Are your VMware, Citrix and AD teams talking? They should be.

So here are some quick lessons I learned recently in some of the Citrix Provisioning XenDesktop vSphere environments I have been working in.   The typical solution consists of Citrix Provisioning Services streaming down a XenDesktop brokered OS to a vCenter managed vSphere Virtual Machine.  Lots of ties and connections to different systems and management consoles and different Admin groups sometimes.

The first time, I was working with the VMware servers and during some housekeeping, I decided to remove a HOST from vCenter and add it back in under a different cluster.  The VMs on the box all remained up and on and weren’t changed.  What I forget about was the XenDesktop management interface that was linked to the VMs via vCenter to facilitate power operations.  When the host and it’s machines were added back into vCenter, XenDesktop could no longer recognize them.  The associate between Virtual Machine and Active Directory computer account was broken and had to painstakingly be reestablished.  Woops. 

The next time around, I was working with the Provisioning Services console and due to some flaky behavior, decided to recreate some AD accounts for the XenDesktops.  Again, forgetting about the management in XenDesktop, I had broken all of the connections between Virtual Machine and AD Computer account.  This time, the Virtual Machine column was intact but the AD column just had old unresolvable SIDs in it.  Back to the console to reestablish all of the connections again.

In environments where Active Directory, XenDesktops and VMware are handled by different teams, it is prudent to try to get on the same page.  With all the connections and dependencies, seemingly innocent actions in one environment could create disastrous results in another.

Click Here to Continue Reading >>

Dude, Where’s My VM? I have no Idea. :(

Recently got an email from a friend who had (not by his doing) stepped into an environment where Virtual Machines had literally sprung up across various WorkStation installations.  The environment I am sure was meant for development but somehow had to morphed into something people came to rely on. 

Subject: My VM is Lost :(

Can you help me find it? I have a running VM on VMware Workstation 6.5 somewhere out there on a particular subnet. It is responding to pings and I can get to c$, but RDP is not responding so I want to bounce the machine. Looking for the machine has made me realize that no one ever documented where it is hosted! Is there an easy way to find this guy that you know of? I’ve been searching through my VM Workstation (don’t ask) hosts, but can’t find the dude yet.

I actually could not think of a way to help locate this machine given the above criteria short of heading into the switches and looking for MAC addresses and switch ports.  Something entirely out of my wheelhouse.  What my friend SMAlan* did remind me of, was the need for Virtual Machine management and processes.  Super easy to create VMs and even easier to lose track of them.  Even easier to forget about virus protection and backups and other protective measures we’ve spent years developing for our physical servers.

As far as the VMware Workstation Hosts,  in environments like this, dedicated hypervisors should be seriously considered.  From a cost perspective, ESXi, XenServer and even Hyper-V should be phased in.  If the hardware requirements are too much or funding is too little, even the hosted VMware Server would have been a better choice than VMware Workstation and cheaper since Workstation is not a free product.

^{*Names have been changed to protect the innocent.}  

Click Here to Continue Reading >>

Best Practice : Start your Citrix STA ID names with STA. :)

Sam Jacobs sent over a quick best practice note reminding us verify that our STA IDs begin with the letters ‘STA’ for XenApp Plug-in Version 12.0 compatibility.  The following CTX article details how Published Applications will fail to start if the STAs do not start with this naming convention.

Published Applications Fail to Start through XenApp Plug-in Version 12.0

http://support.citrix.com/article/CTX124967

Thank Sam.  Good Tip!

Click Here to Continue Reading >>

Troubleshooting Provisioning Server Image Trust Issues

In every relationship, there is going to be some trust issues.   Citrix Provisioning Services is no different.  Here are two quick items to check when your Domain doesn’t seem to want to trust you anymore.

In a typical Provisioning deployment, multiple machines will be set to use the same shared Read Only vDisk and reset back in time each time there is a reboot.  It’s the action of rolling back in time that creates the Active Directory trouble.  To Microsoft’s Active Directory, it can look like a replay attack where a rogue entity has sniffed your machine token and tries to ‘replay’ it to gain unauthorized access.  To correct this appearance, Provisioning Services needs to keep track of the ever changing Machine Account Passwords to keep the Domain Trust with all the different servers using this single vDisk.  By default, it does not.  Be sure to verify in your vDisk File Properties that Active Directory machine account password management is checked.  This will allow Provisioning Services to intercept, store, track and regurgitate the proper Domain passwords/Tokens when needed.

Now that the vDisk file knows to track passwords, your next troubleshooting stop would be the device properties.  When adding new devices to the Provisioning server farm, be sure to CREATE the Machine Account Active Directory Object via the PVS Console.  This will give Provisioning Services the starting point it needs to begin keeping track of password changes.  Right Click on the particular device and Choose Create or Reset Machine Account Password.  If you don’t even see the Reset option, chances are you forget to create the AD Object via the PVS console in the first place.  Just delete the Machine Account and recreate it. 

I think these can pretty easy for a Citrix Administrator to forget and should solve about 99% of your trust issues related to Citrix Provisioning Services. 
Happy Provisioning!

Click Here to Continue Reading >>

Using XenDesktop as a secure in-house GotoMyPC Solution.

For a while now, we have been recommending using XenDesktop for users to get back to their Physical Desktops back in the office as a type of localized GoToMyPC.  The solution was especially appealing to existing XenApp customers that were publishing RDP session on their XenApp farms as a way of providing secured access to user’s PCs.  RDP over ICA provided it’s own challenges (video, sounds etc.) so ICA all the way back to the Physical Desktops was a winner.  As long as they were using XP.  Recently, I tried to implement this solution for a client that was running Windows 7 on their desktops.  A typical workstation with a couple of monitors and Windows 7 OS.

Not the typical success story that I had grown accustomed to with the XP machines.  After installing Citrix’s HDX-3D package and VDA, we were able to connect over to the PCs.  Two basic issues presented themselves immediately.  The most severe and apparent was the mouse control/location.  The icon was several inches offset from were the actual click was taking place.  The other issue was the inability of the VDA to ‘Blank’ out the remaining monitors.  It only blanked the initial monitor that it was relaying the screen for.  Remaining monitors were unlocked and visible to people within the office. This would have presented privacy issues within the organization if we had been able to overcome the mouse issue.

After a couple of weeks of Citrix troubleshooting and escalations, the case was closed without resolution.  Citrix Development is aware of the issue and is hoping that it will be addressed by the next version of the HDX-3D package.  Due to the nature of development, no ETA can be provided.  Definitely not the answer my client or I was hoping for.  It is what it is though.

Bottom Line: Using XenDesktop 4.x with a Windows 7 physical machine with more than 1 monitor is not supported and probably will not work.

I wish this was better documented somewhere on Citrix’s site before I recommended it.  Maybe a KB article or in a release note somewhere.

Would another Broker solution have fared better in this particular scenario?  Let me know in the comments.  Thanks.

Click Here to Continue Reading >>

Join.Me for Free Screen Sharing and Collaboration

Sure you can use WebEx or GotoMeeting but you want something FREE!  Try out Join.Me by LogMeIn.  I was already a big fan of LogMeIn products for quick free remote access to family and friend’s PCs.  Check out my post on LogMeIn Central.  So when I heard about Join.Me from Moshe Silber, I was all over it.  No registrations, no logins, or complicated setups. 
Just hit the page and choose either Share or Join.

Clicking Share prompts you for a quick download of an executable (No install, just RUN) and your meeting is setup.  Just relay the 9 digit number to additional people and they can join your meeting.  The whole process is LIGHTNING fast.  A free conference number is also provided.  Nice touch.

I think this is a great little product with an unbeatable price.  Nice job LogMeIn!

Click Here to Continue Reading >>

In NYC October 17 or 18th? Check out the INTEROP Expo for free.

**This is an exclusive offer for VMwareInfo.com readers only!**

If you are interested in attending yet another Expo full of vendors giving away pens, balls, key chains and other chotskis; Here’s a code that was sent to me for free Expo registration to INTEROP.  It’s probably a good way to kill some time during a long lunch hour if you are near the Javits Center.

Invite a Colleague
Do you have a friend or co-worker who might like INTEROP? Copy and paste this special offer and your friend will save $100 on the current price of INTEROP Conference passes:
INTEROP is the leading business technology conference and expo with more than 100 sessions and 200+ exhibitors. INTEROP provides a comprehensive, integrated view of technologies that will give your business a competitive edge, and offers in-depth education with focused programs like Enterprise Cloud Summit, Desktop Virtualization Day, Virtualization Management Day and CIO Boot Camp.

Use code CNSCNY01 to register for a Free Expo Pass. www.interop.com/newyork

Javits Convention Center
655 West 34th Street
New York, NY 10001-1114

^{**Not really an EXCLUSIVE Offer – That part was completely made up.  I’m pretty sure this code is available to anyone who bothers looking for it.}

If you DO actually go and check it out, let us know how it was in the comments.

Click Here to Continue Reading >>

Installing Microsoft SQL Management Tools on Citrix XenApp 6

While building out a new XenApp 6 farm, my client had requested that SQL Management tools be installed on the image (We were provisioning the servers) so that developers could do their thing.  Seemed like a pretty straight forward request.  After taking a quick copy of the vDisk and popping it into private mode, I took a shot at installing the SQL tools.  Almost immediately I was presented the following error informing me that MS Visual Studio 2008 had been detected on the system and would need to be updated to SP1.  Seemed like a small roadblock except looking at Add/Remove programs, I couldn’t find anything that needed updating.  Hmmm..

Turns out that XenApp 6 uses some components that are recognized by the Management installer that are not SP1.  Obviously, I did not want to start updating components of the XenApp farm but I did need to get these tools on the vDisk.  Enter Visual Studio’s 2008 Isolation Shell.  This package is meant to allow developers to install custom branded SQL components of different versions side by side in an isolated fashion.  Perfect.  A quick download and install of the VS2008 Isolation Shell and then another run at the SQL Management tools.  This time, everything installed without any issues.  Nice.  Here is a link to the VS2008 Isolation Shell.

Visual Studio 2008 Shell (isolated mode) with Service Pack 1 Redistributable Package download.

Click Here to Continue Reading >>

Upgrading VMware AppSpeed 1.2 to 1.5

With the new version of AppSpeed released, I downloaded the ISO and proceeded with the upgrade.  Here’s a quick rundown of the activities for those attempting the upgrade.

My Lab is pretty straight forward with 2 ESX hosts, VC (as a VM), some other VMs and the AppSpeed server.

Pull up a console and mount the AppSpeed.iso for the upgrade.

Log into the console (by typing console) and run upgrade_AppSpeed.  After the first reboot, it will continue with the upgrade process.  In the meantime, it does create nice roll back snapshots.

Don’t be alarmed if it seems to hang at ‘Restoring AppSpeed state…’ – Mine was at that point for about 60 minutes.

Eventually, It did kick through successfully.

Once the upgrade was complete, I did have to rerun the setup from the console.  Choosing all of the previous defaults as before, I just let the script rerun.

After setup completes, be sure to exit your VI Client.  You will now see the new 1.5 version installed on your vCenter.

Unfortunately, you also see your older 1.2.  I just disabled mine.

My AppSpeed environment is still new and since it is my lab, it is starved for really intense transactions but as the learning process builds up as traffic is exposed to the probes, I’ll report back with some of the great graphs and insight this product produces.

Click Here to Continue Reading >>

Shadowing in XenApp 6? Not if you have Multi-Monitors.

While working with the newest versions of Windows 2008 R2 and Windows 7, I am beginning to notice more and more compatibility issues with Multi-Monitors and various Citrix products.  Changes with the new graphics driver model (WDDM) seem to be wreaking havoc with these types of remote presentation products.  With VDI and the move to Windows 7 on the desktop not to mention XenApp 6’s requirement of Windows 2008 R2, implementations might get a lot harder before they gets easier.   Chris Hahn stumbled across this on in the Citrix knowledge base.

Shadowing only works in XA6 if there is only a single monitor on both sides.  Multi-Monitor shadowing is no longer supported because of OS limitations.

http://support.citrix.com/article/CTX125693

Click Here to Continue Reading >>