Archive for category Citrix
Hey all, happy new year! Been working on our XenDesktop deployment over the holidays and ran into a snafu when working with Microsoft Activation keys. As any of you know when working with Microsoft products you have the option to use a MAK key or a KMS key with a given product. However their is a limit on how many times you can use a MAK key and in large deployments this may not be the best solution. When deploying virtual desktops the best solution is to setup a Microsoft KMS host and use KMS client keys so that each clone will have a validate Windows License, this also prevents you from using up your MAK keys when you redeploy your clones during updates/patches/etc.
When we started down the path of using Citrix on top of VMware using MCS we didn’t realize at the time there was a catch using KMS keys. Both Citrix and VMware when you deploy their solutions have options to reset the SID of the cloned machine however when you mix the two and use MCS it becomes a little more of a challenge. I found a interesting statement of support from Citrix here: http://support.citrix.com/article/CTX128580
MCS does not support or work with KMS based Microsoft Windows 7 activation by default, however the following workaround has been provided and will be supported by Citrix Support should an issue arise. So the process to address this while cover in the link in short is to create your image, create a snap shot, run slmgr /rearm from command line on the image, take a 2nd snap shot and label it rearm and then build your Machine Catalog off that.
After doing so, each clone as it boots up for the first time will have a unique sid to register with your KMS key server.
The down side is that anytime you want to update the image you have to perform the above steps all over again before updating the catalog when the updates be they windows updates, virus updates, putting a new icon on the desktop etc.
The whole process is much less of a issue if you have 25 other devices already registered with your KMS host as that is the minimal requirement to active Windows 7 using a KMS host prior to it actually allowing the 1st activation to be successful. If this is the case then you need not bother with the above as the clones will still activate with the KMS host even if they have the same SID its the first 25 that is a gotcha.
I’ve been working to deploy Citrix in our office recently and one of the requirements was to use some 5-7 year old PCs as Thin clients until such time as management wanted to replace them with typical thin clients. In order to make this work we re-imaged all of the XP desktops with a clean install of the OS along with basic requirements suck as AV/DLP etc. Then I added a simple yet effective registry hack along with some GPO’s to effect a XP thin client with decent local security.
So here is the registry changes
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultUsername"="email@example.com" "DefaultPassword"="password" "AutoAdminLogon"="1" "ForceAutoLogon"="1"
This will cause the desktop to auto login every time it boots up or a user logs off the system. The only way around the auto login is for a user to hold down the shift key during the login which will then allow you to enter different credentials.
Next up Open IE in full screen mode and point it to the Citrix Web Server.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe -k" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://citrixxendesktopurl.com"
That is pretty much it, tie this in with a GPO designed to lock down the user being used to log onto the desktop, make that user part of the local “users” or “guest” group, and we have our simple yet effective XP thin client.
A while back I was introduced to mRemoteNG which is a great tool for the admin that works on several platforms and yet wants a tabular interface to manage all of his various connections and best of all its Free! The product allows you to manage RDP, VNC, SSH and Telnet via Putty to name a few. A very useful tool to keep up with all the servers one may manage on the daily basis as well as their Admin web portals, as well as giving you the option to group like products or application servers together in Folders.
Last but not least if you don’t save passwords in it, you can use it to share connection information to other Admins if needed by a simple export/import process.
The URL to this fine tool is: http://www.mremoteng.org/
I’d highly recommend it to any admin.