Provisioning Services – Page 3 – Trentent Tye

PVS Target Device Update Script — Supplemental File, disableddnsregistration.ps1

2015-03-20

No Comments

Our PVS servers are multi-homed with the Provisioning NIC on a seperate VLAN. Because of how our network is structured, our Provision NIC could register its DNS, but client computers would not be able to connect to it as it is a segregated network. This script sets the Provision NIC to NOT register to DNS.

$provNic=Get-WmiObject Win32_NetworkAdapter -filter 'netconnectionid ="Provision"'
$prodNic=Get-WmiObject Win32_NetworkAdapter -filter 'netconnectionid ="Production"'
$adapters=Get-WmiObject Win32_NetworkAdapterConfiguration -filter 'IPEnabled=TRUE'
foreach($adapter in $adapters) {
  if ($prodNIC.name  -eq $adapter.Description) {
    $adapter.SetDynamicDNSRegistration($true,$false)
    $adapter.DomainDNSRegistrationEnabled
  }
  if ($provNIC.name -eq $adapter.Description) {
    $adapter.SetDynamicDNSRegistration($false,$false)
  }
}

$provNic=Get-WmiObject Win32_NetworkAdapter -filter 'netconnectionid ="Provision"'

$prodNic=Get-WmiObject Win32_NetworkAdapter -filter 'netconnectionid ="Production"'

$adapters=Get-WmiObject Win32_NetworkAdapterConfiguration -filter 'IPEnabled=TRUE'

foreach($adapter in $adapters) {

if ($prodNIC.name -eq $adapter.Description) {

$adapter.SetDynamicDNSRegistration($true,$false)

$adapter.DomainDNSRegistrationEnabled

}

if ($provNIC.name -eq $adapter.Description) {

$adapter.SetDynamicDNSRegistration($false,$false)

}

Citrix PVS Target Device Update script

2015-03-20

by trententtye

in Blog, Uncategorized

No Comments

Saman and I have created a Citrix PVS update script we use and run each time we update a PVS target device. This script has been generated after finding numerous issues that needed to be fixed after updating a PVS image. It includes fixes to issues with AppV5, PVS, XenApp 6.5, etc.

We also made the script to be able to be run automatically by accepting command-line parameters so that we can use it to do Windows Updates with PVS’s automatic vDisk update feature.

I’ve removed email addresses and some specific application fixes that would only be relevant to our environment. So I’ve tried to generalize this the best I can. We tried to make this script dynamic so if you have a vDisk without AppV it will skip the features that require AppV, skip 64bit only features, etc.

I will post the supplemental scripts in more posts.

::================================================================================
::
:: Created by:  Saman Salehian
::   Intel Server Team
::   IBM Canada Ltd.
::
:: Creation Date: Nov 09, 2012
:: Modified Date: Feb 05, 2013 -- TTYE - added 64bit appv state 0 registry key
:: Modified Date: Feb 13, 2013 -- Saman Salehian - added command to disconnect mapped drives
:: Modified Date: Feb 25, 2013 -- TTYE - added command to clear AppV 5 packages
:: Modified Date: Mar 28, 2013 -- TTYE - Commented out netsh command to prevent network loss
:: Modified Date: May 02, 2013 -- TTYE - Added ability to parse for passed variables
:: Modified Date: May 02, 2013 -- TTYE - Stopped all scheduled tasks
:: Modified Date: May 21, 2013 -- Saman Salehian - added cleanup script for non present devices
:: Modified Date: May 21, 2013 -- Saman Salehian - added option to do not apply Windows Updates
:: Modified Date: May 21, 2013 -- Saman Salehian - added delete security database to fix GPO issues
:: Modified Date: Jul 04, 2013 -- TTYE - added powershell script to remove provisioning dynamic DNS registration
:: Modified Date: Jul 23, 2013 -- Saman Salehian - commented out delete security database to fix GPO issues
:: Modified Date: Sep 24, 2014 -- Saman Salehian - added logic to check if AppV is installed or skip AppV portion
:: Modified Date: Dec 19, 2014 -- Saman Salehian - added logic to check if Meditech exists then update Meditech MagicCS and FS Clients
:: Modified Date: Dec 31, 2014 -- Saman Salehian - added logic to check if Millennium exists then install the full client automatically
:: Modified Date: Feb 05, 2015 -- TTYE - delete "C:\ProgramData\Microsoft\AppV\Client" added to prevent vDisk from caching faulty junctions
:: Modified Date: Feb 06, 2015 -- TTYE - Added command line to update virus def's
:: Modified Date: Mar 14, 2015 -- Saman Salehian - added logic to clear Citrix policies history per CTX134961 (XenApp Policies not Applying Correctly)
::
::
:: File Name:  PVS_Target_Device_Update-v3.0.cmd
::
:: Description:  Automated Process for Updating PVS vDisk
::
::================================================================================
 
 
@TITLE PVS Target Device Update Script
@ECHO OFF
CLS
COLOR 1E
 
 
:: ===========================================================================================================
:: Stops all scheduled tasks
:: ===========================================================================================================
FOR /f "delims=," %%A IN ('schtasks /query /fo csv ^| findstr /v /i /c:"Folder"') DO schtasks /end /tn %%A
CLS
 
 
:: ===========================================================================================================
:: See if there is any parameters passed and set variables accordingly
:: 1) Pull string off the command line
:: 2) filter out " and '
:: 3) break each set out by spaces
:: 4) save to temp file
:: 5) iterate through temp file (for) and create variables.
:: ===========================================================================================================
 
 
:: Example of acceptable parameters are: SHUTDOWN=1 vDISK=1
:: Parameters are:
:: SHUTDOWN=1 - Reboot
:: SHUTDOWN=2 - Shutdown
:: SHUTDOWN=3 - Leave system online
:: VDISK=1 - Do not apply Windows Updates
:: VDISK=2 - Test vDisk
:: VDISK=3 - Prod vDisk
:: 
:: Example of command:
:: RunMe-vDiskAutoUpdate.cmd SHUTDOWN=1 VDISK=3
:: Sets the script to reboot and the vDisk is Prod
:: RunMe-vDiskAutoUpdate.cmd SHUTDOWN=2 VDISK=2
:: Sets the script to shutdown and the vDisk is Test
:: RunMe-vDiskAutoUpdate.cmd SHUTDOWN=3 VDISK=3
:: Sets the script to leave the system online and the vDisk is Prod
:: 
 
ECHO PARAMETERS "%*"
SET PARAMS=%*
 
:: NOTE: We are replacing quotations with whitespace characters!  Ensure there is no
:: whitespace in the parameters, but whitespace *between* parameters.  Filtering out the
:: quotations ensures we can call this from the command line without issue.
 
IF "%PARAMS%"=="" GOTO SKIPPARAMETERS
CALL SET PARAMS=%%PARAMS:"= %%
CALL SET PARAMS=%%PARAMS:'= %%
 
:: Break each set of parameters into its own set, seperated by the equals sign.
:: Once we iterate through all the parameters we "breakout"
 
FOR /f "tokens=1-26 delims= " %%A IN ("%PARAMS%") DO (
IF '%%A' EQU '' GOTO BREAKOUT
ECHO %%A > "%TEMP%\variables.txt"
IF '%%B' EQU '' GOTO BREAKOUT
ECHO %%B >> "%TEMP%\variables.txt"
)
:BREAKOUT
 
 
:: Now we iterate through the temp file and auto-create the variables
FOR /f "tokens=1-2 delims==" %%A IN ('TYPE "%TEMP%\variables.txt"') DO (
 IF /I '%%A' EQU 'SHUTDOWN' set SHUTDOWN=%%B
 IF /I '%%A' EQU 'VDISK' set VDISK=%%B
)
 
:SKIPPARAMETERS
 
 
:: ===========================================================================================================
:: Prompt for values - Reboot/Shutdown & Citrix Environment (Test or Prod)
:: ===========================================================================================================
 
SET M=%SHUTDOWN%
IF "%M%" NEQ "" GOTO SkipShutdownMenu
 
:SHUTDOWNMENU
ECHO.
ECHO Select Reboot or Shutdown:
ECHO 1 - Reboot
ECHO 2 - Shutdown
ECHO 3 - Leave system online
ECHO.
SET /P M=Type 1 or 2 then press ENTER:
:SkipShutdownMenu
IF %M%==1 (
 ECHO ..............................................................................
 ECHO Server will be rebooted after the updates and you need to run the script again to prepare vDisk for Standard Mode
 ECHO ..............................................................................
 SET ShutdownMode=REBOOTME
 GOTO WSUSMENU
)
IF %M%==2 (
 ECHO ..............................................................................
 ECHO Server will be shutdown after the updates. Then you can promote the vDisk version to Test/Production.
 ECHO ..............................................................................
 SET ShutdownMode=SHUTDOWNME
 GOTO WSUSMENU
)
IF %M%==3 (
 ECHO ..............................................................................
 ECHO Server will be left online.  This is required for vDisk Auto-Update Management 
 ECHO ..............................................................................
 SET ShutdownMode=ONLINE
 GOTO WSUSMENU
)
 
GOTO SHUTDOWNMENU
 
 
 
:WSUSMENU
 
SET M=%VDISK%
IF "%M%" NEQ "" GOTO SkipWSUSMenu
 
ECHO.
ECHO Select type of vDisk:
ECHO 1 - Do NOT apply Windows Updates
ECHO 2 - Test vDisk
ECHO 3 - Prod vDisk
ECHO.
SET /P M=Type 1, 2 or 3 then press ENTER:
:SkipWSUSMenu
 
IF %M%==1 (
 ECHO ..............................................................................
 ECHO Windows updates will not apply to vDisk.
 ECHO ..............................................................................
 SET WSUSComputerGroup=NONE
 GOTO VariableIsSet
)
IF %M%==2 (
 ECHO ..............................................................................
 ECHO All the patches approved for Day01.2300.WS computer group will be applied to this server.
 ECHO ..............................................................................
 SET WSUSComputerGroup=Day01.2300.WS
 GOTO VariableIsSet
)
IF %M%==3 (
 ECHO ..............................................................................
 ECHO All the patches approved for Day13.2300.WS computer group will be applied to this server.
 ECHO ..............................................................................
 SET WSUSComputerGroup=Day13.2300.WS
 GOTO VariableIsSet
)
ECHO.
GOTO WSUSMENU
 
 
 
 
:VariableIsSet
 
 
:: Continue to run the script
PUSHD "%~dp0"
ECHO 60 seconds delay to allow services to start...
ping 127.0.0.1 -n 60 >NUL
 
:: ================================================================================
:: Reset Computer Account
:: ================================================================================
ECHO Reset Computer Account
NETDOM RESET %COMPUTERNAME% /DOMAIN:healthy.bewell.ca 
PING LOCALHOST -n 5 >NUL
 
:: ================================================================================
:: Windows Time Service Resync
:: ================================================================================
ECHO Windows Time Service Resync
NET START w32time
W32TM /CONFIG /UPDATE 
W32TM /RESYNC 
PING LOCALHOST -n 5 >NUL
 
:: ================================================================================
:: Delete Published Applications Folder
:: ================================================================================
IF EXIST C:\PublishedApplications (
 ECHO Delete Published Applications Folder
 ATTRIB -R C:\PublishedApplications\*.* /S
 DEL /S /Q C:\PublishedApplications\*.*
)
 
:: ================================================================================
:: Refresh Group Policies
:: ================================================================================
ECHO Refresh Group Policies
 
ECHO N | GPUPDATE /FORCE 
PING LOCALHOST -n 5 >NUL
 
 
:: ================================================================================
:: Configure WinRM for Desktop Director
:: ================================================================================
IF /I [%computername:~-1,1%] EQU [T] (
 ECHO Configuring WinRM for TEST
 ConfigRemoteMgmt.exe /configwinrmuser HEALTHY\AHS.CTX.Users.DesktopDirector.TST
) ELSE (
 ECHO Configuring WinRM for PROD
 ConfigRemoteMgmt.exe /configwinrmuser HEALTHY\AHS.CTX.Users.DesktopDirector.PRD
)
 
:: ===========================================================================================================
:: Remove Non-present Hareware
:: ===========================================================================================================
CD RemoveNonPresentHardware >NUL
CALL "1_pre-get_partition_and_netinfo.cmd"
CALL "2_post-remove_nonpresent_hardware_v33.cmd"
RMDIR /S /Q ""%SYSTEMDRIVE%\Admin"
CD.. >NUL
PING -n 5 LOCALHOST >NUL
 
 
:: ===========================================================================================================
:: Update PSTools and Wireshark
:: ===========================================================================================================
CD Update_Swinst_Tools >NUL
"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe"  -ExecutionPolicy Unrestricted -File "Update_Tools.ps1"
CD.. >NUL
PING -n 5 LOCALHOST >NUL
 
 
:: ================================================================================
:: Apply Windows Updates
:: ================================================================================
ECHO Apply Windows Updates
IF NOT %WSUSComputerGroup%==NONE (
 ECHO Apply Windows Updates
 CALL Windows_Update.cmd "emailMe@me.ca" %WSUSComputerGroup%
 PING LOCALHOST -n 5 >NUL
)
TYPE "%TEMP%\vbswsus-status.log"
 
 
:: ================================================================================
:: Clear App-V Data & Reset the Client
:: ================================================================================
IF NOT EXIST "%ProgramFiles%\Microsoft Application Virtualization" (
 IF NOT EXIST "%ProgramFiles(x86)%\Microsoft Application Virtualization Client" (
  GOTO SKIPAPPVALL
 )
)
 
ECHO Clear App-V Data ^& Reset the Client
NET START sftlist
TASKLIST | FINDSTR /i /c:"sftlist"
IF "%ERRORLEVEL%" equ "1" GOTO SKIPAPPV4
IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
 "%ProgramFiles(x86)%\Microsoft Application Virtualization Client\sftmime.exe" remove obj:app /global /complete
) ELSE (
 "%ProgramFiles%\Microsoft Application Virtualization Client\sftmime.exe" remove obj:app /global /complete  
)
 
:SKIPAPPV4
 
IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
 REG ADD "HKLM\SOFTWARE\Wow6432Node\Microsoft\SoftGrid\4.5\Client\AppFS" /V State /T REG_DWORD /D 0 /F 
) ELSE (
 REG ADD "HKLM\SOFTWARE\Microsoft\SoftGrid\4.5\Client\AppFS" /V State /T REG_DWORD /D 0 /F       
)
 
ECHO Clearing AppV 5 Packages...
ECHO Checking for folders that don't exist that will prevent AppV from loading packages correctly...
net start appvclient
FOR /F "tokens=1-5" %%A IN ('sc query appvclient ^| findstr /i /c:"STATE"') DO IF /I '%%D' EQU 'STOPPED' (
for /f "tokens=1-6" %%a IN ('reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages /s ^| findstr /i /c:"PackageRoot"') DO mkdir %%c
)
 
 
IF EXIST "C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe" (
 >Appv5ClientRefresh-01.ps1 ECHO.
 >>Appv5ClientRefresh-01.ps1 ECHO Import-Module AppVClient
 >>Appv5ClientRefresh-01.ps1 ECHO Stop-AppvClientConnectionGroup * -Global
 >>Appv5ClientRefresh-01.ps1 ECHO Stop-AppvClientPackage * -Global
 >>Appv5ClientRefresh-01.ps1 ECHO Remove-AppvClientConnectionGroup *
 >>Appv5ClientRefresh-01.ps1 ECHO Remove-AppvClientPackage *
 >>Appv5ClientRefresh-01.ps1 ECHO Get-AppvClientConnectionGroup -all ^| Remove-AppvClientConnectionGroup
 >>Appv5ClientRefresh-01.ps1 ECHO Get-AppvClientPackage -all ^| Remove-AppvClientPackage
 >>Appv5ClientRefresh-01.ps1 ECHO Get-AppvClientPackage -all *
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" .\Appv5ClientRefresh-01.ps1
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe"  -ExecutionPolicy bypass -File "C:\Program Files\Microsoft Application Virtualization\Client\Disable-AppVClient.ps1"  -ModulePath "C:\Program Files\Microsoft Application Virtualization\Client\AppvClient\AppvClient.psd1" -RemoveAllPackages -PackageInstallationRoot "D:\AppVData\PackageInstallationRoot"  
        ping 127.0.0.1 -n 60 >NUL
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted
 DEL /F /Q Appv5ClientRefresh-01.ps1 >NUL
        net stop AppVClient
        takeown /F D:\AppVData\PackageInstallationRoot /R /A >NUL
        icacls D:\AppVData\PackageInstallationRoot /T /grant Administrators:F >NUL
        rmdir /s /q D:\AppVData\PackageInstallationRoot
        takeown /F D:\AppVData\PackageInstallationRoot /R >NUL
        icacls D:\AppVData\PackageInstallationRoot /T /grant Administrators:F >NUL
        rmdir /s /q D:\AppVData\PackageInstallationRoot
        rmdir /s /q "C:\ProgramData\Microsoft\AppV\Client"
)
 
ECHO Post AppV5 package check...
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages
 
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages /f
 
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages
 
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages
 
ECHO D:\AppVData\PackageInstallationRoot
dir /b D:\AppVData\PackageInstallationRoot
TASKKILL /IM powershell.exe /F
"%SystemRoot%\System32\RUNDLL32.EXE" user32.dll, UpdatePerUserSystemParameters
 
ECHO AppV 5 - Fix up any additional folders so AppV will start.
FOR /F "tokens=1-5" %%A IN ('reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages /s ^| findstr /i /c:"packageroot"') DO mkdir %%C
 
PING LOCALHOST -n 5 >NUL
 
IF EXIST "C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe" (
        ECHO Disable BackgroundRegistry Processing...
        REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Subsystem" /V NoBackgroundRegistryStaging /T REG_DWORD /D 0x0 /F
        copy /y "\\citrixnas01\ctx_images_bdc\_Scripts\AppVDataPreCache\AppV5_Data_PreCache.cmd" "C:\swinst\AppV_Data_PreCache\AppV5_Data_PreCache.cmd"
        copy /y "\\citrixnas01\ctx_images_bdc\_Scripts\AppVDataPreCache\Appv5RegistryStaging.ps1" "C:\swinst\AppV_Data_PreCache\Appv5RegistryStaging.ps1"
        del /q "C:\swinst\AppV_Data_PreCache\RegistryStagingTime.csv"
)
 
:SKIPAPPVALL
 
:: ================================================================================
:: Disable Dynamic DNS Registration on Provisioning NIC
:: ================================================================================
ECHO Disabling Dynamic DNS Registration on Prov NIC
IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
        "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted
        START "" "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" "%~dp0disableddnsregistration.ps1"
        ping 127.0.0.1 -n 60 >NUL
        "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted
)
TASKKILL /im powershell.exe /f
PING LOCALHOST -n 5 >NUL
 
:: ================================================================================
:: Sets the interface metrics - production 1, provisioning 2
:: ================================================================================
ECHO Setting Interface Metrics...
netsh int ipv4 set interface "Production" metric=1
netsh int ipv4 set interface "Provision" metric=2
 
 
:: ================================================================================
:: Set TCPAckFrequency and TCPNoDelay, this is to improve MetaVision Performance
:: ================================================================================
ECHO Settings TCPAckFrequency and TCPNoDelay
FOR /f "tokens=1" %%A IN ('reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces') do reg add %%A /v TcpAckFrequency /t REG_DWORD /d 0x1 /f
FOR /f "tokens=1" %%A IN ('reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces') do reg add %%A /v TcpNoDelay /t REG_DWORD /d 0x1 /f
 
:: ================================================================================
:: Set SMB2 tuning properties http://support.citrix.com/article/CTX132799 http://download.microsoft.com/download/6/B/2/6B2EBD3A-302E-4553-AC00-9885BBF31E21/Perf-tun-srv-R2.docx
:: ================================================================================
ECHO Settings SMB2 tuning properties
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DisableBandwidthThrottling /t REG_DWORD /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DisableLargeMtu /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v FileInfoCacheEntriesMax /t REG_DWORD /d 65536 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DirectoryCacheEntriesMax /t REG_DWORD /d 4096 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v FileNotFoundCacheEntriesMax  /t REG_DWORD /d 65536 /f
 
:: ================================================================================
:: Improve performance of Citrix vDisks - CTX126042, CTX117374
:: ================================================================================
ECHO Improve performance of Citrix vDisks - CTX126042
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BNIStack\Parameters" /v WcHDNoIntermediateBuffering /t REG_DWORD /d 2 /f
ECHO Improve performance of Citrix vDisks - CTX117374
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters" /v DisableTaskOffload /t REG_DWORD /d 1 /f
 
 
:: ================================================================================
:: Set EventLogs for 2008 servers to the D drive
:: ================================================================================
ECHO Setting EventLog Path to the D:\EventLogs drive...
 
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted
 START "" "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" "%~dp0Move-Log-Files.ps1"
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted
 
:: ================================================================================
:: Set EdgeSight Service to Manual and Clear EdgeSight Data
:: ================================================================================
ECHO Set EdgeSight Service to Manual and Clear EdgeSight Data
SC STOP RSCorSvc 
PING LOCALHOST -n 5 >NUL
IF EXIST "D:\EdgeSightData\EdgeSight.ini" (
 ECHO Y | DEL "D:\EdgeSightData\EdgeSight.ini" 
)
 
 
:: ================================================================================
:: Speed Up .Net Applications by resetting and generating performance optimization
:: http://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx
:: ================================================================================
ECHO Speed Up .Net Applications by resetting and generating performance optimization
START /WAIT cscript.exe //NOLOGO nGen.wsf
 
:: ================================================================================
:: Generalize PVS vDisk - Provisioning Services Device Optimizer
:: ================================================================================
ECHO Generalize PVS vDisk - Provisioning Services Device Optimizer
START "" "PVS.exe"
"%ProgramFiles%\Citrix\Provisioning Services\TargetOSOptimizer.exe"
PING LOCALHOST -n 5 >NUL
 
 
:: ================================================================================
:: Run XenAppPrep for XenApp 5 or Role Manager for XenApp 6.5
:: ================================================================================
net START imaservice
FOR /F "TOKENS=2,*" %%a IN ('REG QUERY HKLM\SYSTEM\CurrentControlSet\Control\Citrix /v NewProductVersion') DO SET XenAppVersion=%%b
IF %XenAppVersion% EQU 4.6 (
 ECHO XenApp 5 - Running XenAppPrep
 ECHO.
 ECHO ================================================================
 IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
  "%ProgramFiles(x86)%\Citrix\XenAppPrep\XenAppPrep.exe" /Pvs /Xte
 ) ELSE (
  "%ProgramFiles%\Citrix\XenAppPrep\XenAppPrep.exe" /Pvs /Xte
 )
 ECHO ================================================================
)
 
IF %XenAppVersion% EQU 6.5.0 (
 ECHO XenApp 6.5 - Running Role Manager
 ECHO.
 ECHO ================================================================
 "%ProgramFiles(x86)%\Citrix\XenApp\ServerConfig\XenAppConfigConsole.exe" /ExecutionMode:ImagePrep /RemoveCurrentServer:True /ClearLocalDatabaseInformation:True
 ECHO ================================================================
)
PING LOCALHOST -n 5 >NUL
 
 
:: ================================================================================
:: Check registry after XenApp Prep and fix IMA issues
:: ================================================================================
PING LOCALHOST -n 10 >NUL
 >FixIMA.ps1 ECHO.
 >>FixIMA.ps1 ECHO $inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
 >>FixIMA.ps1 ECHO $propagation = [system.security.accesscontrol.PropagationFlags]"None"
 >>FixIMA.ps1 ECHO $acl = Get-Acl HKLM:\SOFTWARE\Wow6432Node\Citrix\IMA\Status
 >>FixIMA.ps1 ECHO $rule = New-Object System.Security.AccessControl.RegistryAccessRule ("NT AUTHORITY\SYSTEM","FullControl",$inherit,$propagation,"Allow")
 >>FixIMA.ps1 ECHO $acl.SetAccessRule($rule)
 >>FixIMA.ps1 ECHO $rule = New-Object System.Security.AccessControl.RegistryAccessRule ("NT AUTHORITY\NETWORK SERVICE","FullControl",$inherit,$propagation,"Allow")
 >>FixIMA.ps1 ECHO $acl.SetAccessRule($rule)
 >>FixIMA.ps1 ECHO $rule = New-Object System.Security.AccessControl.RegistryAccessRule ("BUILTIN\Administrators","FullControl",$inherit,$propagation,"Allow")
 >>FixIMA.ps1 ECHO $acl.SetAccessRule($rule)
 >>FixIMA.ps1 ECHO $acl ^|Set-Acl -Path HKLM:\SOFTWARE\Wow6432Node\Citrix\IMA\Status
 
REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status
IF "%ERRORLEVEL%" EQU "1" (
    IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
        reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA /v DataSourceName /t REG_SZ /d "C:\Program Files (x86)\Citrix\Independent Management Architecture\mf20.dsn" /f
        reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v EnhancedDesktopExperienceConfigured /t REG_DWORD /d 0x1 /f
        reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v Provisioned /t REG_DWORD /d 0x1 /f
        reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v Ready /t REG_DWORD /d 0x1 /f
        reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v Joined /t REG_DWORD /d 0x0 /f
 
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" .\FixIMA.ps1
 "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted
 
        TASKKILL /im mfcom.exe /f
        NET STOP imaservice
        DSMAINT recreatelhc
    )
)
DEL /Q .\FixIMA.ps1
 
:: ================================================================================
:: Update Symantec Client Virus Definitions
:: ================================================================================
ECHO Stop Symantec Management Client
IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
 "%ProgramFiles(x86)%\Symantec\LiveUpdate\LUALL.EXE" -s
) ELSE (
 "%ProgramFiles%\Symantec\LiveUpdate\LUALL.EXE" -s
)
 
:: ================================================================================
:: Stop Symantec Management Client
:: ================================================================================
ECHO Stop Symantec Management Client
IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
 "%ProgramFiles(x86)%\Symantec\Symantec Endpoint Protection\smc.exe" -stop 
) ELSE (
 "%ProgramFiles%\Symantec\Symantec Endpoint Protection\smc.exe" -stop 
)
 
FOR /F "TOKENS=2,*" %%a IN ('REG QUERY "HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC" /v Version') DO SET SEPClientVersion=%%b
IF %SEPClientVersion% EQU 11.0 (
 REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\SmcService" /V Start /T REG_DWORD /D 3 /F 
)
IF %SEPClientVersion% EQU 12.1 (
 REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\SepMasterService" /V Start /T REG_DWORD /D 3 /F 
)
 
PING LOCALHOST -n 5 >NUL
 
:: ================================================================================
:: Delete User Profiles
:: ================================================================================
ECHO Delete User Profiles
CSCRIPT //NOLOGO Delete_User_Profiles.vbs /C 
PING LOCALHOST -n 5 >NUL
 
:: ================================================================================
:: Clear Networking Related Caches (DNS and ARP)
:: ================================================================================
 ECHO Clear Networking Related Caches (DNS and ARP)
IPCONFIG /FLUSHDNS 
ARP -D 
::NETSH WINSOCK RESET >NUL
 
:: ================================================================================
:: Clear Temp Folders
:: ================================================================================
ECHO Clear Temp Folders
ECHO Y | DEL "%TEMP%\." 
ECHO Y | DEL "%SYSTEMROOT%\TEMP\." 
RMDIR /S /Q "%SYSTEMDRIVE%\SWINST\BGINFO"
PING LOCALHOST -n 5 >NUL
 
 
:: ================================================================================
:: Run Disk Cleanup
:: ================================================================================
ECHO Running Disk Cleanup...
IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
 cleanmgr.exe /sagerun:10
)
 
:: ================================================================================
:: Delete Server Health Check Logs From System Drive
:: ================================================================================
ECHO Delete Server Health Check Logs From System Drive
IF EXIST "%SYSTEMDRIVE%\swinst\Server Health Check" (
 RMDIR /Q /S "%SYSTEMDRIVE%\swinst\Server Health Check"
 PING LOCALHOST -n 5 >NUL
)
 
:: ================================================================================
:: Clear Event Logs
:: ================================================================================
ECHO Clear Event Logs
CSCRIPT //NOLOGO Clear_Event_Logs.vbs 
PING LOCALHOST -n 5 >NUL
 
POPD
 
:: ================================================================================
:: Delete Group Policy History - CTX128749
:: ================================================================================
ECHO Deleting Group Policy History
IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (
 RD /S /Q "C:\ProgramData\Microsoft\Group Policy\history"
)
 
:: ================================================================================
:: CTX134961 - XenApp Policies not Applying Correctly
:: ================================================================================
ECHO Deleting Citrix Group Policy History
IF EXIST "C:\ProgramData\Citrix\GroupPolicy" (
 DEL /S /Q "C:\ProgramData\Citrix\GroupPolicy\*.*"
)
IF EXIST "C:\ProgramData\CitrixCseCache" (
 DEL /S /Q "C:\ProgramData\CitrixCseCache\*.*"
)
IF EXIST "C:\Windows\System32\GroupPolicy\Machine\Citrix\GroupPolicy" (
 DEL /S /Q "C:\Windows\System32\GroupPolicy\Machine\Citrix\GroupPolicy\*.*"
)
IF EXIST "C:\Windows\System32\GroupPolicy\User\Citrix\GroupPolicy" (
 DEL /S /Q "C:\Windows\System32\GroupPolicy\User\Citrix\GroupPolicy\*.*"
)
 
 
:: ================================================================================
:: Shutdown Build Server to put vDisk in Standard Mode
:: ================================================================================
ECHO %ShutdownMode%
IF %ShutdownMode%==REBOOTME (
 ECHO Build Server will be rebooted
 SHUTDOWN /R /F /T 20 /C "Build Server will be rebooted to apply all the changes & updates"
)
 
IF %ShutdownMode%==SHUTDOWNME (
 ECHO Shutdown Build Server to put vDisk in Standard Mode
 SHUTDOWN /S /F /T 20 /C "vDisk is ready to put in Standard mode"
)
 
 
IF %ShutdownMode%==ONLINE (
 ECHO Script will exit to allow vDisk Auto-Update to continue.
        ECHO Auto-Update requires a clean script exit to continue.
)
 
:: ===========================================================================================================
:: Disable Logons - This resolves users being able to login before the server is ready
:: ===========================================================================================================
SCHTASKS /RUN /TN Disable_Logons
 
:: ================================================================================
:: Disconnect Mapped Drives
:: ================================================================================
ECHO Disconnect Mapped Drives
NET USE * /D /Y
PING LOCALHOST -n 5 >NUL

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

548

549

550

551

552

553

554

555

556

557

558

559

560

561

562

563

564

565

566

567

568

569

570

571

572

573

574

575

576

577

578

579

580

581

582

583

584

585

586

587

588

589

590

591

592

593

594

595

596

597

598

599

600

601

602

603

604

605

606

607

608

609

610

611

612

613

614

615

616

617

618

619

620

621

622

623

624

625

626

627

628

629

630

631

632

633

634

635

636

637

638

639

640

641

642

643

644

645

646

647

648

649

650

651

652

653

654

655

656

::================================================================================

:: Created by: Saman Salehian

:: Intel Server Team

:: IBM Canada Ltd.

:: Creation Date: Nov 09, 2012

:: Modified Date: Feb 05, 2013 -- TTYE - added 64bit appv state 0 registry key

:: Modified Date: Feb 13, 2013 -- Saman Salehian - added command to disconnect mapped drives

:: Modified Date: Feb 25, 2013 -- TTYE - added command to clear AppV 5 packages

:: Modified Date: Mar 28, 2013 -- TTYE - Commented out netsh command to prevent network loss

:: Modified Date: May 02, 2013 -- TTYE - Added ability to parse for passed variables

:: Modified Date: May 02, 2013 -- TTYE - Stopped all scheduled tasks

:: Modified Date: May 21, 2013 -- Saman Salehian - added cleanup script for non present devices

:: Modified Date: May 21, 2013 -- Saman Salehian - added option to do not apply Windows Updates

:: Modified Date: May 21, 2013 -- Saman Salehian - added delete security database to fix GPO issues

:: Modified Date: Jul 04, 2013 -- TTYE - added powershell script to remove provisioning dynamic DNS registration

:: Modified Date: Jul 23, 2013 -- Saman Salehian - commented out delete security database to fix GPO issues

:: Modified Date: Sep 24, 2014 -- Saman Salehian - added logic to check if AppV is installed or skip AppV portion

:: Modified Date: Dec 19, 2014 -- Saman Salehian - added logic to check if Meditech exists then update Meditech MagicCS and FS Clients

:: Modified Date: Dec 31, 2014 -- Saman Salehian - added logic to check if Millennium exists then install the full client automatically

:: Modified Date: Feb 05, 2015 -- TTYE - delete "C:\ProgramData\Microsoft\AppV\Client" added to prevent vDisk from caching faulty junctions

:: Modified Date: Feb 06, 2015 -- TTYE - Added command line to update virus def's

:: Modified Date: Mar 14, 2015 -- Saman Salehian - added logic to clear Citrix policies history per CTX134961 (XenApp Policies not Applying Correctly)

:: File Name: PVS_Target_Device_Update-v3.0.cmd

:: Description: Automated Process for Updating PVS vDisk

::================================================================================

@TITLE PVS Target Device Update Script

@ECHO OFF

CLS

COLOR 1E

:: ===========================================================================================================

:: Stops all scheduled tasks

:: ===========================================================================================================

FOR /f "delims=," %%A IN ('schtasks /query /fo csv ^| findstr /v /i /c:"Folder"') DO schtasks /end /tn %%A

CLS

:: ===========================================================================================================

:: See if there is any parameters passed and set variables accordingly

:: 1) Pull string off the command line

:: 2) filter out " and '

:: 3) break each set out by spaces

:: 4) save to temp file

:: 5) iterate through temp file (for) and create variables.

:: ===========================================================================================================

:: Example of acceptable parameters are: SHUTDOWN=1 vDISK=1

:: Parameters are:

:: SHUTDOWN=1 - Reboot

:: SHUTDOWN=2 - Shutdown

:: SHUTDOWN=3 - Leave system online

:: VDISK=1 - Do not apply Windows Updates

:: VDISK=2 - Test vDisk

:: VDISK=3 - Prod vDisk

:: Example of command:

:: RunMe-vDiskAutoUpdate.cmd SHUTDOWN=1 VDISK=3

:: Sets the script to reboot and the vDisk is Prod

:: RunMe-vDiskAutoUpdate.cmd SHUTDOWN=2 VDISK=2

:: Sets the script to shutdown and the vDisk is Test

:: RunMe-vDiskAutoUpdate.cmd SHUTDOWN=3 VDISK=3

:: Sets the script to leave the system online and the vDisk is Prod

ECHO PARAMETERS "%*"

SET PARAMS=%*

:: NOTE: We are replacing quotations with whitespace characters! Ensure there is no

:: whitespace in the parameters, but whitespace *between* parameters. Filtering out the

:: quotations ensures we can call this from the command line without issue.

IF "%PARAMS%"=="" GOTO SKIPPARAMETERS

CALL SET PARAMS=%%PARAMS:"= %%

CALL SET PARAMS=%%PARAMS:'= %%

:: Break each set of parameters into its own set, seperated by the equals sign.

:: Once we iterate through all the parameters we "breakout"

FOR /f "tokens=1-26 delims= " %%A IN ("%PARAMS%") DO (

IF '%%A' EQU '' GOTO BREAKOUT

ECHO %%A > "%TEMP%\variables.txt"

IF '%%B' EQU '' GOTO BREAKOUT

ECHO %%B >> "%TEMP%\variables.txt"

)

:BREAKOUT

:: Now we iterate through the temp file and auto-create the variables

FOR /f "tokens=1-2 delims==" %%A IN ('TYPE "%TEMP%\variables.txt"') DO (

IF /I '%%A' EQU 'SHUTDOWN' set SHUTDOWN=%%B

IF /I '%%A' EQU 'VDISK' set VDISK=%%B

)

:SKIPPARAMETERS

:: ===========================================================================================================

:: Prompt for values - Reboot/Shutdown & Citrix Environment (Test or Prod)

:: ===========================================================================================================

SET M=%SHUTDOWN%

IF "%M%" NEQ "" GOTO SkipShutdownMenu

:SHUTDOWNMENU

ECHO.

ECHO Select Reboot or Shutdown:

ECHO 1 - Reboot

ECHO 2 - Shutdown

ECHO 3 - Leave system online

ECHO.

SET /P M=Type 1 or 2 then press ENTER:

:SkipShutdownMenu

IF %M%==1 (

ECHO ..............................................................................

ECHO Server will be rebooted after the updates and you need to run the script again to prepare vDisk for Standard Mode

ECHO ..............................................................................

SET ShutdownMode=REBOOTME

GOTO WSUSMENU

)

IF %M%==2 (

ECHO ..............................................................................

ECHO Server will be shutdown after the updates. Then you can promote the vDisk version to Test/Production.

ECHO ..............................................................................

SET ShutdownMode=SHUTDOWNME

GOTO WSUSMENU

)

IF %M%==3 (

ECHO ..............................................................................

ECHO Server will be left online. This is required for vDisk Auto-Update Management

ECHO ..............................................................................

SET ShutdownMode=ONLINE

GOTO WSUSMENU

)

GOTO SHUTDOWNMENU

:WSUSMENU

SET M=%VDISK%

IF "%M%" NEQ "" GOTO SkipWSUSMenu

ECHO.

ECHO Select type of vDisk:

ECHO 1 - Do NOT apply Windows Updates

ECHO 2 - Test vDisk

ECHO 3 - Prod vDisk

ECHO.

SET /P M=Type 1, 2 or 3 then press ENTER:

:SkipWSUSMenu

IF %M%==1 (

ECHO ..............................................................................

ECHO Windows updates will not apply to vDisk.

ECHO ..............................................................................

SET WSUSComputerGroup=NONE

GOTO VariableIsSet

)

IF %M%==2 (

ECHO ..............................................................................

ECHO All the patches approved for Day01.2300.WS computer group will be applied to this server.

ECHO ..............................................................................

SET WSUSComputerGroup=Day01.2300.WS

GOTO VariableIsSet

)

IF %M%==3 (

ECHO ..............................................................................

ECHO All the patches approved for Day13.2300.WS computer group will be applied to this server.

ECHO ..............................................................................

SET WSUSComputerGroup=Day13.2300.WS

GOTO VariableIsSet

)

ECHO.

GOTO WSUSMENU

:VariableIsSet

:: Continue to run the script

PUSHD "%~dp0"

ECHO 60 seconds delay to allow services to start...

ping 127.0.0.1 -n 60 >NUL

:: ================================================================================

:: Reset Computer Account

:: ================================================================================

ECHO Reset Computer Account

NETDOM RESET %COMPUTERNAME% /DOMAIN:healthy.bewell.ca

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Windows Time Service Resync

:: ================================================================================

ECHO Windows Time Service Resync

NET START w32time

W32TM /CONFIG /UPDATE

W32TM /RESYNC

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Delete Published Applications Folder

:: ================================================================================

IF EXIST C:\PublishedApplications (

ECHO Delete Published Applications Folder

ATTRIB -R C:\PublishedApplications\*.* /S

DEL /S /Q C:\PublishedApplications\*.*

)

:: ================================================================================

:: Refresh Group Policies

:: ================================================================================

ECHO Refresh Group Policies

ECHO N | GPUPDATE /FORCE

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Configure WinRM for Desktop Director

:: ================================================================================

IF /I [%computername:~-1,1%] EQU [T] (

ECHO Configuring WinRM for TEST

ConfigRemoteMgmt.exe /configwinrmuser HEALTHY\AHS.CTX.Users.DesktopDirector.TST

) ELSE (

ECHO Configuring WinRM for PROD

ConfigRemoteMgmt.exe /configwinrmuser HEALTHY\AHS.CTX.Users.DesktopDirector.PRD

)

:: ===========================================================================================================

:: Remove Non-present Hareware

:: ===========================================================================================================

CD RemoveNonPresentHardware >NUL

CALL "1_pre-get_partition_and_netinfo.cmd"

CALL "2_post-remove_nonpresent_hardware_v33.cmd"

RMDIR /S /Q ""%SYSTEMDRIVE%\Admin"

CD.. >NUL

PING -n 5 LOCALHOST >NUL

:: ===========================================================================================================

:: Update PSTools and Wireshark

:: ===========================================================================================================

CD Update_Swinst_Tools >NUL

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Unrestricted -File "Update_Tools.ps1"

CD.. >NUL

PING -n 5 LOCALHOST >NUL

:: ================================================================================

:: Apply Windows Updates

:: ================================================================================

ECHO Apply Windows Updates

IF NOT %WSUSComputerGroup%==NONE (

ECHO Apply Windows Updates

CALL Windows_Update.cmd "[email protected]" %WSUSComputerGroup%

PING LOCALHOST -n 5 >NUL

)

TYPE "%TEMP%\vbswsus-status.log"

:: ================================================================================

:: Clear App-V Data & Reset the Client

:: ================================================================================

IF NOT EXIST "%ProgramFiles%\Microsoft Application Virtualization" (

IF NOT EXIST "%ProgramFiles(x86)%\Microsoft Application Virtualization Client" (

GOTO SKIPAPPVALL

)

ECHO Clear App-V Data ^& Reset the Client

NET START sftlist

TASKLIST | FINDSTR /i /c:"sftlist"

IF "%ERRORLEVEL%" equ "1" GOTO SKIPAPPV4

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

"%ProgramFiles(x86)%\Microsoft Application Virtualization Client\sftmime.exe" remove obj:app /global /complete

) ELSE (

"%ProgramFiles%\Microsoft Application Virtualization Client\sftmime.exe" remove obj:app /global /complete

)

:SKIPAPPV4

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

REG ADD "HKLM\SOFTWARE\Wow6432Node\Microsoft\SoftGrid\4.5\Client\AppFS" /V State /T REG_DWORD /D 0 /F

) ELSE (

REG ADD "HKLM\SOFTWARE\Microsoft\SoftGrid\4.5\Client\AppFS" /V State /T REG_DWORD /D 0 /F

)

ECHO Clearing AppV 5 Packages...

ECHO Checking for folders that don't exist that will prevent AppV from loading packages correctly...

net start appvclient

FOR /F "tokens=1-5" %%A IN ('sc query appvclient ^| findstr /i /c:"STATE"') DO IF /I '%%D' EQU 'STOPPED' (

for /f "tokens=1-6" %%a IN ('reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages /s ^| findstr /i /c:"PackageRoot"') DO mkdir %%c

)

IF EXIST "C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe" (

>Appv5ClientRefresh-01.ps1 ECHO.

>>Appv5ClientRefresh-01.ps1 ECHO Import-Module AppVClient

>>Appv5ClientRefresh-01.ps1 ECHO Stop-AppvClientConnectionGroup * -Global

>>Appv5ClientRefresh-01.ps1 ECHO Stop-AppvClientPackage * -Global

>>Appv5ClientRefresh-01.ps1 ECHO Remove-AppvClientConnectionGroup *

>>Appv5ClientRefresh-01.ps1 ECHO Remove-AppvClientPackage *

>>Appv5ClientRefresh-01.ps1 ECHO Get-AppvClientConnectionGroup -all ^| Remove-AppvClientConnectionGroup

>>Appv5ClientRefresh-01.ps1 ECHO Get-AppvClientPackage -all ^| Remove-AppvClientPackage

>>Appv5ClientRefresh-01.ps1 ECHO Get-AppvClientPackage -all *

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" .\Appv5ClientRefresh-01.ps1

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy bypass -File "C:\Program Files\Microsoft Application Virtualization\Client\Disable-AppVClient.ps1" -ModulePath "C:\Program Files\Microsoft Application Virtualization\Client\AppvClient\AppvClient.psd1" -RemoveAllPackages -PackageInstallationRoot "D:\AppVData\PackageInstallationRoot"

ping 127.0.0.1 -n 60 >NUL

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted

DEL /F /Q Appv5ClientRefresh-01.ps1 >NUL

net stop AppVClient

takeown /F D:\AppVData\PackageInstallationRoot /R /A >NUL

icacls D:\AppVData\PackageInstallationRoot /T /grant Administrators:F >NUL

rmdir /s /q D:\AppVData\PackageInstallationRoot

takeown /F D:\AppVData\PackageInstallationRoot /R >NUL

icacls D:\AppVData\PackageInstallationRoot /T /grant Administrators:F >NUL

rmdir /s /q D:\AppVData\PackageInstallationRoot

rmdir /s /q "C:\ProgramData\Microsoft\AppV\Client"

)

ECHO Post AppV5 package check...

reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages

reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages

reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages

reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages /f

reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages /f

reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages /f

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages

reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Packages

reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages

reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Integration\Packages

ECHO D:\AppVData\PackageInstallationRoot

dir /b D:\AppVData\PackageInstallationRoot

TASKKILL /IM powershell.exe /F

"%SystemRoot%\System32\RUNDLL32.EXE" user32.dll, UpdatePerUserSystemParameters

ECHO AppV 5 - Fix up any additional folders so AppV will start.

FOR /F "tokens=1-5" %%A IN ('reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\Streaming\Packages /s ^| findstr /i /c:"packageroot"') DO mkdir %%C

PING LOCALHOST -n 5 >NUL

IF EXIST "C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe" (

ECHO Disable BackgroundRegistry Processing...

REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Subsystem" /V NoBackgroundRegistryStaging /T REG_DWORD /D 0x0 /F

copy /y "\\citrixnas01\ctx_images_bdc\_Scripts\AppVDataPreCache\AppV5_Data_PreCache.cmd" "C:\swinst\AppV_Data_PreCache\AppV5_Data_PreCache.cmd"

copy /y "\\citrixnas01\ctx_images_bdc\_Scripts\AppVDataPreCache\Appv5RegistryStaging.ps1" "C:\swinst\AppV_Data_PreCache\Appv5RegistryStaging.ps1"

del /q "C:\swinst\AppV_Data_PreCache\RegistryStagingTime.csv"

)

:SKIPAPPVALL

:: ================================================================================

:: Disable Dynamic DNS Registration on Provisioning NIC

:: ================================================================================

ECHO Disabling Dynamic DNS Registration on Prov NIC

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted

START "" "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" "%~dp0disableddnsregistration.ps1"

ping 127.0.0.1 -n 60 >NUL

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted

)

TASKKILL /im powershell.exe /f

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Sets the interface metrics - production 1, provisioning 2

:: ================================================================================

ECHO Setting Interface Metrics...

netsh int ipv4 set interface "Production" metric=1

netsh int ipv4 set interface "Provision" metric=2

:: ================================================================================

:: Set TCPAckFrequency and TCPNoDelay, this is to improve MetaVision Performance

:: ================================================================================

ECHO Settings TCPAckFrequency and TCPNoDelay

FOR /f "tokens=1" %%A IN ('reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces') do reg add %%A /v TcpAckFrequency /t REG_DWORD /d 0x1 /f

FOR /f "tokens=1" %%A IN ('reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces') do reg add %%A /v TcpNoDelay /t REG_DWORD /d 0x1 /f

:: ================================================================================

:: Set SMB2 tuning properties http://support.citrix.com/article/CTX132799 http://download.microsoft.com/download/6/B/2/6B2EBD3A-302E-4553-AC00-9885BBF31E21/Perf-tun-srv-R2.docx

:: ================================================================================

ECHO Settings SMB2 tuning properties

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DisableBandwidthThrottling /t REG_DWORD /d 1 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DisableLargeMtu /t REG_DWORD /d 0 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v FileInfoCacheEntriesMax /t REG_DWORD /d 65536 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v DirectoryCacheEntriesMax /t REG_DWORD /d 4096 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters" /v FileNotFoundCacheEntriesMax /t REG_DWORD /d 65536 /f

:: ================================================================================

:: Improve performance of Citrix vDisks - CTX126042, CTX117374

:: ================================================================================

ECHO Improve performance of Citrix vDisks - CTX126042

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BNIStack\Parameters" /v WcHDNoIntermediateBuffering /t REG_DWORD /d 2 /f

ECHO Improve performance of Citrix vDisks - CTX117374

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters" /v DisableTaskOffload /t REG_DWORD /d 1 /f

:: ================================================================================

:: Set EventLogs for 2008 servers to the D drive

:: ================================================================================

ECHO Setting EventLog Path to the D:\EventLogs drive...

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted

START "" "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" "%~dp0Move-Log-Files.ps1"

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted

:: ================================================================================

:: Set EdgeSight Service to Manual and Clear EdgeSight Data

:: ================================================================================

ECHO Set EdgeSight Service to Manual and Clear EdgeSight Data

SC STOP RSCorSvc

PING LOCALHOST -n 5 >NUL

IF EXIST "D:\EdgeSightData\EdgeSight.ini" (

ECHO Y | DEL "D:\EdgeSightData\EdgeSight.ini"

)

:: ================================================================================

:: Speed Up .Net Applications by resetting and generating performance optimization

:: http://blogs.msdn.com/b/dotnet/archive/2013/08/06/wondering-why-mscorsvw-exe-has-high-cpu-usage-you-can-speed-it-up.aspx

:: ================================================================================

ECHO Speed Up .Net Applications by resetting and generating performance optimization

START /WAIT cscript.exe //NOLOGO nGen.wsf

:: ================================================================================

:: Generalize PVS vDisk - Provisioning Services Device Optimizer

:: ================================================================================

ECHO Generalize PVS vDisk - Provisioning Services Device Optimizer

START "" "PVS.exe"

"%ProgramFiles%\Citrix\Provisioning Services\TargetOSOptimizer.exe"

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Run XenAppPrep for XenApp 5 or Role Manager for XenApp 6.5

:: ================================================================================

net START imaservice

FOR /F "TOKENS=2,*" %%a IN ('REG QUERY HKLM\SYSTEM\CurrentControlSet\Control\Citrix /v NewProductVersion') DO SET XenAppVersion=%%b

IF %XenAppVersion% EQU 4.6 (

ECHO XenApp 5 - Running XenAppPrep

ECHO.

ECHO ================================================================

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

"%ProgramFiles(x86)%\Citrix\XenAppPrep\XenAppPrep.exe" /Pvs /Xte

) ELSE (

"%ProgramFiles%\Citrix\XenAppPrep\XenAppPrep.exe" /Pvs /Xte

)

ECHO ================================================================

)

IF %XenAppVersion% EQU 6.5.0 (

ECHO XenApp 6.5 - Running Role Manager

ECHO.

ECHO ================================================================

"%ProgramFiles(x86)%\Citrix\XenApp\ServerConfig\XenAppConfigConsole.exe" /ExecutionMode:ImagePrep /RemoveCurrentServer:True /ClearLocalDatabaseInformation:True

ECHO ================================================================

)

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Check registry after XenApp Prep and fix IMA issues

:: ================================================================================

PING LOCALHOST -n 10 >NUL

>FixIMA.ps1 ECHO.

>>FixIMA.ps1 ECHO $inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"

>>FixIMA.ps1 ECHO $propagation = [system.security.accesscontrol.PropagationFlags]"None"

>>FixIMA.ps1 ECHO $acl = Get-Acl HKLM:\SOFTWARE\Wow6432Node\Citrix\IMA\Status

>>FixIMA.ps1 ECHO $rule = New-Object System.Security.AccessControl.RegistryAccessRule ("NT AUTHORITY\SYSTEM","FullControl",$inherit,$propagation,"Allow")

>>FixIMA.ps1 ECHO $acl.SetAccessRule($rule)

>>FixIMA.ps1 ECHO $rule = New-Object System.Security.AccessControl.RegistryAccessRule ("NT AUTHORITY\NETWORK SERVICE","FullControl",$inherit,$propagation,"Allow")

>>FixIMA.ps1 ECHO $acl.SetAccessRule($rule)

>>FixIMA.ps1 ECHO $rule = New-Object System.Security.AccessControl.RegistryAccessRule ("BUILTIN\Administrators","FullControl",$inherit,$propagation,"Allow")

>>FixIMA.ps1 ECHO $acl.SetAccessRule($rule)

>>FixIMA.ps1 ECHO $acl ^|Set-Acl -Path HKLM:\SOFTWARE\Wow6432Node\Citrix\IMA\Status

REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status

IF "%ERRORLEVEL%" EQU "1" (

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA /v DataSourceName /t REG_SZ /d "C:\Program Files (x86)\Citrix\Independent Management Architecture\mf20.dsn" /f

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v EnhancedDesktopExperienceConfigured /t REG_DWORD /d 0x1 /f

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v Provisioned /t REG_DWORD /d 0x1 /f

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v Ready /t REG_DWORD /d 0x1 /f

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status /v Joined /t REG_DWORD /d 0x0 /f

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Unrestricted

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" .\FixIMA.ps1

"%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" Set-ExecutionPolicy Restricted

TASKKILL /im mfcom.exe /f

NET STOP imaservice

DSMAINT recreatelhc

)

DEL /Q .\FixIMA.ps1

:: ================================================================================

:: Update Symantec Client Virus Definitions

:: ================================================================================

ECHO Stop Symantec Management Client

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

"%ProgramFiles(x86)%\Symantec\LiveUpdate\LUALL.EXE" -s

) ELSE (

"%ProgramFiles%\Symantec\LiveUpdate\LUALL.EXE" -s

)

:: ================================================================================

:: Stop Symantec Management Client

:: ================================================================================

ECHO Stop Symantec Management Client

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

"%ProgramFiles(x86)%\Symantec\Symantec Endpoint Protection\smc.exe" -stop

) ELSE (

"%ProgramFiles%\Symantec\Symantec Endpoint Protection\smc.exe" -stop

)

FOR /F "TOKENS=2,*" %%a IN ('REG QUERY "HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC" /v Version') DO SET SEPClientVersion=%%b

IF %SEPClientVersion% EQU 11.0 (

REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\SmcService" /V Start /T REG_DWORD /D 3 /F

)

IF %SEPClientVersion% EQU 12.1 (

REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\SepMasterService" /V Start /T REG_DWORD /D 3 /F

)

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Delete User Profiles

:: ================================================================================

ECHO Delete User Profiles

CSCRIPT //NOLOGO Delete_User_Profiles.vbs /C

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Clear Networking Related Caches (DNS and ARP)

:: ================================================================================

ECHO Clear Networking Related Caches (DNS and ARP)

IPCONFIG /FLUSHDNS

ARP -D

::NETSH WINSOCK RESET >NUL

:: ================================================================================

:: Clear Temp Folders

:: ================================================================================

ECHO Clear Temp Folders

ECHO Y | DEL "%TEMP%\."

ECHO Y | DEL "%SYSTEMROOT%\TEMP\."

RMDIR /S /Q "%SYSTEMDRIVE%\SWINST\BGINFO"

PING LOCALHOST -n 5 >NUL

:: ================================================================================

:: Run Disk Cleanup

:: ================================================================================

ECHO Running Disk Cleanup...

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

cleanmgr.exe /sagerun:10

)

:: ================================================================================

:: Delete Server Health Check Logs From System Drive

:: ================================================================================

ECHO Delete Server Health Check Logs From System Drive

IF EXIST "%SYSTEMDRIVE%\swinst\Server Health Check" (

RMDIR /Q /S "%SYSTEMDRIVE%\swinst\Server Health Check"

PING LOCALHOST -n 5 >NUL

)

:: ================================================================================

:: Clear Event Logs

:: ================================================================================

ECHO Clear Event Logs

CSCRIPT //NOLOGO Clear_Event_Logs.vbs

PING LOCALHOST -n 5 >NUL

POPD

:: ================================================================================

:: Delete Group Policy History - CTX128749

:: ================================================================================

ECHO Deleting Group Policy History

IF EXIST %SYSTEMROOT%\SysWOW64\notepad.exe (

RD /S /Q "C:\ProgramData\Microsoft\Group Policy\history"

)

:: ================================================================================

:: CTX134961 - XenApp Policies not Applying Correctly

:: ================================================================================

ECHO Deleting Citrix Group Policy History

IF EXIST "C:\ProgramData\Citrix\GroupPolicy" (

DEL /S /Q "C:\ProgramData\Citrix\GroupPolicy\*.*"

)

IF EXIST "C:\ProgramData\CitrixCseCache" (

DEL /S /Q "C:\ProgramData\CitrixCseCache\*.*"

)

IF EXIST "C:\Windows\System32\GroupPolicy\Machine\Citrix\GroupPolicy" (

DEL /S /Q "C:\Windows\System32\GroupPolicy\Machine\Citrix\GroupPolicy\*.*"

)

IF EXIST "C:\Windows\System32\GroupPolicy\User\Citrix\GroupPolicy" (

DEL /S /Q "C:\Windows\System32\GroupPolicy\User\Citrix\GroupPolicy\*.*"

)

:: ================================================================================

:: Shutdown Build Server to put vDisk in Standard Mode

:: ================================================================================

ECHO %ShutdownMode%

IF %ShutdownMode%==REBOOTME (

ECHO Build Server will be rebooted

SHUTDOWN /R /F /T 20 /C "Build Server will be rebooted to apply all the changes & updates"

)

IF %ShutdownMode%==SHUTDOWNME (

ECHO Shutdown Build Server to put vDisk in Standard Mode

SHUTDOWN /S /F /T 20 /C "vDisk is ready to put in Standard mode"

)

IF %ShutdownMode%==ONLINE (

ECHO Script will exit to allow vDisk Auto-Update to continue.

ECHO Auto-Update requires a clean script exit to continue.

)

:: ===========================================================================================================

:: Disable Logons - This resolves users being able to login before the server is ready

:: ===========================================================================================================

SCHTASKS /RUN /TN Disable_Logons

:: ================================================================================

:: Disconnect Mapped Drives

:: ================================================================================

ECHO Disconnect Mapped Drives

NET USE * /D /Y

PING LOCALHOST -n 5 >NUL

Becareful of your AVHD to VHD chains with Citrix PVS with multiple sites

2015-02-05

by trententtye

in Blog, Uncategorized

No Comments

Citrix PVS is a great product. With a single VHD file you can boot multiple machines and with the new RAM caching technology introduced in PVS 7.1 it’s super fast.

We have Citrix PVS 7.1 setup across 5 data centres in 3 geographically disperse regions with 2 primary sites each having a primary datacenter and a DR datacenter. Each datacenter has high-speed local share for our PVS images. Our Active Directory architecture is 2003 level. Our PVS setup is configured to stream the vDisks from a local file share. This information is important to add context for our process.

I found an issue in one of our datacenters when we had an issue and had to reboot some VM’s. Essentially the issue is our target devices were booting slow. Like really, really, really slow. In addition to that, once they did boot; logging into them was slow. Doing any action once you were logged in was slow. But it did seem to get faster the more you click’ed and prodded your way around the system. For instance, clicking the ‘Start’ button took 15 seconds to open the first time but was normal afterwards, but clicking on any sub-folders was slow with the same symptoms.

This is a poor performing VM. Notice the high number of retries, slow Throughput and long Boot Time

Conversely, connecting to a target device at the other city showed these statistics:

Example of a much, much better performing VM. 14 second boot time, throughput about 10x faster than the slower VM and ZERO retries.

So we have an issue. These two separate cities are configured nearly identically but one is suffering severely in performance. We looked at the VMHost that it the VM was hosted at, but moving it to different hosts didn’t seem to make any difference. I then RDP’ed to our VM and launched ProcessMonitor so I could watch the bootup process. This is what I saw:

chfs04 is the local file server hosting our vDisk. citrixnas01 is a remote file server on a WAN connection in the datacenter in the other city. For some reason, PVS is reading and sharing the *versioned* avhd file that resides on the local file share, but the base VHD file it is reading from citrixnas01. This is, obviously, a huge issue. Reading the base image over a WAN probably will result in the poor performance we are experiencing and the high retry counts for packets.

But why is it going over the WAN? It turns out that the avhd file contains a section in it’s header that describes the location of the parent VHD file. PVS is simply using the native sequence built in to the VHD spec for the chain’ed disks.

Hex editing the avhd file reveals the chain path

(Un)Fortunately for us, our PVS servers can read the file share across the WAN and pull and cache data locally so the speedups tended to gain the longer the VM was in use. In order to fix this issue immediately, we edited our hosts file on the PVS server to point to the local file server for citrixnas01.

After executing that change I rebooted one of the target devices in the *slow* site.

Throughput is now *much* better, but the number of retries is still concerning

Now, the tricky thing about this issue is we thought we had it covered because we configured each site to have it’s own store:

Our thoughts were that this path is what the PVS service would look for when trying to find VHD’s and AVHD’s. So when it would look for XenAppPn01.6.vhd it would look in that store. Obviously, this line of thinking is not correct. So it is important if you have sites that are distant that the path you use to create your version will correspond to the fastest, local, share in all your sites. For us, our folder structure is identical in all sites so creating a host file entry pointing citrixnas01 to the local file share works in our scenario to start with.

EDIT – I should also note that you can see the incorrect file paths in process explorer as well. Changing the host file wasn’t enough, we also needed to restart the streaming service as the streaming service held cached data on how to reach the files across the WAN. Process Explorer can show you the VHD files that the stream service has access to and where (under files and handles):

Citrixnas01 shouldn’t be in there… Host file has been changed…

After a streaming service restart:

Muuuuch better.

Quick one-liner to change vDisk on devices

2014-07-16

by trententtye

in Blog, Uncategorized

No Comments

FOR /L %A IN (28,1,60) DO (
MCLI run assigndisklocator -p disklocatorname=XenApp65Pn03 sitename=AHI storename=XenApp devicename=WSCTXAPP4%A
MCLI run removedisklocator -p disklocatorname=XenApp65Pn01 sitename=AHI storename=XenApp devicename=WSCTXAPP4%A
)

FOR /L %A IN (28,1,60) DO (

MCLI run assigndisklocator -p disklocatorname=XenApp65Pn03 sitename=AHI storename=XenApp devicename=WSCTXAPP4%A

MCLI run removedisklocator -p disklocatorname=XenApp65Pn01 sitename=AHI storename=XenApp devicename=WSCTXAPP4%A

)

Extend disk space on a VMWare PVS system

2014-07-14

by trententtye

in Blog, Uncategorized

No Comments

#############################################################################################################
#
#  By: Trentent Tye - Intel Server
#
#  Date: 2014-07-14
#
#  Comment: This script was written to extend the available free space on Citrix PVS servers.  It uses
#           a text file with the list of servers that need their disk space extended.  It assumes disk 0
#           needs extended by default because that's the only disk on a provisioned server.  Use with
#           caution against other servers.
#
#
##############################################################################################################

$executingScriptDirectory = Split-Path -Path $MyInvocation.MyCommand.Definition -Parent
pushd $executingScriptDirectory
cd $executingScriptDirectory

$servers = get-content serverlist.txt

foreach ($server in $servers) {
   Get-HardDisk -vm $server | Set-HardDisk -CapacityGB 40 -ResizeGuestPartition -Confirm:$false
   echo "select volume 0" | out-file  -FilePath \\$server\c$\swinst\diskpart.txt  -Encoding ASCII  -force
   echo "extend" | out-file  -FilePath \\$server\c$\swinst\diskpart.txt  -Encoding ASCII -Append  -force
   .\psexec.exe -accepteula \\$server diskpart.exe /s C:\swinst\diskpart.txt
}

#############################################################################################################

# By: Trentent Tye - Intel Server

# Date: 2014-07-14

# Comment: This script was written to extend the available free space on Citrix PVS servers. It uses

# a text file with the list of servers that need their disk space extended. It assumes disk 0

# needs extended by default because that's the only disk on a provisioned server. Use with

# caution against other servers.

##############################################################################################################

$executingScriptDirectory = Split-Path -Path $MyInvocation.MyCommand.Definition -Parent

pushd $executingScriptDirectory

cd $executingScriptDirectory

$servers = get-content serverlist.txt

foreach ($server in $servers) {

Get-HardDisk -vm $server | Set-HardDisk -CapacityGB 40 -ResizeGuestPartition -Confirm:$false

echo "select volume 0" | out-file -FilePath \\$server\c$\swinst\diskpart.txt -Encoding ASCII -force

echo "extend" | out-file -FilePath \\$server\c$\swinst\diskpart.txt -Encoding ASCII -Append -force

.\psexec.exe -accepteula \\$server diskpart.exe /s C:\swinst\diskpart.txt

}

########################
ServerList.txt
Server1
Server2
Server3
#######################

########################

ServerList.txt

Server1

Server2

Server3

#######################

How To Convert a 16MB block size PVS VHD to a 2MB PVS VHD file using Hyper-V

2014-05-21

by trententtye

in Blog, Uncategorized

3 Comments

If you’ve created a 16MB block size VHD file using Citrix PVS you’ve probably experienced that these disks are a touch more difficult to manage than the 2MB ones. With 16MB block size VHD’s you cannot mount them in Windows natively, compact them, and manipulate them with regular VHD tools. The only tool that I’ve been able to manipulate them with is PVS, specifically CVHDMOUNT.EXE. This allows you to mount the VHD file as a hard disk, but even so you cannot manipulate the disk with lots of tools; the disk isn’t recognized at all. This includes tools like Disk2VHD that you would think would make it easy to make it into a VHD. Not so.

In order to convert from a 16MB block size PVS VHD you need to do the following steps:

1) Mount the VHD file using CVHDMount.exe (you may need to install the Provisioning Server role on it to get the CVHDMount.exe tools)

2) Go into Disk Management and set your disk to “Offline”

3) Open Hyper-V, right-click your server and go “New > Hard Disk…”

4) Choose the location and filename to save it.

5) Choose to copy from the PHYSICALDISK that corresponds to your VHD you mounted.

6) Click Finish. And now you’re done! 🙂

Install VMWare drivers offline into a Citrix PVS vDisk

2014-02-28

by trententtye

in Blog, Uncategorized

No Comments

I am attempting to disable interrupt coalescing for some testing that we are doing with a latency sensitive application and I have 2 VMWare virtual machines configured as such that work as expected.

The latency settings I have done are here:
http://www.vmware.com/files/pdf/techpaper/VMW-Tuning-Latency-Sensitive-Workloads.pdf

Essentially, we turned off interrupt coalescing on the physical NIC by doing the following:
Logging into the ESXi host with SSH

# esxcli network nic list

1	# esxcli network nic list

(e1000e found as our NIC driver)

# esxcli system module parameters list -m e1000e

1	# esxcli system module parameters list -m e1000e

(we see InterruptThrottleRate as a parameter)

# esxcli system module parameters set -m e1000e -p "InterruptThrottleRate=0"

1	# esxcli system module parameters set -m e1000e -p "InterruptThrottleRate=0"

Then we modified the VMWare virtual machines with these commands:
To do so through the vSphere Client, go to VM Settings  Options tab  Advanced General  Configuration
Parameters and add an entry for ethernetX.coalescingScheme with the value of “disabled”

We have 2 NIC’s assigned to each of our PVS VM’s. One NIC is dedicated for the provisioning traffic and one for access to the rest of the network. So I had to add 2 lines to my configuration:

ethernet0.coalescingScheme = disabled
ethernet1.coalescingScheme = disabled

1 2	ethernet0.coalescingScheme = disabled ethernet1.coalescingScheme = disabled

For the VMWare virtual machines we just had the one line:

ethernet0.coalescingScheme = disabled

1	ethernet0.coalescingScheme = disabled

Upon powering up the VMWare virtual machines, the per packet latency dropped signficantly and our application was much more responsive.

Unfortunately, even with the settings being identical on the VMWare virtual machines and the Citrix PVS image, the PVS image will not disable interrupt coalescing, consistently showing our packets as have higher latency. We built the vDisk image a couple years ago (~2011) and the vDisk now has outdated drivers that I suspect may be the issue. The VMWare machines have a VMNET3 driver from August of 2013 and our PVS vDisk has a VMNET3 driver from March 2011.

To test if a newer driver would help, I did not want to reverse image the vDisk image as that is such a pain in the ass. So I tried something else. I made a new maintenance version of the vDisk and then mounted it on the PVS server:

C:\Users\svc_ctxinstall>"C:\Program Files\Citrix\Provisioning Services\CVhdMount.exe" -p 1 X:\vDisks-XenApp\XenApp65Tn01.14.avhd

1	C:\Users\svc_ctxinstall>"C:\Program Files\Citrix\Provisioning Services\CVhdMount.exe" -p 1 X:\vDisks-XenApp\XenApp65Tn01.14.avhd

This mounted the vDisk as drive “D:”

I then took the newer driver from the VMWare virtual machine and injected it into the vDisk:

C:\Users\svc_ctxinstall>dism /image:D:\ /add-driver /driver:"C:\Program Files\VMware\VMware Tools\Drivers\vmxnet3"

1	C:\Users\svc_ctxinstall>dism /image:D:\ /add-driver /driver:"C:\Program Files\VMware\VMware Tools\Drivers\vmxnet3"

I could see my newer driver installed alongside the existing driver:
Published Name : oem57.inf
Original File Name : vmxnet3ndis6.inf
Inbox : No
Class Name : Net
Provider Name : VMware, Inc.
Date : 08/28/2012
Version : 1.3.11.0

Published Name : oem6.inf
Original File Name : vmmouse.inf
Inbox : No
Class Name : Mouse
Provider Name : VMware, Inc.
Date : 11/17/2009
Version : 12.4.0.6

Published Name : oem7.inf
Original File Name : vmaudio.inf
Inbox : No
Class Name : MEDIA
Provider Name : VMware
Date : 04/21/2009
Version : 5.10.0.3506

Published Name : oem9.inf
Original File Name : vmxnet3ndis6.inf
Inbox : No
Class Name : Net
Provider Name : VMware, Inc.
Date : 11/22/2011
Version : 1.2.24.0

Then unmount the vDisk:

C:\Users\svc_ctxinstall>"C:\Program Files\Citrix\Provisioning Services\CVhdMount.exe" -u 1

1	C:\Users\svc_ctxinstall>"C:\Program Files\Citrix\Provisioning Services\CVhdMount.exe" -u 1

I then set the vDisk to maintenance mode, set my PVS target device as maintenance and booted it up. When I checked device manager I saw that the driver version was still 1.2.24.0

But clicking “Update Driver…” updated our production NIC to the newer version. I chose “Search automatically and it found the newer, injected driver. I then rebooted the VM and success!

Citrix Provisioning Services (PVS) update failure

2013-10-23

by trententtye

in Blog, Uncategorized

No Comments

I recently got Event ID 0 on Citrix vDisk Update Service; “Update Task (UpdateTask) is not loaded”

The fix is to restart the Soap service on your chosen automatic update PVS server.

IMA Service Fails with the Following Events: 3989, 3634, 3614

2013-09-25

by trententtye

in Blog, Uncategorized

3 Comments

We have run into an issue where we have Provisioning Service 6.1 and XenApp 6.5 working together. After we update the vDisk (say, for Windows Update) we run through a script that does things like the “XenApp Prep” to allow the XenApp 6.5 ready for imaging. It appears that there is a bug in the XenApp Prep that sometimes causes it to not fully get XenApp 6.5 ready for rejoining the farm. The initial symptoms I found were:

Event ID 4003
“The Citrix Independent Management Architecture service is exiting. The XenApp Server Configuration tool has not been run on this server.”

I found this CTX article about it, but nothing of it was applicable.

I did procmon traces and I found the following registry keys were missing on the bad system:

A broken system missing the Status Registry key

A working system with the Status key. Note Joined is “0”

After adding the Status Registry key:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status]
"EnhancedDesktopExperienceConfigured"=dword:00000001
"Provisioned"=dword:00000001
"Ready"=dword:00000001
"Joined"=dword:00000000

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\Status]

"EnhancedDesktopExperienceConfigured"=dword:00000001

"Provisioned"=dword:00000001

"Ready"=dword:00000001

"Joined"=dword:00000000

I tried restarting the service and the progress bar got further but then still quit. Procmon showed me this:

That is ACCESS DENIED when trying to see that registry key. It turns out that the IMAService does not have appropriate permissions to read this key. The Magic Permissions on a working box and what you need to set here looks like this:

Notice that none of the permissions are inherited and “NETWORK SERVICE” is added with full control to this key. Now when we try and start the Citrix Independent Management Architecture service we get the following errors:

eventid 3989:
Citrix XenApp failed to connect to the Data Store. ODBC error while connecting to the database: S1000 -> General error: Invalid file dsn ''
eventid 3636:
The server running Citrix XenApp failed to connect to the data store. An unknown failure occurred while connecting to the database. Error: IMA_RESULT_FAILURE Indirect: 0 Server: DSN file: 
eventid 3615
The server running Citrix XenApp failed to connect to the Data Store. Error - IMA_RESULT_FAILURE An unknown failure occurred while connecting to the database.
eventid 3609 
Failed to load plugin C:\Program Files (x86)\Citrix\System32\Citrix\IMA\SubSystems\ImaWorkerGroupSs.dll with error IMA_RESULT_FAILURE
eventid 3601
Failed to load initial plugins with error IMA_RESULT_FAILURE

eventid 3989:

Citrix XenApp failed to connect to the Data Store. ODBC error while connecting to the database: S1000 -> General error: Invalid file dsn ''

eventid 3636:

The server running Citrix XenApp failed to connect to the data store. An unknown failure occurred while connecting to the database. Error: IMA_RESULT_FAILURE Indirect: 0 Server: DSN file:

eventid 3615

The server running Citrix XenApp failed to connect to the Data Store. Error - IMA_RESULT_FAILURE An unknown failure occurred while connecting to the database.

eventid 3609

Failed to load plugin C:\Program Files (x86)\Citrix\System32\Citrix\IMA\SubSystems\ImaWorkerGroupSs.dll with error IMA_RESULT_FAILURE

eventid 3601

Failed to load initial plugins with error IMA_RESULT_FAILURE

To correct these errors the local host cache needs to be rebuilt. To fix that we need to run:
Dsmaint recreatelhc
Dsmaint recreaterade

After doing that, we can start the IMA Service and MFCOM. If instead of IMA Service starting you get the following error message:

Eventid 4007
The Citrix Independent Management Architecture (IMA) service is exiting. The DSN File could not be updated with the information retrieved from Group Policy. Error: 80000001h DSN file: mf20.dsn DSN Entry: DATABASE Policy Setting: CTXDS Confirm that the Network Service has write permissions to the DSN File.

Eventid 4007

The Citrix Independent Management Architecture (IMA) service is exiting. The DSN File could not be updated with the information retrieved from Group Policy. Error: 80000001h DSN file: mf20.dsn DSN Entry: DATABASE Policy Setting: CTXDS Confirm that the Network Service has write permissions to the DSN File.

Ensure the following registry is populated:

reg add HKEY_LOCAL_MACHINE\PE_SOFTWARE\Wow6432Node\Citrix\IMA /v DataSourceName /t REG_SZ /d "C:\Program Files (x86)\Citrix\Independent Management Architecture\mf20.dsn"

1	reg add HKEY_LOCAL_MACHINE\PE_SOFTWARE\Wow6432Node\Citrix\IMA /v DataSourceName /t REG_SZ /d "C:\Program Files (x86)\Citrix\Independent Management Architecture\mf20.dsn"

Utilizing MCLI.exe to comment the newest version of a vDisk on Citrix Provisioning Services (PVS)

2013-07-16

by trententtye

in Blog, Uncategorized

No Comments

I’ve written this script to utilize MCLI.exe to add a comment to the newest version of a vDisk and have marked which fields correspond to what.

"C:\Program Files\Citrix\Provisioning Services\MCLI.exe" get diskversion -p disklocatorname=XenApp65Tn03 sitename=SHW storename=XenApp | FINDSTR /i /C:"version" > %TEMP%\diskver.txt

FOR /F "tokens=1-2 delims=: " %%A IN ('type %TEMP%\diskver.txt') DO set VERSIONN=%%B

"C:\Program Files\Citrix\Provisioning Services\MCLI.exe" set diskversion -p version=%VERSIONN% disklocatorname=XenApp65Tn03 sitename=SHW storename=XenApp -r description="Test"

"C:\Program Files\Citrix\Provisioning Services\MCLI.exe" get diskversion -p disklocatorname=XenApp65Tn03 sitename=SHW storename=XenApp | FINDSTR /i /C:"version" > %TEMP%\diskver.txt

FOR /F "tokens=1-2 delims=: " %%A IN ('type %TEMP%\diskver.txt') DO set VERSIONN=%%B

"C:\Program Files\Citrix\Provisioning Services\MCLI.exe" set diskversion -p version=%VERSIONN% disklocatorname=XenApp65Tn03 sitename=SHW storename=XenApp -r description="Test"

This script can now be added to the “PVS Automatic” update feature to automatically comment the latest vDisk when it is updated.