Saturday, September 24, 2011

How to pre-populate domain name on Desktop Director web page

When you try to access desktop director web page , domain name needs to be typed every time.

image

So in order to pre populate with the domain name open Logon.aspx from following location using  elevated command prompt

image

And made changes at following location

image

And then restart default IIS website

 

image

You will be doing this all on server where you have installed desktop director and then final result will be something like this

image

Monday, September 5, 2011

Citrix Provisioning Server and Active Directory password management

 Most of you know when we provision vDisk using Citrix PVS (Provisioning Services ), PVS should be allowed to manage the machine account password . The reason in nutshell  : vDisk is created using one master image with machine account in domain . Same image is streamed across multiple machine.

How we do this ? This setting is on PVS server setting

image

But problem start when you have following default Domain policy

image 

Problem : When machine try to negotiate password after 30 days because of PVS setting AD does not allow to do so. Result of which machine goes out of password synch. This kicks machine out domain and Virtual desktop got unregistered from Desktop Delivery controller

This policy as per Citrix PVS eDocs and also one more eDocs suggest to set this to "Enabled". So how you would like to tackle this situation.

1.  If above setting is not followed with password age then you can define  password age policy and apply to OU which is meant for Virtual Desktop.  As shown below for 999 days PVS will enjoy managing provisioned machine password.

image

2. Windows following Netlogon service tried to negotiate machine password when it expires. This is stored under

image

3.  If the value is set to "0 " then AD will not allow PVS to negotiate password. Remember this is managed by default  domain controller policy but registry can be overwritten by deploying new registry value. How check this out

image

If this policy is applied on OU containing VDI then even default domain policy for password can be overwritten. Citrix has also release fix which address similar issue but not exactly the same issue CTX130273.

 

Sunday, September 4, 2011

How to disable Printscreen on XA as well as Thin Client

If you would like to disable print screen permanently on XenApp 5.0 /6.0 , this can be done from XA policy as well by creating new registry value as follows:

HKEY_LOCAL_MACHINE -> System -> "CurrentControlSet" -> "Control" -> "KeyboardLayout" create a new binary key called Scancode Map
Value Data will be  :  0000000000000000040000002AE037E0000037E00000540000000000
On linux based thin client WNOS.INI file needs to updated as follows:

1.    xmodmap -e 'keysym Print = anyotherkey'
2.    Comment out the key in /usr/x11r6/lib/x11/xkb/keymap/keycodes

It should be <prsc> = 111 so just put // in front

Following CTX can explain  more about virtual channel

Hope this help