Jump to content
Welcome to our new Citrix community!
  • 0

App Layering Agent - Installation question


John Francis1709160537

Question

I am new to this and I am trying to understand where to install this agent and machine tools. The article below is from Citrix document. 

 

As a result, you need to install the agent in the following locations, based on your hypervisor, provisioning service, and whether or not you use your connector configurations to run scripts:

 

On servers you plan to use for layer creation or image publishing - What does this mean? On servers that you plan to use for layer creation? Do I need to create a separate server (windows server) an install the agent which I can use for layer creation?

 

If using Citrix Provisioning, on the provisioning servers where you plan to publish layered images. - We are using provisioning services, so should I install this agent on the PVS server? Only 1 or both?

 

 

In locations where your connector configurations will run Powershell scripts - Not sure what does it mean by connector configuration.

Link to comment

19 answers to this question

Recommended Posts

Hello,

 

Our firewall ports page, link at the bottom, has the below listed:

 

 

App Layering agent
Agent server to appliance - Port 443 - Registration/HTTPS
Agent server to agent server - Port 8016 - Commands from appliance/SOAP
Agent server to appliance - Port 8787 - Log export
Agent server to appliance - Port 3009 - Citrix Provisioning Disk upload/HTTP
Agent server to appliance - Port 3509 - Citrix Provisioning Disk upload/HTTPS

 

 

As Rob noted, TCP 443 is used for registration and TCP 8016 for the communication during our various tasks. Yes, you do need 8016 open in the PVS host, and the PVS host(s) need to reach the ELM, appliance via TCP 443.

 

 

https://docs.citrix.com/en-us/citrix-app-layering/4/manage/firewall-ports.htm

Link to comment

What's the issue?  Run CMD, switch to the D: drive, CD into the appropriate folder on the D: drive, and run the command.  It's basically just these three lines:

 

D:

CD \program files\citrix\provisioning services console

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe Citrix.PVS.snapin.dll

 

It might be time to just open a Support case on this.  It's gotten a bit beyond what fits in a forum thread.

Link to comment
Just now, Raymond Colon said:

Is It would appear the PVS console is not installed in that PVS host. Which would be odd. Is the folder under Program Files (x86)?

 

Hi Raymond,

 

The PVS was already installed and I did not install it. Our Admins followed the old way of doing things, like installing the software in D:\ drive. So, maybe it was due to this that it did not work.

 

But, now I am getting to Step 9 to perform the dll registration and I am having a problem. As the provisioning services console is under D drive and the program to run is under C drive. Trying to see how I could do this in Powershell pointing to run  the dll from D drive.

 

Run PowerShell command to load the appropriate dlls on the Citrix Provisioning Server.

For PVS 7.7 and later:

Navigate to:

C:\program files\citrix\provisioning services console

Run the command:

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe Citrix.PVS.snapin.dll

 

 

Link to comment
17 hours ago, Gunther Anderson said:

The first time you logged into the Management Console web page, you were prompted (and required) to set three passwords: web administrator, console root and console administrator.  I suspect you set the root password to the same password as the web Administrator.  But either way, we don't know what it is and it wouldn't be either of the old defaults unless you intentionally set it that way.

 

I was able to register it manually but not through the GUI.  But, I am stuck at this place. I do not see Provisioning services console under C:\Program Files\Citrix folder, as per this document which it states go to this location and run the command. Any ideas about this?

 

https://docs.citrix.com/en-us/citrix-app-layering/4/install-agent.html#manually-register-the-app-layering-agent-with-the-appliance

 

For PVS 7.1–7.6:

Navigate to:

C:\program files\citrix\provisioning services console

Run the command:

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe McliPSSnapIn.dll

 

 

Link to comment
1 hour ago, Gunther Anderson said:

The first time you logged into the Management Console web page, you were prompted (and required) to set three passwords: web administrator, console root and console administrator.  I suspect you set the root password to the same password as the web Administrator.  But either way, we don't know what it is and it wouldn't be either of the old defaults unless you intentionally set it that way.

 

I remember it now and I know, I changed everything to be the same.  I had it documented.

 

image.thumb.png.caf6b2517e0ab1b75ce3797927eff9a7.png

But, I try logging in and it is not working. So, I tried resetting the root password as per this

 

https://support.citrix.com/article/CTX222218

 

and I am getting some error. I will look into this tomorrow again. Thanks again that was very nice of you and also a lot of info and learnt a lot.

Link to comment

The first time you logged into the Management Console web page, you were prompted (and required) to set three passwords: web administrator, console root and console administrator.  I suspect you set the root password to the same password as the web Administrator.  But either way, we don't know what it is and it wouldn't be either of the old defaults unless you intentionally set it that way.

Link to comment
24 minutes ago, Gunther Anderson said:

The ELM does not need a DNS name of its own.  When you try to register the PVS agent with the ELM, the PVS agent opens a connection to the ELM on port 443, and sends the PVS server's FQDN.  The ELM attempts to connect back to the PVS server using that FQDN.  This error is because the ELM cannot resolve the PVS server's reported FQDN.  Login to the ELM as root and try to ping the PVS server by name from there.  If you can't get DNS to work properly, you can also make manual entries in the ELM's /etc/hosts file.

Tried logging in as root with password Unidesk1 and v9Yx*6uj and could not login. It says incorrect password. Kind of confused. I never logged in as root. Initially, I logged in as Administrator and changed the password. But, have not logged in as root and the given passwords don't work.

Link to comment

The ELM does not need a DNS name of its own.  When you try to register the PVS agent with the ELM, the PVS agent opens a connection to the ELM on port 443, and sends the PVS server's FQDN.  The ELM attempts to connect back to the PVS server using that FQDN.  This error is because the ELM cannot resolve the PVS server's reported FQDN.  Login to the ELM as root and try to ping the PVS server by name from there.  If you can't get DNS to work properly, you can also make manual entries in the ELM's /etc/hosts file.

Link to comment
4 minutes ago, Gunther Anderson said:

The ELM is trying to resolve your PVS host in DNS and is failing.  Is the PVS server's machine name properly registered in DNS?  The ELM is usig the DNS server information it got from DHCP unless you have updated it.

 

Thanks again. It looks like it is resolving the DNS entry for the PVS server from our DC as well as from my PC. But, I do not see any DNS entry for the ELM appliance. 

Link to comment
24 minutes ago, Gunther Anderson said:

On the PVS server, you probably have the Windows firewall.  You need to make sure that Windows allows incoming connections on port 8016 from the ELM, and outgoing connections to port 3009, 3509 and 443 on the ELM.

 

Are you seeing an error message? 

 

Thanks Gunthera. 

 

I tried adding the ports in Windows Firewall on PVS for Incoming and Outgoing and I tried but still has issues connecting to it Here are the screenshots

 

 

 

 

ELM connect1.PNG

ELM connect2.PNG

Link to comment
On ‎4‎/‎3‎/‎2019 at 6:09 AM, Raymond Colon said:

Hello,

 

Our firewall ports page, link at the bottom, has the below listed:

 

 

App Layering agent
Agent server to appliance - Port 443 - Registration/HTTPS
Agent server to agent server - Port 8016 - Commands from appliance/SOAP
Agent server to appliance - Port 8787 - Log export
Agent server to appliance - Port 3009 - Citrix Provisioning Disk upload/HTTP
Agent server to appliance - Port 3509 - Citrix Provisioning Disk upload/HTTPS

 

 

As Rob noted, TCP 443 is used for registration and TCP 8016 for the communication during our various tasks. Yes, you do need 8016 open in the PVS host, and the PVS host(s) need to reach the ELM, appliance via TCP 443.

 

 

https://docs.citrix.com/en-us/citrix-app-layering/4/manage/firewall-ports.htm

 

Raymond,

 

Thanks for the response. But, we have no internal firewall. The appliance and the servers are inside. Why would you need ports to be opened.

Link to comment
1 hour ago, Raymond Colon said:

Install the App Layering(AL) Agent in any, all PVS hosts you may want a layered image to publish to.

 

A connector must be configured in the ELM, when are working with layers or a publishing images. The settings in the connector provides the ELM with the credentials, storage location(s) and other data needed to connect to your hypervisor, to create the temporary VMs in which you may configure the layers and also where to publish the layered image to, for access by your provisioning system.

 

Raymond, 

 

 

 

 

Quote

 

 

 

 

 

image.png

image.png

Link to comment

Install the App Layering(AL) Agent in any, all PVS hosts you may want a layered image to publish to.

 

A connector must be configured in the ELM, when are working with layers or a publishing images. The settings in the connector provides the ELM with the credentials, storage location(s) and other data needed to connect to your hypervisor, to create the temporary VMs in which you may configure the layers and also where to publish the layered image to, for access by your provisioning system.

 

 

 

21 minutes ago, John Francis1709160537 said:

I am new to this and I am trying to understand where to install this agent and machine tools. The article below is from Citrix document. 

 

As a result, you need to install the agent in the following locations, based on your hypervisor, provisioning service, and whether or not you use your connector configurations to run scripts:

 

On servers you plan to use for layer creation or image publishing - What does this mean? On servers that you plan to use for layer creation? Do I need to create a separate server (windows server) an install the agent which I can use for layer creation?

 

If using Citrix Provisioning, on the provisioning servers where you plan to publish layered images. - We are using provisioning services, so should I install this agent on the PVS server? Only 1 or both?

 

 

In locations where your connector configurations will run Powershell scripts - Not sure what does it mean by connector configuration.

 

Link to comment

Citrix has two products that handle provisioning of desktops and session hosts; Citrix Provisioning Services (PVS) and Citrix Machine Creation Services (MCS).  With PVS virtual machines are booted over the network from an image stored on PVS servers.  With MCS virtual machines are created as cloned copies of a VM image stored on Hypervisor storage.

 

When you use App Layering you can support one the other or both.  If you use PVS there is an agent to install on one of the PVS servers (a windows server) that provides the communications required to publish an image from the App Layering Management appliance (called and Enterprise Layer Manager or ELM for short).  If you use MCS for provisioning the ELM will publish a virtual machine to your hypervisor and MCS uses that virtual machine as the Master Image to make your desktops or session hosts out of.

 

This primer should help you with the concepts:

https://www.citrix.com/content/dam/citrix/en_us/documents/white-paper/citrix-application-layering-technical-overview.pdf

 

There are many presentations available.  This is one

https://www.youtube.com/watch?v=KBYoVeAYnSA

 

Good luck I hope that helps.

 

Rob

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...