Virtualization, technology, and random rantings with a focus on Citrix and VMware.

Tag: citrix cloud

Quick Function To Find User VDI

Sometimes you need to find a user’s VDI machine to work on it. This function will do that for you. I typically use the last name as the search to limit the scope of the machines found. It will find all machines that contain any part of the string you enter. It also shows the MachineName which includes the domain\machinename to help locate the user machine. You can add other parameters such as AgentVersion if desired. I limited the scope to not include floating pool (Random) assigned machines. For a list of all fields of Get-BrokerMachine that can be selected in the function with Select-Object, please see this link: Get-BrokerMachine Options

# Requires being connected to Citrix Cloud with DaaS SDK. 
Function Get-VDI {
    [cmdletbinding()]
    Param(
        [Parameter(Position = 0, Mandatory, ValueFromPipeline, ValueFromPipelineByPropertyName)]
        [string]$VDIUserName
    )
   
    Process {
       $userToFind = '*' + $VDIUserName + '*'
       $getVDIs = Get-BrokerMachine -MaxRecordCount 100000 | Where-Object SessionSupport -eq "SingleSession" | Where-Object AllocationType -eq "Static" | Where-Object AssociatedUserNames -like "$userToFind" | Select-Object AssociatedUserNames, MachineName, RegistrationState, InMaintenanceMode, SessionCount
    }
    End {
        $getVDIs
    }
}
Example with user that has 4 desktops assigned.

Also to make it is easy for the day to day, you can add this to your profile with notepad $profile and copy and paste it there and reload.

License Please! : Get Licensed Users From Citrix Cloud

So you want to find out what licenses are in use? Maybe you want to know licenses that are checked out that might be over 30 days since that user logged in. Maybe you want to know for longer periods of time. You can get this from the Citrix Cloud console. You can also get it another way. And you can filter down to based on if it has been a period of time since the user accessed. This example gets all users then filters down to the latestLogonTime of older than 30 days.

# Script to get license use from Citrix Cloud. Tested with Powershell ISE. Also requires secure-client.csv with ID, Secret, and CustomerID in CSV to pass to Citrix Cloud.
# This creates a csv with the consumerID, deviceCount, consumerDisplayName, latestLogonTime, and firstLogonTime.
<# All fields available:
consumerId          : user@company.com
consumerDisplayName : user
deviceCount         : 0
userId              : user@company.com
upn                 : user@company.com
userName            : user
domain              : domain
latestLogonTime     : UTC Time
firstLogonTime      : UTC Time

#>
$date           = Get-Date
$olderThan      = $date.AddDays(-30)
$creds          = Import-Csv "c:\scripts\secure-client.csv"
$CLIENT_ID      = $creds.ID
$CLIENT_SECRET  = $creds.Secret
$CUSTOMER_ID    = $creds.CustomerID
$tokenUrl       = 'https://api-us.cloud.com/cctrustoauth2/root/tokens/clients'
$reportName     = "user-license-use.csv"
$getDate        = Get-Date -Format MMddyyyy
$reportLocation = "C:\scripts\logs"
$output         = @()
$searchOutput   = @()


$response       = Invoke-WebRequest $tokenUrl -Method POST -Body @{
  grant_type    = "client_credentials"
  client_id     = $CLIENT_ID
  client_secret = $CLIENT_SECRET
}

$token = $response.Content | ConvertFrom-Json

$headers              = @{
  Accept              = "application/json"
  Authorization       = "CwsAuth Bearer=$($token.access_token)"
  'Citrix-CustomerId' = $CUSTOMER_ID
 }
 
 
$resourceLocUrl = "https://api-us.cloud.com/catalogservice/$CUSTOMER_ID/sites"
$response       = Invoke-WebRequest $resourceLocUrl -Headers $headers
$content        = $response.Content | ConvertFrom-Json
$siteID         = $content.sites.id

$headers              = @{
  Accept              = "application/json"
  Authorization       = "CwsAuth Bearer=$($token.access_token)"
  'Citrix-CustomerId' = $CUSTOMER_ID
  'Citrix-InstanceId' = $siteID
 }


$response = Invoke-RestMethod "https://api-us.cloud.com/licensing/license/enterprise/cloud/cvad/ud/users" -Method 'GET' -Headers $headers

$output = $response.consumerList

foreach($out in $output){
    $line                     = "" | Select-Object consumerId, deviceCount, consumerDisplayName, latestLogonTime, firstLogonTime
        
    $line.consumerId          = $out.consumerId
    $line.deviceCount         = $out.deviceCount
    $line.consumerDisplayName = $out.consumerDisplayName
    $line.latestLogonTime     = ([DateTime]$out.latestLogonTime)
    $line.firstLogonTime      = ([DateTime]$out.firstLogonTime)

    $searchOutput += $line
}


$searchOutput | Where-Object latestLogonTime -lt $olderThan| Export-Csv "$reportLocation\$getDate-$reportName" -Append -NoTypeInformation

Well That Is Neat: Change Noticed On Citrix Cloud Director Activity Manager

Looks like there have been some updates to the Activity Manager on the Citrix Cloud Director. Buttons have been moved. Layout appears different. The contact card in the upper-left appears now on the Activity Manager and Details page. The overall feel of this is really nice and feels sleeker.

The Details pane appears to have remained the same.

What Do You Want? Information! : Getting Application Information And Exporting To CSV

You know you have a LOT of apps. But you want to know about 1 app in particular. You could go to Studio and look. You could peruse the various pieces and parts to and get what you want. Or…. you could just grab it via script. So that is what we gonna do here. We are going to present a grid view of the applications you have published, select one of them, and give you all the information you have room for! And, for an unlimited time offer, export to csv! This requires having setup your Citrix Cloud authentication and using your secureclient.csv to access.

Selection menu
Output from script
CSV output
# Get Citrix Application Info
asnp Citrix*
Get-XDAuthentication -ProfileName "default"

$application             = Get-BrokerApplication -MaxRecordCount 100000 | Select-Object ApplicationName, Enabled, AssociatedApplicationGroupUids, AllAssociatedDesktopGroupUids | Out-GridView -Title "Applications" -PassThru
$date                    = Get-Date -Format MMddyyyy
$a                       = 1
$d                       = 1

$app                     = $application.ApplicationName
$appGroupUids            = @($application.AssociatedApplicationGroupUids)
$deliveryGroupUids       = @($application.AllAssociatedDesktopGroupUids)
$appGroupUidsCounts      = ($appGroupUids).Count
$deliveryGroupUidsCounts = ($deliveryGroupUids).count
$ctxAppInfo              = [PSCustomObject]@{}
$ctxAppInfo | Add-Member -NotePropertyName "ApplicationName" -NotePropertyValue ($application).ApplicationName -Force
$ctxAppInfo | Add-Member -NotePropertyName "Enabled" -NotePropertyValue ($application).Enabled -Force

if($appGroupUidsCounts -gt 0){

  foreach($appGroups in $appGroupUids){
    
    $applicationGroupInfo    = (Get-BrokerApplicationGroup -Uid $appGroups)
    $applicationGroupNames   = ($applicationGroupInfo).ApplicationGroupName
    $ctxAppInfo | Add-Member -NotePropertyName "ApplicationGroups-$a" -NotePropertyValue $applicationGroupNames -Force

    if($applicationGroupInfo.AssociatedUserNames -ne $null){
      
      $applicationGroupUsers = ($applicationGroupInfo).AssociatedUserNames -join ';'
      $ctxAppInfo | Add-Member -NotePropertyName "ApplicationGroupUsers-$a" -NotePropertyValue $applicationGroupUsers -Force
      
    }
    
    $a++
  } 
}

if($deliveryGroupUidsCounts -gt 0){
  
  foreach($deliveryGroup in $deliveryGroupUids){
    
    $deliveryGroupInfo  = Get-BrokerDesktopGroup -Uid $deliveryGroup
    $deliveryGroupNames = $deliveryGroupInfo.PublishedName
    $deliveryGroupUsers = (Get-BrokerAccessPolicyRule -DesktopGroupName "$deliveryGroupNames")
    $dgUserCheck        = ($deliveryGroupUsers).AllowedUsers
    $ctxAppInfo | Add-Member -NotePropertyName "DeliveryGroupNames-$d" -NotePropertyValue $deliveryGroupNames -Force
    
    if($dgUserCheck -eq "Filtered"){
    
      $deliveryGroupUsers  = ($deliveryGroupUsers).IncludedUsers.Name -join ';'
      $ctxAppInfo | Add-Member -NotePropertyName "DeliveryGroupUsers-$d" -NotePropertyValue $deliveryGroupUsers -Force
    }
    if($dgUserCheck -eq "AnyAuthenticated"){
      $ctxAppInfo | Add-Member -NotePropertyName "DeliveryGroupUsers-$d" -NotePropertyValue "AnyAuthenticated" -Force
    }
    
    $deliveryGroupMachines        = Get-BrokerMachine -MaxRecordCount 100000 | Where-Object DesktopGroupName -eq "$deliveryGroupNames"
    $deliveryGroupMachineNames    = ($deliveryGroupMachines | Select-Object MachineName).MachineName -join ';'
    $ctxAppInfo | Add-Member -NotePropertyName "DeliveryGroupMachines-$d" -NotePropertyValue $deliveryGroupMachineNames -Force
    
    
    $d++
  }

 
}

$ctxAppInfo | Export-Csv C:\scripts\logs\$date-$app-App-Info.csv -Append -NoTypeInformation

Moving Control Plane To Cloud: Migrating Citrix Director To Cloud

Fourth in the series of moving the control plane to Citrix Cloud…. So you have moved your control plane and now you need some monitoring via the wonders of Director. You can do this… There are some things that you have to consider. First, historical data DOES NOT migrate as part of using the Automated Configuration Tool (ACT). I looked over the list of things that it did, and that was not one of the things listed as migrating. I did learn through a ticket that moving the historical data is not at this time supported, nor was there a tool to move said data. For those customers that heavily rely on the reporting data available, you will need to plan accordingly. This presents a difficulty that an on-prem version of Director would need to be maintained for a year (or whatever grooming schedule you have defined) to allow the data to be accessed while the new data was populating. This can cause issues with people needing to access BOTH locations in order to get accurate data. Also, default for Premium / Platinum customers is 90 days of historical data in Director. Advanced licensing provides 31 days. If you need more time than that, you will need to open a ticket with Citrix to get that time extended which can take 1 – 2 weeks. (More information on Citrix Director in Cloud can be found here: Director On Citrix Cloud )

Now if you have setup AD Connect to connect to Citrix Cloud with company credentials, you can publish Director with the accounts people already use to login with at their company. After moving, there is also a post that will come about how scopes are affected and you have to reassign your access groups used in your company to the new Monitor role that is created for EACH scope they need access.

To confirm that you have AD Connect configured, you can check the Identity And Access Management on the hamburger menu on your Citrix Cloud login.

It should show Azure Active Directory and next to https://citrix.cloud.com/go should be your company name selected when you connected AAD.

If this is showing as connected, you can publish Director to your helpdesk group.

These are the arguments for publishing Director with Microsoft Edge:

ApplicationName : Director
CommandLineArguments : https://xenapp.cloud.com/monitor
CommandLineExecutable : %ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe
WorkingDirector : %ProgramFiles(x86)%\Microsoft\Edge\Application

Once you have published the app to your users, the directions below will allow them to connect with their AAD credentials.

Once the user clicks on the link, they will be presented with the Citrix Cloud login.

The user will need to click on “Sign in with my company credentials.”

The user will need to enter the company name assigned at the configuration of AAD Connect.

If you are using MFA with Office 365 or another provider, you will have needed to setup your MFA app / other methods of verification.

After completing login, user will be presented Director and be able to continue duties as assigned by roles.

Links to other articles in the series:

Part 1 of migration series Setting Up Cloud SDK And Authentication Profiles: Part 1

Part 2 of migration series Changing Custom PublishedName Property: Part 2

Part 3 of migration series Migrating Citrix Daily User Report: Part 3

Moving Control Plane To Cloud: Migrating Citrix Daily User Report

Third in the series of moving the control plane to Citrix Cloud…. So you had your daily user report kicking out everyday (Surely you created one from this other post: https://xenapplepie.com/2022/04/12/if-you-could-get-those-user-counts-today-that-would-be-great/). It was working its happy way through life. Then you just moved parts it talked to into the cloud. I have created this updated report script to allow for it to pull from Citrix Cloud. This requires that you have already setup your API access with the secureclient.csv, that you added the CustomerID to your secureclient.csv, and you have installed the Citrix Cloud SDK. If you don’t have those, you are gonna have a bad day. I left the comment for the #Get Licensing Info so you can see what all other fields you can get if needed from there. If you are using VS Code, when you run that section, you can create a new variable and assign it as “$content.” and it will show the other available pieces of information you can assign such as “deviceLicenseUsage.”

**Update: Removed line with Get-XDAuthentication as it is doing a double authentication. Changed SDK commands to use $headers.Authorization to pass same bearer token**

Example Of Autocomplete From VS Code For Licensing
Sample Output From Script Email
# Citrix Daily Report with updates for using Citrix Cloud. This was done in Powershell ISE 5.1 with Citrix Cloud SDK installed.

asnp Citrix*

$Today = Get-Date
if(($Today.DayOfWeek) -eq 'Monday')
{$when = $Today.AddDays(-3)}
else{$when = $Today.AddDays(-1)}

$creds          = import-csv "c:\scripts\logs\secureclient.csv"
$CLIENT_ID      = $creds.ID
$CLIENT_SECRET  = $creds.Secret
$CUSTOMER_ID    = $creds.CustomerID
$tokenUrl       = 'https://api-us.cloud.com/cctrustoauth2/root/tokens/clients'

$response       = Invoke-WebRequest $tokenUrl -Method POST -Body @{
  grant_type    = "client_credentials"
  client_id     = $CLIENT_ID
  client_secret = $CLIENT_SECRET
}

$token = $response.Content | ConvertFrom-Json

$headers              = @{
  Accept              = "application/json"
  Authorization       = "CwsAuth Bearer=$($token.access_token)"
  'Citrix-CustomerId' = $CUSTOMER_ID
 }

# Get Licensing Info
$response            = Invoke-WebRequest "https://api-us.cloud.com/licensing/license/enterprise/cloud/cvad/ud/current" -Method Get -Headers $headers
$content             = $response.Content | ConvertFrom-Json
$response.Content | ConvertFrom-Json | ConvertTo-Json -Depth 10
$licensingTotalCount = $content.totalAvailableLicenseCount
$licensingUsageCount = $content.totalUsageCount
$licensingRemaining  = $content.remainingLicenseCount

$connections = Get-BrokerConnectionLog -BearerToken $headers.Authorization  -Filter {BrokeringTime -gt $when} -MaxRecordCount 100000 | Select-Object BrokeringUserName

$CitrixVDIConnected     = (Get-BrokerSession -BearerToken $headers.Authorization  -MaxRecordCount 100000 | Where-Object SessionSupport -eq "SingleSession" | Where-Object SessionState -eq "Active").count
$CitrixVDIDisconnected  = (Get-BrokerSession -BearerToken $headers.Authorization  -MaxRecordCount 100000 | Where-Object SessionSupport -eq "SingleSession" | Where-Object SessionState -eq "Disconnected").count

$ctxUsers = [PSCustomObject] @{

  UniqueCitrixUsers      = ($connections.BrokeringUserName | Select-Object -Unique).count
  CurrentSessions        = (Get-BrokerSession -BearerToken $headers.Authorization -MaxRecordCount 100000 | Select-Object BrokeringUserName).count
  CitrixVDISessions      = $CitrixVDIConnected + $CitrixVDIDisconnected
  CitrixLicensesUsed     = $licensingUsageCount
  CitrixTotalLicenses    = $licensingTotalCount
  CtxLicenseFreePercent  = ((($licensingUsageCount) / $licensingTotalCount ) * 100).ToString("#.##")

}

# HTML Formatting
$style = "<style>BODY{font-family: Arial; font-size: 10pt;}"
$style = $style + "TABLE{border: 1px solid black; border-collapse: collapse;}"
$style = $style + "TH{border: 1px solid black; background: #dddddd; padding: 5px; }"
$style = $style + "TD{border: 1px solid black; padding: 5px; }"
$style = $style + "</style>"

$body = $ctxUsers | ConvertTo-Html -Head $style 

$date             = Get-Date -Format "MM-dd-yyyy"
$emailFrom        = "someemail@company.com"
$emailto          = "someemail@company.com"
$emailtwo         = "someemail@company.com"
$emailCC          = "someemail@company.com"
$subject          = "Daily Citrix User Report | $date" 
$email            = New-object System.Net.Mail.MailMessage 
$email.to.Add($emailto)
$email.to.Add($emailtwo)
$email.CC.Add($emailCC)
$Email.From       = New-Object system.net.Mail.MailAddress $emailFrom
$email.Subject    = $subject
$email.IsBodyHtml = $true
$email.body       = $body
$smtpserver       = "smtp.company.com" 
$smtp             = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($email)

Links to other articles in the series:

Part 1 Of Cloud Migration Series: Part 1

Part 2 Of Cloud Migration Series: Part 2

Part 4 Of Cloud Migration Series: Part 4

Moving Control Plane To Cloud: Changing Custom PublishedName Property

Next in the series of Cloud Migration…. When migrating the control plane to Citrix Cloud, I found that if you had changed the PublishedName to something other than the default Delivery Group name, they up and vanished and reverted to the Delivery Group name. I didn’t have that many to have to change, but if you had a LOT of them set, it would have not been fun. But…. Powershell again to the rescue!

If you do use custom set PublishedName, then you will need to get a list exported from your old DDC to import. This builds on the other post of setting up your new Powershell SDK.

The script below has parts to run on the old DDC and on a machine with the new SDK installed.

# Script to get custom PublishedName and change from on-prem to Citrix Cloud after ACT import.

# To be ran on old on-prem DDC to get custom PublishedNames.
Get-BrokerDesktopGroup | Select-Object Name, PublishedName | Export-csv C:\scripts\logs\pubslishedname.csv -append -NoTypeInformation

# To be ran on machine with Citrix Cloud SDK installed.
asnp Citrix*

Get-XDCredentials -ProfileName "default"

$pubName = import-csv "C:\scripts\logs\published.csv"

foreach($pub in $pubName){
  
  Get-BrokerDesktopGroup -Name $pub.Name | Set-BrokerDesktopGroup -PublishedName $pub.PublishedName

 }
 
 Get-BrokerDesktopGroup -MaxRecordCount 10000 | Select-Object Name, PublishedName

This is the output you see where the Name and PublishedName are matching the Delivery Group name.

After exporting your CSV from the old DDC and copying the file to your machine with the new SDK installed, you can edit the csv (example here in Notepad++) and make and changes you need to make to it.

After running the second part of the script, you see the changes reflected on the PublishedName field.

Links to other articles in the series:

Part 1 Of Cloud Migration Series: Part 1

Part 3 Of Cloud Migration Series: Part 3

Part 4 Of Cloud Migration Series: Part 4

Powered by WordPress & Theme by Anders Norén