XenDesktop Security permissions SQL server

 When you install XenDesktop and need to configure the Desktop Delivery Controller to create the Database then this might result in security errors. When the DDC needs to create the Database then set the security as shown below.

First add the Desktop Delivery Controller as security login to the SQL server and give the server Sysadmin permissions.

DDC01 (1)

DDC01 (2)

Read more »

0  

Using VMWare with XenDesktop

When you are using VMWare ESX as Hypervisor you need to configure some setting on the Desktop Delivery Controller and on the VCenter server before you can add the VMWare vCenter host to the XenDesktop environment. First you need to create a user or a role where you can add multiple users in the vCenter environment. In the following steps I explain how to create a Role with all the necessary right.

Create Security Role vCenter

Based on the following Article: Using VMware with XenDesktop provided by Citrix, I create a new role which I will name XenDesktop. Then I added the appropriate settings as described in the following table:

Datastore.AllocateSpace

Datastore > Allocate space

Datastore.Browse

Datastore > Browse datastore

Datastore.FileManagement

Datastore > Low level file operations

Network.Assign

Network > Assign network

Resource.AssignVMToPool

Resource > Assign virtual machine to resource pool

System.Anonymous

Added automatically.

System.Read

Added automatically.

System.View

Added automatically.

Task.Create

Tasks > Create task

VirtualMachine.Config.AddRemoveDevice

Virtual machine > Configuration > Add or remove device

VirtualMachine.Config.AddExistingDisk

Virtual machine > Configuration > Add existing disk

VirtualMachine.Config.AddNewDisk

Virtual machine > Configuration > Add new disk

VirtualMachine.Config.CPUCount

Virtual machine > Configuration > Change CPU Count

VirtualMachine.Config.Memory

Virtual machine > Configuration > Memory

VirtualMachine.Config.RemoveDisk

Virtual machine > Configuration > Remove disk

VirtualMachine.Config.Resource

Virtual machine > Configuration > Change resource

VirtualMachine.Interact.PowerOff

Virtual machine > Interaction > Power Off

VirtualMachine.Interact.PowerOn

Virtual machine > Interaction > Power On

VirtualMachine.Interact.Reset

Virtual machine > Interaction > Reset

VirtualMachine.Interact.Suspend

Virtual machine > Interaction > Suspend

VirtualMachine.Inventory.Create

Virtual machine > Inventory > Create new

VirtualMachine.Inventory.CreateFromExisting

Virtual machine > Inventory > Create from existing

VirtualMachine.Inventory.Delete

Virtual machine > Inventory > Remove

VirtualMachine.Inventory.Register

Virtual machine > Inventory > Register

VirtualMachine.Provisioning.Clone

Virtual machine > Provisioning > Clone virtual machine

VirtualMachine.Provisioning.DiskRandomAccess

Virtual machine > Provisioning > Allow disk access

VirtualMachine.Provisioning.GetVmFiles

Virtual machine > Provisioning > Allow virtual machine download

VirtualMachine.Provisioning.PutVmFiles

Virtual machine > Provisioning > Allow virtual machine files upload

VirtualMachine.Provisioning.DeployTemplate

Virtual machine > Provisioning > Deploy template

VirtualMachine.Provisioning.MarkAsVM

Virtual machine > Provisioning > Mark as virtual machine

VirtualMachine.State.CreateSnapshot

Virtual machine > State > Create snapshot

VirtualMachine.State.RemoveSnapshot

Virtual machine > State > Remove snapshot

VirtualMachine.State.RevertToSnapshot

Virtual machine > State > Revert to snapshot

All the above settings are applied in the “Add New Role” screen as you can see below. Read more »

0  

XenDesktop: Database could not be contacted

After installing Hotfix Update 4 for XenDesktop 5.6 I noticed errors in my eventviewer that the connection to the database was lost. I discovered the errors because I couldn’t create Desktop Groups, I keep getting the error: “Database could not be contacted“.

 Eventviewer

 After some searching I found that the database needs to be updated because of a minor version. The hotfix update 4 descriptions mentions the update of the datastore but normally you receive an update button whit in the Desktop Studio, but this one I didn’t receive. Read more »

1  

MDT Create Deployment Share and add OS Source Files (Part 2)

In the provious post I explained how to install MDT and install/updates the required services. In this post I explain how to create Deployment Shares and add the OS source files and patches.

Create Deployment Share

First of al we have to create a Deployment share where the OS files are saved. Follow the steos below to create the Deployment Share.

1. Right click the “Deployment Shares” in the “Deployment Workbench” and select “New Deployment Share”

Create Deployment Share

 2. Select the Path where all the files for deployment will be stored.

Path

 3. Specify the Share name you like to use, I left it default.

UNC Path

4. Give the share a Description, also here I used the default value.

0  

Installing MDT 2012 Update 1 (Part 1)

Microsoft Deployment Toolkit (MDT) 2012 Update 1 it’s possible to deploy Windows 8, Windows 7, Office 2010 and 365, Windows Server 2012, and Windows Server 2008 R2 in addition to deployment of Windows Vista, Windows Server 2008, Windows Server 2003, and Windows XP within your organization.

MDT is supported on Windows 7, Windows 8, Windows Server 2008 R2 SP1, Windows Server 2008 Service Pack 2 and Windows Server 2012. To start using MDT download it here: http://www.microsoft.com/en-us/download/details.aspx?id=25175.

 After downloading the MSI file start the installation, it’s basicly a next,next,finish installation.

1) On the Welcome Screen click Next.

Welcome Screen MDT

2) On the End User License Agreement, Accept the license terms and click Next.

End User License Agreement MDT

3) Because I work in a test environment I don’t want to use the Customer Experience Improvement Program, so I select “I don’t want to join the program at this time” and click Next.

Customer Experience Improvement Program MDT

4) I install all the features and click Next.

1  

Adobe Reader XI Customization Wizard

With RDS and XenApp you like to customize the Adobe Reader installation, which allows you to configure some settings and remove some features. This post describes how to customize Adobe Reader and also deploy the updates.

Before you can start with the deploying Adobe Reader you need to download the following files:

 After downloading all necessary files you need to extract the Adobe Reader XI installation, where you can use to deploy it later. The extraction can be done using the following command:

AdbeRdr11000_nl_NL.exe -nos_o”D:\Install\Adobe\Reader XI” -nos_ne  

Extracting Adobe Reader

Update:

Recently I tried to extract the files but the above command didn’t worked, after reading the Admin Guide I found that it’s also possible to use the following command:

AdbeRdr11000_nl_NL.exe -sfx_ne -sfx_o”D:\Install\Adobe\Reader XI”

 

Now install the Customization Wizard and add the package you just extracted.

Open Package

In the Next screen Accept the EULA.

Accept UELA

I selected that Reader is my default PDF viewer because we don’t use another one. Read more »

0  

Active Directory-Based Activation

In  previous post we Installed VAMT and then added licenses and devices, now we will create the possibility to use Active Directory-Based Activation. To use the Active Directory-Based Activation you need at least one Windows Server 2012 domain controller.

Installing Active Directory-Based Activation

To use AD-Based Activation you need to install the Volume Activation Services Server role. This can be done using the Server Manager. In the Server Manager click on Manage and then click Add Roles and Features.

Select Role-based of feature-based installation and click Next.

ADBA - Install (1)

Select the server which you want to install the Volume Activation Services on from the server pool and click next.

Select the Volume Activation Services in the Server Roles screen and click Next.

ADBA - Install (2)

A new screen (pop-up) will appear which displays the required features just select Add Features.

0  

XenServer 6.X random crashes

In a previous post I wrote that I had some XenServers which where randomly rebooting and I solved it by disabling the “Write-Cache Battery Override” but after two weeks the servers are again rebooting randomly. After contacting my support contact at our reseller he send me a link (http://support.citrix.com/article/CTX136517) to a Citrix knowledge base which mentions that the problem is in the Intel 5500/5520/X58 chipset. When uploading the XenServer System Status report to Auto Support this issue will be detected. 

When looking at the Knowledge Base article I executed the following commands:

# xl debug-keys V
# xl dmesg | grep “Interrupt Remapping”

Interrupt Remapping

The commands displays that Interrupt Remapping is supported, now we have to Disable Interrupt Remapping. This can be done by adding the following Xen boot parameter “iommu=no-intremap” to the /boot/extlinux.conf.

I used the following command which adds it to the Xen boot parameters for you without having to manually edit the /boot/extlinux.conf file:

/opt/xensource/libexec/xen-cmdline –set-xen iommu=no-intremap

This solves out problem and now the servers are stable.

0  

VAMT 3.0 Adding licenses and manage host (part 2)

In my previous post we installed VAMT 3.0 and created the database.

In this post we will add MAK and KMS keys and we will add some host to monitor the servers/clients to see if the activation is successful. Because you need at least 5 Servers or 25 Clients before KMS keys will work we are using MAK keys in this post.

When you opened VAMT and are connected to the database you will see the following screen.

VAMT 3.0 Overview

As you can see there are now products discovered or License keys installed.

To install the license keys “Right click” on the “Product keys” and select “Add product keys..“, then add the license keys into the box and click on “Add Key(s)” when you like to add multiple keys use a separate line for the different keys.

After the key is verified it will show up in the product keys overview.

VAMT Add Key

VAMT Keys

1  

VAMT 3.0 Installation (part 1)

In this series I’m writing a 2 part article about how to install and configure VAMT.

When you want to manage your MAK or KMS licenses activation within your organization you can use Microsoft Volume Activation Management Tool (VAMT) version 3.0. Whit VAMT 3.0 you can add licenses, view activations and more. VAMT is part of the Windows Assessment and Deployment Kit (ADK) for Windows® 8. 

Before you can use VAMT you have to download it first at the following location: http://www.microsoft.com/en-us/download/details.aspx?id=30652

VAMT can be installed in the following Operating Systems:

  • Windows® 8
  • Windows® 7
  • Windows Server® 2012
  • Windows Server® 2008 R2
  • Windows Vista®
  • Windows Server® 2008

When using VAMT 3.0 you need an SQL server, when you don’t have an SQL server you can select the SQL 2012 Express to be installed on your system. The user who is installing VAMT needs DbCreator rights on the SQL server which you like to use. All other users which want to connect to the database need to be db_owner of the database used to install VAMT.

When installing ADK you need to specify the location the files are stored, in the screenshot below you can select to install or just download to install it on a separate computer, we will choose to install.

ADK Specify location to install

1  
banner