I started to work on Citrix projects again and it’s time to refresh automated procedure for XenDesktop and XenApp installation using powershell. In one single post I will capture installation commands for all XenDesktop commponents. Let’s start …..

Assumptions

1. Installation can be done form management workstation with XenDesktop studio and Citrix powershell plugins installed or directly from server console.
2. XenDesktop iso is mounted to all VMs where XenDesktop will be installed
3. All server are already added to Active Directory
4. User has full permissions to install and update server OS
5. User has sysadmin permissions to SQL server or dbcreator and securityadmin permissions .

Delivery Controller

First Delivery Controller installation

1. Login to Deliver Controller server management workstation and start powershell session
2. Install XenDesktop core components – in my case I installed Controller and Desktop Studio. StoreFront and License Server will be installed on dedicated servers. Syntax is the following:
   Command : XenDesktopServerSetup.exe
   Parameters:  /COMPONENTS CONTROLLER, DESKTOPSTUDIO /NOSQL /NOREBOOT /QUIET /CONFIGURE_FIREWALL
   PowerShell code example:
   

   #
   $Exe  = "D:\x64\XenDesktop Setup\XenDesktopServerSetup.exe"
   #
   $Component = @("CONTROLLER,DESKTOPSTUDIO")
   #
   $Param = @("/COMPONENTS $Component /NOSQL /NOREBOOT /QUIET /CONFIGURE_FIREWALL ")
   #
   $ParamS = $Param.Split(" ")
   #
    & "$Exe" $ParamS
   #

   Installation result from the powershell console is presented below:
   
   
   

3. Load XenDesktop powershell cmdlet:
   Command: Import-Module “C:\Program Files\Citrix\XenDesktopPoshSdk\Module\Citrix.XenDesktop.Admin.V1\Citrix.XenDesktop.Admin”
4. Create new, empty databases on SQL servers
   Command: New-XDDatabase
   Parameters:  -SiteName YourName -Database YourName -DataStore [Site] [Logging] [Monitoring]
   Important note: In order to execute this step your account must have dbcreator permissions on SQL server. For more details see CTX127998. If you don’t have required permissions see procedure in step 4a
   PowerShell code example:

   #
   #New SiteConfig database
   #
   New-XDDatabase -SiteName XD715_LAB -DatabaseServer sql01 -DatabaseName XD715LAB_SiteConfig -DataStore Config
   #
   #New Logging database
   #
   New-XDDatabase -SiteName XD715_LAB -DatabaseServer sql01 -DatabaseName XD715LAB_Logging -DataStore Logging
   #
   #New Monitoring database
   #
   New-XDDatabase -SiteName XD715_LAB -DatabaseServer sql01 -DatabaseName XD715LAB_Monitoring -DataStore Monitor
   #

   Installation results are presented in below:

   

   

   

5. Create new XenDesktop site. This procedure does apply schema to databases and create sql login for Delivery Controller computer account (computer from where installation procedure was launched) with all required permissions.
   Command: New-XDSite
   Parameters: -SiteName YourName -SiteDatabaseServer YourName –SiteDatabaseName YourName -LoggingDatabaseServer YourName –LoggingDatabaseName YourName -MonitoringDatabaseServer YourName –MonitoringDatabaseName YourName
   
   Important note: In order to complete this step your account must have securityadmin permissions on SQL server. For more details see CTX127998.
   
   PowerShell code example:

   #
   New-XDSite -SiteName XD715_LAB -SiteDatabaseServer SQL01 -SiteDatabaseName XD715LAB_SiteConfig -LoggingDatabaseServer SQL01 -LoggingDatabaseName XD715LAB_Logging -MonitorDatabaseServer SQL01 -MonitorDatabaseName XD715LAB_Monitoring
   #

   Installation results are presented in below:
   

6. Create XenDesktop site administrator
   Command: New-AdminAdministrator
   Parameters: AdministratorNamePowerShell code example:

   #
   New-AdminAdministrator "lab\GG_CTX_Admins"
   #

7. Configure admin permissions, role and scope
   Command: Add-AdminRight
   Parameters: -Administrator YourName -Role [Full Administrator] -Scope [All]Role: the following built-in roles are available:
   • Full Administrator
   • Read Only Administrator
   • Help Desk Administrator
   • Machine Catalog Administrator
   • Delivery Group Administrator
   • Host Administrator

   Scope: only one built-in role is available: All.

   PowerShell code example:

   #
   Add-AdminRight -Administrator "lab\GG_CTX_Admins" -Role "Full Administrator" -Scope All
   #

   Installation results are presented in below:
   

   Verify configured XenDesktop Site administrators:
   Command: Get-AdminAdministrator

   The results are presented in below:
   
   

8. Configure XenDesktop Site licensing details
   Command: Set-XDLicensing
   Parameters: -LicenseServerAddress YourName -LicenseServerPort YourName -ProductCode YourChoice -ProductEdition YourChoice -ForceProduct Code: the following options are available:
   • MPS – Full Administrator
   • XDT – Read Only Administrator

   Product Edition: the following options are available:

   • PLT – Platinum
   • ENT – Enterprise
   • STD – Standard
   The “-Force” parameter is optional. It makes sure that the server and port combination are NOT checked. You can use this option in case  license server is temporarily offline or if you are installing your delivery controller before installing your license server.
   
   PowerShell code example:

   #
   Set-XDLicensing -LicenseServerAddress $Lic_Server -LicenseServerPort $Lic_Port -ProductCode $PCode -ProductEdition $PEdt -Force
   #

   Installation results are presented in below:

   

9. Confirm license server certificate hash
   Command: Set-ConfigSiteMetadata
   Parameters: -Name CertificateHash – Value CertificateHashValuePowerShell code example:

   #
   #Get certificate hash installed on license server DC01
   #
   $CertHash = (Get-LicCertificate -AdminAddress "https://dc01.lab.citrix24.ctx:8083").CertHash
   #
   Set-ConfigSiteMetadata -Name CertificateHash -Value $CertHash
   #

   Installation results are presented in below:

   

10. Disable Customer Experience Improvement Program (CEIP)
    Command: Set-AnalyticsSite
    Parameters: -EnabledPowerShell code example:

    #
    Set-AnalyticsSite -Enabled $false
    #

11. Allow trusted XML requests
    Command: Set-BrokerSite
    Parameters: -TrustRequestsSentToTheXmlServicePortPowerShell code example:

    #
    Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $true
    #

    Use the following command to display current Site configuration
    Command: Get-BrokerSite

    The results are presented in below:
    

12. Configure new Machine Catalog
    Command: New-BrokerCatalog
    Parameters:
    The following parameters can be specified (Mandatory parameters are marked with M):
    • AllocationType (M) – Denotes how the the machines in the catalog are allocated to a user. Possible values are:
      • Static: Machines get assigned to a user either by the admin or on first use. This relationship is static and changes only if an admin explicitly changes the signments.
      • Permanent – equivalent to ‘Static’.
      • Random: Machines are allocated to users randomly from a pool of available machines.
    • Name (M) – Name of the catalog
    • Description – Description of the catalog.
    • ProvisioningType (M) –  Specifies the provisioning type for the catalog. Possible values are:
      • Manual – No provisioning.
      • PVS – Machine provisioned by PVS (machine may be physical, blade, VM,…).
      • MCS – Machine provisioned by MCS (machine must be VM).
    • CatalogKind – Depreciated – The type of machines the catalog will contain. Values can be: ThinCloned, SingleImage, PowerManaged, Unmanaged, Pvs, Pvd or PvsPvd.
    • IsRemotePC – Specifies whether or not the catalog is a RemotePC catalog. Remote PC catalogs automatically configure appropriate machines without the need for manual configuration. See about_Broker_RemotePC for more information
    • MachinesArePhysical (M)  – Specifies whether machines in the catalog can be power-managed by the Citrix Broker Service. Where the Citrix Broker Service cannot control the power state of the machine specify $true, otherwise $false. Can only be specified together with a provisioning type of Pvs or Manual, or if used with the legacy CatalogKind parameter only with Pvs or PvsPvd catalog kinds.
    • MinimumFunctionalLevel – The expected minimal functional level of the machines in the catalog.  Valid values are L5, L7, L7_6
    • PersistUserChanges (M) – Specifies catalogs with the specified behavior when persisting changes made by the end user. Possible values are:
      • OnLocal – User changes are stored on the machine’s local storage.
      • Discard – User changes are discarded.
      • OnPvd – User changes are stored on the user’s personal vDisk.
    • SessionSupport (M) – Specifies catalogs that have the specified session capability. Possible values are:
      • SingleSession – Single-session only machine – creates Desktop OS machine catalog
      • MultiSession – Multi-session capable machine – creates Server OS machine catalog
    • ZoneUid – Zone Uid associated with this catalog.
    • PvsForVM – Deprecated – Identifies the provisioning scheme used by this catalog. To be specified in the format: ProvisioningSchemeGuid:ServiceGroupGuid. Applicable only to thin-cloned, single-image or personal vDisk catalogs.
    • Scope – Specifies the name of the delegated administration scope to which the catalog belongs.
    • PvsAddress – Specifies the URL of the Provisioning Services server. Only applicable to Provisioning Services or Provisioning Services-personal vDisk catalogs.
    • PvsDomain – Specifies the Active Directory domain of the Provisioning Services server. Only applicable to Provisioning Services or Provisioning Services-personal vDisk catalogs.
    • RemotePCHypervisorConnectionUid – Specifies the hypervisor connection to use for powering on remote PCs in this catalog (only allowed when IsRemotePC is true).
    • TenantId – Specifies identity of tenant associated with catalog. Must always be specified in multitenant sites, must not be specified otherwise.
    • UUID – An optional GUID for this catalog.
    • LoggingId –  Specifies the identifier of the high level operation that this cmdlet call forms a part of. Desktop Studio and Desktop Director typically create High Level Operations. PowerShell scripts can also wrap a series of cmdlet calls in a High Level Operation by way of the Start-LogHighLevelOperation and Stop-LogHighLevelOperation cmdlets.
    • BearerToken – Specifies the bearer token assigned to the calling user
    • ProvisioningSchemeId – Specifies the identity of the MCS provisioning scheme the new catalog is associated with (can only be specified for new catalogs with a ProvisioningType of MCS).
      Note: For Desktop OS machine catalog use parameter: -SessionSupport “SingleSession”, for Server OS machine catalog use parameter:  -SessionSupport “MultiSession”
      PowerShell code example:

      #
      New-BrokerCatalog  -Name "MC_W2K16" -Description "OS: W2K16" -AllocationType "Random" -IsRemotePC $False -MachinesArePhysical $True -MinimumFunctionalLevel "L7_9"  -PersistUserChanges "OnLocal" -ProvisioningType "Manual"  -SessionSupport "MultiSession" 
      #

      The results are presented in below:

      

13. Add machine to the machine catalog
    Command: New-BrokerMachine
    Parameters:
    The following parameters can be specified (Mandatory parameters are marked with M):
    • MachineName (M) – Specify the name of the machine to create (in the form ‘domain\machine’). A SID can also be specified.
    • CatalogUid (M) – The catalog to which this machine will belong.
    • AdminAddress – Specifies the address of a XenDesktop controller that the PowerShell snapin will connect to. This can be provided as a host name or an IP address.
    • AssignedClientName –  The client name to which this machine will be assigned. Machines can be assigned to multiple users, a single client IP address, or a single client name, but only to one of these categories at a time.
    • AssignedIPAddress – The client IP address to which this machine will be assigned. Machines can be assigned to multiple users, a single client IP address, or a single client name, but only to one of these categories at a time.
    • HostedMachineId – The unique ID by which the hypervisor recognizes the machine. Omit this for physical machines or MCS-provisioned VMs.
    • HypervisorConnectionUid– The hypervisor connection that runs the machine. Omit this for physical machines or MCS-provisioned VMs
    • InMaintenanceMode –  Specifies whether the machine is initially in maintenance mode. A machine in maintenance mode is not available for new sessions, and for managed machines all automatic power management is disabled.
    • IsReserved– Specifies whether the machine should be reserved for special use, for example, for AppDisk preparation. A reserved machine cannot be added to a desktop group.
    • UUID – An optional GUID for this machine.
    • LoggingId –  Specifies the identifier of the high level operation that this cmdlet call forms a part of. Desktop Studio and Desktop Director typically create High Level Opera
      tions. PowerShell scripts can also wrap a series of cmdlet calls in a High Level Operation by way of the Start-LogHighLevelOperation and Stop-LogHighLevelOperation cmdlets.
    • BearerToken – Specifies the bearer token assigned to the calling user
    • HypervisorConnectionUid– The hypervisor connection that runs the machine. Omit this for physical machines or MCS-provisioned VMs.PowerShell code example:

      #
      Get-BrokerCatalog |select Name, Uid
      #
      $VDA = 'LAB\VDA02'
      #
      New-BrokerMachine -MachineName $VDA -CatalogUid 2
      #

      The results are presented in below:
      

14. Configure new Delivery Group

Additional Delivery Controller installation

1. Login to Delivery Controller server management workstation and start powershell session
2. Install XenDesktop core components – in my case I installed Controller and Desktop Studio. StoreFront and License Server will be installed on dedicated servers. Syntax is the following:
   Command : XenDesktopServerSetup.exe
   Parameters:  /COMPONENTS CONTROLLER, DESKTOPSTUDIO /NOSQL /NOREBOOT /QUIET /CONFIGURE_FIREWALL
   PowerShell code example:

   #
   $Exe  = "D:\x64\XenDesktop Setup\XenDesktopServerSetup.exe"
   #
   $Component = @("CONTROLLER,DESKTOPSTUDIO")
   #
   $Param = @("/COMPONENTS $Component /NOSQL /NOREBOOT /QUIET /CONFIGURE_FIREWALL ")
   #
   $ParamS = $Param.Split(" ")
   #
    & "$Exe" $ParamS
   #

   Installation result from the powershell console is presented below:

   

3. Load XenDesktop powershell cmdlet:
   Command: Import-Module “C:\Program Files\Citrix\XenDesktopPoshSdk\Module\Citrix.XenDesktop.Admin.V1\Citrix.XenDesktop.Admin”
4. Add new Deliver Controller to the site
   Command: Add-XDController
   Parameters: -SiteControllerAddress
   PowerShell code example:

   #
   $Broker = "xd01.lab.citrix24.ctx"
   #
   Add-XDController -SiteControllerAddress $Broker
   #

   Installation result from the powershell console is presented below:

   

5. Verify configured XenDesktop Site controllers:
   Command: Get-BrokerControllerThe result from the powershell console is presented below:
   

StoreFront

Will be added soon

Director

Will be added soon

License Server 

Will be added soon

VDA

1. Login to management workstation and start powershell session
2. Open remote session to VDA server: Enter-PSSession -ComputerName VDA04

3. Install all VDA prerequisites including

a. Windows Features: Remote Desktop Services, Remote Assistance

b. Visual Studio C++ Redistributable Packages

4. Correct syntax and the most efficient order would be:

#
#Install C++ libararies
D:\Support\VcRedist_2013_RTM\vcredist_x86.exe -quiet
D:\Support\VcRedist_2015\vc_redist.x86.exe -quiet

#Install Windows Server Features
Import-Module ServerManager
Add-WindowsFeature -Name Remote-Assistance,Remote-Desktop-Services,RDS-RD-Server -Restart
#

Installation result from the powershell console is presented below:

5. After server restart install VDA component with all required parameters.
Command : XenDesktopVDASetup.exe
Parameters: /NOREBOOT /QUIET /ENABLE_HDX_PORTS /ENABLE_REAL_TIME_TRANSPORT /ENABLE_FRAMEHAWK_PORT /ENABLE_HDX_UDP_PORTS /ENABLE_REMOTE_ASSISTANCE /OPTIMIZE

#
$SourceVDA  = "D:\x64\XenDesktop Setup\XenDesktopVDASetup.exe"
#
$Broker = "xd01.lab.citrix24.ctx"
#
$VDA =  "VDA"
#
$Options = @("/NOREBOOT /QUIET /ENABLE_HDX_PORTS /ENABLE_REAL_TIME_TRANSPORT /ENABLE_FRAMEHAWK_PORT /ENABLE_HDX_UDP_PORTS /ENABLE_REMOTE_ASSISTANCE /OPTIMIZE")
#
$Param = @("/COMPONENTS $VDA /CONTROLLERS $Broker $Options")
#
$ParamS = $Param.Split(" ")
#
& "$SourceVDA" $ParamS

Installation result from the powershell console is presented below:

6. Add new VDA to correct machine catalog and delivery group.

Machine catalog:

Command: New-BrokerMachine
Parameters: -CatalogUid 3 -MachineName ‘domain\machine’ 

Delivery group:

Command: Add-BrokerMachine
Parameters: -InputObject $S -DesktopGroup 2

UID identification:

Machine catalog – information about OS version is included in machine catalog description
Desktop Group – informtation about OS version is included in Tag

#
Get-BrokerCatalog -AdminAddress $Broker |select Description, uid
#
Get-BrokerDesktopGroup -AdminAddress $Broker |select Tags, Uid
#

#
# Define parameters for LAB 
$Broker = "xd01.lab.citrix24.ctx"
#
$VdaName = "xd04"
#
$Domain = "LAB"
#
$VdaNew = "$Domain\$VdaName"
#
#Verify operating system on new VDA machine
$VdaOS = Invoke-Command -ComputerName $VdaName -ScriptBlock { Get-CimInstance Win32_OperatingSystem |select -ExpandProperty Caption}
#
$VdaOS
Microsoft Windows Server 2016 Standard
#
#Add VDA to Machine Catalog based on UID filtered in the previous step
$S = New-BrokerMachine -AdminAddress $Broker -MachineName $VdaNew -CatalogUid 3
#
#Add VDA to Delivery Group based on the TAG filtered in the previous step
Add-BrokerMachine -InputObject $S -DesktopGroup 2
#

7. In order to verify that configuration is completed successfully I will display existing brokers

Command: Get-BrokerMachine
Parameters: |Select MachineName

View from Citrix Studio console:

Machine catalog before VDA installation

Machine catalog with successfull VDA installation

VDA configuration done !