

If this didn't work, force it along.

Set this registry DWORD value to 0

Then force the console to leave:
C:\Program Files (x86)\Citrix\XenApp\ServerConfig\XenAppConfigConsole.exe /ExecutionMode:Leave

Now it can re-join the farm or you can create a new one again.


Tuesday, September 23, 2014

Primer for HDX and 3D in XenApp and XenDesktop

HDX technologies built into Citrix XenApp and Citrix XenDesktop can and do deliver an excellent user experience on a many devices and over smaller network connections. HDX technologies are built on top of the ICA remoting protocol.

HDX has three technical principles:

  1. Intelligent redirection; examining screen activity, application commands, and endpoint device, network and server capabilities to determine how and where to render on the server or redirect them on to the client.
  2. Adaptive compression; defines codecs for specific network conditions, as manages CPU and/or GPU resources on hosts.
  3. De-duplication of network traffic; using multicasting of multimedia streams, delivering of a single transmission  to many users at once. And the de-duplicates of bitmap graphics, files, print jobs and streamed media.

HDX is built on the core of ICA which also has these features to manage network traffic:

  1. Adaptive TCP flow control accelerates the flow of all TCP-based traffic, by sensing and responding to high network latency and packet loss. The result is significantly higher network throughput and performance than with standard TCP implementations.
  2. Adaptive compression to compress ICA traffic based on its characteristics, infrastructure capabilities and network conditions.
  3. Adaptive protocol acceleration performs intelligent acceleration of ICA traffic while sensing and responding to network and traffic conditions.

Under the covers HDX is based on these seven components:

  1. HDX Broadcast - Broadcast for providing desktops and applications over any network. It provides the underlying transport for many of the other HDX technologies. HDX Broadcast includes many of the older technologies such as instant mouse click feedback, keystroke latency reduction, multi level compression, session reliability, and queuing and tossing.
  2. HDX Plug and Play - Plug and Play provide connectivity for local devices and applications in a virtualised environment, including USB, multi-monitor, printers, and peripherals. HDX Plug and Play includes technologies such as multi monitor support, smart card support, special folder redirection, universal printing, file type association, and USB support.
  3. HDX 3D - 3D delivering high end graphics remotely such as image acceleration and progressive display for graphically intensive images.
  4. HDX MediaStream - MediaStream for multimedia extends HDX Broadcast capabilities. With technologies for streaming media files to the client device for playing via local codecs with seamless embedding into the remote session.
  5. HDX RealTime - RealTime for realtime communications such as voice and web cameras. RealTime extends HDX Broadcast capabilities. HDX RealTime support is in development today with third parties to support realtime communication via both voice and video on the remote client.
  6. HDX IntelliCache - IntelliCache is to locally cache bandwidth intensive data and graphics and locally stage streamed applications. IntelliCache caches common application display data for multiple users locally to the branch office, eliminating redundant transfer of commonly used application objects.
  7. HDX Adaptive Orchestration - Adaptive Orchestration enable seamless interaction between the HDX Technology categories. A central concept is that all these components work adaptively to tune the unified HDX offering for the best possible user experience.

Tuesday, September 16, 2014

Citrix Netscaler VPX Express


Free for small environments or for testing ‘Citrix Netscaler VPX Express’. The VPX Express supports:

  1. Load Balancing Citrix PVS TFTP, Active Directory or LDAP request, DNS
  2. Load Balancing Web Site or services
  3. Unlimited ICA Proxy connections to XenDesktop/XenApp (throughput limited)
  4. Citrix Access Gateway support for up to 5 concurrent users
  5. VPN gateway for up to 5 concurrent users
  6. Reverse proxy to externally access Exchange OWA or other web sites and file shares.

The license you download for free from and you need to replace it each year.

Download it here…


Monday, September 08, 2014

Running NetScaler Gateway VPX on Azure ???


Right now I am not sure this works, I was going to try it, but work changed and the plan got put off. So buyer beware for this may or may not work. This is based on the Azure blog here.

Download the NetScaler VPX Hyper-V appliance image

Load it on a Hyper-V server and boot it, login as the secret account and password

Configure the OS to use DHCP, So enable networking

Configure the primary interface for DHCP (later you will fix it via the NetScaler console)

Edit /etc/rc.conf (google it)
service netif restart

Enable SSH

Enable SSH via the /etc/rc.conf file and create the new host keys

echo 'sshd_enable="YES"' >> /etc/rc.conf

ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
service sshd restart

Install Python 2.7 and required modules

pkg install python27 py27-asn1


You may need a symbolic link the new python 2.7 binary?

ln -s /usr/local/bin/python2.7 /usr/bin/python

Install the Azure Linux Agent

On Github –  The latest agent that supports FreeBSD:

pkg install wget


mv ./waagent /usr/sbin/

chmod 755 /usr/sbin/waagent

/usr/sbin/waagent –install

Well if this worked, now logon to the NetScaler console and start the real work, let me know how it went?

Thursday, August 28, 2014

EdgeSight CRL Checking–Speed up EdgeSight


The EdgeSight console uses IIS and .NET which in turn uses built-in Certificate Revocation List (CRL) checking when generating Publisher Evidence for Code Access Security (CAS). When validating the certificate the server walks the chain of Certificates and tries to download the Certificate Revocation List from the internet.

If the computer cannot connect to the internet (timeout, delay, proxy auth, not allowed to etc) this delays the console.

To remove CRL checking add the following to your ASPNET.CONFIG or APP.CONFIG file:

<generatePublisherEvidence enabled="false"/>

ASPNET.CONFIG file is in the following folder.


This is what yours should look like:


Open the server management to restart IIS services or restart the server.


Thanks to for the tip.

Saturday, August 16, 2014

VDI verses RDS/Terminal Server


This is a read and a nice definitive conclusion, I will leave you to read the artical, but here is the punchline:

“As for the myth that VDI scales almost as well as RDS, well I think we can officially call that myth busted!!!  Anyone who says RDS only scales 20% better than VDI is dead wrong!!! RDS is still king and in most real world environments will give you 100 – 200% greater user density than VDI!”

Tuesday, August 12, 2014

Manually Install/Remove Individual Citrix Receiver Components

To extract the .msi files, run the following at command prompt:
For Receiver 4.x: CitrixReceiver.exe (For 3.x use: CitrixReceiverEnterprise.exe /extract [Destination_name]).
The directory must exist already and /extract adds a subfolder called extract to that directory.

You can install the .msi files, just double-click each file (in elevated mode). The .msi files are supported per-machine and require administrator privileges to deploy them.

Installing the Components:

When installing the Receiver components, install in the following order:

  1. RIInstaller.msi
  2. CitrixReceiverUpdater-user.msi
  3. ICAWebWrapper.msi
  4. GenericUSB.msi
  5. DesktopViewer.msi
  6. CitrixHDXMediaStreamForFlash-ClientInstall.msi
  7. Vd3dClient.msi
  8. AuthManager.msi
  9. SSONWrapper.msi
  10. SelfServicePlugin.msi
Removing the components:

When removing the components, remove them in the following order:

  1. SelfServicePlugin.msi
  2. SSONWrapper.msi
  3. AuthManager.msi
  4. Vd3dClient.msi
  5. CitrixHDXMediaStreamForFlash-ClientInstall.msi
  6. DesktopViewer.msi
  7. GenericUSB.msi
  8. ICAWebWrapper.msi
  9. CitrixReceiverUpdater-user.msi
  10. RIInstaller.msi

Each .msi file has an Programs and Features entry.

MSI Name Name in A/R Programs Details or notes
RIInstaller.msi Citrix Receiver Inside Citrix Receiver was split apart into "Receiver Updater" and a "Receiver Inside". The Receiver Inside component was then bundled into the Online plug-in installer to form a new Receiver package.

Online Plug-in

Wrapper for Receiver inside

Citrix Receiver (PNA)

Recently Citrix has renamed Receiver Enterprise to Receiver (Legacy PNA)

Citrix Receiver (SSON)

Single sign-on/pass-through authentication

Citrix Receiver (HDX Flash Redirection)

HDX Flash redirection

Citrix Receiver (DV)

Desktop Viewer (XenDesktop)

Citrix Receiver (USB)

USB redirection

Citrix Receiver (Aero)

Windows 7/2008 Aero Support
AuthManager.msi Citrix Authentication Manager Domain Pass-through

Citrix Receiver Updater

Update services

Citrix Single Sign-On Plug-in

Allows users to add and remove StoreFront stores

The CitrixReceiver is downloaded as a modular MSI packages interact with the main EXE wrapper and Citrix Receiver. The self-extracting EXE can be launched from the Autorun, Browser, Network share, Script, Explorer, or a Command line.

The EXE wrappers are responsible for:

  1. Performing installation, upgrade and un-installation of the MSI Packages.
  2. Passing the MSI command lines necessary to install each of the MSI Packages.
  3. Generation of installation Logs.
  4. Detecting the appropriate language from the user's system locale.
  5. Rollback of installation files in the event of a failed installation of one or more of the MSI packages.

In General, most user specified MSI Properties passed in at the command line to the EXE are passed to the MSI Sub packages, however, note that it is passed to all of them. The MSI package the MSI property is targeted for will read the Property, while the other packages just ignore the Property.

It is also possible to apply MST’s to an MSI sub package, however, note that the MST will be passed to all of the packages. The MSI package the MST is targeted for will read the Transform, while the other packages just ignore the Transform.

Example: Add TRANSFORMS=C:\mytransform.mst to the command-line and the transform should be applied to all MSIs in the self-extractor. If you need to use transforms just for one, then you’ll have to extract them.


Original source for this is here:

Additional information from:

Monday, August 04, 2014

Citrix XenApp 6.5 SDK and powershell tools


Get and install the SDK   

Or use the migration module if it has what you need

Run the right powershell, the one with the SDK not shown.

get-help *citrix*







Here is a script I used to dump out files for each area:

Script Name     : XAInventory.ps1
Dependencies    : Powershell
Description     : Retrieves inventory from server
Purpose            : Inventory
OS Versions     : 2008R2
Date            : June 2014
Release            : v1.0
Usage : XAInvetory.ps1

Write-Host "01. Get-XAFarm"

write-host "02. Get-XAFolder"

Write-Host "03. Get-XAZone"

#write-host "qfarm /load"
#qfarm /load

Write-Host "04. Get-XAZone | Get-XAServer | Get-XAServerLoad | format-table -wrap"
#Get-XAZone | Get-XAServer | Get-XAServerLoad | format-table -wrap
Get-XAServerLoad | sort 

Write-Host "05. Get-XAServer * | Select-Object ServerName, LogOnMode"
Get-XAServer * | Select-Object ServerName, LogOnMode

write-host "06. Get-XAServer * | Select-Object ServerName, OSVersion,CitrixVersion, CitrixServicePack"
Get-XAServer * | Select-Object ServerName, OSVersion,CitrixVersion, CitrixServicePack

Write-Host "07. Get-XAServer * | Select-Object ServerName, zonename, ElectionPreference"
Get-XAServer * | Select-Object ServerName, zonename, ElectionPreference | sort ElectionPreference

write-host "08. Get-XAZone | Get-XAServer | select ServerName, IPAddresses | Sort-Object IPAddresses"
Get-XAZone | Get-XAServer | select ServerName, IPAddresses | Sort-Object IPAddresses

write-host "09. Get-XAZone | Get-XAServer | select ServerName, IPAddresses | Sort-Object servername"
Get-XAZone | Get-XAServer | select ServerName, IPAddresses | Sort-Object servername

write-host "10. Get-XAServer | select ServerName | Get-XAPrinterDriver | Format-Table -Wrap"
#Get-XAServer | select ServerName | Get-XAPrinterDriver | Format-Table -Wrap
Get-XAServer | select ServerName | Get-XAPrinterDriver

write-host "11. Get-XASession | select ServerName, BrowserName, AccountName | sort servername | Format-Table -auto"
Get-XASession | select ServerName, BrowserName, AccountName | sort servername

write-host "12. Get-XASession | select clientname, AccountName, BrowserName | Sort-Object Accountname"
Get-XASession | select clientname, AccountName, BrowserName | Sort-Object Accountname

write-host "13. Get-XASession | select ServerName, BrowserName, AccountName, clientname | Sort-Object clientname"
Get-XASession | select ServerName, BrowserName, AccountName, clientname | Sort-Object Servername

write-host "14. Get-XAWorkerGroup | select WorkerGroupName, OUs"
Get-XAWorkerGroup | select WorkerGroupName, OUs

#write-host "Get-XAAdministrator"

write-host "15. Get-XAAdministratorPrivilege *"
Get-XAAdministratorPrivilege *

write-host "16. Get-XAAdministrator | select AdministratorName, FarmPrivileges"
Get-XAAdministrator | select AdministratorName, FarmPrivileges

write-host "17. Get-XAApplicationReport * | select WorkerGroupNames, DisplayName | Sort-Object workergroupname | ft -autosize -wrap"
#Get-XAApplicationReport * | select WorkerGroupNames, DisplayName | Sort-Object workergroupname | ft -autosize -wrap
Get-XAApplicationReport * | select WorkerGroupNames, DisplayName | Sort-Object workergroupname

write-host "18. Get-XAApplicationReport * | select DisplayName, Accounts | Sort-Object workergroupname | ft -autosize -wrap"
#Get-XAApplicationReport * | select DisplayName, Accounts | Sort-Object workergroupname | ft -autosize -wrap
Get-XAApplicationReport * | select DisplayName, Accounts | Sort-Object workergroupname

write-host "19. Get-XAApplicationReport * | select DisplayName,CommandLineExecutable | Sort-Object displayname | ft -autosize -wrap"
#Get-XAApplicationReport * | select DisplayName,CommandLineExecutable | Sort-Object displayname | ft -autosize -wrap
Get-XAApplicationReport * | select DisplayName,CommandLineExecutable | Sort-Object displayname

write-host "20. Get-XAApplicationReport * | select DisplayName,WindowType, ColorDepth | Sort-Object displayname | ft -autosize -wrap"
#Get-XAApplicationReport * | select DisplayName,WindowType, ColorDepth | Sort-Object displayname | ft -autosize -wrap
Get-XAApplicationReport * | select DisplayName,WindowType, ColorDepth | Sort-Object displayname

write-host "21. Get-XAApplicationReport * | select DisplayName,EncryptionLevel, EncryptionRequired, SslConnectionEnabled | Sort-Object displayname | ft -autosize -wrap"
#Get-XAApplicationReport * | select DisplayName,EncryptionLevel, EncryptionRequired, SslConnectionEnabled | Sort-Object displayname | ft -autosize -wrap
Get-XAApplicationReport * | select DisplayName,EncryptionLevel, EncryptionRequired, SslConnectionEnabled | Sort-Object displayname

write-host "22. Get-XAApplicationReport * | select DisplayName, PreLaunch | ft -autosize -wrap"
#Get-XAApplicationReport * | select DisplayName, PreLaunch | ft -autosize -wrap
Get-XAApplicationReport * | select DisplayName, PreLaunch

write-host "23. Get-XAApplicationReport * | select DisplayName, Enabled, AnonymousConnectionsAllowed | Sort-Object displayname | ft -autosize -wrap"
#Get-XAApplicationReport * | select DisplayName, Enabled, AnonymousConnectionsAllowed | Sort-Object displayname | Sort-Object ENABLED | ft -autosize -wrap
Get-XAApplicationReport * | select DisplayName, Enabled, AnonymousConnectionsAllowed | Sort-Object displayname | Sort-Object ENABLED

Write-Host "24. GET-XALoadEvaluator | select MachineName, LoadEvaluatorName"
GET-XALoadEvaluator | select MachineName, LoadEvaluatorName, IsBuiltIn

Write-Host "25. GET-XALoadEvaluator | select MachineName, LoadEvaluatorName  | Format-Table -wrap"
#GET-XALoadEvaluator | select LoadEvaluatorName, ApplicationUserLoadEnabled, ContextSwitchesEnabled, CpuUtilizationEnabled | Format-Table -wrap
GET-XALoadEvaluator | select LoadEvaluatorName, ApplicationUserLoadEnabled, ContextSwitchesEnabled, CpuUtilizationEnabled

Friday, July 25, 2014

Moving an Azure VM between networks


Moving an Azure VM between networks was before, delete, recreate, reattached disk as documented here:

Which works a charm by the way, however you can now powershell it as documented here:

$context = Get-AzureVM -ServiceName contosomed -Name server01

Set-AzureSubnet -SubnetNames "WFE" -VM $context

Update-AzureVM -ServiceName contosomed -Name server01 -VM $context.VM

Install MYOB on XenDesktop 7.5 in Azure on Server 2012 r2


Installing MYOB 19.10 in Azure Server Windows Server 2012 r2


Disable UAC via the registry, reboot


Install .NET 3.5


Just install the SERVER product for terminal services


Don’t just install it, do it via the old ‘add remove programs’


Install Application on Remote Desktop







You may get stuck at this screen


If you do and hit cancel this is the error message


This is the workaround to this issue:

  1. Log on to the system with Administrative Privileges
  2. Open “Local Group Policy Editor” go to:
  3. Computer Configuration
  4. Administrative Templates
  5. Windows Components
  6. Remote Desktop Services
  7. Remote Desktop Session Host
  8. Application Compatibility
  9. In the right pane, right click on ‘Turn off Windows Installer RDS Compatibility” and select Edit from the drop down menu
  10. Select ‘Enable’
  11. Hit OK

Hat tip for this


Rerun this install and it will work fine.


Few more next next nexts, Finish to complete


Then if you are using XenDesktop 7.5 allocate the application to users.




Good to go.

List to MYOB Supported platforms

Monday, July 21, 2014

How to install and use Citrix WebInterface 5.4 on Windows Server 2012 R2


Prepare your Windows Server 2012 r2


Install the following roles and features:

  • .NET Framework 3.5 Features
    • .NET Framework 3.5 (includes 2.0 and 3.0)


  • Web Server (IIS) with sub-components
  • Management Tools with sub-components
    • IIS 6 Management Compatibility
      IIS 6 Metabase Compatibility


Install Citrix WebInterface

  • install Microsoft Visual J# from the XenApp 6.5 installation media
  • Citrix WebInterface 5.4 from the XenApp installation media

After the installation is completed you can now open the Citrix WebInterface Management Console. At this point the installation will fail.

  • You can work around this issue by creating a text file named mmc.exe.config in %WinDir%\SYSWOW64 with this content:

<?xml version ="1.0"?>
                <requiredRuntime version="v2.0.50727"/>
                <supportedRuntime version="v2.0.50727"/>

  • Now in the Citrix WebInterface Management Console again and create the required sites

The file mmc.exe.config can cause issues with other tools, so remove it after you are done

  • Now correct the CitrixWebInterface5.4.0AppPool in IIS

If you try to access a new WebInterface site you will receive an error message about .NET complilation.

You can fix this for all sites on this server by changing the .NET Framework version for the Citrix application pool:

  1. Open Information Manager Service (IIS) Manager
  2. Open your server
  3. Open the Application Pools
  4. Edit Basic (or advanced) Settings on CitrixWebInterface5.4.0AppPool
  5. Chose .NET Framework Version v2.0.50727 (or Dot NET CRL 2.0 in advanced)


Thank you to Marcel Meurer, who I based this on.

Blog Archive