XenDesktop Security permissions SQL server

 When you install XenDesktop and need to configure the Desktop Delivery Controller to create the Database then this might result in security errors. When the DDC needs to create the Database then set the security as shown below.

First add the Desktop Delivery Controller as security login to the SQL server and give the server Sysadmin permissions.

DDC01 (1)

DDC01 (2)

Continue reading “XenDesktop Security permissions SQL server”

Using VMWare with XenDesktop

When you are using VMWare ESX as Hypervisor you need to configure some setting on the Desktop Delivery Controller and on the VCenter server before you can add the VMWare vCenter host to the XenDesktop environment. First you need to create a user or a role where you can add multiple users in the vCenter environment. In the following steps I explain how to create a Role with all the necessary right.

Create Security Role vCenter

Based on the following Article: Using VMware with XenDesktop provided by Citrix, I create a new role which I will name XenDesktop. Then I added the appropriate settings as described in the following table:

Datastore.AllocateSpace

Datastore > Allocate space

Datastore.Browse

Datastore > Browse datastore

Datastore.FileManagement

Datastore > Low level file operations

Network.Assign

Network > Assign network

Resource.AssignVMToPool

Resource > Assign virtual machine to resource pool

System.Anonymous

Added automatically.

System.Read

Added automatically.

System.View

Added automatically.

Task.Create

Tasks > Create task

VirtualMachine.Config.AddRemoveDevice

Virtual machine > Configuration > Add or remove device

VirtualMachine.Config.AddExistingDisk

Virtual machine > Configuration > Add existing disk

VirtualMachine.Config.AddNewDisk

Virtual machine > Configuration > Add new disk

VirtualMachine.Config.CPUCount

Virtual machine > Configuration > Change CPU Count

VirtualMachine.Config.Memory

Virtual machine > Configuration > Memory

VirtualMachine.Config.RemoveDisk

Virtual machine > Configuration > Remove disk

VirtualMachine.Config.Resource

Virtual machine > Configuration > Change resource

VirtualMachine.Interact.PowerOff

Virtual machine > Interaction > Power Off

VirtualMachine.Interact.PowerOn

Virtual machine > Interaction > Power On

VirtualMachine.Interact.Reset

Virtual machine > Interaction > Reset

VirtualMachine.Interact.Suspend

Virtual machine > Interaction > Suspend

VirtualMachine.Inventory.Create

Virtual machine > Inventory > Create new

VirtualMachine.Inventory.CreateFromExisting

Virtual machine > Inventory > Create from existing

VirtualMachine.Inventory.Delete

Virtual machine > Inventory > Remove

VirtualMachine.Inventory.Register

Virtual machine > Inventory > Register

VirtualMachine.Provisioning.Clone

Virtual machine > Provisioning > Clone virtual machine

VirtualMachine.Provisioning.DiskRandomAccess

Virtual machine > Provisioning > Allow disk access

VirtualMachine.Provisioning.GetVmFiles

Virtual machine > Provisioning > Allow virtual machine download

VirtualMachine.Provisioning.PutVmFiles

Virtual machine > Provisioning > Allow virtual machine files upload

VirtualMachine.Provisioning.DeployTemplate

Virtual machine > Provisioning > Deploy template

VirtualMachine.Provisioning.MarkAsVM

Virtual machine > Provisioning > Mark as virtual machine

VirtualMachine.State.CreateSnapshot

Virtual machine > State > Create snapshot

VirtualMachine.State.RemoveSnapshot

Virtual machine > State > Remove snapshot

VirtualMachine.State.RevertToSnapshot

Virtual machine > State > Revert to snapshot

All the above settings are applied in the “Add New Role” screen as you can see below. Continue reading “Using VMWare with XenDesktop”