Views, thoughts, technical information, cool stuff and more about Citrix Provisioning Server
Welcome to the new year and my first blog of 2009. Let's kick off '09 with a focus on simplification.
Let's focus on a topic that often brings chills to a XenApp administrators spine... upgrades. Back in the day when I was a MetaFrame administrator, I remember the time, patience, and sometimes stress involved with trying to upgrade 100 servers to the latest version of MetaFrame. Well, a lot has changed in the world of application delivery. MetaFrame went through numerous identity changes to become XenApp. With those new identities we have witnessed a maturing of the product to include more functions, features and abilities to deliver troublesome applications. But one thing has remained fairly constant, XenApp upgrades are not as easy as flipping a switch.
Take, for example, the following knowledge base article from one of my coworkers, Jo Harder. Jo created a great article explaining the technical concepts for upgrading and migrating XenApp 4.5 to XenApp 5. It covers the process, what to do and which approach to take. This document has only been out for 4 months and has been the most read article for each of the past 4 months. By my estimation, the topic of XenApp migrations is very important to people.
Back in September 2008 I blogged about a potential way to simplify the migration process by integrating XenServer with XenApp. In this blog I identified 5 areas where I thought this tight integration could show benefit and I called this the HOMER Criteria. Well, after more investigation, analysis, testing and validation, I'm here to let you know that we can indeed simplify XenApp migrations if we integrate XenServer and Provisioning Server into our architecture.
How is that possible? Most people have a standard practice for incorporating new XenApp versions into their environment. This process typically takes on the following sections:# Server validation: We have to make sure that our applications work with the new version
- Server builds: We have to spend time updating all of our server build images/scripts
- Implementation: Need to update all servers while not impacting the user environment and not incurring huge hardware expenses
- Maintenance: Need to keep our new servers consistent and updated with the latest hot fixes and service packs and updates
- Rollback: In the potential event that the upgrade causes major issues, we need to make sure we have a fast way of recovering our old environment.
These are each critical to a successful migration to the latest version of XenApp. Each one of these areas can be improved through virtualization and workload provisioning and you can expect the following benefits: # Time Savings: The time spent building servers is removed due to Provisioning Server's integration with XenApp. Brand new servers can be brought online in less than 30 seconds.
- Repeatability: The integrated process used to upgrade to XenApp 5 can also be used for future versions of XenApp, except that future upgrades will be faster as the infrastructure is already virtualized and the process is familiar.
- Simplification: The process is able to ignore the complexity of different configurations and drivers, helping to reduce the time spent developing server builds and installation configurations.
- Maintainability: The solution guarantees consistency within the XenApp farm. When an application update or an operating system patch is validated, the entire XenApp farm will utilize the new configuration.
Some of you might be intrigued and want to know how to do it. Learn how by reading the following materials:
- Reference Architecture*:* Understand the architecture, the areas of concern and the potential benefits
- Getting Started Guide*:* Get a high-level overview of the integration process. This guide gives an overview of each phase, whereas more detailed steps can be found in the implementation guide.
- Implementation Guide*:* This guide takes you through, step-by-step, on how to upgrade your XenApp environments to XenApp 5 on Windows 2008 through the use of XenServer and Provisioning Server. As you follow these steps you will see how the three products integrated into a solid solution for application delivery.
- Design Considerations*:* Follow these considerations to make your virtual XenApp environment easier to setup, maintain and manage.
So remember, if you are not thrilled about doing a XenApp migration, then try a new approach... Virtual and Provision.
Daniel
As the New Year quickly approaches, we're all thinking of our New Year's resolutions, and I'm sure that on the top of each of your lists is "Improve the Capabilities of my Corporate Citrix Farm".
OK, maybe it's not at the TOP of your list...
But improving the reliability, scalability, and ease of use of your Citrix installations is an issue that most administrators face constantly. And, as the New Year is upon us, it might be a good time to reflect on that "one thing" that you can do to make your farm more productive, more secure, more reliable, and more manageable.
Along those same lines, I think it's a good time for Citrix to ask... What new products or enhancements would you like to see from us? What can WE do to make your job easier? What can we do to make your farm more secure? What can we do to provide you with the tools you need to make your Citrix installation perform in ways you have not been able to achieve?
Feel free to reply with your #1 ITEM (just one, make it your biggest) that you would like Citrix to focus on in the upcoming year. If it's a direction that we're already working towards, and you'd like us to continue, let us know! If there's an area that you think we should look at, we'd like to know that as well! Although I can't personally promise that your suggestion will work it's way to the top of our list, I think that your feedback, as always, is an integral part of our corporate direction, and helps us to plan for the future as well.
So, let the 2009 wishes begin!...
Our Events team is putting together the content for Citrix Synergy 2009 now. The team would like your input on the content. Please answer the poll questions below -
Part I of the Deep Dive into XenDesktop series reviewed the architecture. Part II covered the install and management tools. Part III reviewed an example XenDesktop Pilot Architecture. Part IV reviewed the Virtual Desktop Delivery of Dan Feller's "XenDesktop Pilot Implementation Guide". Part V reviewed the integration with XenApp for application delivery to the virtual desktops. Part VI covers User Personalization with Citrix User Profile Manager. This is the third section from Dan's Pilot Implementation Guide.
This embedded presentation covers the "Personalization" section of the Pilot Implementation Guide.
Click here to view the presentation in full screen at Slide Share.
This presentation does have several slide notes that provide additional detail. You can view the slide notes here.
Frank Anderson on the XenDesktop team has created a few screencasts covering the features of XenDesktop. You can watch his short screencast covering the provisioning and lifecycle management features of XenDesktop here
. Frank's screencast on user experience is available here.
Download the free XenDesktop Express Edition here
I have been having this ongoing conversation with my fellow citrites on provisioning and virutualization. The big question is whether to provision the hypervisor, or to virualize the provisioning server. Each has its pluses and minuses, but they are both equally valid solutions.
If we look at provisioning the hypervisor, the advantages are that we could re-provision bare metal servers to be anything, but we would also have to worry about where write cache for the hypervisor would be located, and then there is the whole cloning of a hypervisor thing.
If we look at virtualizing the provisioning server, the advantages are that we could move the provisioning server to other hosts, which would be a major added benefit to the already robust HA features of Provisioning Server. The negative would be that we would have to allocate more virtual resources for more provisioning servers or use fewer guests per host to achieve the same thing.
I gave a presentation at PubForum 2008 Dublin earlier this year, where I took a similar approach to something wonderful. I used provisioning server to stream to a target device and OS that was itself a provisioning server, and that in turn was used to stream to a target device a client OS. The purpose of the demo was to show you how one could use provisioning and virtualization to truly build a dynamic environment, whether it is a lab, or a production environment. But the main goal was, if I had a rack of servers, that had nothing on them, zip, nada, zilch, and from that I wanted to hit the big green go button, and turn them into whatever, you should be able to do so.
At present we can provision Windows Server 2008 with Hyper-V, but not XeServer. I'm not trying to get into a this product, that product debate, but I want to try and flush out what you think about the pluses and minuses of either of these scenarios.
This is an in depth look at How to properly create a virutal disk with Citrix Provisioing Server that can be used as a Private or Standard Virtual Disk for Target Devices that will properly maintain Machine Account password synchronization with Active Directory.
Part I of the Deep Dive into XenDesktop series reviewed the architecture. Part II covered the install and management tools. Part III reviews an example XenDesktop Pilot Architecture. This presentation is based on the "XenDesktop Pilot Reference Architecture" document by Dan Feller. Here is the the introduction to Dan's white paper -
Overview
Properly delivering desktops to users is a core requirement for just about any business. If users are unable to use their desktops or applications, the business cannot function at full utilization. Every few years, just about every business undergoes a massive rollout of a new operating system, new hardware or new applications requiring a swarm of individuals to build, test and rollout the newest systems to the masses. Because of this enormous undertaking, many organizations hold off on beneficial upgrades, which oftentimes limit how fast the organization can turn to changing market demands.
There are automated tools from numerous vendors to help in the deployment of new applications and operating systems, but the question should be raised if deploying applications out to the user population is still the best approach. This type of approach incurs numerous consequences impacting the user and the business like:
- Loss of end-user device opens up significant security concerns for lost data
- Corruption of the operating system or application by malicious or inadvertent acts requires extensive troubleshooting and administrative time resulting in end-user downtime
- System upgrades are delayed due to the costs associated with the procurement of new hardware.
Instead of going down the old approach of deploying operating systems and applications to thousands of physical workstations, a dynamically provisioned virtual desktop environment will offer organizations the ability to provide their users that latest environments without the time and costs associated with a large-scale desktop rollout. Before the rollout begins, it is recommended a pilot program is launched that validates the recommended design based on business and user requirements.
This document provides a reference architecture for a XenDesktop Pilot. It is broken up into the following components:
- Virtual Desktop Requirements
- Solution Overview
- Technical Architecture
Dan put together a list of requirements for this Pilot Reference Architecture -
The pilot is the last stage of testing and validating the design and environment build before moving towards a full-scale production rollout. A small set of users will work with the production-level environment and validate the solution is functional and meets the overall virtual desktop requirements. For the architecture defined throughout this document, the following requirements are used:
- Users should be able to personalize their virtual desktop environment with application configurations, environment settings and user preferences. The personalization settings should follow the user from system-to-system.
- Users should be able to continue working within their virtual desktop even if there is a failure of a component within the environment.
- Users should be able to get access to their virtual desktop securely and over remote connections without relying on a VPN client
- A single base standard image should be used for all users within the pilot group.
- Updating the operating system with the latest security patches should only be required on a single image. Those changes should be propagated to all users' virtual desktops.
- Users should only see the applications they have been assigned as seeing all applications causes confusion.
I have broken the great content of the pdf into smaller, bite size chunks to make it more digestible within a slide format (especially the step by step tables). Before each step in the tables, I added in the reference diagram with a big arrow that points to the step within the diagram. There are a lot of slides, but the amount of content on each slide is much easier to swallow in this format IMO.
Click here to view the presentation in full screen at Slide Share.
This presentation does have several slide notes that provide additional detail. You can view the slide notes here.
Frank Anderson on the XenDesktop team has created a few screencasts covering the features of XenDesktop. You can watch his short screencast covering the provisioning and lifecycle management features of XenDesktop here. Frank's screencast on user experience is available here.
Download the free XenDesktop Express Edition here
Thanks to Dan Feller for putting together an excellent whitepaper and allowing me to convert that content into this format. I hope you find this useful.
In the first Deep Dive into XenDesktop post, the embedded presentation covered the architecture of XenDesktop. This next presentation reviews the install of the the Desktop Delivery Controller and the Virtual Desktop Agent, then reviews the Management Console, Desktop Groups, and the Citrix Desktop Toolbar.
Click here to view the presentation in full screen at Slide Share.
This presentation does have several slide notes that provide additional detail. You can view the slide notes here.
Frank Anderson on the XenDesktop team has created a few screencasts covering the features of XenDesktop. You can watch his short screencast covering the provisioning and lifecycle management features of XenDesktop here. Frank's screencast on user experience is available here
Download the free XenDesktop Express Edition here
Thanks to Richard Nash on the SE team for providing much of the source material for this slide presentation.
Andrew Renne, a Solution Architect with Microsoft Services UK, recently blogged about Microsoft VDI and Citrix XenDesktop at the Deployment Guys blog on TechNet. Andrew writes "In this second blog entry on VDI I will explain the benefits that using Citrix Xendesktop as the connection broker can bring."
Bob Muglia and Edwin Yuen of Microsoft demoed Citrix XenDesktop as part of the Microsoft VDI solution with Hyper V and SCVMM at Citrix Synergy. You can watch he video here (scroll down to the bottom). Brian Ehlert made his own video of the XenDestop/Hyper V/SCVMM integration for his entry into the XenDesktop Beta Video Tips.
UPDATE: You can see the second post (and presentation) in this series at this link.
The XenServer posts with technical presentations embedded (here and here) have been very popular. This next presentation dives down into the architecture and functioning of XenDesktop.
This presentation does have several slide notes that provide additional detail. You can view the slide notes here
Frank Anderson on the XenDesktop team has created a few screencasts covering the features of XenDesktop. You can watch his short screencast covering the provisioning and lifecycle management features of XenDesktop here. Frank's screencast on user experience is available here
Download the free XenDesktop Express Edition here
Paul Venezia, senior contributing editor of the InfoWorld Test Center, recently posted a review of Citrix XenDesktop. Paul writes "The future is bright for VDI and, thus, for XenDesktop". He goes on to say "Citrix has married VDI to its existing stable of application and desktop delivery mechanisms, and it continues to leverage the stellar ICA protocol to assist in speed, user experience, and manageability" (emphasis mine).
The review evaluates Citrix XenDesktop on five categories - Management, Performance, Scalability, Setup and Value. Overall, Paul rates XenDesktop solution as "Very Good".
Read Paul's full review here.
Frank Anderson on the XenDesktop team has created a few screencasts covering the features of XenDesktop. You can watch his short screencast covering the provisioning and lifecycle management features of XenDesktop here. Frank's screencast on user experience is available here
Download the free XenDesktop Express Edition here
Robin Brandl (Microsoft Technology Evangelist for Citrix) was interviewed by Joey Snow of Technet Edge during the Microsoft getVirtualnow event in Bellevue, WA.
(click to play)
Provisioning Server offers you the ability maintain Active Directory machine account password synchronization for target devices. This ability is enabled on the Provisioning Server and is configured on a per virtual disk basis.
Private virtual disks do not need to maintain Active Directory machine account password synchronization, as they are a read write virtual disk, and have the ability to retain changes and store them to the virtual disk.
Standard virtual disks do need to maintain Active Directory machine account password synchronization, as they are read only, and do not have the ability to retain changes on the virtual disk.
There are some things to take into consideration when dealing with Provisioning Server and Active Directory Machine Account Password Synchronization for a successful implementation of this feature. The following are some guidelines and best practices to follow:
If the virtual disk image that is going to created is to be used by multiple target devices, in Standard Image mode, it is best practice, that before creating a virtual disk image, to run the Device Optimizer utility on the target device and apply the "Disable Machine Account Password Changes" setting If the virtual disk image that is going to created is to be only be used in Private Image mode and never Standard Image mode, the "Disable Machine Account Password Changes" setting does not need to be applied
When creating virtual disks that will ever be used as Standard virtual disks, it is best practice, to never create a target device that will have a device name of an existing machine account in Active Directory that is, has, or will ever be running off of local disks, and is ever going to be provisioned as a Standard Virtual Disk
When creating virtual disks, it is best practice, to ensure that the Active Directory setting for "Enable automatic password support" is configured on the Provisioning Servers
When creating virtual disks, it is best practice, to ensure that the "Enable Active Directory Machine Account Password Management" setting is configured on Standard Virtual Disks
Also, it is best practice to use an Active Directory Organizational Unit to manage machine accounts for target devices that will be provisioned, and that the Group Policy Object or Security Policy setting for the Organizational Unit is set to enable the "Disable Machine Account Password Changes" setting to disable Windows Active Directory automatic password re-negotiation.
And lastly, it is best practice to ensure that the Group Policy Object or Security policy setting for that Organizational Units "Maximum machine account password age" setting is compared to the Provisioning Server Active Directory setting for "Enable automatic password support" setting. The Provisioning Server Active Directory setting for "Enable automatic password support" number of days must be less than the Group Policy Object or Security policy setting for that Organizational Units "Maximum machine account password age" setting or you could end up in a scenario where the machine accounts would not able to log on to the domain due to this restriction being in place.
If you should ever encounter a situation where the active directoy machine passwords are out of sync, in provisioning server 4.x and below there is a command line utility for reseting machine accounts. In provisioning server 5.x this has been incorporated into the management console.
Following these best practices will help you keep synchronization between Active Directory Machine Accoutns and Provisioned Target Devices that are using a Standard Virtual Disk. With the use of Provisioning Server with XenServer and XenDesktop, these best practices are also applicable, as those technologies are also used to delivery devices that may need Active Directory Machine Account Password Synchronication.
Hello Mac Users
First I would like to thank all of you for downloading version 1.0 of our blogs widget. We currently have 1400+ downloads, and this goes to show that the Citrix community has indeed a large number of Mac users.
I also would like to thank those users who sent us their feedback, this version of the widget is here because of you, so keep sending your feedback and comments.
Meet the Citrix Blogs Widget
Version 1.0:
- The latest 30 Citrix Blog posts
- Adjust view from Full to Summary
- Collaborate with your comments
- Open posts on Safari or Firefox
- Spotlight Search (Instant search)
- Push updates (no refresh required)
- Watch blogged videos
- Check for updates
- Send feedback
Version 1.2:
- Widget Resizing
- Bug Fixes
Requirements:
- Mac OS X 10.4 or greater
Download:
Citrix Blogs Widget
I an earlier post, I asked "How do you make Technology decisions?". According to a recent survey, Google is by far the most used tool by technology buyers (83% ALWAYS use Google). The poll on my post found similar results.
Again Google is the clear leader, but not nearly by the same margin as in the external survey. I am curious if the is partly because the question in the poll was phrased a bit differently.
Instead of guessing why, I decided to ask you. Please vote below on whether you always, sometimes, or never use these different resources when researching a new technology before making a decision on a solution to implement.
| Do you always, sometime or never use Google when researching technology? | Choose |
|---|---|
| Always |  |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use another search engine (Yahoo, MSN Live, Ask, etc..) when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use a vendor blog when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use an independent blog when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use a vendor product site when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use a vendor support site when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use a third party analyst site when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use a user group when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes | |
| Never | |
| Do you always, sometimes or never use Wikipedia when researching technology? | Choose |
|---|---|
| Always | |
| Sometimes |