Citrix DaaS

Non-domain-joined

This article describes how to create non-domain-joined catalogs using Citrix DaaS.

Requirements

  • Control plane: Citrix DaaS

  • VDA type: Single-session or multi-session OS VDA

  • VDA version: 1811 or later as the minimum functional level for the catalog. If necessary, update the minimum functional level

  • Provisioning type: Machine Creation Services (MCS) Persistent and Non-persistent

  • Assignment type: Dedicated and pooled

  • Hosting platform: All platforms supported by MCS

  • Rendezvous V2 can be enabled so Citrix Cloud Connectors are not required. To enable Rendezvous, you must add a registry setting. For more information on how to add it, see VDA installation and configuration

Limitations

  • Service continuity is not supported.

Create non-domain-joined catalogs

Using Citrix DaaS, you can create catalogs based on workgroups or non-domain-joined machines. Creating non-domain-joined machines depends on how the account identity pool is created. The account identity pool is the mechanism used by MCS to create and track machine names during catalog provisioning.

You can create non-domain-joined catalogs by using the Full Configuration interface or PowerShell.

Use the Full Configuration interface

The following information is a supplement to the guidance in Create machine catalogs. To create non-domain-joined catalogs, follow the general guidance in that article, minding the details specific to non-domain-joined catalogs.

In the catalog creation wizard:

  • On the Machine Identities page, select Non-domain-joined. The created machines are not joined to any domain.

Note:

The Non-domain-joined identity type requires version 1811 or later of the VDA as the minimum functional level for the catalog. To make it available, update the minimum functional level if necessary.

Use PowerShell

The following are PowerShell steps equivalent to operations in Full Configuration.

You can create an identity pool for non-domain-joined catalogs using the Remote PowerShell SDK.

For example, in previous releases, all Active Directory fields were supplied in a single instance:

New-AcctIdentityPool -AllowUnicode -Domain "corp.local" -IdentityPoolName "NonDomainJoinedCatalog" -NamingScheme "NDJ-VM-##" -NamingSchemeType "Numeric" -OU "CN=Computers,DC=corp,DC=local"* -Scope @() -ZoneUid "81291221-d2f2-49d2-ab12-bae5bbd0df05"
<!--NeedCopy-->

MCS now uses new PowerShell parameters, WorkgroupMachine and IdentityType, to create an identity pool for non-domain-joined catalogs. Using the same example as above, the parameters eliminate the need to specify all AD-specific parameters including domain administrator credentials:

New-AcctIdentityPool -AllowUnicode -IdentityType "Workgroup" -WorkgroupMachine -IdentityPoolName "NonDomainJoinedCatalog" -NamingScheme "NDJ-VM-##" -NamingSchemeType "Numeric" -Scope @() -ZoneUid "81291221-d2f2-49d2-ab12-bae5bbd0df05"
<!--NeedCopy-->

All other commands used to create non-domain-joined catalogs are the same as for the traditional on-premises Active Directory joined catalogs.

Non-domain-joined