Citrix Virtual Apps and Desktops

Create delivery groups

Note:

You can manage your Citrix Virtual Apps and Desktops deployment using two management consoles: Web Studio (web-based) and Citrix Studio (Windows-based). This article covers only Web Studio. For information about Citrix Studio, see the equivalent article in Citrix Virtual Apps and Desktops 7 2212 or earlier.

A delivery group is a collection of machines selected from one or more machine catalogs. The delivery group specifies which users can use those machines, plus the applications and desktops available to those users.

Creating a delivery group is the next step in configuring your deployment after creating a site and creating a machine catalog. Later, you can change the initial settings in the first delivery group and create other delivery groups. There are also features and settings that you can configure only when editing a delivery group, not when creating it.

For Remote PC Access, when you create a site, a delivery group named “Remote PC Access Desktops” is automatically created.

To create a delivery group:

  1. If you have created a site and a machine catalog without a delivery group, Web Studio guides you to the correct starting place to create one.

  2. If you have already created a delivery group and want to create another, follow these steps:

    1. Select Delivery Groups. Select Create Delivery Group in the action pane.
    2. To organize delivery groups using folders, create folders under the default Delivery Groups folder. For more information, see Create a folder.
    3. Select the folder where you want to create the group, and then click Create Delivery Group. The group creation wizard opens.
  3. The wizard launches with an Introduction page, which you can remove from future launches of this wizard.
  4. The wizard then guides you through the pages described in the following section. When you are done with each page, click Next until you reach the final page.

Step 1. Machines

On the Machines page, select a catalog and select the number of machines you want to use from that catalog.

Good to know:

  • At least one machine must remain unused in a selected catalog.
  • A catalog can be specified in more than one delivery group. A machine can be used in only one delivery group.
  • A delivery group can use machines from more than one catalog; however, those catalogs must contain the same machine types (multi-session OS, single-session OS, or Remote PC Access). In other words, you cannot mix machine types in a delivery group. Similarly, if your deployment has catalogs of Windows machines and catalogs of Linux machines, a delivery group can contain machines from either OS type, but not both.
  • Citrix recommends that you install or upgrade all machines with the most recent VDA version. Upgrade catalogs and delivery groups as needed. When creating a delivery group, if you select machines that have different VDA versions installed, the delivery group is compatible with the earliest VDA version. This is called the group’s functional level. For example, if one of the machines has VDA version 7.1 and the other machines have the current version, all machines in the group can use only those features that were supported in VDA 7.1. This means that some features that require later VDA versions might not be available in that delivery group.
  • Each machine in a Remote PC Access catalog is automatically associated with a delivery group. When you create a Remote PC Access site, a catalog named “Remote PC Access Machines” and a delivery group named “Remote PC Access Desktops” are created automatically.
  • The following compatibility checks are performed:
    • MinimumFunctionalLevel must be compatible
    • SessionSupport must be compatible
    • AllocationType must be compatible for SingleSession
    • ProvisioningType must be compatible
    • PersistChanges must be compatible for MCS and Citrix Provisioning
    • RemotePC catalog is only compatible with Remote PC Access catalog
    • AppDisk related check

Step 2. Load balancing

To configure the load balancing settings while creating a delivery group:

  1. Sign in to Web Studio.
  2. In the left-navigation, click Delivery Groups.
  3. In the Delivery Groups page, click Create Delivery Group.
  4. In the Create Delivery Group wizard, click Next. The Machine wizard opens.
  5. In the Machines wizard, select a required machine catalog and click Next. The Load Balancing wizard opens.
  6. In the Load Balancing wizard, select the Override site-wide setting checkbox.
  7. Select either Horizontal load balancing or Vertical load balancing option as required and click Next.

    Load balancing settings during creating a delivery group

To configure the load balancing settings while editing an existing delivery group:

  1. Sign in to Web Studio.
  2. In the left-navigation, click Delivery Groups.
  3. Select a Delivery Group from the list and click Edit. The Edit Delivery Group wizard opens.
  4. In the Edit Delivery Group page, click Load Balancing.
  5. Select the Override site-wide setting checkbox.
  6. Select either Horizontal load balancing or Vertical load balancing option as required and click Save.

    Load balancing settings during editing a delivery group

Note:

When Vertical load balancing setting is applied, make sure that the Concurrent logon tolerance and Maximum number of sessions polices are configured appropriately.

Policy settings for Vertical Load Balancing while creating or editing a delivery group

For more information about load balancing at site and delivery group level, see Load balance machines

Step 3. Delivery type

This page appears only if you chose a catalog containing static (assigned) single-session OS machines.

On the Delivery Type page, choose either Applications or Desktops. You cannot enable both.

If you selected machines from a multi-session OS or single-session OS random (pooled) catalog, the delivery type is assumed to be applications and desktops: you can deliver applications, desktops, or both.

Step 4. Users

Specify the users and user groups who can use the applications and desktops in the delivery group.

Where user lists are specified

Active Directory user lists are specified when you create or edit the following:

  • A site’s user access list, which is not configured through Web Studio. By default, the application entitlement policy rules includes everyone. See the PowerShell SDK BrokerAppEntitlementPolicyRule cmdlets for details.
  • Application groups (if configured).
  • Delivery groups.
  • Applications.

The list of users who can access an application through StoreFront is formed by the intersection of the above user lists. For example, to configure the use of application A to a particular department, without unduly restricting access to other groups:

  • Use the default application entitlement policy rule that includes everyone.
  • Configure the delivery group user list to allow all headquarters users to use any of the applications specified in the delivery group.
  • (If application groups are configured) Configure the application group user list to allow members of the Administration and Finance business unit to access applications A through L.
  • Configure application A’s properties to restrict its visibility to only Accounts Receivable staff in Administration and Finance.

Authenticated and unauthenticated users

There are two types of users: authenticated and unauthenticated (unauthenticated is also called anonymous). You can configure one or both types in a delivery group.

  • Authenticated: To access applications and desktops, the users and group members you specify by name must present credentials such as smart card or user name and password to StoreFront or Citrix Workspace app. For delivery groups containing single-session OS machines, you can import user data (a list of users) later by editing the delivery group.
  • Unauthenticated (anonymous): For delivery groups containing multi-session OS machines, you can allow users to access applications and desktops without presenting credentials to StoreFront or Citrix Workspace app. For example, at kiosks, the application might require credentials, but the Citrix access portal and tools do not. An Anonymous Users Group is created when you install the first Delivery Controller.

    To grant access to unauthenticated users, each machine in the delivery group must have a VDA for Windows Server OS (minimum version 7.6) installed. When unauthenticated users are enabled, you must have an unauthenticated StoreFront store.

    Unauthenticated user accounts are created on demand when a session is launched, and are named AnonXYZ, in which XYZ is a unique three-digit value.

    Unauthenticated user sessions have a default idle timeout of 10 minutes, and are logged off automatically when the client disconnects. Reconnection, roaming between clients, and Workspace Control are not supported.

The following table describes your choices on the Users page:

Enable access for Add/assign users and user groups? Enable the “Give access to unauthenticated users” checkbox?
Only authenticated users Yes No
Only unauthenticated users No Yes
Both authenticated and unauthenticated users Yes Yes

Step 5. Applications

Good to know:

  • You cannot add applications to Remote PC Access delivery groups.
  • By default, new applications you add are placed in a folder named Applications. You can specify a different folder. For details, see the Manage Applications article.
  • You can change the properties for an application when you add it to a delivery group, or later. For details, see the Manage Applications article.
  • If you try to add an application and one with the same name exists in that folder, you are prompted to rename the application you are adding. If you decline, the application is added with a suffix that makes it unique within that application folder.
  • When you add an application to more than one delivery group, a visibility issue can occur if you do not have sufficient permission to view the application in all of those delivery groups. In such cases, either consult an administrator with greater permissions or have your scope extended to include all the delivery groups to which the application was added.
  • If you publish two applications with the same name to the same users, change the Application name (for user) property in Web Studio; otherwise, users see duplicate names in Citrix Workspace app.

Click Add to display the application sources.

  • From Start menu: Applications that are discovered on a machine created from the master image in the selected catalog. When you select this source, a new page launches with a list of discovered applications; select those you want to add and then click OK.
  • Manually: Applications located on a VDA in the delivery group or elsewhere in your network. Selecting this source opens a new page where you specify an application to add in the following ways:
    • Type the path to the executable, working directory, optional command line arguments, and display names for administrators and users.
    • Select an application from a VDA in the delivery group. To do so, click Browse, enter credentials for accessing the VDA, wait to be connected to the VDA, and then select an application from the VDA. The properties of the selected application automatically populate fields on the page.
  • Existing: Applications previously added to the site, perhaps in another delivery group. When you select this source, a new page launches with a list of discovered applications. Add the applications and click OK.
  • App-V: Applications in App-V packages. When you select this source, a new page launches where you select the App-V server or the Application Library. Select the applications you want to add from the resulting display and then click OK. For more information, see Deploy and deliver App-V applications.

If an application source or application is not available or valid, it is either not visible or cannot be selected. For example, the Existing source is not available if no applications have been added to the site. Or, an application might not be compatible with the supported session types on machines in the selected catalog.

Step 6. Desktops

The title of this page depends on the catalog you chose on the Machines page:

  • If you chose a catalog containing pooled machines, this page is titled Desktops.
  • If you chose a catalog containing assigned machines and specified “Desktops” on the Delivery Type page, this page is titled Desktop User Assignments.
  • If you chose a catalog containing assigned machines and specified “Applications” on the Delivery Type page, this page is titled Application Machine User Assignments.

Click Add. In the dialog box:

  • In the Display name and Description fields, type the information to be displayed in Citrix Workspace app.
  • To add a tag restriction to a desktop, select Restrict launches to machines with this tag and then select the tag from the drop-down list. For more information, see Tags.
  • Use the radio buttons to launch a desktop or to assign a machine when launching the desktop. The users can be either everyone who can access this delivery group, or specific users and user groups.
  • If the group contains assigned machines, specify the maximum number of desktops per user. This must be a value of one or greater.
  • Enable or disable the desktop (for pooled machines) or desktop assignment rule (for assigned machines). Disabling a desktop stops desktop delivery. Disabling a desktop assignment rule stops desktop auto-assignment to users.
  • When you are finished with the dialog box, click OK.

Maximum instances of a desktop in a site (PowerShell only)

To configure the maximum instances of a desktop in the site (PowerShell only):

  • In PowerShell, use the appropriate BrokerEntitlementPolicyRule cmdlet with the MaxPerEntitlementInstances parameter. For example, the following cmdlet modifies the tsvda-desktop rule to set the maximum concurrent instances of a desktop allowed in the site to two. When there are two desktop instances running, an error occurs if a third subscriber attempts to start a desktop.

    Set-BrokerEntitlementPolicyRule -Name tsvda-desktop -MaxPerEntitlementInstances 2

  • For guidance, use the Get-Help cmdlet. For example, Get-Help Set-BrokerEntitlementPolicyRule-Parameter MaxPerEntitlementInstances.

Step 7. Summary

Enter a name for the delivery group. You can also (optionally) enter a description, which appears in the Citrix Workspace app and in Web Studio.

Review the summary information and then click Finish.

Create delivery groups