Product Documentation

Citrix PVS (XenServer, VMware, Hyper-V, Nutanix)

The PVS connector configuration requires an account that the App Layering appliance can use to access the virtual machine where you are creating a layer or publishing layered images.

Requirements

If you plan to publish layered images to your PVS environment, add a PVS connector configuration for that PVS location.

PVS requirements

  • PVS must be running as a domain account - For App Layering to work correctly with PVS, PVS must be running as a domain account. Domain accounts have permissions to access the PVS store and the local system account does not.
  • If your PVS server is configured to use the local system account, which is the default setting, you can change the account by running the PVS configuration tool. The tool gives you an option to run as local system or use a domain account. Choose a domain account.
  • PVS server and account information - For App Layering to access the location in your PVS environment where you want to publish a layered image, you need to supply the credentials and location in a PVS connector configuration.
  • The App Layering agent must be installed on each of your PVS servers. For details, see the agent installation instructions.

PVS connector configuration

The information you need for the PVS connector configuration includes.

  • Name- A useful name to help identify and keep track of this connector configuration.

  • Console- The name of the PVS server on which the App Layering agent is deployed. This is the server to which the vDisk will be published.

    Note:

    The host name is required, rather than the FQDN so that the PVS server can access the App Layering appliance if it is on a different domain.

  • Domain User- User name of a domain account that has permission to manage PVS. This account is used by the agent to run Provisioning Services PowerShell commands. This account must have Read/Write access to the PVS store for writing the published vDisk.

  • Password- Password for the domain user account.

  • Site Name- Name of the Site this vDisk is to be a member of.

  • Store Name- Name of the Store that this vDisk is a member of.

  • Write Cache- When a new Disk is being created, this value sets the Write Cache type of the new Disk. Possible values include:

    • Cache on Server
    • Cache on Server, Persistent
    • Cache in Device RAM
    • Cache in Device RAM with Overflow on Hard Disk
    • Cache on Device Hard Drive

    Important: When choosing a Write Cache option, see Selecting the write cache destination for standard vDisk images to ensure that the PVS servers and target devices that use this vDisk are properly configured for the type you select.

  • License Mode- Sets the Windows License Mode to:

    • KMS - Key Management Service
    • MAK - Multiple Activation Keys
    • None
  • Enable Active Directory machine account password management- Enables Active Directory password management. The default value is Enabled.

  • Enable Load Balancing- Enables load balancing. for the streaming of the vDisk.

  • Enable Printer Management- When enabled, invalid printers will be deleted from the Device.

Script configuration (Optional, advanced feature)

When creating a new connector configuration, you can configure an optional PowerShell script on any Windows machine running an App Layering agent–the same agent used on the PVS server. These scripts must be stored on the same machine that the App Layering agent is installed on, and are only run after a successful deployment of a layered image. Some preset variables are available to enable scripts to be reusable with different template images and different connector configurations. These variables will also contain information needed to identify the virtual machine created as part of the published layered image in PVS.

Running the scripts will not affect the outcome of the publish job, and progress of commands run in the script will not be visible. The PVS connector logs contain the output of the script that ran.

Configure a script

Remember that this procedure is optional. If you want a script to run each time a layered image is published, complete these steps using the values described in the sections that follow.

  1. Complete and save the connector configuration as described above.

    Note:

    Before selecting Script configuration page, you must save (or discard) any edits to the connector configuration settings,

  2. If the Navigation menu on the left is not open, select it and click Script Configuration to open the Script Path page.

  3. Complete the required fields using the values detailed herein, and click Save.

Script Configuration fields

  • Enable script- Select this check box to enable the remaining fields. This allows you to enter a script that runs each time a Layered Image is published.
  • Script Agent- The agent machine where the scripts are located and run from.
  • Username (optional)- The username to impersonate when running the script. This name can be used to ensure the script runs in the context of a user that has the needed rights/permissions to perform the operations in the script.
  • Password (optional)- The password for the specified username.
  • Script Path- A full path and file name on the agent machine where the script file resides.

Other Script Configuration values

Powershell variables

When the script is executed the following variables will be set and can be used in the powershell script:

Value Applies to connector types Value determined by which code Description
connectorCfgName All Common code The name of the connector configuration with which the script configuration is associated.
imageName All Common code The name of the layered image template that is used to build/publish the layered image.
osType All Common code The OS type of the published layered image. It can be one of the following values: Windows7; Windows764; Windows200864; Windows201264; Windows10; Windows1064
diskLocatorId All Provisioning Services The internal ID for the vDisk.

User Impersonation

The App Layering Agent, which runs as a service on a Windows machine, runs under either the local system account or the network account. Either of these accounts may have some special privileges, but they often are restricted when it comes to running specific commands or seeing files in the file system. Therefore, App Layering gives you the option of adding a domain user and password that can be used to “impersonate” a user. This means that the script can be run as if that user had logged onto the system so that any commands or data will be accessible subject to those user rights and permissions. If a user name or password is not entered, the script runs using the account under which the service is configured to run.

Script Execution Policy

Script execution policy requirements are generally up to you. If you intend to run unsigned scripts, you must configure the execution policy to one of the more lenient policies. However, if you sign your own scripts accordingly, you can choose to use a more restrictive execution policy.

Citrix PVS (XenServer, VMware, Hyper-V, Nutanix)