Welcome to my personal blog site.
The main purpose of this site is to share various automation resources and scripts for various End User Computing solutions. Previously it was focussed on Ivanti Identity Director (formerly known as RES ONE Service Store & RES IT Store) related resources. Nowadays I (sadly) don’t work with ID very often so I changed the website’s focus to a personal blog site.
If you would like to add content to this site (in the form of blogposts, building blocks or anything like that) please let me know and I will make you sure you receive the credit for it. Also, feel free to use any of my scripts, change them and publish them as your own.
If your daily job has anything to do with virtual workspaces, you definitely have heard something about app layering. App layering is seen as the replacement for the ‘old’ application virtualization solutions like Microsoft App-V and VMware ThinApp.
While app layering is a good solution for most of the usual issues that come with running many applications on the same machines, it still takes a lot of time to create all those layers.
So together with automation-aficionado Chris Twiest we asked ourselves the question:
‘Is it possible to automate app layer creation?’
This blog will focus on the automation of creating app layers with Citrix App Layering, while Chris Twiest focused on doing the same with VMware App Volumes, the result of which you can find here. This blog is also a precursor to our presentation at the Expert 2 Expert Virtualization Conference in Athens (link).
EDIT Dec 19th 2018: Click here for a YouTube video of the presentation.
While working in a Nutanix-AHV environment I wanted to list all snapshots in the environment. With VMware vSphere you needed to do this with PowerCLI or use the excellent RVTools. In Nutanix Prism you can (to my knowledge) only see the snapshots when opening the virtual machine details.
Going through every VM in this environment would cost precious time that could also be spent drinking coffee, going through Twitter or catching up on some sleep. So I created the following script to list all snapshots in your environment, the virtual machine it belongs to and when it was created.
At a customer a while back we had an Citrix XenDesktop 7.9 environment. VMware vSphere 6.0 was used as hypervisor, Citrix Provisioning Services 7.9 for deployment and Microsoft Windows 10 as OS for the virtual desktops. Since these desktops were non-persistent we were able to use the local solid state storage in the hypervisors. This did however present some challenges when it came to the deployment of the virtual desktops. We (my colleague Leon van Efferen and myself) ended up with a PowerShell script that did just about everything.
In this post I will explain what the script does and what you need to do to use it in your own XenDesktop/PVS/vSphere environment. You can find the actual script at the end of the post.
Keep in mind that the customer used VMware vSphere (XenServer or Hyper-V were a big no-no for unknown reasons) and therefore the script only contains the commands for vSphere (PowerCLI 6.x). If you would like to use it for other hypervisors, feel free to alter it in any way and present it as your own on your own blogsite.
The beginning of 2018 has been all about the Intel Meltdown and Spectre vulnerabilities…….and cryptocurrency. These vulnerabilities take advantages of features that modern processors have to operate more efficiently. These features are ‘out-of-order execution’ (Intel Meltdown) and ‘branch prediction’ (Spectre).
Out-of-order execution allows a processor to execute instructions in a non-sequential manner, which will result in less time spent idle. Branch prediction is a feature that predicts what instructions will be executed and where. So in a way it will execute some instructions before they even are received from the running application.
There are several patches/updates that need to be done to mitigate these vulnerabilities. These range from new BIOS/UEFI updates, Firmware updates, driver updates and of course: patches.
There are patches from Microsoft, Red Hat, CentOS, VMware, etc. Basically just about every IT administrator has some work ahead of him/her (or he/she is already done and drinking his/her earned beer). The focus of this blogpost is the patches from Microsoft.
In previous posts I, have already provided instructions and building blocks to automate the deployment of Citrix StoreFront and the XenDesktop Delivery Controller. While the automation of the deployment of Citrix Director is still in the planning stages, someone requested a building block for the deployment of the Citrix Virtual Delivery Agent. I started looking around other Ivanti/RES ONE Automation resources and I noticed that there isn’t much available. Sure, the unattended deployment is described very well in the Citrix Product Documentation. But ROA/IA building blocks for VDA deployment aren’t too common. Reason enough for me to create them.
I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them. You can find the download link for the Ivanti/RES ONE Automation building block at the bottom of this blog post.
These modules have been tested on Windows Server 2016 and Windows 10 Enterprise (version 1703) and you can use the same module for the Desktop OS installation of the VDA and the Server OS installation.
Edit March 1st 2018:
The module has been tested with the Virtual Delivery Agent of Citrix XenDesktop 7.17 and Ivanti Automation 10.2.100.0 and works accordingly. The /enable_hdx_3d_pro switch is deprecated since 7.16 and is no longer a selected option by default in the module. However, I have kept it in to keep the module compatible with older 7.x versions (like the 7.15 LTSR version for example).
Edit January 30th 2019:
I have created a new version with the new switches/features of the Citrix Virtual Apps and Desktops version 1811 Virtual Delivery Agent as described in the docs page: Link
Building block is available for download below along with the old version.
A while back I needed to automate the deployment of Citrix StoreFront 3.x for a customer I was working for at the time. However it wasn’t perfect. It only did the installation of the software and didn’t do anything with stores, server groups and certificates. Since time was scarce these items were put on hold. However, I put them on my own ToDo-list with the goal to automate an (almost) complete deployment of StoreFront with Ivanti Automation and share it with anyone who would like to use it.
I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them.
You can find the download link for the Ivanti Automation building blocks here and also at the bottom of this blog post.
These modules have been tested on Windows Server 2012 R2 and 2016 (with User Experience enabled) and up to StoreFront version 1912.
While the current RES ONE Workspace management console is very feature rich, there is always room for improvement. There is often a task that you might want to automate or at the very least make it a bit easier. Now my fellow RES aficionado Chris Twiest (@TwiestChris) did exactly that. He had a solid business case for a couple of RES ONE Workspace related tasks, automated them and bundled them into a neat and easy to understand toolkit. Read on for all the tasks that are included in this toolkit (and for the download link of course).
The Self-Service Password Reset has got to be one of the most used features of RES ONE Identity Director (previously RES ONE Service Store/RES IT Store). It allows a user to reset his/her Active Directory user account password without assistance from the IT organization. This is possible on a 24/7 basis, so even in the evening or the weekends the user can use this service.
While this is very useful service, you should think about the security implications. Since the user apparently cannot login the RES ONE Identity Director site he/she should be to open the site from an untrusted network like the internet. But this would imply that everyone with internet-access can change the password of a user account as long as the username is known. So how to verify that the user requesting the service is actually the user in question?
Picture the following setting: A rainy Sunday afternoon. You need to prepare some presentation slides for a sales pitch the following day. You are working from home and are logged in on the company’s virtual desktop (running Citrix XenDesktop). Everything is fine and you are almost done. Suddenly the screen freezes, everything is locked and you are unable to continue your preparation. You disconnect your session and try a reconnect, which is not successful.
Sadly the support desk is only available during business hours.
What should you do? A. Cry B. Scream C. Start all over again on your local machine D. All of the above
Now this is a pretty specific setting, but a customer sometimes had similar issues. Users are working in the weekend and need to contact an administrator just to logoff their session. How can you solve this with RES ONE Service Store?