![](http://content.invisioncic.com/m329563/set_resources_3/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
James Kindon
-
Posts
1,351 -
Joined
-
Last visited
-
Days Won
66
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by James Kindon
-
-
If you are using Studio then the policy engine will be updated automatically by the upgrade process
No difference for the VDA - You can read up on the upgrade process for Citrix on the documentation site, but the VDA upgrade utility is pretty smart and will tell you what's there and what will be upgraded
-
Always upgrade UPM, 99% of the time it will be handled as part of the VDA upgrade process
Make sure to go and update the ADMX files accordingly if you are using GPO to drive UPM
-
9 hours ago, Thierry DEVIDAL said:
Because for me, in cloud-base env, the dekstop client should be only be a "viewer"
Not really how it works unless you operate in online mode and have acceptable performance when making queries across the web - rarely OK
most environments still operate in cached mode, meaning that now you have an OST and index to deal with. If you don't persist these, the experience sucks. You cannot in a supported fashion redirect them to a network location, and using file based profiles is not really going to cut the mustard. Hence container/VHDX technology to make things work
-
-
WEM would fail to set permissions via an external task as it executes in the user context.
You would be best suited to using a traditional GPO and alter the permissions on the directory via that method - tried, proven, easy to track back through
https://www.lepide.com/how-to/assign-permissions-to-files-folders-through-group-policy.html
-
if its just a standard add-in then the normal rules apply with excel regardless of how its published
-
time to start looking at something like an AppCure to start getting those apps out of the OS
-
The Cloud solution is perfectly suited to managing multiple domains - so without more context i really couldn't see a reason not to keep it simple
-
You will need cloud connectors in the domain where the VDA registers - you cannot traverse trusts with Cloud Connectors when DaaS needs to lookup users
If you have a domain where there are just users, then you can deploy either Cloud Connectors (Windows) OR Cloud Connector Appliances which will allow the DaaS Service to understand users in the trusted domains
-
Have put this over to the WEM team to have a look at
-
yup, that's always been there, it pulls it from the source sig and puts it into its own ?
-
have fun - good scale project
-
There are many references to all of these scenarios online, Citrix document this stuff pretty well where they can, otherwise you can google for community recommendations
For Chome - https://docs.citrix.com/en-us/profile-management/current-release/integrate/google-chrome.html
For Edge -> start with Chrome and Adapt
On 3/20/2023 at 10:33 AM, Mark Ellis1709163820 said:Clear out these directories with a logout script. (This is because the exclusion policy won't get rid of existing cached files.)
This is not entirely true, look at the logon exclusion check policy, UPM will clear up after itself based on what you tell it to do https://docs.citrix.com/en-us/profile-management/current-release/configure/include-and-exclude-items/enable-logon-exclusion-check.html
-
I used WEM but it doesn't come into play for profile management in any of my projects, thats always handled by policy
Yes, Sorry its the SyncHkuWithHkcu feature https://techzone.vmware.com/resource/windows-os-optimization-tool-vmware-horizon-guide#controlling-common-options
-
you can simplify this entirely if you do NOT need a profile, then your best bet is to optimize the default user profile and simply use local profiles
My suggestion here would be to use the vmware optimization tool (yes yes I know this is Citrix but the vmware tool is better out of the box) and use the "sync to default user profile" feature (which is awesome)
We use local profiles in benchmarking scenarios and can easily get 5-6 second logons with this model using the above logic
-
2
-
-
There you go, you can use the same logic without an export/import directly in your script to just pull the machines into an array, and then loop through the array
$Criteria = "Get your list of machines here"
then something like
foreach ($computer in $Criteria) { write-host "computer Name is: $($computer.Name)" New-BrokerHostingPowerAction -Action TurnOff -MachineName $computer.Name }
-
1
-
-
There is a bit of a trick here which can help, if you have studio and GPO MMC installed on the same box, they appear to call the same location for templates.
So you can take your GPO nested Citrix Policy and create a template for each one. Then you can go into studio, hit refresh, and you should see those templates available, from there you can create a new Policy mirroring the old
It doesn't handle filters and assignments though
-
If you already have the list of VDI's you want to reboot, this isn't working? https://developer-docs.citrix.com/projects/citrix-virtual-apps-desktops-sdk/en/latest/Broker/New-BrokerHostingPowerAction/
-
This has been around for a while, but there are native options to fix it in the product
I wrote a script here https://jkindon.com/selective-deletion-of-the-wem-actions-tracking-cache/ which has morphed its way into the product set natively - look at "Allow Users to Reset Actions". Users can self service via the agent, or admins can drive the bus from the console
Versioning is a good idea though as slapping the key slaps everything without any form of check
-
On 3/8/2023 at 2:52 AM, Joel Girard1709163585 said:
In over 25 years of working in IT and GPO's, I've never come across a GPO with a 'phantom' setting.
Our industry is the gift that keeps giving ?
-
14 hours ago, Almir Ramic said:
Im a bit late...
juuuuuust a little ?
https://jkindon.com/selective-deletion-of-the-wem-actions-tracking-cache/
There is a new feature based off the above post as part of the product now ?
https://docs.citrix.com/en-us/workspace-environment-management/current-release/user-interface-description/advanced-settings.html#ui-agent-personalization <- look at "Allow Users to Reset Actions"
-
2 hours ago, Suman Kumar Saurabh1709163824 said:
Thank you James for your response. Could you please share any reference article to read about Azure NetApp files handle capacity specifically for FSLogix.
We are going to use Azure NetApp in production, currently using Azure files until storage team give us NetApp.
I am still not sure how to handle multiple files/volume and distribute users dynamically with simple approach. Security is not in the favor of creating multiple OUs and we need to define VHDX location of multiple file share/ volumes for 10,000 machines residing in single OU. I read one of article published by James-rankin about powershell script but that script re-write registry all the time when it runs.
I am wondering how other people are handling this ?
Whilst this is a Microsoft AVD article, the concepts here are very relevant.
Specifically, for ANF
https://learn.microsoft.com/en-us/azure/virtual-desktop/store-fslogix-profile
For the user distribution side of things, I re-wrote that script a couple of years back to make it more robust and flexible, same concept, different code (better code). The logic here is distribution based on available capacity - but I don't think that is the best logic for your deployment (pretty sure my code is in production in the environment referenced in Rankins article)
https://github.com/JamesKindon/Citrix/blob/master/FSLogix/DistributeContainerShares.ps1
I don't know why security are involved or having any form of say based on an OU or AD group layout, this has nothing to do with security, it's about architecture and providing an appropriate distribution of users. FSLogix has the ability to user per user/group based deployments as per Carl initial link -> not sure why that wouldn't be followed or would be of concern
-
9 hours ago, rmccart859 said:
Thanks that has fixed my issue. The printers now appear under the 'applied actions' tab.
Do you happen to know how to enable the system tray icon?
Advanced Settings -> Configuration -> Agent Service Options -> Launch Agent at Logon
-
1
-
-
43 minutes ago, rmccart859 said:
My users don't have a WEM agent icon in the system tray. Is there a way to do it centrally form the WEM server?
Would make it a lot easier if you enabled it, as you can then get users to do it selectively. From the console, find your agents, right click and reset actions from there - but it will tackle anyone on the target agent
-
1
-
WEM Agent cloud integration issue
in XenDesktop 7.x
Posted
You need to allow the VDAs to talk to the wem cloud service, they do not proxy via the cloud connectors