James Kindon
-
Posts
1,346 -
Joined
-
Last visited
-
Days Won
66
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by James Kindon
-
-
if its just a standard add-in then the normal rules apply with excel regardless of how its published
-
time to start looking at something like an AppCure to start getting those apps out of the OS
-
The Cloud solution is perfectly suited to managing multiple domains - so without more context i really couldn't see a reason not to keep it simple
-
You will need cloud connectors in the domain where the VDA registers - you cannot traverse trusts with Cloud Connectors when DaaS needs to lookup users
If you have a domain where there are just users, then you can deploy either Cloud Connectors (Windows) OR Cloud Connector Appliances which will allow the DaaS Service to understand users in the trusted domains
-
Have put this over to the WEM team to have a look at
-
yup, that's always been there, it pulls it from the source sig and puts it into its own ?
-
have fun - good scale project
-
There are many references to all of these scenarios online, Citrix document this stuff pretty well where they can, otherwise you can google for community recommendations
For Chome - https://docs.citrix.com/en-us/profile-management/current-release/integrate/google-chrome.html
For Edge -> start with Chrome and Adapt
On 3/20/2023 at 10:33 AM, Mark Ellis1709163820 said:Clear out these directories with a logout script. (This is because the exclusion policy won't get rid of existing cached files.)
This is not entirely true, look at the logon exclusion check policy, UPM will clear up after itself based on what you tell it to do https://docs.citrix.com/en-us/profile-management/current-release/configure/include-and-exclude-items/enable-logon-exclusion-check.html
-
I used WEM but it doesn't come into play for profile management in any of my projects, thats always handled by policy
Yes, Sorry its the SyncHkuWithHkcu feature https://techzone.vmware.com/resource/windows-os-optimization-tool-vmware-horizon-guide#controlling-common-options
-
you can simplify this entirely if you do NOT need a profile, then your best bet is to optimize the default user profile and simply use local profiles
My suggestion here would be to use the vmware optimization tool (yes yes I know this is Citrix but the vmware tool is better out of the box) and use the "sync to default user profile" feature (which is awesome)
We use local profiles in benchmarking scenarios and can easily get 5-6 second logons with this model using the above logic
- 2
-
There you go, you can use the same logic without an export/import directly in your script to just pull the machines into an array, and then loop through the array
$Criteria = "Get your list of machines here"
then something like
foreach ($computer in $Criteria) { write-host "computer Name is: $($computer.Name)" New-BrokerHostingPowerAction -Action TurnOff -MachineName $computer.Name }
- 1
-
There is a bit of a trick here which can help, if you have studio and GPO MMC installed on the same box, they appear to call the same location for templates.
So you can take your GPO nested Citrix Policy and create a template for each one. Then you can go into studio, hit refresh, and you should see those templates available, from there you can create a new Policy mirroring the old
It doesn't handle filters and assignments though
-
If you already have the list of VDI's you want to reboot, this isn't working? https://developer-docs.citrix.com/projects/citrix-virtual-apps-desktops-sdk/en/latest/Broker/New-BrokerHostingPowerAction/
-
This has been around for a while, but there are native options to fix it in the product
I wrote a script here https://jkindon.com/selective-deletion-of-the-wem-actions-tracking-cache/ which has morphed its way into the product set natively - look at "Allow Users to Reset Actions". Users can self service via the agent, or admins can drive the bus from the console
Versioning is a good idea though as slapping the key slaps everything without any form of check
-
On 3/8/2023 at 2:52 AM, Joel Girard1709163585 said:
In over 25 years of working in IT and GPO's, I've never come across a GPO with a 'phantom' setting.
Our industry is the gift that keeps giving ?
-
14 hours ago, Almir Ramic said:
Im a bit late...
juuuuuust a little ?
https://jkindon.com/selective-deletion-of-the-wem-actions-tracking-cache/
There is a new feature based off the above post as part of the product now ?
https://docs.citrix.com/en-us/workspace-environment-management/current-release/user-interface-description/advanced-settings.html#ui-agent-personalization <- look at "Allow Users to Reset Actions"
-
2 hours ago, Suman Kumar Saurabh1709163824 said:
Thank you James for your response. Could you please share any reference article to read about Azure NetApp files handle capacity specifically for FSLogix.
We are going to use Azure NetApp in production, currently using Azure files until storage team give us NetApp.
I am still not sure how to handle multiple files/volume and distribute users dynamically with simple approach. Security is not in the favor of creating multiple OUs and we need to define VHDX location of multiple file share/ volumes for 10,000 machines residing in single OU. I read one of article published by James-rankin about powershell script but that script re-write registry all the time when it runs.
I am wondering how other people are handling this ?
Whilst this is a Microsoft AVD article, the concepts here are very relevant.
Specifically, for ANF
https://learn.microsoft.com/en-us/azure/virtual-desktop/store-fslogix-profile
For the user distribution side of things, I re-wrote that script a couple of years back to make it more robust and flexible, same concept, different code (better code). The logic here is distribution based on available capacity - but I don't think that is the best logic for your deployment (pretty sure my code is in production in the environment referenced in Rankins article)
https://github.com/JamesKindon/Citrix/blob/master/FSLogix/DistributeContainerShares.ps1
I don't know why security are involved or having any form of say based on an OU or AD group layout, this has nothing to do with security, it's about architecture and providing an appropriate distribution of users. FSLogix has the ability to user per user/group based deployments as per Carl initial link -> not sure why that wouldn't be followed or would be of concern
-
9 hours ago, rmccart859 said:
Thanks that has fixed my issue. The printers now appear under the 'applied actions' tab.
Do you happen to know how to enable the system tray icon?
Advanced Settings -> Configuration -> Agent Service Options -> Launch Agent at Logon
- 1
-
43 minutes ago, rmccart859 said:
My users don't have a WEM agent icon in the system tray. Is there a way to do it centrally form the WEM server?
Would make it a lot easier if you enabled it, as you can then get users to do it selectively. From the console, find your agents, right click and reset actions from there - but it will tackle anyone on the target agent
- 1
-
11 hours ago, rmccart859 said:
Yes I enabled self healing to try to fix the issue, but it hasn't worked
The action has already applied and when it was applied it had no self-healing enable - so it's already done its job
in the user session, right click the WEM agent and chose reset actions or whatever it's called, select printers (this will remove tracking status), and then re-process the agent
- 1
-
shame - it appears to be dead now, it was working yesterday with SSL errors - must have been brought down
-
-
Maybe publish the app but restrict it to specific machines using tags?
Pretty sure vPrefer configurations override keywords - so might be a bit of work to change things around
-
This can be a weird race condition - are these MCS machines? or manual?
I've worked on projects where the quickest path was a startup script which executed a gpupdate to get the latest keys updated, and then a restart of the desktop service does the trick
Can WEM be used to apply permissions on folders and registry entries?
in WEM (Workspace Environment Management)
Posted
WEM would fail to set permissions via an external task as it executes in the user context.
You would be best suited to using a traditional GPO and alter the permissions on the directory via that method - tried, proven, easy to track back through
https://www.lepide.com/how-to/assign-permissions-to-files-folders-through-group-policy.html