Product Documentation

Getting Started with the XenApp and XenDesktop Service

Mar 30, 2017

Architectural Overview

Consider the following items when setting up the XenApp and XenDesktop Service:

  • At least two Citrix Cloud Connectors are needed and can be placed in either the perimeter network (also known as a DMZ) or internal networks.
  • One or more Linux or shared hosted desktop VDAs can be installed and configured for remote connections.
  • Connections to StoreFront occur within the internal network Active Directory domain resource zone.

The following diagram shows the environment utilizing internal connections. The Citrix Cloud Connectors are proxies for communication between the Citrix Cloud broker, Storefront servers, and the VDAs.

localized image

When hosting all core components on Microsoft Azure (including the Controller and site database), SQL Server on Azure VMs (IaaS) is supported. Azure SQL (PaaS) Database is not supported.

Remote PC Access

See CTX220737 for details about enabling XenDesktop Remote PC Access in Citrix Cloud.

Prep Task: Download the XenApp and XenDesktop Service Trial Checklist

The XenApp and XenDesktop Service Trial allows you to try out the service using your own on-premises infrastructure, a supported cloud provider, or a hybrid configuration.

To help you get the most from your trial experience, the XenApp and XenDesktop Service Trial Checklist includes planning information, a sample architecture, and build resources so you can prepare your target environment ahead of your trial approval.

Download the XenApp and XenDesktop Service Trial Checklist

After your trial is approved, use this topic to set up the XenApp and XenDesktop Service.

Task 1: Create a resource location

Before you can use the XenApp and XenDesktop Service, you need to set up a resource location. You can create a resource location using Citrix Smart Tools or you can create one manually.

For more information about resource locations and how they function, see What are Resource Locations?

Create your first resource location with Smart Tools

If you have no resource locations in your Citrix Cloud account and you want to use Amazon Web Services (AWS) with the XenApp and XenDesktop Service, you can use Smart Tools to create your first resource location on AWS. This option minimizes the manual tasks associated with setting up a domain and deploying machines.

Smart Tools deploys the machines required for your resource location, including VDAs, and sets up a NetScaler Gateway so external users can securely access the applications and desktops you provide. By default, your new resource location will use the cloud-hosted StoreFront that comes with Citrix Cloud. However, Smart Tools provides the option of deploying a StoreFront server so you can manage the stores available to your users.

When Smart Tools creates your resource location, Citrix Cloud registers the Citrix Cloud Connectors that are deployed and the registers the domain that is created with your Citrix Cloud account.

For a walkthrough of using Smart Tools to create your resource location, see Create Resource Locations on Amazon EC2 with Citrix Smart Tools.

Create a resource location manually

Set up your resource location manually if:

  • You have existing resource locations in your Citrix Cloud account.
  • You want to set up a resource location on your choice of supported cloud providers or on-premises hypervisors (AWS, Microsoft Azure, Citrix XenServer, or VMware vSphere).
You need the following components for your resource location:
  • An Active Directory domain controller.
  • Two physical or virtual Windows Server 2012 R2 machines that are joined to the domain, on which to install the Citrix Cloud Connector.
  • Two physical or virtual Windows Server 2012 R2 machines that are joined to the domain, for hosting application and desktop images.
The Citrix Cloud Connector machines should meet the following minimum requirements:
  • .NET 4.5 must be installed.
  • At least 32 GB of disk space and 4 GB of memory.
  • Active Directory Computer account with Read permissions on containers, Read/Write permissions on user and computer objects.
  • Outbound port 443 must be open to allow access to the Internet. The Citrix Cloud Connector also supports Internet Explorer proxy settings configured for outbound connections. For proxy support, see Citrix Cloud Connector - Technical Details.

If you want to enable secure external access to the applications and desktops you offer to users, you will need to add a NetScaler VPX appliance to your resource location and set up a NetScaler Gateway. For proof-of-concept purposes, you can use the cloud-hosted StoreFront that comes with Citrix Cloud, which allows internal access only.

Task overview

Depending on your cloud provider or on-premises hypervisor, perform the following tasks to set up your resource location:

  1. Create the appropriate virtual private cloud (VPC) or virtual networks for the machines you will add to your resource location. For example, for AWS, set up a VPC with public and private subnets.
  2. Create the appropriate rules to secure inbound and outbound Internet traffic as well as traffic between the machines in the virtual network. For example, in AWS, ensure the VPC's security group has the appropriate rules configured so the machines in the VPC are accessible only to the IP addresses you specify.
  3. Provision a machine, install Active Directory Domain Services, and promote it to a domain controller.
  4. Provision two machines, join them to the domain, and install the Citrix Cloud Connector on each one.
  5. Provision two machines, join them to the domain, and install the Virtual Delivery Agent (VDA) on each one.

To install the Citrix Cloud Connector

Citrix Cloud requires you install the Citrix Cloud Connector on two machines. This ensures continuous availability of your resource location. The Citrix Cloud Connector is stateless. All logs and alerts are sent back to CitrixCloud.

  1. Go to https://citrix.cloud.com and log on with the credentials you received in the email from Citrix Cloud. The Citrix Cloud Control Center opens.
  2. From the menu button in the upper left corner, select Resource Locations.
  3. Download and install the Citrix Cloud Connector onto a Windows Server 2012 R2 machine that is joined to your Active Directory domain and has outbound Internet access.
  4. When prompted, enter the same credentials you entered to log on to Citrix Cloud. Follow the wizard to install and configure the Citrix Cloud Connector.
  5. Repeat Steps 1-4 on additional machines you want to use as Citrix Cloud Connectors.

After installation, Citrix Cloud registers your domain in Identity and Access Management. For more information, see Identity and Access Management.

To install the Virtual Delivery Agent

As part of preparing your machines for hosting the applications and desktops you will offer to users, you need to install the Citrix VDA software on each machine. The VDA software enables the machine to register with the XenApp and XenDesktop Service, establish and manage the connection between the machine and the user device, verify that a Citrix license is available for the user or session, and apply any policies have been configured for the session. The VDA communicates session information to the XenApp and XenDesktop Service through the broker agent included in the VDA.

VDAs are available for Windows server and desktop operating systems. VDAs for Windows server operating systems allow multiple users to connect to the server at one time. VDAs for Windows desktop operating systems allow only one user to connect to the desktop at a time.

For instructions for installing the VDA, see Configure VDAs.

Manually create a resource location on AWS

If you want to use AWS with the XenApp and XenDesktop Service, but you don't want to use Smart Tools to set up a resource location, you can set one up manually.

For detailed instructions, see Set up an AWS resource location for the XenApp and XenDesktop Service.

Task 2: Create a host connection

A host connection enables the XenApp and XenDesktop Service to communicate with your cloud provider or on-premises hypervisor and defines the network resources that the XenApp and XenDesktop Service can use when provisioning machines that host applications and desktops for your users.

For instructions for creating a host connection, see Configure connections and resources.

Task 3: Set up machine provisioning

Machine provisioning refers to the process by which machines hosting your applications and desktops are provisioned to your resource location. These machines are collected into machine catalogs. To populate the machine catalog, the XenApp and XenDesktop Service uses a master image that includes the operating system and applications you want to make available to users. The master image ensures that all the machines in the catalog are identically configured.

The XenApp and XenDesktop Service supports two methods for machine provisioning: Machine Creation Services (MCS) and Provisioning Services.

To set up the XenApp and XenDesktop Servic with MCS provisioning, perform the following tasks:

  1. On the VDA machines in your resource location, install the operating system updates and applications you want to make available to users. If you are using a hypervisor in your resource location, install the appropriate integration software (for example, XenServer Tools, VMWare Tools, and so on) on these machines. Afterward, create an image or snapshot of the VDA. You will use this image as the master image for your machine catalog.
  2. Create a machine catalog using the master image you created. For instructions, see Create machine catalogs.
For more information about using Provisioning Services with the XenApp and XenDesktop Service, see Using Provisioning Services.

Task 4: Configure a delivery group

A delivery group is a collection of machines from one or more machine catalogs. Delivery groups specify which users can access those machines as well as the applications and desktops that they host.

localized image
  1. In Studio, right-click Delivery Groups in the left panel and select Create Delivery Group.
  2. Select the number of machines that you want to make available to the delivery group. The number you specify cannot exceed the number of machines that are in your machine catalog. Click Next.
  3. On the Delivery Type page, select whether you want to use the machines to deliver only desktops, only applications, or both.
  4. To configure Receiver, select the option to Manually, using a Storefront server address that I will provide later. Click Next.
  5. Provide a descriptive name for the Delivery Group for simple identification. This name is visible to users. Click Finish.

Using NetScaler VPX with the XenApp and XenDesktop Service

Citrix Cloud comes with a cloud-hosted StoreFront that enables you to provide internal access to the applications and and desktops you make available in your resource location. To provide external access to those resources, you need to add NetScaler VPX to your resource location and configure a NetScaler Gateway that your users can access.

If you use Smart Tools to create your resource location on AWS, you need to subscribe to the NetScaler VPX service in the Amazon Marketplace. When Smart Tools creates your resource location, it will also launch an instance of the NetScaler appliance and configure the NetScaler Gateway for you.

If you want to add NetScaler manually to a resource location, refer to the NetScaler VPX Deployment Guides.

Monitoring the XenApp and XenDesktop Service

localized image

To monitor the overall performance of the XenApp and XenDesktop Service, do the following:

  1. Navigate to the XenApp and XenDesktop Service.
  2. Select the Monitor tab.
The administrator can view information on sessions, logon duration, as well as other information.

Setting up workspaces and adding users

To offer the applications and desktops in your resource location as a service to your users, you can create a workspace and subscribe your users to it.

For more information about creating workspaces, see Creating and Publishing a Workspace.

Related information

You can publish an application that is simply a URL or UNC path to a resource, such as a Microsoft Word document or a web link. This is known as published content. You publish content using the Remote PowerShell SDK. For details, see Publish content.