Archive for RES Software

Citrix: Images in Citrix PVS or MCS and some tips and tricks

In this blogpost I will gather some tips and tricks on creating images in Citrix PVS and/or MCS but they will be applicable on VMware View implementations to because most of them are OS related. The first couple of tips I got from this document which is written for View but like I already said you can use this for XenDesktop.

 

Windows OS Optimizations

• Install Windows Patches, then turn OFF Automatic Update

• Disable Serial and Parallel ports in Device Manager (if they exist)

• Set Screensaver to “None” or “Blank”

• Disable System Sounds (Set Sound scheme to “None”)

• (Windows 7) Uninstall Tablet PC Component

• Disable Windows Error Reporting

• Remove unnecessary boot applications (Quicktime, Real, Adobe Acrobat Updater, etc.

• Remove unneeded Windows components (Outlook Express,Messenger, Games, etc.)

• Disable unnecessary services

Wireless Zero Configuration Security Center Help and support
Telephony Shell hardware detection Indexing Service
SSDP Discovery Service Task scheduler Machine Debug Manager
Remote Registry Themes Network Location Awareness

Read more

RES: Automation Manager and Service Orchestration

A couple of weeks ago I went to a training for two days where I’ve been drilled by Anne Plancius who’s Solution Architect at RES Software. Subject was Service Orchestration; this software creates an interface for users, key users, administrators to different systems without knowledge of the back end that delivers the functionality to the end user.

Read more

RES Workspace Manager: Launch after Citrix published desktop

Because one of our customers was planning to use the Citrix Desktop Appliance Lock, we needed to publish a Citrix desktop and start RES Workspace Manager after the launch of the desktop. While Microsoft has GPO’s for running a program after logging in, Citrix prohibits this.

ctx0004

Upon installation, Citrix adds tabs to the RDP-TCP Listener Properties in the Terminal Services Configuration. By default, the Environment tab has the “Run initial program specified by user profile and Remote Desktop Connection or Terminal Services client” radio button selected. Also, the Citrix Settings tab has “Only allow administrators to create desktop connections” selected.

ctx0001

 

When leaving this setting default you will get an error message when logging in:

“To log on to this remote computer, you must have Terminal Server User Access permissions on this computer. By default, members of the Remote Desktop Users group have these permissions. If you are not a member of the Remote Desktop Users group or another group that has these permissions, or if the Remote Desktop User group does not have these permissions, you must be granted these permissions manually.”

To correct this you can manually clear the “Only allow administrators to create desktop connections” check box like stated in CTX109925 but you can also create a custom ADM template to clear this check box. The key that’s used for this is:

HKLM\SYSTEM\ControlSet001\Control\Terminal Server\WinStations\ICA-tcp\fDisableExe

Where 0 is cleared and 1 is checked.

To create a custom ADM file I used the following PDF, the ADM template contained the following information:

;Configure The only allow admins to create desktop connections settings.
CLASS Machine

CATEGORY “Server Based Computing”
CATEGORY “Citrix Presentation Server”
CATEGORY ICA

KEYNAME “SYSTEM\ControlSet001\Control\Terminal Server\WinStations\ICA-tcp”
POLICY !!fDisableExe
EXPLAIN !!ExplainWords
PART “Disable the only allow admins to create desktop connections settings?” TEXT
END PART
PART “Clear the ‘Only allow administrators to create desktop connections’ check box?”
CHECKBOX
VALUENAME “fDisableExe”
VALUEON NUMERIC 0
VALUEOFF NUMERIC 1
END PART
END POLICY

END CATEGORY
END CATEGORY
END CATEGORY

[strings]
fDisableExe=”Allows published desktops for users”
ExplainWords=”This policy enables/disables published desktops with autostart programs for users”

I’ve applied this policy to my Windows 2003 w/ XenApp 5 farm and the check box is cleared and I can start a Citrix published desktop (while using the Desktop Appliance Lock) and start RES Workspace Manager after the desktop launch.  This way I can have the best of both worlds!

I denied the GPO on the Administrator accounts so when somebody with an administrator accounts connects via this Citrix Desktop they won’t get this policy and thus Workspace manager won’t get started.

If you’re using XenApp 6 you can use the following policies:

  • ICA\Desktop launches : “Allows or prevents non-administrative users to connect to a desktop session on the server.
    When allowed, non-administrative users can connect. By default, non-administrative users cannot connect to desktop sessions.”
  • ICA\Launching of non-published programs during client connection : “Specifies whether to launch initial applications or published applications on the server. By default, only published applications are allowed to launch.”

Your policies should look like the following image:

ctx0005

 

 

Desktop Appliance Lock:Windows 7 Embedded, Citrix and log off local client #2

After posting RES Workspace Manager: Windows 7 Embedded, Citrix and log off local client I got pointed to the Desktop Appliance Lock by Michel Helderman on Twitter. This is an MSI on the XenDesktop DVD which can be installed on a thin client with Windows 7 embedded:

Supported Windows Operating Systems:

  • Windows 7, 32-bit and 64-bit editions (including Embedded Edition)
  • Windows XP Professional, 32-bit and 64-bit editions
  • Windows XP Embedded
  • Windows Vista, 32-bit and 64-bit editions
  • Windows Server 2008 R1, 32-bit and 64-bit editions (not supported by XenDesktop connections)
  • Windows Server 2008 R2, 64-bit edition (not supported by XenDesktop connections)
  • Windows Server 2003, 32-bit and 64-bit editions (not supported by XenDesktop connections)

Important: For XenDesktop connections, be aware that the Desktop Appliance Lock is only supported on Windows XP Professional and Windows XP Embedded.

Prerequisite for this is a Citrix Online plugin (Full) that’s properly configured with a Citrix Services Site. Keep in mind that there’s a shell replacement so when the Desktop Appliance Lock is installed it can only be un-installed by the same account that was used for the installation (the shell of the install account won’t be changed).

As we’re using RES PowerFuse 2010 at this customer we first tried this with a RES PowerFuse desktop but this wouldn’t work because it’s a published application and not a published desktop like the Desktop Appliance Lock expects. If you want this to work you have to publish a desktop and if you’re using RES PowerFuse (or Workspace Manager) you have to configure it so it starts at the user log on process. You can do this by using Group Policy or by using the RES Console:

Configuring Agents

If you choose not to run the Workspace Composer automatically after installation of the .msi, you may choose to change the shell later via the RES Workspace Manager Console at Setup > Agents.

The Run Workspace Composer column reflects whether an Agent was configured to start the Workspace Composer automatically when users log on to the Agent. This information does not apply to Agents running on Terminal Servers.

  • If the column shows the value Automatic (pending) or Manual (pending), the Agent cache has not been updated yet.

The Settings tab of the Edit RES Workspace Manager Agent window, which is shown when editing the settings of a RES Workspace Manager Agent features the option Run Workspace Composer. This option, which is not available for Agents running on a server, makes it possible to choose whether the Workspace Composer should run automatically when a user logs on to the computer on which the Agent runs.

 

Like I said earlier, the shell is modified and when the Citrix Online plugin is configured the right way the session will be started automatic and when logging off the Windows 7 Embedded client will be logged off as well.

 

RES Workspace Manager: Windows 7 Embedded, Citrix and log off local client

Today I was at a customer with thin clients with Windows 7 embedded installed, these thin clients had to be configured to connect to a Citrix XenApp 5 farm. The problem was that we wanted to have SSO (single sign out ;-)). So of course we asked RES if we could use the Subscriber/VDX but they came with the following statement:

Read more

RES Workspace manager: Additional mailboxes

One of the sys admins at a customer attended me to the following problem and solution (Thanks Niek!)

RES Workspace Manager can be used to provide data to configure Outlook, when this is done the user normally gets his own mailbox and have to connect other mailboxes manually. But the User Settings – Outlook template doesn’t support this in the zero-profiling.  To solve this problem the ‘HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem” should be added to the zero-profiling.

Read more