What's Citrix TechEdge?

TechEdge, the new name for Citrix Support and Engineering Institute of Technology (CSEIT), started nine years ago as a small in-depth troubleshooting training event hosted by Citrix Technical Support for support agreement customers.  Over the years, this event has grown from 50 customers to over 300 customers and now  provides training to our support agreement customers prior to Citrix Synergy and to our partners as a part of Citrix Summit.  This has become the event for troubleshooting the Citrix Application Delivery environment.

 Meet the support experts who can answer all of your technical questions:

Citrix Technical Support's top Escalation team engineers are hosting the TechEdge 2009 sessions. Here are some interesting facts about the team.

• On average these guys work and close 65 to 100 cases each per year.

• There are a total of 65 engineers on the team, so that's over 5,000 cases total per year.

• The average engineer has ten to fifteen years experience in the IT industry; the most common certifications are CCA and MCSE, ANG NetScaler and AGEE.
  

What they'll cover:

• End-to-end virtualization with Citrix Delivery Center
• XenDesktop 3 architecture and design
• Planning and implementing a Provisioning Server high availability (HA) solution
• Integrating and troubleshooting Citrix Access Gateway, Enterprise Edition
• Advanced troubleshooting of Citrix NetScaler
• XenServer disaster recovery and automation
• Troubleshooting tools and methodology for Citrix XenApp 5 environments  
  
  

Who can attend?
All partners who have registered for Summit, Citrix Technology Professionals (CTP) and customers with active support or maintenance agreements as of the first day of the event (May 3, 2009).
 

When and where?

The event will be at the MGM Grand Hotel and Casino in Las Vegas, Nevada on Monday, May 4th from 8:00am to 5:30pm. 

Here's what a few past attendees had to say:

"This was probably the most valuable day of iForum [Synergy]. It was extremely technical and really provided a lot of insight into managing a Citrix environment."

"In-depth seminars, get to meet face to face with the people that support us, a wonderful venue."

Check out past event presentations and videos:

TechEdge 2008
October 29, 2008
Orlando, FL
Presentations and Session Videos

CSEIT 2008
May 19, 2008
Houston, TX
Presentations and Session Videos

CSEIT 2007
October 21, 2007
Las Vegas, NV
Presentations and Session Videos

Click here to register for TechEdge 2009

Learn More:

Want to learn more about TechEdge 2009, www.citrix.com/techedge. Stay tuned for our weekly close-up interview blog posts of the TechEdge presenters. Please let us know your thoughts, questions and feedback.

This post is part of a series on the TechEdge event:

• Check out my interview this week with Jamie Baker to discuss his sessions on End-to-end virtualization with Citrix Delivery Center and XenDesktop 3 architecture and design.

I had some really great questions based on the TechTalk of "Simplifying the Migration to XenApp 5 with XenServer".  Many of the questions focused on the actual aspects of using Provisioning Server. As many of you are unfamiliar with the solution, i created a video that would help you better see what this solution can do for you.  Hopefully, the video will help answer your questions.  

Watch this Video to see how Provisioning Server delivers XenApp

Also, if you want to replay the TechTalk, you can access it from here.

During the TechTalk, i mentioned a few white papers that were created focused specifically on this topic. Click on the item for the doc.

• Reference Architecture
• Getting Started Guide
• Implementation Guide
• Design Considerations
  

Q: I didn't understand how you take an existing server and turn it into a virtual server?

A: You have to reinstall the physical server with XenServer. After that, you can provision new virtual XenApp servers. The XenServer install takes 10 minutes(very easy) and streaming a new XenApp server takes about 30 seconds, which is the server boot time.  

Q: After a server is provisioned with the OS, how can it be automated to install/setup Citrix and then publish apps ? Are these manual steps ?

A: The provisioned server is completely configured.  It will have XenApp and the applications installed.  The XenApp integration utility for Provisioning Server takes care of all of the lower-level changes to add the new provisioned servers to the XenApp farm.  The only thing you have to do for a newly provisioned server is to publish the applications on the server. 

Q: How can Citrix XenServer or Provisioning handle differences in hardware when deploying ?"

A: XenServer is a virtualization layer sitting between the hardware and the operating system.  The provisioned, virtual XenApp servers will use the XenServer drivers.  This means a single driver, the XenServer driver, can be used across a wide range of different physical hardware.  

Q: Can you run XenApp 5 on Windows 2003 Server environment?

A: Yes, the same process explained within the TechTalk can also be used for XenApp 5 on Windows 2003. Actually, this process can be used for future versions of XenApp.

Q: Will the XenApp run on a VMware environment?  We currently use VMWare."

A: Yes. It will run on VMWare ESX and also on Microsoft Hyper-V.  However, I would recommend you take a look at performance results from INDEPENDENT tests.  XenServer was optimized for XenApp workloads. As you are very aware, XenApp is very unique in that many users are physically on the XenApp servers, which causes huge spikes in context switches due to the sheer number of applications and processes running.  To get the best performance, you need a server virtualization solution that understands the workload and adjusts accordingly.  This is done by a single configuration option in XenServer.  I'm concerned that if you simply select VMWare because you already use it for other workloads that you will be very disappointed in the results and turn away from the benefits of virtualization. I encourage you to take a look at these items:

• Simon Crosby's blog regarding VMWare's "Scalability Tests": http://community.citrix.com/blogs/citrite/simoncr/2009/02/02/VMware+Wins%21+%28Bad+Science+Required%29
• Independent Tests from Project Virtual Reality Check:   http://www.virtualrealitycheck.net/
• Tolly Report on Virtualizing XenApp: http://www.tolly.com/DocDetail.aspx?DocNumber=208304
  

Q: Does vDisk support multiple drives?  C:\ and D:\ or just the system drive?

A: Yes

Q: Explain the drag and drop of published apps...Example. Does this install the published apps?

A: Depends.  If you are using streamed applications on the XenApp server, it will.  If you are using installed applications it won't.  However, I'd recommend that your base vDisk image from Provisioning Server contains the installed applications.  That way, when you provision servers, you can go into the management console and drag the published application onto the new server.  So if you have a XenApp farm with 3 different silos of XenApp servers, based on the applications they host, you will probably want to have 3 different Provisioning Server vDisks (images).

Q: How do you determine the MAC address for the Virtual server? how do you avoid existing MAC address of other hardware address.

A: Within the XenCenter console, you can see the MAC address for each virtual server without being required to go into the virtual server's console.  It shows up in the networking tab. 

Q: If we upgrade to XenApp5 will the version 10 of the Citrix client still work? 

A: Yes, but the users will not be able to utilize new XenApp features that require a newer client. 

Q: If your vdisk Image on the provisioning server is taken from the test server, how does it get a new name and IP information each time it is applied to a different VM server?

A: This is the magic of Provisioning Server. This got me when I first was introduced to Provisioning Server.  It uses the target device name  you create within the Provisioning Server console.  The provisioned image will use that name. That name will also be in Active Directory with full membership in the domain.  As for IP, that is all via DHCP.  If you want your provisioned servers to have static IP addresses, you can create reservations within the DHCP based on the MAC address.

Q: Is there a way to Provision actual XenServer?

A: Not at this time. 

Q: It is very disappointing that you are not addressing the client portion of conversions and that you advocate including applications in the base images. I know that you believe that clients are not impacted, but the reality is that that is not the case. Until you figure out a way to address the server hardware dependencies, the required client coordination, and the inability to layer applications automatically after the base image, I don't expect to be able to migrate to a new version without it taking months. It's also highly unrealistic to expect that we could upgrade our environment without having a dual-version environment.

A: I'm not sure I understand this question.  During the migration, you will most likely have two versions running at the same time.  You need to use Web Interface to enumerate applications from both farms.  Recommended that you migrate entire XenApp silo's over at once.  If you can't do that, then you need to have applications in one farm published to some users and the same applications in another farm published to the other users. That way you have enough resources in both farms.

As for the including applications in the base image, that is really based on the application.  If you can use XenApp Application Streaming, then you don't have to include the applications in the base image.  A XenApp image, with no applications could take on any role you wanted and host any application you wanted just by publishing the appropriate applications.

Q: Regarding the cloning, does XenServer take care of the post clone steps for XenApp and also does it modify the servers' SID to prevent duplicate SID's in the environment

A: Yes, as long as you setup your VM Template correctly.  Cloning is a complete duplicate of the original. If your template VM that you will use for cloning is setup in a SysPrep'ed state, then all clones from it will have a new SID, name and identity.  However, using Provisioning Server, you don't use the SysPrep-type utility. Provisioning Server changes the server's identity based on the name you specify in the Provisioning Server console.

Q: am I correct in thinking that XenApp has its own VM and does not 'sit' on a separate VM product (like VMWare)? 

A: XenApp would sit on a separate product that is called XenServer.  However, because XenServer and XenApp are owned by Citrix, great lengths have been gone into making sure you get the best performance possible, and that it is as easy as clicking a button.

Q: We're already doing this with VMWare VMs. Are there any advantages to switching to XenServer VMs? (Especially performance / ease of management improvements.) We're currently running ESX 3.5 and XenApp 4.5; we're definitely upgrading to XenApp 5.0 (in process) and considering switching to XenServer.

A: I strongly encourage you to take a look at these items.  In ages past, I would not have recommended virtualizing XenApp because the performance hit was too great, basically you are throwing hardware away.  However, that changed in XenServer 4.1.  XenServer has a special optimization setting for XenApp workloads that greatly improves performance.  Take a look at the following for more information (some are from independent, non-Citrix, sources):

• Simon Crosby's blog regarding VMWare's "Scalability Tests": http://community.citrix.com/blogs/citrite/simoncr/2009/02/02/VMware+Wins%21+%28Bad+Science+Required%29
• Independent Tests from Project Virtual Reality Check:   http://www.virtualrealitycheck.net/
• Tolly Report on Virtualizing XenApp: http://www.tolly.com/DocDetail.aspx?DocNumber=208304
  

Q: What about the server name being the same as the image.

A: Provisioning Server will use the target device name you enter in the Provisioning Server console. Each server will then have different identities. 

Q: When is Dan coming back to Cleveland to buy more Chinese food?

A: LOL, I all of the sudden have a huge craving for it.

Q: Does all the ""automation"" require Workflow Studio? If not, what value does WFS bring above what's part of provisioning server?

A: No, Workflow Studio is not required or used on any of the items I spoke about. Think of Workflow Studio as a way to automate tasks that you have to do on schedule (like server reboots) or when a trigger is hit (like if the load on a silo of XenApp servers is too high to spin up a new XenApp server).  That being said, you can automate just about anything, you just need to decide if the time required to build your workflows will save you time in the long-run. 

Q: Does dynamic VHD resizing negatively impact performance of the target server?"

A: Yes and No. I love answers like that.  First, it will because you have to keep expanding the disk and that takes resources.  But no because when the vDisk is in production, it is in a read-only mode (Private image). That means changes are not kept within the vDisk, so the vDisk will not expand. 

Q: Where and how are all the parameters for the specific machine stored: machine name, domain name and SID, domain password of the domain machine, etc.

A: Provisioning Server takes care of it. The name is based on the target device name you set in Provisioning Server, which is kept in the Provisioning Server database. The domain information is also configured in the Provisioning Server Console. Provisioning Server also maintains and manages the machine's password and keeps it updated with Active Directory.

One of the more time-consuming tasks for a  XenApp administrator is to build new XenApp servers. This video shows how we can use Provisioning Server to

1. Create an image based on a current installation
2. Take the image and deliver to a whole slew of new XenApp servers

This process not only creates new XenApp servers, but it also adds them into the farm automatically.  Simply publish applications with a drag-and-drop and your done.  Because each XenApp server is coming from a single image, you can guarantee that each server is identical to each other, a very important XenApp best practice.

Video

Daniel

Getting started with XenServer Enterprise Edition:
http://www.xenserver5.com/videos/Getting_Started_with_XenServer/Getting_Started_with_XenServer.htm

XenServer Platinum Edition Workload Streaming:
http://www.xenserver5.com/videos/Provisioning/Provisioning.htm

Welcome to the new year and my first blog of 2009.  Let's kick off '09 with a focus on simplification.

Let's focus on a topic that often brings chills to a XenApp administrators spine... upgrades.  Back in the day when I was a MetaFrame administrator, I remember the time, patience, and sometimes stress involved with trying to upgrade 100 servers to the latest version of MetaFrame.  Well, a lot has changed in the world of application delivery. MetaFrame went through numerous identity changes to become XenApp. With those new identities we have witnessed a maturing of the product to include more functions, features and abilities to deliver troublesome applications.  But one thing has remained fairly constant, XenApp upgrades are not as easy as flipping a switch. 

Take, for example, the following knowledge base article from one of my coworkers, Jo Harder.  Jo created a great article explaining the technical concepts for upgrading and migrating XenApp 4.5 to XenApp 5. It covers the process, what to do and which approach to take.  This document has only been out for 4 months and has been the most read article for each of the past 4 months.  By my estimation, the topic of XenApp migrations is very important to people. 

Back in September 2008 I blogged about a potential way to simplify the migration process by integrating XenServer with XenApp.  In this blog I identified 5 areas where I thought this tight integration could show benefit and I called this the HOMER Criteria.  Well, after more investigation, analysis, testing and validation, I'm here to let you know that we can indeed simplify XenApp migrations if we integrate XenServer and Provisioning Server into our architecture. 

How is that possible?  Most people have a standard practice for incorporating new XenApp versions into their environment. This process typically takes on the following sections:# Server validation: We have to make sure that our applications work with the new version

1. Server builds: We have to spend time updating all of our server build images/scripts
2. Implementation: Need to update all servers while not impacting the user environment and not incurring huge hardware expenses
3. Maintenance: Need to keep our new servers consistent and updated with the latest hot fixes and service packs and updates
4. Rollback: In the potential event that the upgrade causes major issues, we need to make sure we have a fast way of recovering our old environment.
   

These are each critical to a successful migration to the latest version of XenApp.  Each one of these areas can be improved through virtualization and workload provisioning and you can expect the following benefits: # Time Savings: The time spent building servers is removed due to Provisioning Server's integration with XenApp. Brand new servers can be brought online in less than 30 seconds.

1. Repeatability: The integrated process used to upgrade to XenApp 5 can also be used for future versions of XenApp, except that future upgrades will be faster as the infrastructure is already virtualized and the process is familiar.
2. Simplification: The process is able to ignore the complexity of different configurations and drivers, helping to reduce the time spent developing server builds and installation configurations.
3. Maintainability: The solution guarantees consistency within the XenApp farm. When an application update or an operating system patch is validated, the entire XenApp farm will utilize the new configuration.
   

Some of you might be intrigued and want to know how to do it.  Learn how by reading the following materials:

• Reference Architecture*:* Understand the architecture, the areas of concern and the potential benefits
• Getting Started Guide*:* Get a high-level overview of the integration process.  This guide gives an overview of each phase, whereas more detailed steps can be found in the implementation guide.
• Implementation Guide*:* This guide takes you through, step-by-step, on how to upgrade your XenApp environments to XenApp 5 on Windows 2008 through the use of XenServer and Provisioning Server.  As you follow these steps you will see how the three products integrated into a solid solution for application delivery.
• Design Considerations*:* Follow these considerations to make your virtual XenApp environment easier to setup, maintain and manage.

So remember, if you are not thrilled about doing a XenApp migration, then try a new approach... Virtual and Provision. 

Daniel

Overall the year has been good, but not great.  A sizable number of companies seem to be looking to defer any purchases until later in 2009, even the purchases that will show an almost immediate return on their investment.

The one thing that people making decisions seem to not understand is that hardware and some software does not care what the economy looks like, they have physical, moving parts, that will fail at a predictable time; meaning that they are running an even greater risk of severe downtime in lieu of saving some money in the short term.  Delaying the refresh of desktops and servers is a very slippery slope for companies, specifically any company that is bound by a Service Level Agreement.

Take a look at the following scenario.  A healthcare provider decides to delay the purchase of a set of new desktop computers for a quarter.  This decision is made by an IT Manager, who is focused on not placing a purchase request in front of Finance to show that they are trying to maintain costs and save the company money.  This decision, while financially prudent, has an impact on the risk management team.  Once the decision has been made to delay the refresh of the computer, the risk can be elevated.  Desktop and Server refresh cycles are typically based on the mean time between failure(mtbf) calculations provided by the manufacturer of the computer, and are typically based on the components individual mtbf numbers.  Since the mtbf cannot be adjusted, the risk of the failure of the devices keeps on schedule.  The Risk Management team at the company typically will adjust their risk profiles, which could include an increase in the insurance premium to account for the possible failure of the computer.  In some cases, the increase in the premium could be more than the cost of the desktop refresh.

Why does XenDesktop (XD) and Provisioning Server (PVS) make sense in this current economy?  Specifically, why should XD and PVS be positioned as a way to protect the data, applications, and service level agreements?  Because it just makes sense.  It makes financial sense, reducing the cost of a desktop refresh because the desktop can still be used as an endpoint, or replaced with a less expensive desktop appliance, i.e., thin client.  It makes operational sense because it contains the critical data, applications, and services back into the Data Center, where controls can be more effective and protected.  It makes operational sense because the desktop workloads can be shifted to meet both the needs of the users and the availability of the resources.

Just a few thoughts on the positioning of two great products in a competitive and challenging marketplace.

I got an interesting question the other day regarding Provisioning Server and XenApp.  As you might be aware, I've published many articles on the benefits of integrating XenServer, Provisioning Server and XenApp.  This question sparked an interesting discussion.

Scenario:

Let's say you have 50 XenApp servers total.  Most of the time you have carved out 20 of those servers to deliver Office 2007-type applications and the other 30 servers host another application like SAP.  Then comes month-end when we need more capacity, roughly 10 server, for the SAP.  What is the best approach to dynamically changing your XenApp environment to support these cyclical surges for certain applications?  Two words... Provisioning Server

Within Provisioning Server, we create three device collections:

1. XenApp 5 - Office Applications Servers: contains 10 servers dedicated to delivering Office-Based applications
2. XenApp 5 - SAP Servers: contains 30 servers dedicated to delivery SAP
3. XenApp 5 - Swing Servers: contains 10 servers whose applications can change based on the needs of the business

Within our Provisioning Server vDisk Pool, we have two different vDisks defined (remember a vDisk is just a complete image with Windows 2008, XenApp 5 and the corresponding applications):

1. XenApp 5 - Office Applications
2. XenApp 5 - SAP Application
   

Whenever we reach the month-end timeframe and require more SAP servers, we simply drag-drop the XenApp 5 - SAP Application vDisk onto the XenApp 5 - Swing Servers collection and those swing servers will boot up SAP during the next reboot,

So, this solves the issue of adding/changing XenApp workloads quickly, but that isn't the end of the story. Think about what is going to happen. A swing server, which we will call Smithers1, is set with the Office vDisk.  The XenApp administrator will publish the Office applications for the server Smiters1.  Later, we will assign the SAP vDisk to Smithers1 in Provisioning Server.  When that server starts up, the XenApp Data Store still believes that Smithers1 is delivering Office, but Smithers1 doesn't have Office installed, it has SAP.  We must un-publish office and publish SAP.  As you keep changing the swing server's vDisk, we have to continue this process or else users might experience issues (like being load balanced to Smithers1, trying to start SAP, but the path is invalid). But there is a solution...

Within the SAP vDisk, we create a script that does the following:

• List all applications published on this server
• Un-publish all applications from this server
• Publish the SAP application for this server

When a server starts with the SAP vDisk, it will be automatically publish the SAP application.  Then on the Office vDisk, we create a script that looks like the following:

• List all applications published on this server
• Un-publish all applications from this server
• Publish the Office applications for this server
  

If we build these scripts into our vDisk, we don't have to worry about publishing, un-publishing, re-publishing applications manually, it will be automatic giving us the truly dynamic XenApp swing server.

Daniel (Sr. Architect)

Brian Madden makes some really strong points about the state of VDI today. To be honest (in my humble opinion) he is spot on when he says that VDI is a "use case" solution. He's correct that even those customers that are 100% VDI today are companies where all their users meet the right "use case".

He may even be right that come June 2010 perhaps VDI technology will advance so much that it can expand its "use cases" circle to include just about all desktops at all companies. But what if VDI doesn't do that by June 2010? In fact what if VDI doesn't do that ever? What would that mean for Citrix XenDesktop? And what would that mean for the competition's VDI solutions?

To answer that, it needs to be pointed out that Brian frequently misses the boat when he talks about XenDesktop. In fact he recently assessed that XenDesktop is just an "old school server-based computing remote desktop delivery product". To even suggest that, one has to seriously sell the XenDesktop product short of what it really is. And I find that surprising coming from Brian, as he has been one of the biggest fans of the Ardence technology, which is a significant component of XenDesktop.

I can only assume that Brian's assessment of XenDesktop is based upon the use of XenDesktop as nothing more than a VDI solution. The problem with that basis is that XenDesktop is not just a VDI solution. It does far more than just VDI.

And this is perhaps the biggest problem that XenDesktop faces today. It is just so frequently compared to other VDI solutions, so much so that it's now perceived to be "just a VDI solution". It has pretty much become a pre-conceived notion, even within the ranks of the highly respected industry bloggers such as Brian Madden.

The problem with comparing XenDesktop to other VDI solutions is that it's like comparing Guitar Hero to a Playstation 3. That's comparing apples to oranges. In fact, that's more like comparing apples to apple trees. Guitar Hero is a game. Playstation 3 is a gaming system, of which Guitar Hero is one of the games it can play. Likewise VDI is a tool, whereas XenDesktop is a Desktop Delivery system, of which VDI is one of the tools it can do.

So back to the questions in the second paragraph, what would it mean for Citrix XenDesktop if VDI use cases never expanded to include just about all desktops at all companies? And what would that mean for the competition's VDI solutions?

If VDI use cases never expanded, then the competition's VDI solutions would always remain "niche" solutions. However, because XenDesktop is far more than just a VDI tool, its technology is not contained within the VDI "niche". To use the Guitar Hero/Playstation 3 analogy, if after this Christmas people stop buying Guitar Hero, that doesn't mean people would stop buying Playstation 3. The gaming system isn't contained within the "niche" of one of the games it can play.

The problem with XenDesktop today is that even though the technology isn't contained within the VDI niche, its market perception is pigeon holed as being just another VDI product within the VDI niche. However, perception will eventually catch up with reality. Eventually the market will begin to understand everything XenDesktop can do. And if we are predicting what things will be like come June 2010, we can safely assume that the preconceived notion that XenDesktop is just another VDI solution will certainly be gone by then. If use cases of VDI haven't expanded by then, then the market is still huge for XenDesktop, a product that does far more than just VDI. If VDI use cases do expand, then XenDesktop will still be right in the mix of that niche, as it does VDI as well.

OK, so what are these "other things" that XenDesktop can do, such that it's a "Desktop Delivery" system as opposed to just another "VDI" product? Well, honestly I could refer to the many blogs Brian Madden has posted singing the praises of the Ardence technology, of which Citrix bought and renamed Provisioning Server.

In order to explain Provisioning Server technology, let me say that personally I'm not a fan of the product name "Provisioning Server". Far too many times I have heard people say they don't need it because they rarely provision operating systems. Such a task is something they do once to a new piece of hardware, and hopefully they never have to "provision" an operating system to that piece of hardware again. Well,  "one and done" is not how Provisioning Server functions, but given the name of the product I can see why people assume it does function like that.

I much prefer to call the technology "Disk Image Virtualization". Essentially what I can do with the technology is take a traditional desktop computer (or server) and virtualize the entire disk I/O that occurs on the machine. While the operating system is running, it's using all the machine's RAM, the machine's CPU(s), the machine's video card, the machine's sound card, etc, etc... The only thing the machine isn't using is the machine's local hard disk. In fact, you could remove the disk if you want to, because the entire local disk I/O is being redirected to Provisioning Server.

So why not call it "Disk I/O Redirection"? Well, that would be a good name if that's was all that it does. But Provisioning Server does one more important thing. It shares one disk image amongst many of machines. I could boot thousands of machines from one shared disk image. Calling it "Disk I/O Redirection" doesn't address that it can share one disk image to many machines. So when I'm explaining what Provisioning Server does, calling it "Disk Image Virtualization" ends up making a lot more sense to the customer than the name "Provisioning Server" does.

Now again, Brian Madden loves this technology, despite what it's called at any given time. The benefits of using it are huge. Instead of managing thousands of instances of Windows, I manage just one instance. Brian loved it when it was called Ardence. He loved it when it was renamed Provisioning Server. And I'm sure he'll still love it even if he hates the name I call it, "Disk Image Virtualization". 

So I have to assume that if Brian assesses XenDesktop to be just an "old school server-based computing remote desktop delivery product", he must not be aware that when a customer buys a XenDesktop license they are allowed to boot their local desktops directly from a shared disk image and avoid a remote connection to a VDI hosted desktop all together.

This flexibility of the XenDesktop license provides the XenDesktop customer tools for additional use cases, and more importantly, additional money saving implementations, which a customer of the competition's VDI solution just flat out cannot do. Essentially, buying the competitions VDI solution for nearly the same price provides the customer with far, FAR less capabilities, and could end up costing the customer far, FAR more overall to implement.

Let's take for example the case of the customer who decided to buy 150 band new laptops with OEM versions of Windows. I'm choosing the laptop scenario because I am frequently finding that due to the low cost of laptops today with OEM Windows installed, many companies are buying these laptops even for use cases where a desktop has been traditionally used. Their justification is that when they price out a desktop, or a thin client, or a laptop, the laptop is only costing a few dollars more than even some thin clients, so the cost to standardize everyone in the company on a laptop is pretty small.

If you're pushing a VDI solution on the customer, the customer's decision to buy laptops hurts your chances of selling VDI, because much of the savings in implementing a "cost saving" VDI deployment is accomplished by keeping the customer's old desktop hardware on the user desks (i.e. save money by extending the life of existing hardware).

If the customer is committed to replacing the old hardware with something new, then the person pushing a "cost saving" VDI deployment would have hoped that the customer had opted for thin clients instead of laptops, so that the power savings of the thin clients could be included as part of the ROI on the VDI proposal.

Despite the customer's excitement over deciding to buy 150 laptops, if you're pushing a "cost saving" VDI deployment, then the customer's decision is disappointing news to you. The new user hardware costs and power consumption of laptops will make your VDI proposal a tough sell (especially when the Windows license costs get added in... more on this later). You'd almost be inclined to convince the customer that buying 150 laptops wasn't a good idea. Good luck with that.

But if you're selling a Desktop Delivery system like Citrix XenDesktop, the customer's decision to buy laptops doesn't hurt your chances of selling XenDesktop at all, because XenDesktop has the tools to work with whatever the customer has on their user's desks. Old, new, and/or power hungry, it doesn't matter.

Keeping with the point of what "doesn't matter", if you're pushing VDI on this customer, it doesn't really matter to you at all how the customer intends to use those laptops, because no matter how they use them the customer is still going to need 150 virtual machines in the datacenter, and users are always going to connect via a remote protocol. But if you're selling a Desktop Delivery system to the customer, how the customer intends to use the laptops actually matters (GASP!!! Imaging that... Use case matters!).

For this scenario let's assume the customer says approximately 100 of the laptops will never leave the user's desk, but 50 of the laptops could be taken on the road or home for the employees to remotely connect in. You also find out that they expect that the maximum number of remotely connected users at any given time would be 20.

If you're pushing VDI as the solution, you would require a virtual infrastructure in the data center to host 150 virtual machines. But the person selling Desktop Delivery sees that the customer only needs the virtual infrastructure to host 20 virtual machines. This is a huge infrastructure savings, and given the customer just spent a lot of money on 150 laptops you're going to need this savings in your proposal if you want the customer to buy a new way of managing their desktops.

Windows licensing can also be a huge factor. If you're pushing VDI, the customer is going to have to take all 150 of those OEM Windows licenses and upgrade them to Vista Enterprise, add an annual SA fee, and then buy an annual VECD license. But the person selling Desktop Delivery sees that the customer only needs 50 of those OEM licenses upgraded to Vista Enterprise with SA and VECD. That's one third of the additional Microsoft costs as VDI is only used when the user meets the VDI use case. See, use case matters!!!

Managing the operating systems is also significantly different. If you're pushing VDI, you're not giving the customer any tool to manage the 150 operating system instances that are on the laptops' hard drives. All the tools of VDI only manage the operating systems on the virtual machines. Even if VDI finally develops an offline mode, the VDI tools still will only manage a virtual machine on the client, and not the operating system installed on the client's hard drive. By pushing VDI, you've essentially just doubled the number of operating systems instances that this customer now needs to manage and you've only given them tools to manage half of them. Gee, thanks!

But the person selling Desktop Delivery tells the customer to have the 100 remaining OEM licenses migrated to the customer's Microsoft Volume Agreement (which is much cheaper than upgrading to Vista Enterprise with SA and VECD), so that all 150 of the laptops meet the Microsoft licensing requirements to be booted from one shared Provisioning Server image (Vista Enterprise, SA and VECD are NOT necessary to use Provisioning Server... the operating system license just needs to be a Volume Agreement to use a shared image). Instead of having twice as many instances of operating systems to manage, the customer now has just one instance. The 150 laptops and the 20 Virtual Machines all boot from one shared disk.

And really the most significant benefit here is the user experience. When booting from Provisioning Server the user's desktop experience isn't occurring over a remote protocol. As much as I could sing the praises of ICA over RDP in a VDI solution, why even use a remote protocol when one isn't necessary at all? When you push VDI, even when the user is in the office they're using a remote protocol. Not necessary!

With Provisioning Server you've virtualized the entire disk I/O to occur in the data center where it's secure, but do you really need all the CPU processing, graphics rendering, and multimedia processing occurring in the datacenter too? Those laptops have good ram, good processors, good video cards, good sound cards, etc... The user will be happier with all that processing occurring locally on their laptop. And IT will be happy that all of the user's disk I/O is occurring in the datacenter on the Provisioning Server. Use a remote protocol when the user meets the use case. Don't force it on them all the time.

So what about the 50 users who will take the laptop out of the office with them? What will they boot to? Well, first let me point out that they won't be booting to the corporate image outside of the office. This is a good thing. In fact, that's a great thing! It's much more secure. In order to boot to the corporate image, a laptop needs to boot from the corporate network. If you're pushing VDI those laptops need to have a corporate managed image on their hard drives because they connect to the corporate network every day. So when they leave the office with the employee, or they are stolen, they will boot with the corporate image anywhere that they are booted. Not good from a security standpoint.

Those 50 laptops in Desktop Delivery when not connected to the corporate network will boot with the image of Windows that the laptop shipped with. With the Citrix Access Gateway, and the XenDesktop Web Interface, the SSL encryption client and the Desktop Receiver client get installed automatically when the user remotely connects for the first time to the office. The employee can then securely use one of the 20 VDI instances within XenDesktop, which by the way boot from the exact same shared disk that their laptop boots from when they are on the corporate network. That means they get the exact same desktop outside the office that they have inside the office, but again the corporate image never physically leaves the datacenter.

In fact, if the user wants some offline applications, Citrix XenApp 5.0 is a great way to stream those offline applications over an http connection to them, and isolate those applications on an unmanaged operating system. And that's essentially what that operating system on the laptop's hard drive is. It's unmanaged. You don't need to manage it. It will never have a full connection to the corporate network. The only connection it will ever have is an encrypted ICA traffic connection.

If the user corrupts that local operating system on the laptop, just have them use the manufacturer's restore CD and then point back to the Access Gateway and Web Interface to get the clients reinstalled. And if a restore CD is too hard for them, you've got 100 spare hard drives with the laptop's original OEM Windows image on it that you pulled out of the other laptops that will never leave the user's desks (assuming you don't opt to sell them on eBay). You could have your remote users carry around a spare hard drive with them if you wanted to. In fact, you've got enough hard drives to have each remote user carry around two spare hard drives.

And ultimately, even if your company policy says you do need to manage the operating systems on those 50 laptops, that's only 50 instances, plus 1 shared image that you need to manage, as opposed to 150 instances on the laptops and another 150 in the VDI infrastructure that the person pushing VDI creates.

Now, given the scenario of the 150 laptops, does XenDesktop sound like an "old school server-based computing remote desktop delivery product"? Sorry Brian, but you've missed the boat in your assessment of XenDesktop. I expect things will be drastically different come June 2010, but not for the same reasons as Brian. I believe by then the preconceived notions that XenDesktop is just another VDI solution will finally be gone.

At Shannon Ma Virtualized I've recently posted a blog about the release of XenAppPrep. Check it out here.

Introduction

Many environments have already managed to streamline the image building process and already have familiarity with the many Windows XP performance and optimization tips. Both XenDesktop (XD) and Provisioning Server (PVS) support the Windows XP operating system and can benefit from performance enhancements. For those who are familiar with these performance enhancements, this blog may provide little assistance in the way of new information. None of the optimizations below are required, but they are available here for your convenience if they make sense in your environment.

The optimizations are put into three sections: Those that apply to the current user profile, those that apply to all users on the machine, and recommendations before creating the vDisk. The first section deals with the items that can be set in the default user profile. The second section deals with settings that can be set by the administrator for all users that work on the machine. The final section recommends a few things to do before taking the vDisk image. When available, the section will provide links to the URL on Microsoft's website that explains the setting further.

Settings for the Default User Profile

This section lists a few of the settings that will improve the user experience but are set at the user profile level.  The recommendation is to create a generic user and then set the applicable settings, when completed, replace the default user profile with the generic user profile, the steps for which are found at the end of this section.

Force Offscreen Compositing for Internet Explorer

Turning this setting off removes any of the flickering that may display when using Internet Explorer through XenDesktop, by telling Internet Explore to fully render the page prior to displaying it. This is especially helpful on Internet Explorer 7.

1. Open Internet Explorer
2. Select Tools >> Internet Options from the menu
3. Select the Advanced tab
4. In the Browsing section, enable the checkbox for "Force offscreen compositing even under Terminal Services"
5. Click OK to save the changes
6. Restart Internet Explorer

More information available at http://support.microsoft.com/kb/271246/en-us

Remove the Menu Delay

The Start menu has a built-in delay of 400 milliseconds. To speed the menu response time, follow these steps to remove the delay:

1. Start the Registry Editor (Regedit.exe)
2. Navigate to  HKEY_CURRENT_USER\Control Panel\Desktop\
3. Set the value of MenuShowDelay to 0
4. Exit the Registry Editor

Remove Unnecessary Visual Effects

Disabling unnecessary visual effects such as menu animations and shadow effects that generally just slow down the response time of the desktop.

1. Right-click My Computer
2. Click Properties
3. Click Advanced
4. Click the Settings button under the Performance section
5. Click "Adjust for best performance"
6. If you want to keep the XP Visual Style, scroll to the bottom and check the last box titled "Use visual styles on windows and buttons"

Disable the desktop cleanup wizard

To stop the wizard from automatically running every 60 days:

1. Right-click a blank spot on the desktop, and then click Properties to open the Display Properties dialog box
2. Click the Desktop tab
3. Click Customize desktop to open the Desktop Items dialog box
4. Disable the "Run Desktop Cleanup Wizard every 60 days" setting
5. Click OK twice to close the dialog boxes

More information available at http://support.microsoft.com/kb/320154

Disable Automatic Searching of Network Printers and Shares

Automatic search periodically polls your network to check for new shared resources and adds relevant icons into My Network Places if anything is found. If you wish to prevent XP from regularly searching your network unnecessarily then follow these steps:

1. Open the Control Panel
2. Select Folder Options.  If you use the Control Panel Category View you'll find Folder Options under Appearance and Themes
3. Click the View tab
4. In the Advanced Settings list, disable the "Automatically Search for Network Folders and Printers" setting
5. Click OK

Disable the Windows XP Tour Notifier

If you did not turn this off before you logged in as your base user for the default profile, you can manually disable the prompt on a per-user basis by following these steps:

1. Start Registry Editor (Regedit.exe)
2. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Tour
3. On the Edit menu, point to New, click Dword Value, type RunCount
4. Set the data value to 0 (zero), and then click OK
5. Quit Registry Editor

More information available at http://support.microsoft.com/kb/311489

Turn off Automatic Updates

Since you are running a read-only image, using automatic updates will cause the operating system to continually download the same updates each time the image is booted. The best course of action is to turn it off. You have three options that can be used to disable the service:

• Use the PVS Optimizer tool and leave the "Disable automatic update service" box checked

~ or ~

• In the Services Control Panel, change the Startup Type of the Automatic Updates service to "Disabled"

~ or ~

• Run GPEDIT.MSC and navigate to:  Local Computer Policy > Computer Configuration >  Administrative Templates > Windows Components >  Windows Update. Set the "Configure Automatic Updates" setting to "Disabled"

Turn off Language Bar

If there is no need for the language tool bar (the pen icon in the systray) you can disable it using either of these two methods.

• Right-click taskbar > Toolbars and uncheck the "Language Bar" option.

~ or ~

• Navigate to Control Panel > Regional and Language Options > Languages (tab) > Details (button) > Language Bar (button at bottom). Disable the "Show the Language bar on the desktop" and "show additional Language bar icons in the taskbar".

Make the User Profile the Default User Profile

When you are done completing all the User Profile Settings (using a generic user) you can copy the profile over to the default user using the process below.

Login as an administrator (Local Administrator is recommended) not as the base user for the profile because you cannot copy a profile that is in use.

1. Right-click on My Computer
2. Choose Properties
3. Select the Advanced tab
4. Click the Settings button under the "User Profiles" section
5. Select your base user profile where the changes above were made and click Copy To
6. Click the Browse button and browse to C:\Documents and Settings\Default User
7. Click OK once to save the path
8. Click the Change button under "Permitted to use"
9. Enter Everyone
10. Click OK to save
11. Click Yes to confirm overwriting of the default user profile

NOTE: Before copying it over, be sure to remove any user or machine specific data for the ICA Client, the ICA Streaming Client, Password Manager, and EdgeSight. Since the image prep for these items is beyond the scope of this blog, I will save it for a topic another day.

If you would like to know more about user profile management in general, check out David Wagner's blog on the Citrix User Profile Manager available at http://community.citrix.com/blogs/citrite/davidwag/.

Settings for the Machine

This section provides a list of the optimizations that will affect all users of the image. These settings are usually set after logging in as an administrator.

Power Configuration Settings

Two of the power settings can adversely affect the performance of PVS. One of them is the hard disk power savings. If the PVS server is using a local hard disk for the vDisk cache, you do not want the operating system to power down the local drive. The other setting is the Hibernate setting. The PVS Optimizer tool will disable hibernating, but you can manually do it as well. Here are the steps for disabling the power settings:

1. Open Control Panel
2. Select the Power Options applet
3. Select the Power Schemes  tab
4. For the default power scheme, set "Turn off hard disks" setting to Never
5. Select the Hibernate tab
6. Disable the "Enable Hibernation" setting
7. Click OK to save the settings
8. Delete the c:\hiberfil.sys hidden file

Permanently Remove the Language Bar

If there is no need for the language tool bar to be installed at all, you can permanently remove it by running the following command from a command-prompt:  

Regsvr32.exe /u msutb.dll

To reinstall it because you later found out you should not have removed it, you can run this command: 

Regsvr32.exe msutb.dll

Disable TCP Checksum Offloading

This performance optimization is highly recommended by both Citrix and Microsoft for all Windows XP workstations that will be communicating over the network with other Microsoft resources. To work around this problem, turn off TCP checksum offloading on the network adapter using these steps:

1. Start the Registry Editor (Regedit.exe)
2. Navigate to the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
3. In the right pane, make sure that the DisableTaskOffload registry entry exists. If this entry does not exist, follow these steps to add the entry:
   1. On the Edit menu, point to New, and then click DWORD Value.
   2. Type DisableTaskOffload, and then press Enter
4. Click DisableTaskOffload.
5. On the Edit menu, click Modify
6. Type 1 in the Value data box, and then press Enter
7. Exit Registry Editor

More information available at http://support.microsoft.com/kb/904946/

Turn off Security Center

To disable the Security Center service, so users are not prompted when the firewall or anti-virus updates are out-of-date, you can disable it by peforming the following steps:

1. Open the Services Control Panel
2. Edit the Security Center service properties and set the Startup Type to "Disabled"

Disable Last Access Time Stamp

Windows XP has a habit of time stamping all the files it reads with the date and time it was last accessed. While this is a nice feature, it is not always necessary in PVS environments where the files are statically supplied from a standard image and no backup software will be used. Putting a timestamp on a recently read file creates a write access every time a read is executed. With Provisioning Server, these writes go to the vDiskCache file increasing network traffic if cached on the PVS server. To disable the last access timestamp behavior, complete the following steps:

1. Start a command prompt
2. Type FSUTIL behavior set disablelastaccess 1 and press Enter
3. Requires a reboot to take effect

Disable the Windows XP Tour Notifier for New Users

Windows XP likes to notify all new users that an XP tour can be taken. While this is a nice feature for new users, it typically is annoying for existing users. To suppress the XP tour prompt for all new users, follow these steps:

1. Start Registry Editor (Regedit.exe)
2. Navigate to the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\Tour
3. If the Tour key does not exist, follow these steps to create it:
   1. From the Edit menu choose New
   2. Click Key and type Tour as the key name
4. On the Edit menu, point to New, and then click Dword Value
5. Type RunCount as the name for the new value
6. Set the data value for the RunCount value to 0 (zero), and then click OK
7. Quit the Registry Editor

More information available at http://support.microsoft.com/kb/311489

Turn off System Restore

System Restore is the feature that allows a computer system to be rolled back, or restored, to a point before certain events took place, for example, prior to specific software or hardware installations. When you are using a standard mode (read-only) vDisk, there is no reason to have the System Restore feature enabled. The PVS Optimizer tool disables the System Restore feature, but if you are not using that tool, you should complete the following steps:

1. Right-click My Computer, and then click Properties
2. On the Performance tab, click File System, or press Alt+F
3. On the Troubleshooting tab, click to select the Disable System Restore check box
4. Click OK twice, and then click Yes when you are prompted to restart the computer
5. To re-enable System Restore, follow steps 1-3, but in step 3, click to clear the Disable System Restore check box

More information available at http://support.microsoft.com/kb/264887

Disable Windows Indexing Services

Windows Indexing service adds overhead to the PVS vDisk by reading the files from the vDisk for indexing. Use one of the following three methods to disable Indexing:

• Use the PVS Optimizer tool and leave the "Disable Indexing Services" setting enabled

~ or ~

• To turn off indexing at the drive level, perform these steps:

1. Open My Computer
2. Right-click on the drive on which you wish to disable the Indexing Service
3. Select Properties
4. Under the General tab, disable the "Allow the Indexing Service to index this disk for fast file searching" setting

~ or ~

• To disable the indexing service at the service level, perform these steps:

1. Click Start, Run, type services.msc then press Enter or click OK
2. Scroll to the "Indexing Service" in the right-hand pane and double-click it
3. Change the Startup type to "Manual" or "Disable" and Apply
4. Click the Stop button and wait for the service to stop then click OK

Modify the Windows Service Timeout

In environments with shift changes and large amounts of virtual machines rebooting some virtual machines may fail to register because the Windows Service timeout may be reached before Citrix Desktop Service starts.  The Windows Service default timeout is 30 seconds which may not be long enough for all the services to when the virtual machines are coming online simultaneously. We recommend changing the 30-second default to 120-seconds to give the services times to start before the Citrix Desktop Service starts.   The timeout value is represented in milliseconds so 60 seconds = 60000 ms.  The following registry change can be made to lengthen the Windows Service timeout period.

1. Start Registry Editor (Regedit.exe)
2. Navigate to the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
3. If the ServicesPipeTimeout value is not present, use the following steps to create it:
   1. Click the Control subkey
   2. On the Edit menu, point to New, and then click DWORD Value
   3. Type ServicesPipeTimeout, and then press Enter
4. Right-click the ServicesPipeTimeout key and then click Modify
5. Click Decimal
6. Type 120000, and then click OK
7. Quit the Registry Editor
8. Reboot for the changes to take effect

Disable Remaining Unnecessary Services

You can go through the list of other services that are configured on Windows XP and disable any ones that will not be used in your environment. Two possible services are the Wireless Zero Configuration service and the Themes service.

Enable ClearType

To enable ClearType and make any adjustments to suit your eyes, go to the Microsoft Typography pages and follow the simple instructions. You can adjust ClearType in the Control Panel after installing the software at the link.

Recommendations Before Imaging

Below is a list of recommendations that can be completed right before creating the vDisk image. Most of these are designed to optimize the layout of the files on the disk so that PVS server can operate at maximum efficiency.

Zero Deleted Files

SDelete is a secure file delete utility that can be used to free and cleanup unused space on the image. In short, it zeroes out any files that have been freed up by the operating system and helps the image run faster. For more information about how it works or to download it, visit the URL below. The recommended options are -z and -c. (sdelete -z -c)

Usage: sdelete [-p passes] [-s] [-q] <file or directory>
sdelete [-p passes] [-z|-c] [drive letter]

More information available at http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx

Defragment the Local Disk

Run the some type of disk defragmenter tool to optimize the files on the image. It is best to run the utility after removing the pagefile.sys and hiberfil.sys files. If you will use a page file, just re-enable it after you defragment the disk, that way the page file is contiguous. The Windows Defragmenter can be found at Start >> Programs >> Accessories >> System Tools >> Disk Defragmenter.

Flush the DNS cache

Flush the DNS Cache using the ipconfig /flushdns command. This prevents any IP addresses cached on the read-only disk from interfering with DNS resolution at a later date.

Run ChkDsk

Verify the file system has no missing file links or pieces by running chkdsk --f from a command prompt.

Conclusion

I hope that some of these performance optimizations will come handy as you build and work with XenDesktop and PVS images in your environment. If you have other optimizations that you know have worked in your environment, please feel free to add them via the comment section on this blog.

Provisioning Server 5.0 was recently released. Provisioning Server 5 is included in the Platinum versions of XenServer 5 and XenDesktop.

See earlier posts (here here and here) for other deep dive presentations.

It's that time in the XenApp world again... Migration.  With the release of XenApp 5, many of you are contemplating a migration.  Why is migration such a big deal? I've heard numerous reasons like "It takes a long time to test my applications with the new XenApp (especially true if there is a new operating system involved)", "It takes a long time to rebuild my servers as I have to update my server build scripts" or "My current XenApp environment works fine, so why change it".

Those were all good points a few years ago.  But with the enhancements and optimizations made on XenServer for XenApp virtual machines, it is a great time to test server virtualization for XenApp to simplify migration.  And if we virtualize the XenApp servers, migration to XenApp 5, 6, 9, 11 or even XenApp 243 will be even easier (of course we will have changed the product name a few times. Let me hear a Hallelujah for HomerFrame or XenHomer).

But if we are going to migrate to XenApp 5, why not make the migration easier. Just how will XenServer make migration easier?  That is a great question, and I'm glad I asked it

Hardware
First, part of a new XenApp version means organizations will have to update their server builds.  Many of the server builds I've seen are complex scripts or require many manual changes once the build is complete.  Many times, there are multiple builds because of differences in the underlying hardware.  With XenServer , the links between the OS and the hardware are cut resulting in the ability to create a single build that can span multiple hardware variations.  How many fewer images will you now have to maintain?  Simplified

Optimization
With XenApp, you want to get the most users out of  your hardware.  This has been true with previous versions, is true with XenApp 5 and will be true in the future versions.  With a new OS and a new XenApp, do you have any idea how much hardware you need to support your users for the different application sets?  This is a challenge, especially when trying to design the new environment.  When you designate a server for a certain function, it is awfully hard to change the server's function, unless you virtualize.  With XenServer, you can make a virtual machine into anything you want.  You can move the running virtual machine to another physical server without the users ever knowing.  With XenServer and XenApp, you are no longer stuck in your static environment; instead, you are dynamically changing the environment based on the needs of the business. Simplified

Maintenance
How many of you like spending your days patching servers?  Not many.  Unfortunately, with each piece of software, there will undoubtedly be patches. With physical servers, you have to patch each server. With server virtualization, you still have to patch each virtual server.  But with XenServer Platinum, you only have to patch your base image, which is delivered to the virtual server via Provisioning Server.  If I have one XenApp image for SAP and another XenApp image for all of my other applications, I only have to patch both of those images.  Those images are then streamed to hundreds of physical or virtual servers.  Simplified

Evaluate
How could we do a migration without evaluating the apps and OS and XenApp configuration? This is critically important, especially if you are upgrading to a new OS like Windows Server 2008. With XenServer Platinum, the evaluation and testing phase is simplified.  How do you typically do this?  Well, you build the environment in a test lab.  You run test, modify, re-test. The cycle continues until a golden image is created.  That image must be used as a guide for rolling into production.  If you use scripts, you have to figure out how to script the build process to mimic your image.  If you use cloning solutions, you have to modify based on hardware.  If you use Provisioning Server, which is part of XenServer, you take your server, create a Provisioning Server image, and copy the image to production for delivery.  Simplified.   

Rollback
Let's say you upgraded without doing a proper test (shame on you).  As it turns out, one of the applications, which unlucky for you, is mission critical and is not working correctly.  What do you do?  Well, you have a few options:

• Try to troubleshoot and fix. You will be under the gun to get it fixed quickly as the business needs the application.
• Rebuild the physical server with the old setup. This will take a few hours for the build to complete and configure the applications.
  

Neither of those options sounds good to me.  Instead, if the environment was virtualized with XenServer Platinum, you would easily be able to change the version of XenApp delivered based on the Provisioning Server image you associated with each target device.  Simplified

XenServer for XenApp can simplify migrations by focusing on the areas of Hardware, Optimization, Maintenance, Evaluation and Rollback (This is what I like to call the HOMER Criteria).   It's a great way to get more done without working harder.  You get the migration done faster while providing a more dynamic environment for the business. 

Daniel

For those of you who attended the TechTalk on XenDesktop Technical Dive, I wanted to post the videos maintenance videos. 

Remember, a virtual desktop solution must be able to simplify maintenance or else you are simply moving the administrative problem from remote sites to the data center. The first video shows how easy it is to patch the Hypervisor (XenServer).  The running virtual machines are automatically moved to another available XenServer without impacting the users. 

XenServer Update Video:

The second video shows how thousands of users' desktops can be patched easily without requiring a significant amount of time or expense with the use of Provisioning Server. 

Provisioning Server OS Images Update Video:

These are just two examples of maintenance for XenDesktop. The incorporation of XenApp and application streaming greatly simplifies the maintenance of application delivery.  If you want to hear more, take a listen to the recording of the TechTalk which can be accessed from here.

Thanks

Daniel

Homer Simpson Quote of the Blog (What do we need a psychiatrist for? We know our kid is nuts.)

Provisioning Server offers you the ability maintain Active Directory machine account password synchronization for target devices. This ability is enabled on the Provisioning Server and is configured on a per virtual disk basis.
Private virtual disks do not need to maintain Active Directory machine account password synchronization, as they are a read write virtual disk, and have the ability to retain changes and store them to the virtual disk.
Standard virtual disks do need to maintain Active Directory machine account password synchronization, as they are read only, and do not have the ability to retain changes on the virtual disk.
There are some things to take into consideration when dealing with Provisioning Server and Active Directory Machine Account Password Synchronization for a successful implementation of this feature. The following are some guidelines and best practices to follow:


If the virtual disk image that is going to created is to be used by multiple target devices, in Standard Image mode, it is best practice, that before creating a virtual disk image, to run the Device Optimizer utility on the target device and apply the "Disable Machine Account Password Changes" setting If the virtual disk image that is going to created is to be only be used in Private Image mode and never Standard Image mode, the "Disable Machine Account Password Changes" setting does not need to be applied



When creating virtual disks that will ever be used as Standard virtual disks, it is best practice, to never create a target device that will have a device name of an existing machine account in Active Directory that is, has, or will ever be running off of local disks, and is ever going to be provisioned as a Standard Virtual Disk

When creating virtual disks, it is best practice, to ensure that the Active Directory setting for "Enable automatic password support" is configured on the Provisioning Servers

When creating virtual disks, it is best practice, to ensure that the "Enable Active Directory Machine Account Password Management" setting is configured on Standard Virtual Disks

Also, it is best practice to use an Active Directory Organizational Unit to manage machine accounts for target devices that will be provisioned, and that the Group Policy Object or Security Policy setting for the Organizational Unit is set to enable the "Disable Machine Account Password Changes" setting to disable Windows Active Directory automatic password re-negotiation.

And lastly, it is best practice to ensure that the Group Policy Object or Security policy setting for that Organizational Units "Maximum machine account password age" setting is compared to the Provisioning Server Active Directory setting for "Enable automatic password support" setting. The Provisioning Server Active Directory setting for "Enable automatic password support" number of days must be less than the Group Policy Object or Security policy setting for that Organizational Units "Maximum machine account password age" setting or you could end up in a scenario where the machine accounts would not able to log on to the domain due to this restriction being in place.

If you should ever encounter a situation where the active directoy machine passwords are out of sync, in provisioning server 4.x and below there is a command line utility for reseting machine accounts. In provisioning server 5.x this has been incorporated into the management console.

Following these best practices will help you keep synchronization between Active Directory Machine Accoutns and Provisioned Target Devices that are using a Standard Virtual Disk. With the use of Provisioning Server with XenServer and XenDesktop, these best practices are also applicable, as those technologies are also used to delivery devices that may need Active Directory Machine Account Password Synchronication.

In the last part of Choosing an Automated Deployment Strategy for XenApp I will discuss installing XenApp via images.

One of my side projects these past couple of months has been XenAppPrep - a tool that will help you clone XenApp servers. This tool plays a key role in rolling out XenApp via Provisioning Server, XenServer, and other image-based deployment technologies. I've written a blog about this and recommend checking it out if you're interested in cloning XenApp servers. If you have any questions, feel free to leave me a comment. Any and all feedback is greatly appreciated!

Pete Downing Explains the new features on Provisioning Server 5.0 at the Citrix Synergy TechLab booth.

Cheers,

Gus Pinto
Microsoft MVP - Virtualization
Twitter.com/GusPinto

Being a Sr. Architect within Citrix for almost a decade, I've been asked by more Citrix administrators than I could ever count, wanting to know if they should virtualize their XenApp environment.  My typical response, which is common for a consultant, was "It depends."   Unfortunately, this is not an easy yes or no question.  XenApp is a unique beast in the delivery center.  Users don't interact indirectly with a XenApp server like they do other systems (database, web, etc). Instead, users work on the servers directly.  And if the servers have been designed appropriately, they should reach their memory limit or CPU limit.

Let's say, for example, your business is to write screenplays for "The Simpsons" and you have a set of XenApp servers hosting a single application for storyboarding.  This application is critical to the business.  On average, throughout the day, the CPU is 60% utilized and the memory is 80% utilized (4GB on Windows 2003 Server).  What advantage would you gain by virtualizing this system?  The hypervisor WILL take resources.  Chances are slim you would be able to host a second virtual server on this physical system.  In this case, I don't see where server virtualization fits. You could add more memory and additional CPU sockets, but you are spending more money just to try to save money.  Of course there are some XenApp servers that are underutilized.  Why?  Was it an improper design? Or was there a business reason? With underutilized severs, we do have the opportunity to reduce the XenApp hardware footprint somewhat.  But in my opinion, server virtualization is trying to solve a small problem in the XenApp world, consolidation.  With proper hardware design, this can be mitigated. I have seen, based on my experience as a consultant and an administrator, the bigger challenge is management, availability and flexibility. 

When I was an admin, we used to have a scripted build for our MetaFrame 1.0, 1.8 and XP servers.  The scripts were very elegant and worked like a champ (I can say this because I wrote them), but they were a pain to maintain.  Plus you had to take into account hardware changes, application modifications, etc.  I've seen people go to cloning-like solutions, but you still have hardware configuration challenges, which I've seen some people end up with 10, 20 or even 50 different images.  When it was time to patch those systems, the good times rolled (sarcasm). Server virtualization cloning has the same challenges, although hardware changes are mitigated by the hypervisor.  Cloning in the virtualization world allows one to quickly get a system up and running, but does little for maintaining the images.  Just in my own personal lab, I've got roughly 20 virtual images.  And it seems like every time I turn on one virtual machine, there are new updates!!!  We have all heard of DLL-hell, well new we have Patch-hell. 

And we all love the server virtualization solution, even I do, which is why I'm writing this blog entry instead of preparing for my Synergy sessions or watching a good episode of The Simpsons without my boss catching me (Hope he doesn't read these). Everyone is talking about it as the next big thing, but we will continue to have tons of servers that are not virtualzed.  Does that mean 2 solutions, 2 sets of images, 2 sets of tools based on your environment?  When I think of that, I'm thankful I'm not an administrator. But this is where the story gets really interesting:

Provisioning Server integrated with XenServer, what a great concept.  One image for multiple servers.  And what's more, that one image can span virtual and physical servers.    When I need to make an update to the app or OS, I update one image and reboot the servers.  Time to rebuild the farm equals the time it takes to reboot the farm.  I don't care if the server is physical or virtual, they are all the same to me.  As I use this integrated solution more and more, I am impressed with the ease of maintenance.

But let's get back to the original question... If you now ask me if you should use server virtualization integrated with your XenApp environments, my answer has not changed... I will still say It Depends.  But what I say next is to look at the bigger picture.  Why do you want to virtualize? What are you trying to solve? What is wrong with your XenApp environment that you are looking at server virtualization?  And I bet the more we look into it, we will end up with a challenge revolving around management, availability or flexibility.  So I dare you to ask me, but be ready for a longer conversation, which will include some relevant Simpsons quips as well.

If you are interested on architectures, guidelines, implementation guides, then I encourage you to take a look at a set of materialsI've developed focused on the integration of XenServer and XenApp.  If you think I'm totally on, let me know so I can show my boss how awesome I am, but I'm also game for a good discussion with differing viewpoints. 

Check out this video excerpt from Citrix Summit 08 of Citrix Delivery Center and its amazingly fast and easy provisioning of application workloads to virtual and physical servers. Presented by Pete Downing and Brad Peterson.

Provisioning Server and the soon to be released Citrix Workflow Studio Customer Tech Preview will have Workflow Tasks for Provisioning Server included in the Customer Tech Preview.

Stay Tuned Here: Citrix Developer Network - Citrix Workflow Studio

Get Updates Here: Citrix Updated - Citrix Workflow Studio