The beginning of 2018 has been all about the Intel Meltdown and Spectre vulnerabilities…….and cryptocurrency. These vulnerabilities take advantages of features that modern processors have to operate more efficiently. These features are ‘out-of-order execution’ (Intel Meltdown) and ‘branch prediction’ (Spectre).
Out-of-order execution allows a processor to execute instructions in a non-sequential manner, which will result in less time spent idle. Branch prediction is a feature that predicts what instructions will be executed and where. So in a way it will execute some instructions before they even are received from the running application.
There are several patches/updates that need to be done to mitigate these vulnerabilities. These range from new BIOS/UEFI updates, Firmware updates, driver updates and of course: patches.
There are patches from Microsoft, Red Hat, CentOS, VMware, etc. Basically just about every IT administrator has some work ahead of him/her (or he/she is already done and drinking his/her earned beer). The focus of this blogpost is the patches from Microsoft.
In previous posts I, have already provided instructions and building blocks to automate the deployment of Citrix StoreFront and the XenDesktop Delivery Controller. While the automation of the deployment of Citrix Director is still in the planning stages, someone requested a building block for the deployment of the Citrix Virtual Delivery Agent. I started looking around other Ivanti/RES ONE Automation resources and I noticed that there isn’t much available. Sure, the unattended deployment is described very well in the Citrix Product Documentation. But ROA/IA building blocks for VDA deployment aren’t too common. Reason enough for me to create them.
I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them. You can find the download link for the Ivanti/RES ONE Automation building block at the bottom of this blog post.
These modules have been tested on Windows Server 2016 and Windows 10 Enterprise (version 1703) and you can use the same module for the Desktop OS installation of the VDA and the Server OS installation.
Edit March 1st 2018:
The module has been tested with the Virtual Delivery Agent of Citrix XenDesktop 7.17 and Ivanti Automation 10.2.100.0 and works accordingly. The /enable_hdx_3d_pro switch is deprecated since 7.16 and is no longer a selected option by default in the module. However, I have kept it in to keep the module compatible with older 7.x versions (like the 7.15 LTSR version for example).
Edit January 30th 2019:
I have created a new version with the new switches/features of the Citrix Virtual Apps and Desktops version 1811 Virtual Delivery Agent as described in the docs page: Link
Building block is available for download below along with the old version.
A while back I needed to automate the deployment of Citrix StoreFront 3.x for a customer I was working for at the time. However it wasn’t perfect. It only did the installation of the software and didn’t do anything with stores, server groups and certificates. Since time was scarce these items were put on hold. However, I put them on my own ToDo-list with the goal to automate an (almost) complete deployment of StoreFront with Ivanti Automation and share it with anyone who would like to use it.
I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them.
You can find the download link for the Ivanti Automation building blocks here and also at the bottom of this blog post.
These modules have been tested on Windows Server 2012 R2 and 2016 (with User Experience enabled) and up to StoreFront version 1912.
I am working on the automation of a Citrix XenDesktop 7.9 deployment for a large customer with RES ONE Automation. Since the created modules work pretty good I would like to share them with the rest of the community.
Larger customers, like the one I created these modules for, usually have dedicated database administrators. Normally only they have SQL dbcreator and security admin rights on the SQL environment. This means that you can’t create the database directly from your automation. So you need to create the XenDesktop database scripts and send them to the DBA’s.
I have created building blocks of the modules for which you can download here. I will give a small walkthrough of the automation steps and why I made certain decisions and of course instructions on how to import and use them.