Keyboard Shortcuts in a Remote Desktop Session

 

Key Combinations for Client Computer	Equivalent Keys for Remote Desktop Session	Description
ALT+TAB	ALT+PAGE UP	Switches between programs from left to right.
ALT+SHIFT+TAB	ALT+PAGE DOWN	Switches between programs from right to left.
ALT+ESC	ALT+INSERT	Cycles through the programs in the order they were started.
	CTRL+ESC	Switches the client between a window and full screen.
CTRL+ESC	ALT+HOME	Displays the Start menu.
	ALT+DELETE	Displays the Windows menu.
PRINT SCREEN	CTRL+ALT+MINUS (–) symbol on the numeric keypad	Places a snapshot of the active window in the Remote Desktop session on the clipboard.
CTRL+ALT+DEL	CTRL+ALT+END	Displays the Task Manager or Windows Security dialog box. (Only use CTRL+ALT+END to issue this command. CTRL+ALT+DEL is always interpreted by the client computer.)
ALT+PRINT SCREEN	CTRL+ALT+PLUS (+) symbol on the numeric keypad	Places a snapshot of the entire Remote Desktop session window on the clipboard.

This is from link: http://technet.microsoft.com/en-us/library/bb457106.aspx

Time Configuration for AD in Australia

 

The time configuration is very important for Active Directory. With just a few minutes deviation on the client to the server a client will no longer be able to authenticate to servers in the domain. This is why time should be based on a well known Internet time sources for Domain Controllers in the core data centres.

Domain Controllers outside primary data centres can receive time from the other DCs or a local NTP server. Each of these local DCs can then act a local time servers for clients and servers within that site.

Some of the key public NTP servers for Australia are listed below:

• NSW ntp.nml.csiro.au Stratum two
• NSW ntp.syd.connect.com.au Stratum two
• NSW ntp1.tpg.com.au Stratum two
• VIC ntp.mel.connect.com.au Stratum two
• SA ntp.adelaide.edu.au Stratum two
• VIC time.deakin.edu.au Stratum two
• VIC time.esec.com.au Stratum two
• SA ns.unisa.edu.au Stratum three
• ACT ntp.can.connect.com.au Stratum three
• QLD ntp.bri.connect.com.au Stratum three
• SA ntp.ade.connect.com.au Stratum three
• WA ntp.per.connect.com.au Stratum three

To explain the different types of time servers, they are listed below:

1. Stratum 0: Atomic clocks (caesium, rubidium), GPS clocks or other radio clocks, these are not connected to the internet directly
2. Stratum 1: Computers attached to stratum 0 devices. Normally they act as servers for timing requests from Stratum 2 servers via NTP
3. Stratum 2: Computers that send NTP requests to Stratum 1 servers and communicate with peer stratum 2 computers for accuracy
4. Stratum 3: Functionally the same as Stratus 2 serve as the next in a possible 256 tiers of time servers

Good luck and be on time.

User State Virtualisation (Roaming Profiles / Folder Redirection)

 

Folder Redirection provides a way to selectively synchronise parts of the user environment (Documents, etc). This is especially useful in a XenDesktop and XenApp environment to make the experience seamless.

This is so much better then the old profile (NTUser.dat and file) that had to be copied in XP and earlier. The disadvantage is that by default the user cannot use the redirected folders when disconnected. But you can setup the user to have a cached copy of redirected files and folders.

To Set up the Folder Redirections using GPO

• Edit a Group Policy Object that is targeted to your users and navigate to User Configuration, Policies, Windows Settings, Folder Redirection, Documents

By default all folders that are redirected are automatically made available offline so that users can still access their files if when disconnected from the server. In Windows 7 the folder synchronisation is done in the background not on logon/logoff. Also Windows 7 has ‘Fast First Logon’ allows users to logon to their computer without having to wait for the folder to be moved first.

• In the advanced options you can select a different folder based on the users group membership. Think about this for load balancing or WAN issues.

• Disable ‘Grant the user exclusive rights to Documents’. Because if an administrator needs to access these files they will need to ‘take ownership’ which removes the users’ permissions.
• Also you can ‘Redirect the folder back to the local userprofile location when policy is removed’. Which means if a user is no longer affected by the GPO it will copy this back to the computer and can take minutes or hours depending on the size.

Repeat for any other redirected folders.

References

http://blogs.technet.com/b/askds/archive/2008/06/30/automatic-creation-of-user-folders-for-home-roaming-profile-and-redirected-folders.aspx

http://www.grouppolicy.biz/2010/08/best-practice-roaming-profiles-and-folder-redirection-a-k-a-user-virtualization/

 

Virtual Domain Controllers

This is still coming up so lets just recap what you need to know.

Time synchronisation

Time in Active Directory is critical to everything, Domain Controllers, servers and clients. In Active Directory, Kerberos issues a ticket during login, this ticket is default valid for 8 hours, and prevents constant authentication on Domain Controllers, every time a user accesses resources. However, the encryption and security between the client and the domain controller issuing the ticket, requires an exchange of passwords and setup of a secure channel. To prevent anyone from being able to listen on the network and reuse the packets of authentication from the client from before, all packets include a timestamp. If the timestamp coming from the client is out by more than default 5 minutes from the Domain Controllers time, it will discard the packet as fake.

The ”Maximum tolerance for computer clock synchronisation” Group Policy can change this, but don't.

In a domain, all DC’s will automatically synchronise time with the Domain Controller that has the PDCe role running. The DC with the PDCe role should then be configured to use an external or internal NTP source. The time service on Domain Controllers is the time server for all clients in the domain that logon via that DC.

Windows Servers, will by default sync every 45 minutes until 3 successful sync’s, then every 8 hours.

So you have two choices:

1. Configure NTP on the ESX hosts
2. Install and configure VMware tools and configure it to synchronise time with the ESX hosts

or

1. Ignore the time on VMware
2. Disable VMWare tools time sync
3. Enable NTP on ALL DCs (or the PDCe)
4. Only use ONE or TWO common NTP servers for all DCs in the environment.

Dont “suspend” or “pausing” a Domain Controller

If the Domain Controller has been offline for too long, it will have objects on it that were supposed to have been deleted by the tombstoning process. If this happens the Domain Controller will stop replication with it’s partners. You will see an event in the logs with:

ID 2042, Source NTDS Replication, Description: It has been too long since this machine last replicated with the named source machine. The time between replications with this source has exceeded the tombstone lifetime. Replication has been stopped with this source.

Instead of pause, shutdown any Domain Controllers. VMotion/Live Migration is OK as it is so quick.

Don't Snapshot a Domain Controller

If you revert to an old snapshot of a Domain Controller you break consistency in your Active Directory domain. Don't ever do it unless you want to cross the streams, you know, Cats and Dogs living together .

Looking to move from XXX for Virtualisation?

Interesting article: http://www.theregister.co.uk/2011/11/03/v_index_server_virtualization_q3_2011/ 
(I have cleaned up this it is not a direct quote)

Virtualisation market faces shake-up, By Timothy Prickett Morgan

Posted 3rd November 2011 21:41 GMT

This info comes from the latest V-Index survey from Veeam Software, a maker of add-on management tools for VMware's ESXi hypervisor, which is conducted on a quarterly basis in the US, UK, France, and Germany.

The survey only of large companies – those with 1,000 or more employees. About a third of the companies surveyed had more than 3,000 employees.

In the September V-Index, 86.5 per cent of the 578 organisations that participated in the poll had some sort of server virtualisation in their data centres. And across all enterprises, including those who did not have server virtualisation at all, an average of 38.9 per cent of servers were virtualised, and they had an average of 701 servers in their data centres.

Primary server virtualisation hypervisors, by vendor

The penetration of various hypervisors on x86-based servers depends on whether virtualisation is being used to run virtual desktop infrastructure (VDI) or more traditional server workloads.

On traditional server stuff

• VMware with 67.6 per cent of those companies that have hypervisors ESX or ESXi is their primary hypervisor
• XenServer 14.4 per cent going for
• Hyper-V 16.4 per cent from Microsoft.
• Others category, which accounted for a meagre 1.6 per cent.

When you shift to talk about hypervisors running on servers to specifically stream VDI desktops:

• ESX 54.2 per cent
• XenServer 24.9 per cent
• Hyper-V by 20.3 per cent

Now here's the interesting bit: 38 per cent of companies using virtualisation for traditional workloads say they are planning to change their hypervisor next year (2012).

The cost of the current hypervisor platform was cited as the main reason for the jump by 58.9 per cent of the jumpers, with nearly half saying that they didn't like their current vendor's licensing model, and they did like the features offered with alternative suppliers or that the alternatives had matured enough that they could contemplate making a shift.

W2K8 R2 Server Core Commands

 

Yes it has been out for ages, and yes everyone knows, but I am putting these all together as a reference. Enjoy or ignore. ;)

Rename computer

• hostname
• WIN-C6UDA2DS5FF2
• netdom renamecomputer WIN-C6UDA2DS5FF2 /newname:HyperV1
• shutdown /r

Join the domain

• netdom join HyperV1 /domain:PebblyHill /userd:Administrator /passwordd:*
• shutdown /r

IP Address details

• ipconfig
• Windows IP Configuration
• Ethernet adapter Local Area Connection 1:
• Connection-specific DNS Suffix  . : pebblyhill.com.au
• Link-local IPv6 Address . . . . . : ae70::0d04:dea2:b323:4db5
• IPv4 Address. . . . . . . . . . . : 192.168.0.20
• Subnet Mask . . . . . . . . . . . : 255.255.255.0
• Default Gateway . . . . . . . . . : 192.168.0.1

Allow ping and RDP through the firewall

• netsh firewall set icmpsetting 8
• Ok.
• netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
• Updated 1 rule(s).
• Ok.
• netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
• Updated 16 rule(s).
• Ok.

Or disable the firewall:

• netsh firewall set opmode mode=disable

Enable remote desktop

• cscript C:\windows\system32\scregedit.wsf /ar 0
• Registry has been updated.

Install Hyper-V

• start /w ocsetup Microsoft-Hyper-V
• shutdown /r

If you did not join a domain, using GPOs for update settings and need to manually setup windows update the following commands are for you (This will use the default time of 3am to check for patches)

• Cscript c:\windows\system32\scregedit.wsf /au 4
• Net stop wuauserv
• Net start wuauserv

Update right now

• Wuauclt /detectnow

Check the update status

• Cscript scregedit.wsf /AU /v

From here on in you can use the RSAT tools on a client to do the rest

SCVMM 2008 R2 converting VMware ESX Error (2912)

 

I have Windows Server 2008 R2 hosts running HyperV.  Using SCVMM 2008 R2 to migrate existing VMware ESX VM's. I copied the VMDK and VMX files to the SCVMM Library and then tried to do a V2V and get the following errors when trying to migrate a VMware VM:

“Error (2912)
An internal error has occurred trying to contact an agent on the MyServerName.DNS.com server.
(Unknown error (0x8004232c)).”

The conversion gets to 66% and fails on the task 1.3 “Make operating system virtualizable[sic]”

Turns out this stage is trying to START the VM to remove VMware tools and and install the Integration Services. But there was no NIC card selected so it fails.

Try again with a network card and voilà.

A hotfix rollup (build 4.0.3594.2) is available for Forefront Identity Manager 2010 (FIM2010)

Original link: http://support.microsoft.com/?id=2520954

This hotfix rollup package replaces the following hotfix rollup packages:
2502631  2417774  2272389  2028634  978864 

Fixed issues in Workflow Engine

1. An error message: Cannot enlist in the transaction because a local transaction is in progress on the connection.
2. The time stamp is the same as the time when the operation fails.

Fixed issues in Sync Engine

1. Fixes an SQL query construction issue that occurs during an import. This issue affects a DB2 database that uses a non-Unicode character set.
2. Fixes many "Export not reimported" errors that might occur because of errors in SQL.
3. An ExpectedRulesEntry (ERE) object is associated to a child synchronisation rule of a Metaverse object. If the ERE object has a Remove action, deprovisioning of the object is also being triggered. which causes the deletion of the Metaverse object.
4. Fixes an access violation when a custom extension calls a COM+ object.
5. An earlier hotfix introduced a special Extensible Connectivity Management Agent (ECMA) mode to keep unconfirmed exports in escrow instead of awaiting confirmation. An issue with that hotfix causes delta sync to add new items that are not merged with an escrowed export into a pending export. After you install the hotfix that is mentioned in this article, if the ECMAAlwaysExportUnconfirmed registry entry is set to 1, the escrowed and pending changes are merged.
6. Improves the performance of all Sync Engine operations.
7. A password reset that uses the ADMAEnforcePasswordPolicy registry setting fails when the user is in the Administrator group but is not an administrator.

Fixed issues in Sets and Query

1. Fixes an issue that would sometimes cause incorrect Set calculations. This resulted in lots of set corrections. Also revised the Sets Correction job so that it does not change special sets that are maintained by another system maintenance job.
2. Revised the FIM "Query and Sets" features to treat underscores and precent signs as literals instead of as SQL wildcard characters.

Fixed issues in Certificate Management

1. Enables the random number generator in the server key generation function.
2. Improves the performance when enrolling a smartcard that has not previously been used with FIM Certificate Management (CM).

Fixed issues in FIM Management Agent (MA)

1. Fixes an issue in which the FIM synchronisation service configuration for synchronisation rules and codeless provisioning was not correctly written to the FIM Service database.

Fixed issues in FIM Service

1. Fixes an issue with SQL Server deadlocks that might occur during periods of high concurrency of requests or approvals.
2. Fixes an issue in which unexpected data in the FIM Service database could result in the FIM MA causing the Synchronisation service to fail during import, and a stopped-server error occurred.
3. Fixes an issue when you add or remove a value for a multivalued string attribute. If the request was subject to authorisation such as request reevaluation, the request would fail after approval.
4. Some ExpectedRuleEntry objects and DetectedRuleEntry objects in FIM 2010 can become "orphaned" over time. When a DetectedRuleEntry object is not referenced in the DetectedRulesList of any object in the system, that object is determined to be orphaned. Similarly, when an ExpectedRuleEntry object is not referenced in the ExpectedRulesList of any object in the system, that object is also determined to be orphaned.

You still need KB979214 if you turned on the AD trashcan: http://davestechnology.blogspot.com/2011/07/w2k8-r2-ad-recycle-bin-and-fim.html

Turned on the Active Directory trash can only to find out the FIM (Forefront Identity Manager) has not stoped synchronising some objects? Well fear not, they are in sync, but to the trash folder!

Below shows an object that is in sync, but to the delete item. There is a hotfix for it that installs on the DC. KB979214 is the patch.

Single or dual CPU in VDI?

This is a really interesting article that shows in limited testing that additional CPUs for the client session will give a better overall performance to the VDI pool. Nice to see it tried and counter intuitive result that shows consuming more resource is better overall for the environment.

“

From this results, I can certainly say, an additional CPU will:

• boost the streaming/boot up process
• improve responsiveness and registration of virtual desktops
• with an increased cost of the CPU hit on the hypervisor

So the takeaway will be:

• If you are planning to go big with huge number of VMs lifecycling every day…
• If you have large amount of working shifts which you may need to provision in advance…
• If your cycling window need to be the shortest possible…

…in all those cases, an additional CPU will improve your cycling processes, reducing the registration gap of virtual desktops, with an additional cost of higher peak of host CPU utilisation, improving your infrastructure uptime.

“

Source: http://blogs.citrix.com/2011/10/23/will-2-vcpu-desktops-improve-your-uptime/

How to Optimise XenDesktop Machines

 

Original link:http://support.citrix.com/article/CTX125874 (Citrix Article)

The TargetOSOptimizer tool reconfigures various Windows functions to optimize the performance of the operating system for virtual desktops. Optimisation of the master VM is typically performed before the desktop catalogue is created.

Procedure

To optimise your master virtual machine, select the option to optimise the desktop when you install the Virtual Desktop Agent. This applies a predetermined set of optimisations specifically recommended for pooled and dedicated machines as part of the Virtual Desktop Agent installation process.

To apply additional optimizations to the master virtual machine at a later date, run the TargetOSOptimizer tool manually.

Optimisations are applied either through changes to the Windows registry or programmatically by disabling specific features. Some optimisations are only applicable to certain versions of Windows or, for physical machines, specific hardware such as particular network adapters.

A backup file named optimisations.reg is stored in the installation folder for the TargetOSOptimiser tool, typically located at C:\Program Files (x86)\Citrix\TargetOSOptimiser. Apply this file to the Windows registry to revert the most recent set of optimisations on the master virtual machine..

Specific Optimisations Performed by the Virtual Desktop Agent Installer

Disable Windows Autoupdate
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
WindowsUpdate\Auto Update]
"AUOptions"=dword:00000001
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
"Start"=dword:00000004

Disable Offline Files
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache]
"Enabled"=dword:00000000

Disable Disk Defragmentation BootOptimizeFunction
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction]
"Enable"="N"

Disable Background Layout Service
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
OptimalLayout]
"EnableAutoLayout"=dword:00000000

Disable System Restore
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr]
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srservice]
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001

Disable Last Access Time Stamp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
"NtfsDisableLastAccessUpdate"=dword:00000001

Disable Hibernate
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power]
Various keys and values are set according to the version of Windows detected.

Disable CrashDump
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl]
"CrashDumpEnabled"=dword:00000000
"LogEvent"=dword:00000000
"SendAlert"=dword:00000000

Disable Indexing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cisvc]
"Start"=dword:00000004

Reduce Event Log File Size to 64 kB
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\
Application]
“MaxSize"=dword:00010000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\
Security]
"MaxSize"=dword:00010000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\
System]
"MaxSize"=dword:00010000

Reduce Internet Explorer Temporary File Cache
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
"CacheLimit"=dword:00000400 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
"CacheLimit"=dword:00000400 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
"CacheLimit"=dword:00000400
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
"CacheLimit"=dword:00000400
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Internet Settings\Cache\Paths]
"Paths"=dword:00000004
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Internet Settings\Cache\Paths\path1]
"CacheLimit"=dword:00000100
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Internet Settings\Cache\Paths\path2]
"CacheLimit"=dword:00000100
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Internet Settings\Cache\Paths\path3]
"CacheLimit"=dword:00000100
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Internet Settings\Cache\Paths\path4]
"CacheLimit"=dword:00000100

Disable Clear Page File at Shutdown
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
"ClearPageFileAtShutdown"=dword:00000000

Disable Superfetch (Windows 7)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysMain]
"Start"=dword:00000004

Disable Windows Defender (Windows 7)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Run]
"Windows Defender"=hex(2):00

Disable Windows Search (Windows 7)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSearch]
"Start"=dword:00000004

Disable Scheduled Disk Defragmentation (Windows 7) Programmatic optimisation.

Additional Optimisations Available When Running the Tool Manually

Disable Move to Recycle Bin (Windows XP)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Explorer\BitBucket]
“UseGlobalSettings"=dword:00000001
"NukeOnDelete"=dword:00000001

Disable Move to Recycle Bin (Windows 7)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoRecycleFiles"=dword:00000001

Disable Machine Account Password Changes
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\
Parameters]
"DisablePasswordChange"=dword:00000001

Disable UDP Checksum Offload (Only When a Broadcom NIC Is Detected)
Programmatic optimisation.

Citrix Licence server and Repeaters

According to: support.citrix.com/proddocs/topic/licensing-119/lic-fs-accessing-firewall-c.html

Firewall Considerations

If there is a firewall between your product and the license server, you need to configure port numbers. This configuration process entails:

• Open up the firewall ports. Open any ports on the firewall that you modified so that traffic can flow. For Windows Server 2008, the license server Version 11.5 or later configures the built-in firewall automatically.

This is not my experience and instead needed to do so manually. If you use default port numbers for use by Licensing components you will need to manually create IP/TCP port exceptions for the following:

• TCP/27000 License server (Citrix apps, XenDesktop etc.)
• TCP/7279 Vendor daemon (Repeaters)
• TCP/8082 Console Web (optional).

Citrix Branch Repeater VPX setup

Default login and set an IP Address

Login: admin
Password: password

Give it an IP, DNS and Name:

set adapter apa -ip YourIPaddress -netmask 255.255.255.0 –gateway YourRouter
set dns-server YourDNSserver
set hostname YourVPXname

Display details:

show interface
show adapter

Set admin password and create a new Admin:

add user -name UserName –password Password -privilege admin
set user -name admin –password YourPassword -privilege admin

Restart and test:

restart

 

Then go to a web browser: https://YourIPaddress  to licence via a central license server going to the

“System Tools: Manage Licenses”

• License Server Location: Remote.
• Remote License Server Address: Enter the IP address of your license server.
• Remote License Server Port: The default will work unless you chose a non-standard port for your license server
• Model: match the selection to the BW limit in your license, that is “Citrix Branch Repeater V10” refers to a 10 mbps license.
  

NOTE: #

69520. Description: After adding licenses to a license server that previously had
none, any Branch Repeater VPX units will fail to notice the new licenses for
24 hours.

Recommended action: Restarting Branch Repeater VPX will cause the new
licenses to be noticed immediately. Stopping the license server for at least
15 minutes and then starting it again will also work.

Windows 7– lost thumbnail view

This has been killing me, but I found the answer, sorry I can’t credit the original poster.

1. Open Control Panel
2. Choose Folder Options
3. Click the Views tab
4. Uncheck "Always show Icons, never thumbnails"
5. Uncheck "Display file icon on thumbnails"
6. Click Reset Folders button.

Thank goodness !

SSH to a Citrix Repeater (Linux or VPX)

You can SSH to it using putty etc but the user name/password, does not work  and you get “Access Denied”.

Ahh, the user name is ‘CLI’

Then it will ask for the real user name, such as:

login as : cli

login: admin

password: ShhhhSecret11

Hey Presto!

XenDesktop pools verse dedicated machines

Choosing pooled verses dedicate machines depends mainly on the access and control you want to grant the user of the virtual desktop.

Pooled – good for task workers

1. Pooled machines provide desktops that are allocated to users on a per-session, first-come first-served basis. For pooled-static machines, users are assigned a specific machine from the pool when they first log on to XenDesktop. Users are connected to the same machines for all subsequent sessions. This allows users of pooled-static machines to be associated with specific VMs, which is a licensing requirement for some applications.
2. Pooled-random machines are arbitrarily assigned to users at each logon and returned to the pool when they log off. Machines returned to the pool are available for other users to connect to.

Pooled desktops are freshly created from the master VM when users log on via the provisioning server.

Any changes that users make to their desktops are stored for the duration of the session, but are discarded when users log off. Of course you can use profile manager to help with this and store the user details.

This solution maintains a manually created single master VM in the data centre dramatically reduces the time and effort required to update and upgrade users' desktops. This allows you to periodically replace this master for patches etc.

Dedicated – good for power users and administrators

1. Dedicated machines provide desktops that are assigned to individual users. Machines can be assigned manually or automatically assigned to the first user to connect to them. Whenever users request a desktop, they are always connected to the same machine, so you can allow users to personalise their desktops to suit their needs.

Dedicated desktops are pre-created from the master VM via the snap-shot and the first time that users log on, they are assigned this machine. Several users can access the same machine (at different times).

Maintains an automatically created snap-shot of the catalogue master VM. But as for changes, the user has to look after the computer or you re-mint them a new image as needed.

Sources: http://support.citrix.com/proddocs/topic/xendesktop-rho/cds-choose-scheme-type-rho.html

Removing Licences from the Citrix Licence server

This is handy if you are using the Desktop Controller that lets you add licences such as the Repeater VPX but does not allow you to delete them. You can see them in the web console but not delete them.

You can manually delete license files that are no longer in use from their Windows directory and restart the service.

The license files are stored in:

• C:\Program Files (x86)\Citrix\Licensing\MyFiles
  
• Stop the Citrix Licensing services
• Delete the old license files
• Restart the Citrix Licensing Services

XenDesktop 5.5 and vSphere 5

Yes it is (almost) fully supported. Including the Virtual Distributed Switch (vDswitch). However you do need to upgrade the Provisioning Server (PVS) to v6 to support it as 5.6 fails if vDwitches are used.

If you are using the Machine Creation Service (MCS) then you don't need to do anything. However if you upgrade VMWare tools, you need to re-install the Citrix Virtual Desktop Agent VDA.

There is a short whitepaper here: http://support.citrix.com/article/CTX130681

We will be upgrading today.

Additional Information Sources:

http://blogs.citrix.com/author/johnfa

http://blogs.citrix.com/author/richm

XenApp 6.5 reboot schedule

Man, it used to be a tick in a box, but now it is a policy but can still be done. Here is how:

XenApp 6.5

Create the Worker Group

• Right-click Worker Groups and select Create Worker Group.
• In the Name field, type: Weekly Reboot
• Click Add, and select the servers

Create the Citrix Policies

Launch the Delivery Services Console.
Click Policies, Computer, New, In the Name field, type: Weekly Reboot

In the Search All Settings field, type: reboot.

Scroll to:

• Reboot Logon Disable Time and click Add.
• Reboot Schedule Frequency and click Add.
• Reboot Schedule Start Date and click Add.
• Reboot Schedule Time and click Add.
• Scheduled Reboots and click Add.
• Click Enabled and then OK.

Click Add for Worker Group.

Click Add and type: Weekly Reboot

Save. Repeat the steps above for each additional Worker Group.

From a command prompt on one of the XenApp servers, type: gpupdate /force. Or just wait until the allocated time.

 

Source: http://support.citrix.com/article/CTX126043

XenDesktop on Hyper V–HostingUnitService error

 

Either using quick XenDesktop 5/55 deployment wizard or the standard desktop deployment you get this error:

 
"The environment for this connection type is incorrect. If connection type is SCVMM, SCVMM Admin console need to be installed on the same machine as the HostingUnitService is installed on.”

According to Citrix this means you need the SDK for SCVMM.

According to Microsoft the SDK for SCVMM is the PowerShell CMDlets. So to get the PowershellCMDlets install the SCVMM Administrator Console on the Desktop Delivery Controller computer.

Dispute a HostingUnitService sounding like a VMhost…

Issue licencing the Citrix Branch Repeater VPX?

Citrix are officially crap with the way they licence their software and always have been, but if you have used Citrix ever you know that but today they add another crap feather to that cap.

If you have a licence server it has a name, lets call it a hostname, that is what Citrix call it to and for a XenDesktop and XenApp licence that is what it is, but for the Branch Repeater the hostname is actually a FLEXnet Host ID that you get from a utility they provide not the hostname that they ask for.

So instead of the hostname go to the licence server, open a command windows as Administrator, go to C:\program file (x86)\Citrix\Licensing\LS and run “lmutil lmhostid”. The output number is what you need for the Citrix licence website.

IMPORTANT: In Branch Repeater VPX software release 5.6, only Express, Eval, NFR and IOUL licenses can
be installed locally. Use a remote / network Citrix license server for Production (RETAIL) licenses.

If you are using a firewall the License Server default ports are more then just 27000:

• 27000 - Used by XenApp servers to communicate with the License Server
• 8082 - The License Management Console (LMC) uses this port to communicate with the License Server
• 7279 - Static port for the Citrix vendor daemon

OR disable the firewall if you don't love security.

Citrix do have an article on this: http://support.citrix.com/article/CTX128875