Thursday, January 15, 2015

Citrix Director 7.6 with XenApp 6.5 - WinRM exception

On one of my servers I was seeing the below after setting up Citrix Director 7.6.

The BIG hint here was the "The requested data could not be found in the data".
Easy answer, I forgot to install the DirectorWMIProvider_x64.msi. 

Log Name:      Application
Source:        Citrix Director Service

Event ID:      4
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
The description for Event ID 4 from source Citrix Director Service cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

The requested data could not be found in the data 'The virtual desktop via WinRM service reported an exception. See the event log for more information.' ('').

User: '\username'
Console operation: 'Retrieving running application details for IMA Session…'

Additional information:
'Exception of type 'Citrix.Dmc.Common.NotFoundException' was thrown.'

the message resource is present but the message is not found in the string/message table

Citrix Director 7.6 with XenApp 6.5 - Installation / Setup

If you've seen some of the demonstrations of the new Citrix Director 7.6 it's pretty cool!

I wanted to provide the director so that other IT staff here could easily terminate specific process / applications.  They tend to terminate entire sessions when really only a specific process is necessary (frozen app that crashed - we have one in particular that is troublesome).

Below is how I setup and got it to work.  There are actually some pretty decent guides available from Citrix that cover all these steps in decent detail.

Citrix XenApp 6.5 with Hotfix Rollup Pack 2 and 5.
XenApp servers running Windows 2008 R2 SP1
Citrix Director 7.6.1 running on Windows 2012 R2

We'll need at least the following machines for my mock setup:
1 x Windows 2012 R2 for the Citrix Director. name = Director
1+ x XenApp 6.5 running as the controller (no applications hosted). name = XAController
1+ x XenApp 6.5 session host mode (no xml). name = XA01
Note: you don't have to install any machines as host mode if you don't want to, I have redundant controller's that don't host any apps, and then install all my "app" servers as session host mode.

Setup Citrix Director: (Director)
  1. Install and configure your Windows 2012 R2 server
  2. Install IIS
    1. Web Server
      1. Common HTTP Features:
        1. Default Document
        2. Directory Browsing
        3. HTTP Errors
        4. Static Content
        5. HTTP Redirection
      2. Health and Diagnostics:
        1. HTTP Logging
        2. Logging Tools
        3. Tracing
      3. Performance:
        1. Static Content Compression
        2. Dynamic Content Compression
      4. Security: 
        1. Request Filtering
        2. Basic Authentication
        3. Windows Authentication
      5. Application Development: 
        1. .Net Extensibility 4.5
        2. ASP
        3. ASP.NET 4.5
        4. CGI
        5. ISAPI Extensions
        6. ISAPI Filters
        7. Server side Includes
      6. Management Tools:
        1. IIS 6 Management Compatibility: 
          1. IIS 6 Metabase Compatibility
          2. IIS 6 Scripting Tools
          3. IIS 6 WMI Compatibility
        2. IIS Management Scripts and Tools
          1. Management Service
    2. Install the below features:
      1. .Net Framework 4.5 Features: 
        1. WCF Services:
          1. HTTP Activation
          2. TCP Port sharing
      2. Windows Process Activation Service: 
        1. Process Model
        2. Configuration APIs
  3. Install dotnet 4.5.1
  4. From the XenApp / XenDesktop 7.6 installation iso download
    1. Navigate to \x64\Desktop Director\DesktopDirector.msi and install
    2. go to \x64\Citrix Policy\CitrixGroupPolicyManagement_x64.msi and install
  5. Open cmd prompt (runas administrator)
    1. navigate to \inetpub\wwwroot\director\tools\
    2. DirectorConfig.exe /registerdotnet
    3. DirectorConfig.exe /xenapp XAController (this is your XenApp Farm's Controller name).
      1. To add more than 1 name separate with a comma.  XAController1, XAController2
      2. There is no need to enter non-controller XenApp servers here.  So Session host mode XenApp servers that do not run the xml service for instance should not be configured in this setting. 
  6. Ensure that your firewall is configured to allow ports 443, 80, 2513
Setup Session Host XenApp Server: (XA01)
  1. Attach your XenApp 7.6 iso to your server
    1. Alternately you can copy the following files from your download to a central location:
      1.  \x64\Virtual Desktop Components\ConfigRemoteMgmt.exe
      2.  \x64\Virtual Desktop Components\Interop.NetFwTypeLib.dll
      3.  \Support\DirectorWMIProvider\DirectorWMIProvider_x64.msi
  2. Install \Support\DirectorWMIProvider\DirectorWMIProvider_x64.msi
  3. Ensure dotnet 4.0.30319 or higher is installed
  4. Open a cmd prompt (runas administrator)
    1. navigate to \x64\Virtual Desktop Components\ (or where you put the files)
    2. winrm qc
      1.  yes if prompted
    3.   ConfigRemoteMgmt.exe /configwinrmuser "mydomain\securitygroup" /all
  5.  Ensure that port 2513 is open

Remote Assistance: (XA01)
  1. On the XenApp session host server ensure that the feature "Remote Assistance" is installed.
  2. Configure the GPO for remote assistance 
    1. computer config/administrator templates/system/remote assistance
      1. offer remote assistance and helpers.

PrePopulate Domain at Logon: (Director)
  1. Now we can also prepopulate the domain box at the logon screen
  2. This site lays it out very nicely.
    1. Edit \inetpub\wwwroot\director\LogOn.aspx
    2. Find the section with the following: asp:TextBox ID="Domain" runat="server" CssClass="text-box" 
    3. Add the following:  Text="" readonly="true"
    4. refresh the screen

Force SSL and redirect Default Web Site: (Director)
  1. I like to force SSL for most of my sites.  Also I like to redirect the Default so I don't have to type in the directories.
  2. Redirect Default Website
    1. On Default Web Site open HTTP Redirect
    2. Check the "redirect requests to this destination"
    3. Enter the path https://servername/Director  (instead of servername you could also use a DNS name that you setup that is easier to remember)
    4. Check "redirect all requests to exact destination"
    5. Apply
    6. Restart the website
  3. Force SSL
    1. On the default site open bindings
    2. Add https
    3. select the servername ssl cert
    4. OK
    5. Highlight the http binding
    6. Remove
    7. Restart the website and then test navigation to https://servername
    8. Also test http://servername and it shouldn't work.

In order for Citrix Director to work properly in Internet Explorer 11 I found that you have to add it to your trusted sites security zone.

Wednesday, January 14, 2015

The Delegates settings were not saved correctly. Cannot activate send-on-behalf-of list - Outlook / Exchange 2010

When a user attempted to delegate reviewer access to his calendar he received the error "The Delegates settings were not saved correctly.  Cannot activate send-on-behalf-of list.  You do not have sufficient permissions to perform this operation on this object."

Turns out the user was attempting to assign delegation permissions based on an Exchange Distribution group.  This should work, as others had done it in the past (myself being one of them).

There are a lot of posts on this, but none of them seemed to help my situation.  They still offer some good information though so here they are: and kb2593557.

For my issue I found that converting the distribution group (or rather it's a security group) to a universal group from global.  After making change and then attempting to add again it worked.  This appears to be something that changed potentially with our migration from Exchange 2007 to 2010 several years ago and no one had attempted it since then.

Friday, January 9, 2015

XenApp 6.5 Replicate Print Drivers

If you where to ask me if I had posted about this before then I would swear that I had.  But alas the other day I needed to replicate a new print driver and couldn't find my "reminder post".  So, for next time I can't remember now I KNOW I posted it.

To Replicate print drivers on XenApp 6.5
  • Add-PSSnapIn Citrix.*
  • Get-XAPrinterDriver -Servername XAName
  • Start-XAPrinterDriverReplication
  • Add driver(s) names exactly as Get-XAPrinterDriver displayed them
  • Add servers to replicate to
  • Wait
  • Update-XAPrinterDriver -Servername XAName
  • Get-XAPrinterDriver -Servername XAName

Wednesday, January 7, 2015

Windows Server 2012 sluggish mouse movement

When I first started deploying Windows Server 2012 and Windows Server 2012 R2 I noticed that when I worked from home mouse movement was terrible!  I worked on tasks that involved those servers either from the office or through a remote access form other than RDP (ie remote registry, remote eventvwr, etc).  That was when I had 2 - 3 servers running 2012.  Now that it's the standard OS I deploy (12 and rising rapidly) it was rapidly becoming an issue I could no longer avoid.

My remote access is through XenApp (ICA) and then opening up a RDP session to the server from within the XenApp session. 

I saw a lot of solutions to DisableTaskOffload set to 1, turn off FIPS (seems more related to logon slowness), disable "fairshare" (cpu, disk, network).

This post nailed it: Disable "show shadows under mouse pointer"

I had done this on past servers running 2008 R2 / 2008 when running XenApp, but never much worried about it when it wasn't a XenApp server.  Sure enough this fixed my slug moving mouse in 2012 / R2.  (I actually prefer to just hit the setting "Adjust for best performance" so it disables all the pertty settings.

  1. cmd prompt
  2. sysdm.cpl
  3. Advanced tab
  4. Performance "settings"
  5. Click "adjust for best performance" or alternately just uncheck the "show shadows under mouse pointer"
  6. Apply

Monday, January 5, 2015

Powershell - Send-MailMessage carriage returns in Body

With my learning Powershell one of the tasks I worked on I wanted the output emailed and carriage returns between each output.  Turns out I didn't need to do the carriage returns (Select-String post), but I realized this after figuring out how HA!

I know I'll need this for a later project, so I'm posting it for when my memory needs jogged.

The following takes some form of data (in this case ADUser names) and then adds a carriage return between each object so that your email looks nice and pretty (and readable).

Note: testing was done with Powershell v4.0
$emailTo = ""
$emailFrom = ""
$smtpServer = "address"
$smtpSubject = "Error detected in logs"
$smtpBody = ""

#smtp function
Function smtpSend {
    Send-MailMessage -From $emailFrom -To $emailTo -Subject $smtpSubject -Body $smtpBody -SmtpServer $smtpServer

#populate array with list of users
$users = Get-ADUser -filter "SamAccountName -like 'j*'"

#add carriage return between each object in array
foreach ($user in $users) {$smtpBody = $smtpBody + $ + "`r`n"}

#call smtpSend Function

Powershell - search log for content / Select-String

Lately I've been playing with Powershell.  I'm still pretty weak, but practice makes perfect :)

One of my projects was to write a simple script that searches specific database logs for an error and email us to alert us when one is found.

Comments on better ways always welcomed!  I'm learning.
Note: testing done with Powershell v4.0

$emailTo = ""
$emailFrom = ""
$smtpServer = "address"
$smtpSubject = "Error detected in logs"
$smtpBody = ""
$path = "c:\pathtologs"

#smtp function
Function smtpSend {
    Send-MailMessage -From $emailFrom -To $emailTo -Subject $smtpSubject -Body $smtpBody -SmtpServer $smtpServer

#search log files and match string.  Convert array from object to string.
$smtpBody = Select-String -Path $path"\*.log", $path"\*.txt" -SimpleMatch "E. 20" -CaseSensitive |Out-String

#call smtpSend function if match found in logs
if ($smtpBody -ne "") {smtpSend}