The XenApp and XenDesktop Service in Citrix Cloud can provision and power-manage VDAs (Virtual Delivery Agents). For on-premises hypervisors, requests are proxied through the Citrix Cloud Connector.
You can provision VDAs using the following methods:
- Machine Creation Services (MCS)
- Provisioning Services
Configuring provisioning through Machine Creation Services involves the following tasks:
- Using Citrix Studio, create a connection with the hypervisor or cloud you want to use with the XenApp and XenDesktop Service.
- On a machine in your hypervisor or cloud environment, install the operating system, integration software for your cloud or hypervisor, applications you want to make available to users, and the appropriate VDA package.
- Using your hypervisor or cloud management tool, create an image or snapshot of this machine. You will use this image or snapshot as the master image for your machine catalog.
- Create a machine catalog with the appropriate number of machines for your users. During this process, you will specify the master image you created.
Machine account creation with Machine Creation Services differs from XenApp and XenDesktop in that the accounts are created by the Citrix Cloud Connector. By default, the machine hosting the Connector only has read-only access to Active Directory (AD). Therefore, you will be prompted for AD credentials every time you create machine accounts in Citrix Studio.
Using Provisioning Services
There are two options for creating Provisioning Services managed VDAs from an on-premise Provisioning Server deployment:
- XenDesktop Setup wizard in the Provisioning Services console
- Machine Catalog Setup in Studio
XenDesktop Setup Wizard
In order to create the XenDesktop catalogs and add them to the Citrix Cloud site using the XenDesktop Setup wizard in the Provisioning Services console, you must first uninstall the XenApp and XenDesktop SDK and install the cloud-enabled XenApp and XenDesktop Remote Powershell SDK. The XenApp and XenDesktop Remote PowerShell SDK replaces the default XenApp and XenDesktop SDK included with the PVS console installation.
- Uninstall the XenApp and XenDesktop SDK from the PVS console by uninstalling each of the snap-ins:
- Citrix Broker PowerShell
- Citrix Configuration Logging Service PowerShell
- Citrix Configuration Service PowerShell
- Citrix Delegated Administration Service PowerShell
- Citrix Host Service PowerShell
- Download the XenApp and XenDesktop Remote PowerShell SDK.
- Install the SDK using the command line and provide the PVS=Yes argument: CitrixPoshSdk.exe PVS=Yes
When you run the XenDesktop Setup wizard, you will be prompted for your Citrix Cloud customer credentials from the PVS console, otherwise the process is the same as using the on-premise version.
Known Issue: The XenApp and XenDesktop Remote PowerShell SDK has a 30-minute timeout at which time you are prompted to re-enter your Citrix Cloud customer credentials. If you re-enter your credentials, the wizard will finish in the background. If you close the wizard after you are prompted for credentials, you will need to restart the PVS console and start the process over.
Machine Catalog Setup
From Citrix Cloud, access Machine Catalog Setup in Studio. After specifying the address of the on-premise Provisioning Services server and clicking Connect, you will be prompted for Provisioning Services administrator credentials. After this authentication, the process for the Machine Catalog Setup option is the same as the on-premise version.
For more information on Provisioning Services, see the latest documentation.
Before you create a connection to the XenApp and XenDesktop Service or create machine catalogs, review the following sections for important configuration information you will need for your cloud provider or hypervisor.
Microsoft Azure Classic
- Before you create a connection in Studio, you must have an existing virtual network for the Azure account you want to use with the XenApp and XenDesktop Service. When you create the connection, you will need to select the region in which your virtual network resides and select the subnets where you want new machines to be provisioned.
- To create a connection, you must provide a Microsoft publish settings file. This file contains all the Azure subscription IDs and certificates associated with your Azure account. You will need to copy and paste the subscription ID from this file into Studio using the session clipboard. You can obtain your publish settings file using the following methods:
- Visit https://manage.windowsazure.com/publishsettings and log in with your account credentials. When prompted, save the file.
- Using Azure PowerShell, run the Get-AzurePublishSettingsFile cmdlet. When prompted, enter your account credentials and save the file.
- Machine catalogs are limited to 40 VMs. This includes VDI and RDS hosts.
- When creating machine catalogs using an Azure master image, be aware that Studio displays only Specialized VM images with no data disks. These images must reside in the same region configured for the resource connection to Azure.
- When creating machine catalogs using an Azure master image, ensure the Azure storage account containing the master image VHD has sufficient IOPS capacity to support additional VMs.
- Azure VM names must be at least one character long, up to a maximum of 15 characters. Valid names consist of letters, numbers, and hyphens only. Valid names start with a letter and end with a letter or number. Valid names cannot contain characters disallowed in Azure and must follow Azure naming rules. Studio does not validate the VM names you specify, so creating a catalog might fail if the machines in the catalog do not conform to these naming rules.
- Citrix recommends using Standard Tier VMs for VDI and RDS workloads.
- For information about sizing considerations when using Azure for provisioning VMs in Apps and Desktops machine catalogs, refer to CTX142340.
- For additional information, see the Microsoft Azure documentation.
Amazon Web Services
- When you create a connection in Studio, you must provide the Access Key ID and Secret Access Key for your AWS account. You can copy and paste these values into Studio using the session clipboard. To control access to your AWS account, Citrix recommends using the access keys of a specific IAM user. For more information about the IAM user permissions needed for using AWS with the XenApp and XenDesktop Service, refer to CTX140429.
- When creating a connection to your AWS account, you will need to provide the ID of the virtual private cloud (VPC) you prepared, the region in which the VPC is located, the availability zone of the subnets in your VPC, your domain name, and security group names. For more information about setting up your VPC, see Set up an AWS resource location for the XenApp and XenDesktop Service.
- For additional information, see the AWS documentation on the Amazon web site.
- When you create a connection, you must provide the credentials for a VM Power Admin or higher-level user.
- Citrix recommends using HTTPS to secure communications with XenServer. To use HTTPS, you must replace the default SSL certificate installed on XenServer; see CTX128656.
- You can configure high availability if it is enabled on the XenServer. Citrix recommends that you select all servers in the pool (from Edit High Availability) to allow communication with XenServer if the pool master fails.
- You can select a GPU type and group, or passthrough, if the XenServer supports vGPU. The display indicates if the selection has dedicated GPU resources.
- For more information, see the Citrix XenServer product documentation.
- See Prepare the virtualization environment: VMware for guidance in preparing your environment.
- If you are using VMware vCenter with a self-signed certificate, be sure to add the certificate to each of the Citrix Cloud Connectors in your resource location.
- For additional information, see the VMware vSphere product documentation.
Additional Citrix resources
Configure connections and resources
Before you can provision machines through the XenApp and XenDesktop Service, you must first create a connection and define the network resources you will use. Configuring a connection includes setting the connection type from among the supported hypervisors and cloud services. The storage and network you select form the resources for that connection.
To create a connection and resources
- From the XenApp and XenDesktop Service home page, click Manage. Citrix Studio appears.
- From the left pane, under Configuration, click Hosting.
- From the right pane, under Actions, click Add Connection and Resources.
- On the Connection page, select the connection type and enter a connection name. Additional required information depends on the selected connection type.
- On the VM Location page, select the cloud region, virtual private cloud, and availability zone where you will provision new virtual machines.
- Enter a friendly name for the resources and select the network or cluster you want to use.
- On the Storage page, select the available storage you want to use for the new virtual machines you will provision.
If you are using Machine Creation Services to create VMs for your deployment, prepare a master image or template on your host hypervisor or cloud. Then, create the machine catalog.
Make sure the host has sufficient processors, memory, and storage to accommodate the number of machines you will create.
The Machine Catalog wizard walks you through the items described below. The wizard pages you see may differ, depending on the selections you make.
Each catalog contains machines of only one of the following types:
- Server OS: A Server OS catalog provides desktops and applications that can be shared by multiple users. The machines can be running supported versions of Windows or Linux operating systems, but the catalog cannot contain both.
- Desktop OS: A Desktop OS catalog provides desktops and applications that are assigned to a variety of different users.
- Remote PC Access: A Remote PC Access catalog provides users with remote access to the physical office desktop machines. Remote PC Access does not require a VPN to provide security.
To set up Remote PC Access, see https://support.citrix.com/article/CTX220737.
The Machine Management page indicates how machines are managed and which tool you will use to deploy machines.
The Machines that are power-managed option indicates the machines are power-managed through Studio or provisioned through a cloud environment. This option is available only if you have a connection to a hypervisor or cloud already configured.
Use the Machines that are not power-managed option for physical machines.
Select the snapshot or VM image of the machine you created earlier. Do not run Sysprep on master images.
To ensure you can use the latest product features, make sure the master image has the latest VDA version installed. Do not change the default Select the VDA version installed selection on the wizard page.
Select one or more security groups for the VMs; these are shown only if the availability zone supports security groups.
Choose whether machines will use shared hardware or account-dedicated hardware.
Specify how many virtual machines to create.
If you are using a cloud service, specify the instance type or machine size to use.
Select the network interface to use for machines in the catalog.
Each machine in the catalog must have a corresponding computer account in Active Directory. Specify whether to create new Active Directory accounts for machine in the catalog or use existing accounts. Additionally, specify the domain and organizational unit (OU) where these accounts reside.
If you elect to create new accounts, specify the account naming scheme for the machines that will be created, using hash marks to indicate where sequential numbers or letters will appear. Do not use a forward slash (/) in an OU name. A name cannot begin with a number.
Enter the domain administrator user name and password to use for creating the computer accounts in Active Directory.