You have an upcoming change and some new DDCs you brought online. You may be changing out to Citrix Cloud (you better be), and you may need to change the ListofDDCs to you Cloud Connector. Sometimes GPO may take a minute to reflect what you want set. You can use this to change the ListOfDDCs quickly. You can also add the ListofSSIDs if that is something that you use by adding another registry name and value in your script block. I have the Get-ItemProperty used twice to get the result of what was set before the change and to show the reflected change. I just like to doubly confirm something and make sure something hinky was not afoot.
# Script to change DDCs on a group of Citrix servers. You will need access to the remote servers and firewall access with PowerShell.
$listServers = Get-Content c:\scripts\logs\svrlist.txt
$date = Get-Date -Format MMddyyyy
$report = @()
foreach($srv in $listServers) {
$scriptBlock = {
$regName = "ListOfDDCs"
$regValue = "DDC1 DDC2 or CC1 CC2"
Get-ItemProperty -Path HKLM:\Software\Citrix\VirtualDesktopAgent
Set-ItemProperty -Path HKLM:\Software\Citrix\VirtualDesktopAgent -Name $regName -Value $regValue
Get-ItemProperty -Path HKLM:\Software\Citrix\VirtualDesktopAgent
}
$ddcUpdate = Invoke-Command -ComputerName $srv -ScriptBlock $scriptBlock
$report += $ddcUpdate
}
$report | Out-File c:\scripts\logs\$date-ddcchange-list.txt
Building off of the VDA Upgrade script, this adds the additional components from a base server install. You will need to have the software packages in a folder, c:\software\ for this example. This script checks for Remote Desktop Services being installed and if not, installs Remote Desktop Services prior to kicking off the clean install of the Citrix VDA. I found this method worked best when trying to do a clean install. You can adjust the delay on the Add Minutes if you need more time before kicking off the base install. With SSD and decent procs, it shouldn’t take too long to install RDS and the Citrix VDA.
This batch file contains installs for: Acrobat DC; MS Edge; Google Chrome; Office 2016×86. The Install-Edge.ps1 is included below. You will need to create an MSP and config.xml for your Office configuration. Mode.reg is included as it sets the license mode to “Per User” for RDS Licensing mode. If you have any custom registry edits, you can included similar to mode.reg to import those registry settings as part of the install. You can modify the baseinstall.bat to add any programs you wish to add. Just make sure you can do the setup of the app in an unattended mode so that you can run it. When the install is complete, just remember to cleanup the installers in the c:\software folder to save space.
baseinstall.bat
@ECHO ON
change user /install
REM pause
timeout 5
net localgroup "Remote Desktop Users" /add "domain1\domain users" "domain2\domain users"
REM pause
timeout 5
REG IMPORT C:\software\mode.reg
REM pause
timeout 5
C:\software\AcrobatRdrDC\setup.exe /sAll /ini Setup.ini
REM pause
timeout 10
cd C:\software\MS-Edge
powershell -File ".\Install-Edge.ps1" -MSIName "MicrosoftEdgeEnterpriseX64.msi" -ChannelID "{56eb18f8-b008-4cbd-b6d2-8c97fe7e9062}" -DoAutoUpdate "True"
REM pause
timeout 5
msiexec.exe /i "C:\software\Google-Chrome\64B\GoogleChromeStandaloneEnterprise64.msi" /qn
REM pause
timeout 5
C:\software\Office\setup.exe /config .\ProPlus.WW\config.xml /adminfile CITRIX.MSP
REM pause
timeout 10
change user /execute
REM pause
timeout 5
C:\Windows\system32\schtasks.exe /delete /tn BaseInstall /f
C:\Windows\System32\timeout.exe /t 5
C:\Windows\System32\shutdown.exe /r /t 20 /f
del c:\software\vdaupgrade\baseinstall.bat /F
Install.bat
REM change port number in below command.
REM Use citrix vda command line helper tool from citrix. https://support.citrix.com/article/CTX234824 if needed
REM Install new VDA agent, delete files and scheduled tasks. Finally reboot.
C:\software\vdaupgrade\VDAServerSetup_1912.exe /masterpvsimage /virtualmachine /components VDA /controllers "DDC1 DDC2 DDC3" /noreboot /quiet /disableexperiencemetrics /enable_hdx_ports /enable_hdx_udp_ports /enable_real_time_transport /enable_remote_assistance
C:\Windows\system32\schtasks.exe /delete /tn VDAInstall /f
del c:\software\vdaupgrade\VDAServerSetup_1912.exe /F
C:\Windows\System32\timeout.exe /t 5
C:\Windows\System32\shutdown.exe /r /t 20 /f
del c:\software\vdaupgrade\install.bat /F
Install-Edge.ps1
param
(
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[ValidatePattern('^[a-zA-Z0-9]+.[m|M][s|S][i|I]$')]
[string]$MSIName,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[ValidatePattern('^{[0-9A-Fa-f]{8}[-][0-9A-Fa-f]{4}[-][0-9A-Fa-f]{4}[-][0-9A-Fa-f]{4}[-][0-9A-Fa-f]{12}}$')]
[string]$ChannelID,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string]$DoAutoUpdate
)
# See if autoupdate is false
if($DoAutoUpdate -eq $false)
{
# Registry value name is in the format "Update<{ChannelID}> where ChannelID is the GUID
Set-Variable -Name "AutoUpdateValueName" -Value "Update$ChannelID" -Option Constant
Set-Variable -Name "RegistryPath" -Value "HKLM:\SOFTWARE\Policies\Microsoft\EdgeUpdate" -Option Constant
# Test if the registry key exists. If it doesn't, create it
$EdgeUpdateRegKeyExists = Test-Path -Path $RegistryPath
if (!$EdgeUpdateRegKeyExists)
{
New-Item -Path $RegistryPath
}
# See if the autoupdate value exists
if (!(Get-ItemProperty -Path $RegistryPath -Name $AutoUpdateValueName -ErrorAction SilentlyContinue))
{
New-ItemProperty -Path $RegistryPath -Name $AutoUpdateValueName -Value 0 -PropertyType DWord
}
$AutoupdateValue = (Get-ItemProperty -Path $RegistryPath -Name $AutoUpdateValueName).$AutoUpdateValueName
# If the value is not set to 0, auto update is not turned off, this is a failure
if ($AutoupdateValue -ne 0)
{
Write-Host "Autoupdate value set incorrectly"
return -1
}
}
# Install the Edge MSI
return (Start-Process msiexec.exe -Wait -PassThru -ArgumentList "/i $MSIName /q").ExitCode
mode.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\Licensing Core]
"LicensingMode"=dword:00000004
There are times that you created some Hosted Shared Desktops. You published them and gave them out. You want to make sure you don’t duplicate your work and create another one when you may have one that is already available for a user group. How about a script to see what you got, what you named it, what Delivery Group is hosting it, what users are assigned to it, and what servers are assigned to it? I’ve got just the script for you!
Maybe when you are planning to do some upgrades but don’t remember when you set your reboot schedule times on your Delivery Groups. This will show you all the reboot schedules you have configured with server names. This also shows if you have Delivery Groups with no servers assigned to them, but had previously created a reboot schedule.
Update: I did run into an interesting thing with it. I had to define the if and elseif in order for it to evaluate as being true. Not sure what was going on with that.
# Script to get reboot schedules of Delivery Groups with times and server names using ISE 5.1 and Citrix Studio SDK installed locally.
asnp Citrix*
$date = Get-Date -Format MMddyyyy
$adminAddress = "ddc.fqdn:80"
$ctxRebootSchedule = Get-BrokerRebootScheduleV2 -AdminAddress $adminAddress -MaxRecordCount 100000
$report = @()
foreach($ctx in $ctxRebootSchedule) {
$line = "" | Select-Object DesktopGroupName, ScheduleName, Enabled, Frequency, StartTime, RebootDuration, ServerCount, ServerNames
$machineNames = Get-BrokerMachine -AdminAddress $adminAddress -DesktopGroupName $ctx.DesktopGroupName
$line.DesktopGroupName = $ctx.DesktopGroupName
$line.ScheduleName = $ctx.Name
$line.Enabled = $ctx.Enabled
$line.Frequency = $ctx.Frequency
$line.StartTime = $ctx.StartTime
$line.RebootDuration = $ctx.RebootDuration
$line.ServerCount = ($machineNames.HostedMachineName).count
if(($line.ServerCount) -ne 0){
$line.ServerNames = ($machineNames.HostedMachineName) -join ';'
}
elseif(($line.ServerCount) -eq 0) {
$line.ServerNames = "None Assigned To DG"
}
$report += $line
}
$report | export-csv c:\scripts\logs\$date-Citrix-Reboot-Schedule.csv -Append -NoTypeInformation
Just a quick little script you can add to your daily checks. This has been helpful for me to see if I have something that didn’t want to play nice BEFORE someone calls me and says it is broken. Good to have also if you have multiple hypervisor connections so you can see where at least it is running. Saves you looking around to figure out where it be.
So you want to upgrade some VDAs?! Yeah you do! I’ve done some edits on other scripts. I’m also working out for additional revisions to check for present sessions. This targets the Server VDA version. You can edit the name to VDAWorkstationSetup_1912.exe in the script and accompanying files to upgrade on VDI as well. The base for this is listed below in the script from ChayScripts. You can also change the install switches and copy that into the install.bat file if you need different options (https://www.citrix.com/blogs/2018/01/08/citrix-vda-commandline-helper-tool/)
For the contents of the ServerNameTextFile, you will need FQDN of the servers for the invoke commands. This splits the FQDN off for the powercli aspect to snapshot the server.
# Base VDA removal / reinstall script. This uses Powershell ISE on 5.1 with needing to be ran with account with rights in VMware and on the target server as well as the module for PowerCLI.
# Modified from https://github.com/ChayScripts/Citrix-VDA-Upgrade-Scripts scripts. Added snapshot for VMware and a report of previous versions.
$vdalist = get-content "C:\pathtotextfilewithfqdnservernames.txt"
$source = "placewherefilesarestored\vdaupgrade"
$dest = "c$\software\vdaupgrade"
$date = Get-Date -Format MMddyyyy
$report = @()
foreach ($vda in $vdalist) {
$line = "" | Select Name, PreviousVersion, SnapShot
$vda1 = ($vda.split('.')[0])
$line.Name = "$vda"
$line.PreviousVersion = (invoke-command -ComputerName $vda -ScriptBlock {Get-WmiObject -Class Win32_Product | where name -match "Citrix Virtual Desktop Agent - x64" | select Name,Version}).Version
$snapshot = (get-vm $vda1 | new-snapshot -name $date-$vda1-preupgrade)
$line.SnapShot = (get-vm $vda1 | get-snapshot).name
Write-Host "Working on $vda"
if (!(Test-Path -Path \\$vda\c$\software\vdaupgrade)) {
New-Item -ItemType Directory -Path \\$vda\c$\software -Name vdaupgrade
Copy-Item "\\$source\install.bat" -Destination \\$vda\$dest -Force
Copy-Item "\\$source\remove.bat" -Destination \\$vda\$dest -Force
Copy-Item "\\$source\VDAServerSetup_1912.exe" -Destination \\$vda\$dest -Force
}
else {
Copy-Item "\\$source\install.bat" -Destination \\$vda\$dest -Force
Copy-Item "\\$source\remove.bat" -Destination \\$vda\$dest -Force
Copy-Item "\\$source\VDAServerSetup_1912.exe" -Destination \\$vda\$dest -Force
}
Invoke-Command -ComputerName $vda -Scriptblock {
$time = (Get-Date).AddMinutes(3)
$action = New-ScheduledTaskAction -Execute 'c:\software\vdaupgrade\remove.bat'
$trigger = New-ScheduledTaskTrigger -Once -At $time
$principal = New-ScheduledTaskPrincipal -RunLevel Highest -UserID "NT AUTHORITY\SYSTEM" -LogonType S4U
Register-ScheduledTask -Action $action -Trigger $trigger -Principal $principal -TaskName "VDAUninstall" -Description "Citrix VDA Uninstall"
}
Invoke-Command -ComputerName $vda -Scriptblock {
$action = New-ScheduledTaskAction -Execute 'c:\software\vdaupgrade\install.bat'
$trigger = New-ScheduledTaskTrigger -AtStartup
$principal = New-ScheduledTaskPrincipal -RunLevel Highest -UserID "NT AUTHORITY\SYSTEM" -LogonType S4U
Register-ScheduledTask -Action $action -Trigger $trigger -Principal $principal -TaskName "VDAInstall" -Description "Citrix VDA Install"
}
$report += $line
}
$report | export-csv c:\scripts\logs\$date-vda-upgrades.csv -Append -NoTypeInformation
You will need to create an install.bat and remove.bat file with the contents below.
Install.bat
REM change port number in below command.
REM Use citrix vda command line helper tool from citrix. https://support.citrix.com/article/CTX234824 if needed
REM Install new VDA agent, delete files and scheduled tasks. Finally reboot.
C:\software\vdaupgrade\VDAServerSetup_1912.exe /masterpvsimage /virtualmachine /components VDA /controllers "DDC1 DDC2 DDC3" /noreboot /quiet /disableexperiencemetrics /enable_hdx_ports /enable_hdx_udp_ports /enable_real_time_transport /enable_remote_assistance
C:\Windows\system32\schtasks.exe /delete /tn VDAInstall /f
C:\Windows\system32\schtasks.exe /delete /tn VDAUninstall /f
del c:\software\vdaupgrade\remove.bat /F
del c:\software\vdaupgrade\VDAServerSetup_1912.exe /F
C:\Windows\System32\timeout.exe /t 5
C:\Windows\System32\shutdown.exe /r /t 20 /f
del c:\software\vdaupgrade\install.bat /F
This script allows you to get the list of Delivery Groups by “SessionSupport” type and reports back “MultiSession” as “CitrixApp” and SingleSession as “VDI.”
# Script to get MultiSession and SingleSession counts from Delivery Groups with a non-zero user count. This sorts by MultiSession, then SingleSession. This was ran on a machine with Citrix Studio SDK
# installed. This was tested with CVAD 1912 LTSR.
asnp Citrix*
$adminAddress = "deliverycontroller.fqdn"
$getDG = Get-BrokerDesktopGroup -AdminAddress $adminAddress -MaxRecordCount 100000 | Select-Object Name, SessionSupport | Get-Unique -AsString
$report = @()
foreach($dg in $getDG) {
$line = "" | Select DeliveryGroupName, UserCount, SessionSupport
$userCount = (Get-BrokerSession -AdminAddress $adminAddress -DesktopGroupName $dg.name -MaxRecordCount 100000 | Select-Object BrokeringUserName).count
if ($userCount -ne '0' -and $userCount -ne $null){
$line.DeliveryGroupName = $dg.name
$line.UserCount = $userCount
if($dg.SessionSupport -eq "SingleSession") {
$line.SessionSupport = 'VDI'
}
else{
$line.SessionSupport = 'CitrixApp'
}
$report += $line
}
}
$citrixAppTotal = (($report | Where-Object SessionSupport -eq "CitrixApp"| Select-Object UserCount).UserCount| Measure-Object -Sum).Sum
$citrixVDITotal = (($report | Where-Object SessionSupport -eq "VDI"| Select-Object UserCount).UserCount| Measure-Object -Sum).Sum
$appTotal = write-output "`r`nTotal Citrix App users: $citrixAppTotal"
$vdiTotal = write-output "Total VDI Users: $citrixVDITotal"
$report += $apptotal
$report += $vdiTotal
$report | sort SessionSupport, @{Expression="UserCount";Descending=$true}|Format-Table
So ran into this fun on Citrix VDI with Windows Terminal. You get it installed. You start it up. It’s all shiny. You press a button….. And…… NOTHING! So we saw this issue on Windows Terminal on Windows 10 20H2 running CVAD 1912 CU5 VDA. A little bit of searching and this article pointed to part of what was up. https://github.com/microsoft/terminal/issues/4448
The fix that had to be done to resolve it in our case was to set the “Touch Keyboard and Handwriting Panel Service” to “Manual” in Services. Then rebooting. After that, it fired right up and worked!
So you like your reports fresh off the press!? We do too! A quick little script to grab a daily report, running as a scheduled task, and send out some user information. Just in case someone likes to know how many people using the platform.
Gets you this nice little emailed report:
# Get Citrix Daily Users reporting. This requires Powershell, Studio SDK, access rights to the license server.
# This gets the unique users, current sessions, connected and disconnected VDI, and license counts.
# This was tested with 11.17.2.0 build 37000 License Server with 1 license file. Running this as a scheduled task you will need an AD account
# to run this under. A service account works well for this.
asnp Citrix*
$adminAddress = "deliverycontroller.fqdn:80"
$licenseServerAddress = "https://licenseserveraddress:8083"
$licenseServerName = "licenseserver.fqdn"
$cert = Get-LicCertificate -AdminAddress $licenseServerAddress
# This section was gotten from https://lalmohan.co.nz/2015/10/09/citrix-license-usage-monitoring-using-powershell/ and modified for my use.
$licenseInfo = Get-WmiObject -Namespace "ROOT\CitrixLicensing" Citrix_GT_License_Pool -ComputerName $licenseServerName
$licenseModel = ($LicenseInfo | Where-Object{($_.pld -like "XDT*") -or ($_.pld -like "MPS*")}|Select-Object pld -unique).pld
$totalLicenses = ($licenseInfo | Where-Object PLD -like "$licenseModel" | Select-Object count).count
# End section.
# This section was assisted from http://notesofascripter.com and https://www.linkedin.com/in/douglas-ruehrwein-56835869/
# This will run differently for Monday since you are getting data from the last 24 hours and weekends are usually lower use.
$Today = Get-Date
if(($Today.DayOfWeek) -eq 'Monday')
{$when = $Today.AddDays(-3)}
else{$when = $Today.AddDays(-1)}
# End section.
$connections = Get-BrokerConnectionLog -AdminAddress $adminAddress -Filter {BrokeringTime -gt $when} -MaxRecordCount 100000 | Select-Object BrokeringUserName
$licenseCount = (Get-LicUsageDetails -AdminAddress $licenseServerAddress -ProductEditionModel $licenseModel -CertHash $cert.CertHash).count
$ctxUsers = [PSCustomObject] @{
UniqueCitrixUsers = ($connections.BrokeringUserName | Select-Object -Unique).count
CurrentSessions = (Get-BrokerSession -AdminAddress $adminAddress -MaxRecordCount 100000 | Select-Object BrokeringUserName).count
CitrixVDIConnected = (Get-BrokerSession -AdminAddress $adminAddress -MaxRecordCount 100000 | Where-Object SessionSupport -eq "SingleSession" | Where-Object SessionState -eq "Active").count
CitrixVDIDisconnected = (Get-BrokerSession -AdminAddress $adminAddress -MaxRecordCount 100000 | Where-Object SessionSupport -eq "SingleSession" | Where-Object SessionState -eq "Disconnected").count
CitrixLicensesUsed = $licenseCount
CitrixTotalLicenses = $totalLicenses
CtxLicenseFreePercent = ((($totalLicenses - $licenseCount) / $totalLicenses ) * 100).ToString("#.##")
}
# HTML Formatting
$style = "<style>BODY{font-family: Arial; font-size: 10pt;}"
$style = $style + "TABLE{border: 1px solid black; border-collapse: collapse;}"
$style = $style + "TH{border: 1px solid black; background: #dddddd; padding: 5px; }"
$style = $style + "TD{border: 1px solid black; padding: 5px; }"
$style = $style + "</style>"
# HTML Email Body
$body = $ctxUsers | ConvertTo-Html -Head $style
# Generates email with attachment
$date = Get-date -Format "MM-dd-yyyy"
$emailFrom = "someemail@place.com"
$emailto = "someemail@place.com"
#$emailtwo = "someemail@place.com"
#$emailCC = "someemail@place.com"
$subject="Daily Citrix User Report | $date"
$email = New-object System.Net.Mail.MailMessage
$email.to.Add($emailto)
#$email.to.Add($emailtwo)
#$email.CC.Add($emailCC)
$Email.From = New-Object system.net.Mail.MailAddress $emailFrom
$email.Subject = $subject
$email.IsBodyHtml = $true
#$attachment = $Reports[1]
#$email.Attachments.add($attachment)
$email.body = $body
$smtpserver="stmp.someplace.com"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($email)
So you run SiteManager. And somebody done decided they want to make a new server that will host the security.dat file. And… You already did the work to create custom .ini file locations for the users. NOW you have to change all those smapp.ini files with the updated location of the security.dat file. How dare they?! Well. That could be some fun if you have a lot of users. Wait…. Powershell for the rescue! If you happen to use a profile server to host the user files, you can easily replace it with the new location of the security.dat file.
Update: Not sure what happened, but the code paste didn’t take evidently. I blame gremlins. It has been corrected.
# Replace a line / value in .ini file stored in Citrix UPM folder location when a change to the application is made.
# An example is for SiteManager, if you change the location of the .dat file for security.dat file and you are using a custom .ini
# created and stored with the user profile.
$filePath = "e:\locationofupmfolders"
$Files = Get-ChildItem -Path $filePath -Recurse -File -force -Include "smapp.ini"
foreach($file in $files)
{
$find = "value-you-want-to-change"
$replace = "value-you-want-to-change-to"
$content = Get-Content $($file.FullName) -Raw
#write replaced content back to the file
$content -replace $find,$replace | Out-File $($file.FullName) | write-output
}
Easy peasy. Now they have the new location of the security.dat file!