Citrix AppDisk – new feature announced @ Synergy 2015

Many new products, services and features have been announced during these three days @ Citrix Synergy in Orlando.

One new feature that I believe will be very interesting for XenApp and XenDesktop users is AppDisk.

AppDisk is an application layering technology that allows you to create disks containing applications (single instances or groups of them) and then attach them to XenApp servers or XenDesktop OSs.

Note: this is not an application isolation technology! Applications in AppDisk are not isolated and they can talk and interact to any other application in the OS just as any traditionally installed application would do. So, for instance, you won’t be able to run two MS Office versions on the same OS as you could do with other technologies like App-V (just to name one).

The main advantage of this solution is that you can create and manage one single OS image without having to install any application on it and deliver AppDisk applications based on the user profile. This is more or less what you can do with App-V but without incurring in the application isolation issues that App-V brings (VFS permissions, application incompatibilities… ). On the other hand, you won’t have the advantages of application isolation, like for example the ability of running two incompatible apps at the same time and on the same OS.

The process for creating an AppDisk is as follows:

  1. Open to Studio
  2. Click on the AppDisk menu
  3. Click on create AppDisk
  4. Choose the Machine Catalog that contains the base image you want to use and then Studio will create an instance of that OS through MCS or PvS
  5. Install the app on that OS image and then seal it (through an apposite button located on the desktop)
  6. Deliver the AppDisk to the Delivery Groups

The limited tech preview will be available in Q2 2015, the tech preview in Q3 2015. The GA version probably at the end of 2015 or early 2016.

We don’t know yet how many AppDisks can be published on the same OS as well as what kind of license you need to run it.

AppDisk does not use any drive letters and you can see the application in the Add Remove Programs Control Panel applet. AppDisk apps are ‘merged’ in the base OS, which means that you can find them in C:\Program Files or Program Files (x86).

AppDisk and Studio can leverage and integrate AppDNA in order to check whether the applications can run properly in the target OS. AppDNA can also show incompatible AppDisks and propose steps to fix any eventual issue.

 

I’m looking forward to test the Tech Preview!!!

 

Step-by-Step guide on how to configure NVIDIA graphics on XenApp 7.6 with vDGA on VMware ESXi 5.5

This technical article explains how to configure a Windows 2012 R2 virtual machine to use the NVIDIA GPU pass-through under XenApp 7.6.

Many information about GPU usage on Citrix and VMware environments are already available on the internet, but I have never been able to find a quick and practical guide that explains how to configure it, so that’s why I wrote this article.

You will go through three main steps:

  1. Configure PCI pass-through in VMware
  2. Configure the Virtual Machine
  3. Enable GPU support in RDS sessions

Environment

The NVIDIA Card model is the “729851-B21 NVIDIA Grid K2 PCIe GPU Kit”:

  • Number of GPUs: 2
  • CUDA cores: 3072 (1536/GPU)
  • Memory size per board (GDDR5): 8GB (4GB/GPU)

Compatible with ProLiant SL250s/SL270s servers with Intel Xeon E5-2600 v2 processors and ProLiant WS460c Graphics Server Blades:

http://www8.hp.com/us/en/products/accelerators/product-detail.html?oid=5410610#!tab=specs

All runs on VMware ESXi 5.5.

vDGA (Virtual Dedicated Graphics Acceleration) is used in this environment, check the following articles for more information on the other GPU sharing technologies:

http://blogs.citrix.com/2014/01/08/under-the-hood-of-gpu-sharing-technologies/

http://www.brianmadden.com/blogs/brianmadden/archive/2014/03/26/clearing-up-the-confusion-around-vmware-amp-nvidia-s-vgpu-amp-vdga-daas-announcement.aspx

 

Procedure

Step 1 – Make sure that the GPUs are configured for pass-through in VMware

Make sure that the host has the GPUs available for pass-through (view from vSphere Web Client):

1

If they are not available, edit the settings (by clicking on the pencil icon), make the available and reboot the host:

2

Step 2 – Configure the virtual machine

Adjust pciHole.start. Note: This is required only if the virtual machine has more than 2GB of configured memory. For virtual machines that have more than 2GB of configured memory, add the following parameter to the .vmx file of the virtual machine (you can add this at the end of the file):

pciHole.start = “2048”

http://www.vmware.com/files/pdf/techpaper/vmware-horizon-view-graphics-acceleration-deployment.pdf

3

Set the pass-through in the VM:

4

Install the latest VMware Tools.

Install the NVIDIA Drivers for the GRID K2 cards, the latest version at the time of this writing is 347.52-quadro-tesla-grid-winserv2008-2008r2-2012-64bit-international-whql.exe.

The drivers can be downloaded from the NVIDIA website:

http://www.nvidia.com/download/driverResults.aspx/83305/en-us

5

6

7

Restart the server.

Make sure that you can find the NVIDIA GRID K2 card in the Device Manager:

8

You can run GPU-Z in order to make sure that the card is being used by the system.

9

Now you can install the Citrix XenApp 7.6 VDA.

 

Step 3 – Enable the GPU in the RDS session

The final step in the configuration requires enabling the GPU in the RDS/Citrix session, as per Citrix:

On Windows Server 2012, Remote Desktop Services (RDS) sessions on the RD Session Host server use the Microsoft Basic Render Driver as the default adapter. To use the GPU in RDS sessions on Windows Server 2012, enable the Use the hardware default graphics adapter for all Remote Desktop Services sessions setting in the group policy Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment

http://support.citrix.com/proddocs/topic/xendesktop-71/hd-3d-gpu-acceleration-win-server-os.html

 

Now you are ready to GO!

Remove the “Protected Mode” pop-up from Internet Explorer 11 – Win 2012 R2

A published IE application may show the following pop-up when starting a web page:

Image
Such pop-up appears each time, even if you click on the ‘Don’t show this message again’.
The solution is to set the user registry value that prevents this pop-up from appearing (this can be done through GPO, logon script, etc…)
The value is “NoProtectedModeBanner”, DWORD, and must be set to 1.
It must be located under HKCU\Software\Microsoft\Internet Explorer\Main
Image

App-V 5 SP2 and ‘The application failed to launch’ issue – Error code 0x0FD01F25-0000007B

If you packaged an application using App-V 5 SP2 and you use folder redirection for AppData Roaming on a RDS server then you may get the following error when starting the application in seamless mode (e.g. through XenApp):

Error Pop-Up

There are several causes that may bring to this error and the best way to start your troubleshooting is using the EventViewer (one of the causes is documented here). In fact, by enabling the Analytic and debug logs you will be able to get a big amount of information related to the App-V client activity:

2

 3

Each debug item must be enabled before getting any log:
4

There is a nice script that automatically enables or disables all App-V logs and it can be found here

In my specific case, I was streaming an App-V application to a Citrix XenApp 6.5 server and publishing it as a published application through XenApp. When starting the application I got the ‘The application failed to launch’ pop-up and the EventViewer got populated with the following two errors:

5

6

The application was not being able to access and create some important folders inside the %userprofile%/AppData/Roaming folder; furthermore, the application was able to work if AppData Roaming folder redirection was removed.

I eventually found out that this was due to the fact that the ‘Move the contentsof AppData(Roaming) to the new location’ option was disabled in the GPO section of the AppData(Roaming) folder redirection properties. The solution is quite simple and it consists in enabling the setting below:

7

With this settings enabled, the folders required by the streamed application are correctly created inside the %userprofile%/AppData/Roaming folder and the application is able to start and run without issues.

New features in XenApp 7.5 and XenDesktop 7.5

For those of you who (legitimately) felt lost after the announcement of the future XenApp 7.5 and XenDesktop 7.5 releases, below I put a list of some of the new features for which there are not yet official information on the Citrix website:

  • AppDNA is included for Platiunm users with a limited application count of 99.999 Apps (quite enough I’d say :))
  • HDX Mobile has been improved
  • Web Interface 5.4 and Citrix Secure Gateway have an extended support until August 2016
  • Citrix Secure Gateway is not supported by XenApp 7.5 and XenDesktop 7.5
  • XenApp 7.5 will be out in three editions:
    • Advanced
    • Enterprise
    • Platinum
  • The XenDesktop App Edition is dead
  • XenDesktop App licenses will be equivalent to XenApp Enterprise licenses
  • XenDesktop 7.5 will be out in three editions:
    • Advanced
    • Enterprise
    • Platinum
  • StoreFront 2.5 will be released as well
  • Newly acquired Framehawk technologies will not be integrated in this release
  • XA and XD 7.5 will support OSs from Windows 2008 R2 upwards
  • No new versions of EdgeSight will be released, only Director can be used (Director is under continued development)
  • MCS will be able to provision to the cloud (AWS, CloudPlatform)
  • Windows Azure support is planned but not yet available in this release
  • There will be one single installer for both XD and XA 7.5, the license file differentiates the available features

More info will follow… hopefully… stay tuned 😉

 

Slow logon and black screen on XenDesktop 7/7.1

Sometimes logging on your XenDesktop 7/7.1 published desktop may take long and a black screen may be visualized.

The causes are not very clear but this Citrix article describes the steps required to modify a registry setting on your server that will help you reduce logon times: http://support.citrix.com/article/CTX135782

 

And it works… 🙂

XenApp session not closing correctly

Sometimes when you close a XenApp application, the session on the server may not close correctly or remain active, thus creating problems such as :

· Profiles corruption

· Increased servers’ resources usage

· Increased number of disconnected sessions, and so on…

This behavior can be caused by locked files (have a look at this for an example) or by processes that may have been launched during the sessions and that are not correctly closed upon user’s logoff.

For instance, if you publish an instance of Internet Explorer that in turn launches a Java process in order to run a web application, this java process may not be recognized by Citrix as being part of the user’s session, thus ignoring it upon user’s logoff and leaving an active session on the server.

A registry key can be modified on the server in order to instruct XenApp to consider other processes to be part of a user’s session ; the key is :

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Citrix\wfshell\TWI]

and the value to configure is :  LogoffCheckSysModules 

For example, you configure such value like the following if you want XenApp to recognize the two processes “Java.exe” and “Javaw.exe” :

“LogoffCheckSysModules”=”java.exe,javaw.exe”

I experienced this on XenApp 5 and Presentation Server 4 and the solution works correctly. I never faced this on XenApp 6.5.

For more information about this : http://support.citrix.com/article/CTX891671

Citrix XenApp and Web Interface – from authentication to application launching (yes, yet another one)

One of the most frequent questions that colleagues and customers ask me is ‘Hey… but… wait a minute, who does authenticate the user? Is that the Web Interface or something else? ’

Yes, it’s true, there is plenty of documentation out there that explains how the XenApp logon process works, but I always struggled to find a document concise and clear enough that explains in details (but not too many) how the authentication process works and what are the services and components involved.

One great document available on line is the ‘The Excruciating Detail of the XenApp Logon Process’ published on brianmadden.com, that’s a very detailed document, but sometimes it’s a bit ‘difficult’ to read for people who need a quick answer or for non-so-technical people.

In this article I wanted to summarize the logon and application launching process by focusing on four main phases:

Phase 1: User Authentication

Phase 2: Resource Enumeration

Phase 3: Resource Resolution

Phase 4: Resource Launching

This document is not meant to be ‘an official guide’ about how it works (there are plenty of Citrix documents that do that), it is just meant to help whoever needs to have a quick and detailed overview of such process. There may be errors in it, so feel free to add any comments or correct me if I’m wrong.

The majority of the information contained here comes from this great Citrix video: Web Interface Logon and Application Launch Process for XenApp

 

Phase 1: User Authentication

User Authentication

1. User launches web browser and types in the WI URL

2. Then he connects to web interface

3. Web interface returns a logon page

4. User types his credentials

5. The credentials are forwarded to the XML service (in the http or HTTPS format)

6. Then to the IMA service

7. The IMA service then forwards the credentials to the ‘Local Security Authority Service (Lsass.exe), which in turn encrypts these credentials and passes them to the domain controller

8. The Domain Controller returns the user’s SID and a list of groups’ SIDs back to the Lsass service, and then back to IMA

 

Phase 2: Resource Enumeration

Resource Enumeration

9. IMA uses these SIDs to look into the Local Host Cache on the server for a list of application and the ‘worker group preference’ policy for this authenticated user

10. Then the list of applications, along with the ‘worker group preference’ policies are returned by the IMA service to the Web Interface (through the XML service)

11. Web interfaces then uses its java objects to create a web page that contains the application list for the user ; the user’s ‘worker group preference’ policy is cached in the web interface’s memory

12. The web page is then presented to the user’s browser, thus completing the ‘Resource Enumeration ’ phase

 

Phase 3: Resource Resolution

Resource Resolution

13. Then the user selects a particular application from the applications list

14. The selected application’s data is passed back to the web interface, which in turns passes these information to the XML and IMA services along with the ‘worker group preference’ policy

15. These information are then forwarded to the zone data collector’s IMA service, which then :

a. tries to find the least loaded server according to the ‘worker group preference’ policy

b. when it finds a server sends a query to the ‘Citrix Services Manager’ of that server to verify whether or not such server has the requested application installed

c. if the answer is yes, it forwards that server’ host ID to the XML broker

16. The XML broker then translate this host ID into its IP address by searching the server’s ‘local host cache’, the IP address is then provided to the Web Interface, thus completing the Application Resolution phase

 

Phase 4: Resource Launching

Resource Launching

17. The web interface will then take this IP address and creates an ICA file, which is then returned to the users’ web browser

18. Then the Citrix plugin, located on the client, uses the information included in the ICA file to launch an ICA connection on the least loaded server

19. The server then launches the application, which is then presented to the user through the ICA channel

 

More information can be found here:

http://support.citrix.com/article/CTX129589  (Web Interface Logon and Application Launch Process for XenApp)

http://support.citrix.com/article/CTX134979 (High Availability for Citrix XenDesktop and Citrix XenApp – Planning Guide)

http://www.brianmadden.com/blogs/gabeknuth/archive/2008/08/14/briforum-video-the-excruciating-detail-of-the-xenapp-logon-process.aspx (The Excruciating Detail of the XenApp Logon Process)

Microsoft User Experience Virtualization (UE-V) – Beta Version

Microsoft released the beta version of its “advanced profile management” tool called “Microsoft User Experience Virtualization”, UE-V.

UE-V will be included in the future version of Microsoft Desktop Optimization Pack (MDOP) and it will be a valuable (I hope) companion to other technologies such as App-V, MED-V, and hopefully also XenDesktop, XenApp and VMware View.

 

As per Microsoft’s website:

Microsoft User Experience Virtualization (UE-V) is an enterprise-scale user state virtualization solution that that keeps users’ experience with them. It allows them choice to change their device and keep their experience so that they don’t have to reconfigure applications each time they login to Windows 7 or Windows 8. Regardless if it is a rich desktop or a VDI session, UE-V enables a consistent, personal Windows experience that matches their unique work style.

Source: http://www.microsoft.com/en-us/windows/enterprise/products-and-technologies/virtualization/UE-V.aspx

 

It will have roughly the same functionalities that other products from RES Software, AppSense, and Citrix already have, such as support of different version of roaming profiles (V1 and V2) and filtering of profiles settings to be synchronized.

UE-V will be also manageable through Microsoft SCCM 2012.

 

You can get the Beta version here:  http://www.microsoft.com/getuev

 

I will soon test it and keep you posted.