[Is there GPO precedence in WEM?]

WEM typically process in parallel for the most part - assuming it's the same for GPO object processing

[Citrix Workspace SSO (Domain-Passthrough) not working inside Citrix session]

Have you enabled silent sign on? https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/authentication.html#silent-authentication-for-citrix-workspace

[Cloud MCS EnableDHCP error]

I didn’t realise that exact param was locked in cloud - support should be able to change that for you if you cannot 

 

I know this specific issue is on the radar with the MCs team, dhcp prep in public cloud isn’t needed 

[Cloud MCS EnableDHCP error]

Download the Citrix cloud powershell sdk - same rules apply as on prem, you can do pretty much anything via powershell 

[Citrix 1912 LTSR MCS additional disk]

you can use MCSIO to achieve a persistent write cache disk

[CVAD for azure virtual desktop slow log on]

AppX packages **** in VDI, you should rip as many out as you can and off the image 

 

Start with Citrix Optimizer and go from there, also worth taking a look at John Billekens templates Bille https://github.com/ryancbutler/Citrix_Optimizer_Community_Template_Marketplace/tree/master/templates/John Billekens

[Citrix / Azure WVD density]

not a lot on a B4ms VM. Burstable VM specs for VDI workloads aren't going to be great in production - they have a baseline spec and you can build credits, but good luck building credits in a shared environment ?

 

Lots of factors to consider - workload type, VM spec, OS, disk sizing, optimizations etc - will all impact density, but don't expect a lot with Win10 multi

[Is device-based licensing of O365 Apps for Enterprise support in PVS e.g. Non-persistent VDI solutions?]

i use BIS-F on all my deployments and get it to run the dsregcmd /join on machine boot

 

also have customer doing this by scripts as a standard

[Stucking Logons with WEM error]

do you get any more detailed in in the WEM agent log in the user profile, or the debug log on the OS disk?

 

you might need to log a ticket if not

[Cloud MCS EnableDHCP error]

this is known issue, fire this against your environment

Set-ProvServiceConfigurationData -Name ImageManagementPrep_Excluded_Steps -Value EnableDHCP

https://www.citrix.com/blogs/2016/04/04/machine-creation-service-image-preparation-overview-and-fault-finding/

[Dedicated MCS desktops update - Intune]

depends what you mean by update here - are you looking at just updating the VDA etc?

 

You can enroll persistent VDI into intune and manage them that way now, there are some additional enhancements coming in this space so stay tuned

[Recommended vcenter version with 1912 LTSR CU4]

https://support.citrix.com/article/CTX131239 

 

vSphere 7.0 (Up to Update 3) is supported

[Citrix Virtual apps and desktop design considerations.]

Forums will give you some support, but design and this style of assistance might be better suited to a local consulting org to help you work through the requirements and associated architecture - straight off the bat i would challenge the zone architecture with that of site based on the above ?

[Is device-based licensing of O365 Apps for Enterprise support in PVS e.g. Non-persistent VDI solutions?]

On 1/31/2022 at 6:47 PM, Andrew Meneguz1709154345 said:

And since my Citrix contacts are telling me that Shared Computer Activation is the only supported method that they are aware of, I'd expect very little support from them if I encounter any issues.

This is likely a grey area so i wouldn't expect many would know the difference yet (you are trailblazing :))

 

On 1/31/2022 at 6:47 PM, Andrew Meneguz1709154345 said:

Does anyone know if group membership of the device persists upon reboot

Yes, your AD objects populate these groups

 

On 1/31/2022 at 6:47 PM, Andrew Meneguz1709154345 said:

further reading suggests that you can do a targeted rollout of hybrid Azure AD joined devices, so there's potential for me to test this specifically on my new VDA's without exposing my entire org to a hybrid Azure AD

This is becoming pretty common place now - we do it in most projects, you won't break yourself

 

On 1/31/2022 at 6:47 PM, Andrew Meneguz1709154345 said:

I'm going to look further into this and and if I end up proceeding I'll let you all know what I discover

Community Power

[How to fix MCS - Newly created VDI's machine names do not reflect AD machine name]

that is the machine SID, that is likely AD issues or delays in updates - we see this in cloud deployments occasionally 

[Folder redirection]

Put it in a different share, it can be on the same storage account though - redirection via GPO is likely the most stable

[FSLogix Office and Profile disks , Azure files share]

no, only if you are at large scale and want to segment IOPS or capacity etc

[Privilege Elevation not working on WEM 2112]

probably going to need to open a ticket with Citrix then, as for the published application, it will likely depend on your switches

 

here is some fun i had when playing with it https://jkindon.com/conquering-per-user-firewall-rules-with-citrix-wem-privilege-elevation/

[Is device-based licensing of O365 Apps for Enterprise support in PVS e.g. Non-persistent VDI solutions?]

watching this out of curiosity more than anything

 

Device based activation is an "or" to shared computer activation

 

SCA was in the user context, and simply (to the best of my knowledge) did two small things  - reduce the lifetime of the activation validity to 3 days (or something similar) and removed the registration from the users "devices" on the user object

 

Device based activation takes this away from the user side of things entirely, and the machine itself does the check on itself - so with a technical lens, I cannot see why it wouldn't work as long as you have your hybrid join done right

[How to manage Windows activation on frequently redeployed machines without KMS]

MCS has a fundamental requirement for KMS -  it is not supported for MAK based activation

[FSLogix and O365 Account Data]

smells like your messaging subsystem key is not roaming - are you doing anything funky with your registry configs in UPM? I would also suggest leaving outlook personalisation data in the profile

[Privilege Elevation not working on WEM 2112]

have you got an appropriate version of the agent installed - and how are you launching the app?

 

You will have to do it from the explorer context (go find cmd.exe and double click it for example)

 

You should have an elevation log in the local profile as well if it's triggering

[CVAD 1912 - Powershell - Add multiple users to diferent applications in Script]

$AppList = @("App1","App2")
$Users = @("Domain\User","Domain\User2")
foreach ($App in $AppList) {
    foreach ($User in $Users) {
        Add-BrokerUser -Name $User -Application $App
    }
}

that is an example bit of code for you to work with - there is no error handling, checking or validation, it's just the basics - you can take it from there

[WEM agent updated but health warnings now]

From memory, you can just kill UpmConfigCheck.ps1 and the checks stop happening - I would suggest you test, confirm, and the only delete on VDA's via a GPO (leave the master alone just incase) 

 

I requested a while back that this check become optional via the GUI, pretty sure it can be turned off behind the scenes, but not in a supported fashion so i wouldn't hack the DB :)

 

J

[Getting Application server name and DG name by feeding application name .]

Apps aren't tied to a server unless you use tagging, which is a whole looping process to filter through.

 

To get your list of servers, you would need to loop through the Delivery Groups that match the app assignments, and then output from there, if you use app groups, its another set of loops and matches

 

You can filter your output (and input) by customising the $Application variable (for input), or the $AppList is just an output array, so you can filter that also once created