Linux Virtual Delivery Agent

Use Machine Creation Services (MCS) to create Linux VMs

To use MCS to create Linux VMs, prepare a master image on your hypervisor. This process leads to installing the VDA on the template VM, creating a Machine Catalog in Citrix Studio, creating a Delivery Group, and performing certain configuration tasks.

Note:

Unexpected results can occur if you try to prepare a master image on hypervisors other than Citrix Hypervisor, Microsoft Azure, VMware vSphere, AWS, GCP, or Nutanix AHV.

Microsoft Azure, AWS, and GCP are not supported as of Citrix Virtual Apps and Desktops 7 2003. But you can continue using the hosts in the Citrix Virtual Apps and Desktops service.

Supported distributions

  Winbind SSSD Centrify PBIS
RHEL 8.4 Yes No Yes Yes
CentOS 8 (2105) Yes No Yes Yes
RHEL 8.3 Yes No Yes Yes
CentOS 8.3 Yes No Yes Yes
RHEL 8.2 Yes No Yes Yes
CentOS 8.2 Yes No Yes Yes
RHEL 8.1 Yes No Yes Yes
CentOS 8.1 Yes No Yes Yes
RHEL 7.9 Yes Yes Yes Yes
CentOS 7.9 Yes Yes Yes Yes
RHEL 7.8 Yes Yes Yes Yes
CentOS 7.8 Yes Yes Yes Yes
Ubuntu 20.04 Yes Yes No Yes
Ubuntu 18.04 Yes Yes No Yes
Ubuntu 16.04 Yes Yes No Yes
Debian 10.9 Yes Yes No Yes
SUSE 15.3 Yes Yes No Yes
SUSE 15.2 Yes Yes No Yes
SUSE 12.5 Yes Yes No Yes

Note:

If you are using PBIS or Centrify for joining MCS-created machines to Windows domains, complete the following tasks:

  • On the template machine, configure the PBIS or Centrify package download path in the /etc/xdl/mcs/mcs.conf file or install the PBIS or Centrify package directly.
  • Before you run /opt/Citrix/VDA/sbin/deploymcs.sh, create an Organizational Unit (OU) that has write and password reset permissions to all its subordinate, MCS-created machines.
  • Before you restart MCS-created machines after /opt/Citrix/VDA/sbin/deploymcs.sh finishes running, run klist -li 0x3e4 purge on your Delivery Controller or on your Citrix Cloud Connector based on your deployment.

Use MCS to create Linux VMs on Citrix Hypervisor

Step 1: Prepare a master image

A master image contains the operating system, non-virtualized applications, VDA, and other software. To prepare a master image, do the following:

Step 1a: Install Citrix VM Tools

Install Citrix VM Tools on the template VM for each VM to be able to use the xe CLI or XenCenter. VM performance can be slow unless you install the tools. Without the tools, you cannot do any of the following:

  • Cleanly shut down, restart, or suspend a VM.
  • View the VM performance data in XenCenter.
  • Migrate a running VM (through XenMotion).
  • Create snapshots or snapshots with memory (checkpoints), and revert to snapshots.
  • Adjust the number of vCPUs on a running Linux VM.
  1. Run the following command to mount Citrix VM Tools named guest-tools.iso.

    sudo mount /dev/cdrom /mnt
    <!--NeedCopy-->
    
  2. Run the following command to install the xe-guest-utilities package based on your Linux distribution.

    For RHEL/CentOS:

    sudo rpm -i /mnt/Linux/xe-guest-utilities_{package-version}_all.rpm
    <!--NeedCopy-->
    

    For Ubuntu/Debian:

    sudo dpkg -i /mnt/Linux/xe-guest-utilities_{package-version}_all.deb
    <!--NeedCopy-->
    

    For SUSE 12:

    sudo rpm -i /mnt/Linux/xe-guest-utilities_{package-version}_all.rpm
    <!--NeedCopy-->
    
  3. Check the virtualization state of the template VM on the General tab in XenCenter. If Citrix VM Tools are installed correctly, the virtualization state is Optimized:

    Virtualization state being optimized

Step 1b: (For Ubuntu 16.04 only) Install OpenJDK 11

On Ubuntu 16.04, install OpenJDK 11 by completing the following steps:

  1. Download the latest OpenJDK 11 from https://jdk.java.net/archive/.
  2. Run the tar zxf openjdk-11.0.2_linux-x64_bin.tar.gz command to unzip the downloaded package.
  3. (Optional) Run the mv jdk-11.0.2/ <target directory> command to save OpenJDK in a target directory.
  4. Run the update-alternatives --install /usr/bin/java java <custom directory>/bin/java 2000 command to set up the Java runtime.
  5. Run the java -version command to verify the version of Java.

Step 1c: Install the Linux VDA package on the template VM

Note:

To use a currently running VDA as the template VM, skip this step.

Before installing the Linux VDA package on the template VM, install .NET Core Runtime 3.1. For more information, see Installation overview.

Based on your Linux distribution, run the following command to set up the environment for the Linux VDA:

For RHEL/CentOS:

sudo yum –y localinstall <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

For Ubuntu/Debian:

sudo dpkg –i  <PATH>/<Linux VDA DEB>

apt-get install -f
<!--NeedCopy-->

For SUSE 12:

sudo zypper –i install <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

Step 1d: Enable repositories to install the tdb-tools package

For RHEL 7 server:

subscription-manager repos --enable=rhel-7-server-optional-rpms
<!--NeedCopy-->

For RHEL 7 workstation:

subscription-manager repos --enable=rhel-7-workstation-optional-rpms
<!--NeedCopy-->

Step 1e: Install the EPEL repository that can offer ntfs-3g

Install the EPEL repository on RHEL 8/CentOS 8, RHEL 7/CentOS 7 so that running deploymcs.sh later installs the ntfs-3g package available in the EPEL repository.

Step 1f: Manually install ntfs-3g on SUSE 12

On the SUSE 12 platform, no repository provides ntfs-3g. Download the source code, compile, and install ntfs-3g manually:

  1. Install the GNU Compiler Collection (GCC) compiler system and the make package:

    sudo zypper install gcc
    sudo zypper install make
    <!--NeedCopy-->
    
  2. Download the ntfs-3g package.

  3. Decompress the ntfs-3g package:

    sudo tar -xvzf ntfs-3g_ntfsprogs-<package version>.tgz
    <!--NeedCopy-->
    
  4. Enter the path to the ntfs-3g package:

    sudo cd ntfs-3g_ntfsprogs-<package version>
    <!--NeedCopy-->
    
  5. Install ntfs-3g:

    ./configure
    make
    make install
    <!--NeedCopy-->
    

Step 1g: Set up the runtime environment

Before running deploymcs.sh, do the following:

  • Change variables in /etc/xdl/mcs/mcs.conf. The mcs.conf configuration file provides variables for setting MCS and the Linux VDA. The following are variables you can set as required:

    • Use_Existing_Configurations_Of_Current_VDA: Determines whether to use the existing configurations of the currently running VDA. If set to Y, the configuration files on MCS-created machines are the same as the equivalents on the currently running VDA. However, you still must configure the dns and AD_INTEGRATION variables. The default value is N, which means the configuration templates on the master image determine the configuration files on MCS-created machines.

    • dns: Sets the DNS IP address.

    • AD_INTEGRATION: Sets Winbind, SSSD (SSSD is not supported on SUSE), PBIS, or Centrify (we support Centrify only on RHEL and CentOS).

    • CENTRIFY_DOWNLOAD_PATH: Sets the path for downloading the Centrify package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • CENTRIFY_SAMBA_DOWNLOAD_PATH: Sets the path for downloading the Centrify Samba package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • WORKGROUP: Sets the workgroup name (case-sensitive) if you configured it in AD.

  • On the template machine, add command lines to the /etc/xdl/mcs/mcs_local_setting.reg file for writing or updating registry values as required. This action prevents the loss of data and settings every time an MCS-provisioned machine restarts.

    Each line in the /etc/xdl/mcs/mcs_local_setting.reg file is a command for setting or updating a registry value.

    For example, you can add the following command lines to the /etc/xdl/mcs/mcs_local_setting.reg file to write or update a registry value respectively:

     create -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -t "REG_DWORD" -v "Flags" -d "0x00000003" --force
     <!--NeedCopy-->
    
     update -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -v "Flags" -d "0x00000003"
     <!--NeedCopy-->
    

Step 1h: Create a master image

  1. Run /opt/Citrix/VDA/sbin/deploymcs.sh.
  2. (Optional) On the template VM, update the configuration templates to customize the relevant /etc/krb5.conf, /etc/samba/smb.conf, and /etc/sssd/sssd.conf files on all created VMs.

    For Winbind users, update the /etc/xdl/mcs/winbind_krb5.conf.tmpl and /etc/xdl/mcs/winbind_smb.conf.tmpl templates.

    For SSSD users, update the /etc/xdl/mcs/sssd.conf.tmpl, /etc/xdl/mcs/sssd_krb5.conf.tmpl, and /etc/xdl/mcs/sssd_smb.conf.tmpl templates.

    For Centrify users, update the /etc/xdl/mcs/centrify_krb5.conf.tmpl and /etc/xdl/mcs/centrify_smb.conf.tmpl templates.

    Note:

    Keep the existing format used in the template files and use variables such as $WORKGROUP, $REALM, $realm, ${new_hostname}, and $AD_FQDN.

  3. On Citrix Hypervisor, shut down the template VM. Create and name a snapshot of your master image.

Step 2: Create a machine catalog

In Citrix Studio, create a machine catalog and specify the number of VMs to create in the catalog. Do other configuration tasks as needed. For more information, see Create a machine catalog using Studio.

Step 3: Create a delivery group

A machine catalog is a collection of machines selected from one or more Machine Catalogs. The machine catalog specifies which users can use those machines, and the applications and desktops available to those users. For more information, see Create Delivery Groups.

Use MCS to create Linux VMs on Azure

Step 1: Create a hosting connection to Azure in Citrix Studio

  1. In Citrix Studio on Citrix Cloud, choose Configuration > Hosting > Add Connection and Resources to create a connection to Azure.

    Creating the connection to Azure

  2. Choose Microsoft Azure as the connection type.

    Choosing the Azure connection type

  3. Type the subscription ID of your Azure account and your connection name.

    Typing an Azure subscription ID

    A new connection appears in the hosting pane.

    A new Azure connection

Step 2: Prepare a master image on the template VM

A master image contains the operating system, non-virtualized applications, VDA, and other software. To prepare a master image, do the following:

Step 2a: Configure cloud-init for Ubuntu 18.04

To ensure that a VDA host name persists when a VM is restarted or stopped, run the following command.

 echo "preserve_hostname: true" > /etc/cloud/cloud.cfg.d/99_hostname.cfg
<!--NeedCopy-->

Ensure that the following lines are present under the system_info section in the /etc/cloud/cloud.cfg file:

system_info:
   network:
       renderers: ['netplan', 'eni', 'sysconfig']
<!--NeedCopy-->

Step 2b: (For Ubuntu 16.04 only) Install OpenJDK 11

On Ubuntu 16.04, install OpenJDK 11 by completing the following steps:

  1. Download the latest OpenJDK 11 from https://jdk.java.net/archive/.
  2. Run the tar zxf openjdk-11.0.2_linux-x64_bin.tar.gz command to unzip the downloaded package.
  3. (Optional) Run the mv jdk-11.0.2/ <target directory> command to save OpenJDK in a target directory.
  4. Run the update-alternatives --install /usr/bin/java java <custom directory>/bin/java 2000 command to set up the Java runtime.
  5. Run the java -version command to verify the version of Java.

Step 2c: Install the Linux VDA package on the template VM

Note:

To use a currently running VDA as the template VM, skip this step.

Before installing the Linux VDA package on the template VM, install .NET Core Runtime 3.1. For more information, see Installation overview.

Based on your Linux distribution, run the following command to set up the environment for the Linux VDA:

For RHEL/CentOS:

sudo yum –y localinstall <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

For Ubuntu/Debian:

sudo dpkg –i  <PATH>/<Linux VDA DEB>

apt-get install -f
<!--NeedCopy-->

For SUSE 12:

sudo zypper –i install <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

Step 2d: Install the EPEL repository that can offer ntfs-3g

Install the EPEL repository on RHEL 8/CentOS 8, RHEL 7/CentOS 7 so that running deploymcs.sh later installs the ntfs-3g package available in the EPEL repository.

Step 2e: Manually install ntfs-3g on SUSE 12

On the SUSE 12 platform, no repository provides ntfs-3g. Download the source code, compile, and install ntfs-3g manually:

  1. Install the GNU Compiler Collection (GCC) compiler system and the make package:

    sudo zypper install gcc
    sudo zypper install make
    <!--NeedCopy-->
    
  2. Download the ntfs-3g package.

  3. Decompress the ntfs-3g package:

    sudo tar -xvzf ntfs-3g_ntfsprogs-<package version>.tgz
    <!--NeedCopy-->
    
  4. Enter the path to the ntfs-3g package:

    sudo cd ntfs-3g_ntfsprogs-<package version>
    <!--NeedCopy-->
    
  5. Install ntfs-3g:

    ./configure
    make
    make install
    <!--NeedCopy-->
    

Step 2f: Set up the runtime environment

Before running deploymcs.sh, do the following:

  • Change variables in /etc/xdl/mcs/mcs.conf. The mcs.conf configuration file provides variables for setting MCS and the Linux VDA. The following are some of the variables, of which dns and AD_INTEGRATION must be set:

    Note: If a variable can be set with multiple values, put the values inside single quotes and separate them with spaces. For example, LDAP_LIST=’aaa.lab:389 bbb.lab:389.’

    • Use_Existing_Configurations_Of_Current_VDA: Determines whether to use the existing configurations of the currently running VDA. If set to Y, configuration files on MCS-created machines are the same as the equivalents on the currently running VDA. However, you still must configure the dns and AD_INTEGRATION variables. The default value is N, which means the configuration templates on the master image determine the configuration files on MCS-created machines.

    • dns: Sets the DNS IP address.

    • AD_INTEGRATION: Sets Winbind, SSSD (SSSD is not supported on SUSE), PBIS, or Centrify (we support Centrify only on RHEL and CentOS).

    • CENTRIFY_DOWNLOAD_PATH: Sets the path for downloading the Centrify package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • CENTRIFY_SAMBA_DOWNLOAD_PATH: Sets the path for downloading the Centrify Samba package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • WORKGROUP: Sets the workgroup name (case-sensitive) if you configured it in AD.

  • On the template machine, add command lines to the /etc/xdl/mcs/mcs_local_setting.reg file for writing or updating registry values as required. This action prevents the loss of data and settings every time an MCS-provisioned machine restarts.

    Each line in the /etc/xdl/mcs/mcs_local_setting.reg file is a command for setting or updating a registry value.

    For example, you can add the following command lines to the /etc/xdl/mcs/mcs_local_setting.reg file to write or update a registry value respectively:

     create -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -t "REG_DWORD" -v "Flags" -d "0x00000003" --force
     <!--NeedCopy-->
    
     update -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -v "Flags" -d "0x00000003"
     <!--NeedCopy-->
    

Step 2g: Create a master image

  1. Run /opt/Citrix/VDA/sbin/deploymcs.sh.
  2. (Optional) On the template VM, update the configuration templates to customize the relevant /etc/krb5.conf, /etc/samba/smb.conf, and /etc/sssd/sssd.conf files on all created VMs.

    For Winbind users, update the /etc/xdl/mcs/winbind_krb5.conf.tmpl and /etc/xdl/mcs/winbind_smb.conf.tmpl templates.

    For SSSD users, update the /etc/xdl/mcs/sssd.conf.tmpl, /etc/xdl/mcs/sssd_krb5.conf.tmpl, and /etc/xdl/mcs/sssd_smb.conf.tmpl templates.

    For Centrify users, update the /etc/xdl/mcs/centrify_krb5.conf.tmpl and /etc/xdl/mcs/centrify_smb.conf.tmpl templates.

    Note: Keep the existing format used in the template files and use variables such as $WORKGROUP, $REALM, $realm, ${new_hostname}, and $AD_FQDN.

  3. Install applications on the template VM and shut down the template VM from the Azure portal. Ensure that the power status of the template VM is Stopped (deallocated). Remember the name of the resource group here. You need the name to locate your master image on Azure.

    Image of stopped power status of template VM

Step 3: Create a Machine Catalog

In Citrix Studio, create a Machine Catalog and specify the number of VMs to create in the catalog. When creating the Machine Catalog, choose your master image from the resource group where the template VM belongs and find the VHD of the template VM.

Image of finding VHD of the template VM

Do other configuration tasks as needed. For more information, see Knowledge Center article CTX219270 and Create a machine catalog using Studio.

Step 4: Create a Delivery Group

A Delivery Group is a collection of machines selected from one or more Machine Catalogs. The Delivery Group specifies which users can use those machines, and the applications and desktops available to those users. For more information, see Create Delivery Groups.

Use MCS to create Linux VMs on VMware vSphere

Step 1: Create a hosting connection to VMware in Citrix Studio

  1. Install vCenter Server in the vSphere environment. For more information, see VMware vSphere.

  2. In Citrix Studio, choose Configuration > Hosting > Add Connection and Resources to create a connection to VMware vSphere.

    Image of creating connection to Azure

  3. Choose VMware vSphere as the connection type.

    Image of choosing VMware sphere

  4. Type the connection address (the vCenter Server URL) of your VMware account, your user name and password, and your connection name.

    Image of VMware connection name

    A new connection appears in the hosting pane.

    Image of new sphere connection

Step 2: Prepare a master image

A master image contains the operating system, non-virtualized applications, VDA, and other software. To prepare a master image, do the following:

Step 2a: (For Ubuntu 16.04 only) Install OpenJDK 11

On Ubuntu 16.04, install OpenJDK 11 by completing the following steps:

  1. Download the latest OpenJDK 11 from https://jdk.java.net/archive/.
  2. Run the tar zxf openjdk-11.0.2_linux-x64_bin.tar.gz command to unzip the downloaded package.
  3. (Optional) Run the mv jdk-11.0.2/ <target directory> command to save OpenJDK in a target directory.
  4. Run the update-alternatives --install /usr/bin/java java <custom directory>/bin/java 2000 command to set up the Java runtime.
  5. Run the java -version command to verify the version of Java.

Step 2b: Install the Linux VDA package on the template VM

Note:

To use a currently running VDA as the template VM, skip this step.

Before installing the Linux VDA package on the template VM, install .NET Core Runtime 3.1. For more information, see Installation overview.

Based on your Linux distribution, run the following command to set up the environment for the Linux VDA:

For RHEL/CentOS:

sudo yum –y localinstall <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

For Ubuntu/Debian:

sudo dpkg –i  <PATH>/<Linux VDA DEB>

apt-get install -f
<!--NeedCopy-->

For SUSE 12:

sudo zypper –i install <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

Step 2c: Install the EPEL repository that can offer ntfs-3g

Install the EPEL repository on RHEL 8/CentOS 8, RHEL 7/CentOS 7 so that running deploymcs.sh later installs the ntfs-3g package available in the EPEL repository.

Step 2d: Manually install ntfs-3g on SUSE 12

On the SUSE 12 platform, no repository provides ntfs-3g. Download the source code, compile, and install ntfs-3g manually:

  1. Install the GNU Compiler Collection (GCC) compiler system and the make package:

    sudo zypper install gcc
    sudo zypper install make
    <!--NeedCopy-->
    
  2. Download the ntfs-3g package.

  3. Decompress the ntfs-3g package:

    sudo tar -xvzf ntfs-3g_ntfsprogs-<package version>.tgz
    <!--NeedCopy-->
    
  4. Enter the path to the ntfs-3g package:

    sudo cd ntfs-3g_ntfsprogs-<package version>
    <!--NeedCopy-->
    
  5. Install ntfs-3g:

    ./configure
    make
    make install
    <!--NeedCopy-->
    

Step 2e: Set up the runtime environment

Before running deploymcs.sh, do the following:

  • Change variables in /etc/xdl/mcs/mcs.conf. The mcs.conf configuration file provides variables for setting MCS and the Linux VDA. The following are some of the variables, of which dns and AD_INTEGRATION must be set:

    Note: If a variable can be set with multiple values, put the values inside single quotes and separate them with spaces. For example, LDAP_LIST=’aaa.lab:389 bbb.lab:389.’

    • Use_Existing_Configurations_Of_Current_VDA: Determines whether to use the existing configurations of the currently running VDA. If set to Y, the configuration files on MCS-created machines are the same as the equivalents on the currently running VDA. However, you still must configure the dns and AD_INTEGRATION variables. The default value is N, which means the configuration templates on the master image determine the configuration files on MCS-created machines.

    • dns: Sets the DNS IP address.

    • AD_INTEGRATION: Sets Winbind, SSSD (SSSD is not supported on SUSE), PBIS, or Centrify (we support Centrify only on RHEL and CentOS).

    • CENTRIFY_DOWNLOAD_PATH: Sets the path for downloading the Centrify package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • CENTRIFY_SAMBA_DOWNLOAD_PATH: Sets the path for downloading the Centrify Samba package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • WORKGROUP: Sets the workgroup name (case-sensitive) if you configured it in AD.

  • On the template machine, add command lines to the /etc/xdl/mcs/mcs_local_setting.reg file for writing or updating registry values as required. This action prevents the loss of data and settings every time an MCS-provisioned machine restarts.

    Each line in the /etc/xdl/mcs/mcs_local_setting.reg file is a command for setting or updating a registry value.

    For example, you can add the following command lines to the /etc/xdl/mcs/mcs_local_setting.reg file to write or update a registry value respectively:

     create -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -t "REG_DWORD" -v "Flags" -d "0x00000003" --force
     <!--NeedCopy-->
    
     update -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -v "Flags" -d "0x00000003"
     <!--NeedCopy-->
    

Step 2f: Create a master image

  1. Run /opt/Citrix/VDA/sbin/deploymcs.sh.
  2. (Optional) On the template VM, update the configuration templates to customize the relevant /etc/krb5.conf, /etc/samba/smb.conf, and /etc/sssd/sssd.conf files on all created VMs.

    For Winbind users, update the /etc/xdl/mcs/winbind_krb5.conf.tmpl and /etc/xdl/mcs/winbind_smb.conf.tmpl templates.

    For SSSD users, update the /etc/xdl/mcs/sssd.conf.tmpl, /etc/xdl/mcs/sssd_krb5.conf.tmpl, and /etc/xdl/mcs/sssd_smb.conf.tmpl templates.

    For Centrify users, update the /etc/xdl/mcs/centrify_krb5.conf.tmpl and /etc/xdl/mcs/centrify_smb.conf.tmpl templates.

    Note: Keep the existing format used in the template files and use variables such as $WORKGROUP, $REALM, $realm, ${new_hostname}, and $AD_FQDN.

  3. After you finish installing applications on the template VM, shut down the template VM from the VMware. Take a snapshot of the template VM.

Step 3: Create a Machine Catalog

In Citrix Studio, create a Machine Catalog and specify the number of VMs to create in the catalog. When creating the Machine Catalog, choose your master image from the snapshot list.

Image of choosing a master image

Do other configuration tasks as needed. For more information, see Knowledge Center article CTX219270 and Create a machine catalog using Studio.

Step 4: Create a Delivery Group

A Delivery Group is a collection of machines selected from one or more Machine Catalogs. The Delivery Group specifies which users can use those machines, and the applications and desktops available to those users. For more information, see Create Delivery Groups.

Use MCS to create Linux VMs on AWS

Step 1: Create a hosting connection to AWS in Citrix Studio

  1. In Citrix Studio on Citrix Cloud, choose Configuration > Hosting > Add Connection and Resources to create a connection to AWS.

    Image of creating the connection to AWS

  2. Choose Amazon EC2 as the connection type.

    Image of choosing Amazon EC2

  3. Type the API key and secret key of your AWS account and type your connection name.

    Image of access key pair

    The API key is your access key ID and the Secret key is your secret access key. They are considered as an access key pair. If you lose your secret access key, you can delete the access key and create another one. To create an access key, do the following:

    1. Sign in to the AWS services.
    2. Navigate to the Identity and Access Management (IAM) console.
    3. On the left navigation pane, choose Users.
    4. Select the target user and scroll down to select the Security credentials tab.
    5. Scroll down and click Create access key. A new window appears.
    6. Click Download .csv file and save the access key to a secure location.

    A new connection appears in the hosting pane.

    Image of new AWS connection

Step 2: Prepare a master image

A master image contains the operating system, non-virtualized applications, VDA, and other software. To prepare a master image, do the following:

Step 2a: Configure cloud-init

  1. To ensure that a VDA host name persists when an EC2 instance is restarted or stopped, run the following command to preserve the VDA host name.

     echo "preserve_hostname: true" > /etc/cloud/cloud.cfg.d/99_hostname.cfg
    <!--NeedCopy-->
    

    For Ubuntu 18.04, ensure that the following lines are present under the system_info section in the /etc/cloud/cloud.cfg file:

    system_info:
        network:
            renderers: ['netplan', 'eni', 'sysconfig']
    <!--NeedCopy-->
    
  2. To use SSH for remotely accessing MCS-created VMs on AWS, enable password authentication because no key name is attached to those VMs. Do the following as needed.

    • Edit the cloud-init configuration file, /etc/cloud/cloud.cfg. Ensure that the ssh_pwauth: true line is present. Remove or comment the set-password line and the following lines if they exist.

       users:
       - default
       <!--NeedCopy-->
      
    • If you plan to use the default user ec2-user or ubuntu created by cloud-init, you can change the user password by using the passwd command. Keep the new password in mind for later use to log in to the MCS-created VMs.
    • Edit the /etc/ssh/sshd_config file to ensure that the following line is present:

       PasswordAuthentication yes
       <!--NeedCopy-->
      

      Save the file and run the sudo service sshd restart command.

Step 2b: (For Ubuntu 16.04 only) Install OpenJDK 11

On Ubuntu 16.04, install OpenJDK 11 by completing the following steps:

  1. Download the latest OpenJDK 11 from https://jdk.java.net/archive/.
  2. Run the tar zxf openjdk-11.0.2_linux-x64_bin.tar.gz command to unzip the downloaded package.
  3. (Optional) Run the mv jdk-11.0.2/ <target directory> command to save OpenJDK in a target directory.
  4. Run the update-alternatives --install /usr/bin/java java <custom directory>/bin/java 2000 command to set up the Java runtime.
  5. Run the java -version command to verify the version of Java.

Step 2c: Install the Linux VDA package on the template VM

Note:

To use a currently running VDA as the template VM, skip this step.

Before installing the Linux VDA package on the template VM, install .NET Core Runtime 3.1. For more information, see Installation overview.

Based on your Linux distribution, run the following command to set up the environment for the Linux VDA:

For RHEL/CentOS:

sudo yum –y localinstall <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

For Ubuntu/Debian:

sudo dpkg –i  <PATH>/<Linux VDA DEB>

apt-get install -f
<!--NeedCopy-->

For SUSE 12:

sudo zypper –i install <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

Step 2d: Install the EPEL repository that can offer ntfs-3g

Install the EPEL repository on RHEL 8/CentOS 8, RHEL 7/CentOS 7 so that running deploymcs.sh later installs the ntfs-3g package available in the EPEL repository.

Step 2e: Manually install ntfs-3g on SUSE 12

On the SUSE 12 platform, no repository provides ntfs-3g. Download the source code, compile, and install ntfs-3g manually:

  1. Install the GNU Compiler Collection (GCC) compiler system and the make package:

    sudo zypper install gcc
    sudo zypper install make
    <!--NeedCopy-->
    
  2. Download the ntfs-3g package.

  3. Decompress the ntfs-3g package:

    sudo tar -xvzf ntfs-3g_ntfsprogs-<package version>.tgz
    <!--NeedCopy-->
    
  4. Enter the path to the ntfs-3g package:

    sudo cd ntfs-3g_ntfsprogs-<package version>
    <!--NeedCopy-->
    
  5. Install ntfs-3g:

    ./configure
    make
    make install
    <!--NeedCopy-->
    

Step 2f: Set up the runtime environment

Before running deploymcs.sh, do the following:

  • Change variables in /etc/xdl/mcs/mcs.conf. The mcs.conf configuration file provides variables for setting MCS and the Linux VDA. The following are some of the variables, of which dns and AD_INTEGRATION must be set:

    Note: If a variable can be set with multiple values, put the values inside single quotes and separate them with spaces. For example, LDAP_LIST=’aaa.lab:389 bbb.lab:389.’

    • Use_Existing_Configurations_Of_Current_VDA: Determines whether to use the existing configurations of the currently running VDA. If set to Y, the configuration files on MCS-created machines are the same as the equivalents on the currently running VDA. However, you still must configure the dns and AD_INTEGRATION variables. The default value is N, which means the configuration templates on the master image determine the configuration files on MCS-created machines.

    • dns: Sets the DNS IP address.

    • AD_INTEGRATION: Sets Winbind, SSSD (SSSD is not supported on SUSE), PBIS, or Centrify (we support Centrify only on RHEL and CentOS).

    • CENTRIFY_DOWNLOAD_PATH: Sets the path for downloading the Centrify package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • CENTRIFY_SAMBA_DOWNLOAD_PATH: Sets the path for downloading the Centrify Samba package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • WORKGROUP: Sets the workgroup name (case-sensitive) if you configured it in AD.

  • On the template machine, add command lines to the /etc/xdl/mcs/mcs_local_setting.reg file for writing or updating registry values as required. This action prevents the loss of data and settings every time an MCS-provisioned machine restarts.

    Each line in the /etc/xdl/mcs/mcs_local_setting.reg file is a command for setting or updating a registry value.

    For example, you can add the following command lines to the /etc/xdl/mcs/mcs_local_setting.reg file to write or update a registry value respectively:

     create -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -t "REG_DWORD" -v "Flags" -d "0x00000003" --force
     <!--NeedCopy-->
    
     update -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -v "Flags" -d "0x00000003"
     <!--NeedCopy-->
    

Step 2g: Create a master image

  1. Run /opt/Citrix/VDA/sbin/deploymcs.sh.
  2. (Optional) On the template VM, update the configuration templates to customize the relevant /etc/krb5.conf, /etc/samba/smb.conf, and /etc/sssd/sssd.conf files on all created VMs.

    For Winbind users, update the /etc/xdl/mcs/winbind_krb5.conf.tmpl and /etc/xdl/mcs/winbind_smb.conf.tmpl templates.

    For SSSD users, update the /etc/xdl/mcs/sssd.conf.tmpl, /etc/xdl/mcs/sssd_krb5.conf.tmpl, and /etc/xdl/mcs/sssd_smb.conf.tmpl templates.

    For Centrify users, update the /etc/xdl/mcs/centrify_krb5.conf.tmpl and /etc/xdl/mcs/centrify_smb.conf.tmpl templates.

    Note: Keep the existing format used in the template files and use variables such as $WORKGROUP, $REALM, $realm, ${new_hostname}, and $AD_FQDN.

  3. Install applications on the template VM and shut down the template VM from the AWS EC2 portal. Ensure that the instance state of the template VM is Stopped.

  4. Right-click the template VM and select Image > Create Image. Type information and make settings as needed. Click Create Image.

    Image of create EBS image

Step 3: Create a Machine Catalog

In Citrix Studio, create a Machine Catalog and specify the number of VMs to create in the catalog. When creating the Machine Catalog, choose your machine template (the master image you created earlier) and select one or more security groups.

Image of creating a Machine Catalog

Image of selecting security groups

Do other configuration tasks as needed. For more information, see Knowledge Center article CTX219270 and Create a machine catalog using Studio.

Step 4: Create a Delivery Group

A Delivery Group is a collection of machines selected from one or more Machine Catalogs. The Delivery Group specifies which users can use those machines, and the applications and desktops available to those users. For more information, see Create Delivery Groups.

Use MCS to create Linux VMs on GCP

Step 1: Set up your GCP environment

For more information, see Google Cloud Platform virtualization environments.

Step 2: Create a hosting connection to GCP in Citrix Studio

  1. In Citrix Studio on Citrix Cloud, choose Configuration > Hosting > Add Connection and Resources to create a connection to GCP.

    Image of creating the connection to GCP

  2. Choose Google Cloud Platform as the connection type.

    Image of choosing Amazon EC2

  3. Import the service account key of your GCP account and type your connection name.

    Image of access key pair

    A new connection appears in the hosting pane.

    Image of new GCP connection

Step 3: Prepare a master image

A master image contains the operating system, non-virtualized applications, VDA, and other software. To prepare a master image, do the following:

Step 3a: (For Ubuntu 16.04 only) Install OpenJDK 11

On Ubuntu 16.04, install OpenJDK 11 by completing the following steps:

  1. Download the latest OpenJDK 11 from https://jdk.java.net/archive/.
  2. Run the tar zxf openjdk-11.0.2_linux-x64_bin.tar.gz command to unzip the downloaded package.
  3. (Optional) Run the mv jdk-11.0.2/ <target directory> command to save OpenJDK in a target directory.
  4. Run the update-alternatives --install /usr/bin/java java <custom directory>/bin/java 2000 command to set up the Java runtime.
  5. Run the java -version command to verify the version of Java.

Step 3b: Install the Linux VDA package on the template VM

Note:

To use a currently running VDA as the template VM, skip this step.

Before installing the Linux VDA package on the template VM, install .NET Core Runtime 3.1. For more information, see Installation overview.

Based on your Linux distribution, run the following command to set up the environment for the Linux VDA:

For RHEL/CentOS:

sudo yum –y localinstall <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

For Ubuntu/Debian:

sudo dpkg –i  <PATH>/<Linux VDA DEB>

apt-get install -f
<!--NeedCopy-->

For SUSE 12:

sudo zypper –i install <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

Step 3c: Install the EPEL repository that can offer ntfs-3g

Install the EPEL repository on RHEL 8/CentOS 8, RHEL 7/CentOS 7 so that running deploymcs.sh later installs the ntfs-3g package available in the EPEL repository.

Step 3d: Manually install ntfs-3g on SUSE 12

On the SUSE 12 platform, no repository provides ntfs-3g. Download the source code, compile, and install ntfs-3g manually:

  1. Install the GNU Compiler Collection (GCC) compiler system and the make package:

    sudo zypper install gcc
    sudo zypper install make
    <!--NeedCopy-->
    
  2. Download the ntfs-3g package.

  3. Decompress the ntfs-3g package:

    sudo tar -xvzf ntfs-3g_ntfsprogs-<package version>.tgz
    <!--NeedCopy-->
    
  4. Enter the path to the ntfs-3g package:

    sudo cd ntfs-3g_ntfsprogs-<package version>
    <!--NeedCopy-->
    
  5. Install ntfs-3g:

    ./configure
    make
    make install
    <!--NeedCopy-->
    

Step 3e: Set up the runtime environment

Before running deploymcs.sh, do the following:

  • Change variables in /etc/xdl/mcs/mcs.conf. The mcs.conf configuration file provides variables for setting MCS and the Linux VDA. The following are some of the variables, of which dns and AD_INTEGRATION must be set:

    Note: If a variable can be set with multiple values, put the values inside single quotes and separate them with spaces. For example, LDAP_LIST=’aaa.lab:389 bbb.lab:389.’

    • Use_Existing_Configurations_Of_Current_VDA: Determines whether to use the existing configurations of the currently running VDA. If set to Y, the configuration files on MCS-created machines are the same as the equivalents on the currently running VDA. However, you still must configure the dns and AD_INTEGRATION variables. The default value is N, which means the configuration templates on the master image determine the configuration files on MCS-created machines.

    • dns: Sets the DNS IP address.

    • AD_INTEGRATION: Sets Winbind, SSSD (SSSD is not supported on SUSE), PBIS, or Centrify (we support Centrify only on RHEL and CentOS).

    • CENTRIFY_DOWNLOAD_PATH: Sets the path for downloading the Centrify package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • CENTRIFY_SAMBA_DOWNLOAD_PATH: Sets the path for downloading the Centrify Samba package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • WORKGROUP: Sets the workgroup name (case-sensitive) if you configured it in AD.

  • On the template machine, add command lines to the /etc/xdl/mcs/mcs_local_setting.reg file for writing or updating registry values as required. This action prevents the loss of data and settings every time an MCS-provisioned machine restarts.

    Each line in the /etc/xdl/mcs/mcs_local_setting.reg file is a command for setting or updating a registry value.

    For example, you can add the following command lines to the /etc/xdl/mcs/mcs_local_setting.reg file to write or update a registry value respectively:

     create -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -t "REG_DWORD" -v "Flags" -d "0x00000003" --force
     <!--NeedCopy-->
    
     update -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -v "Flags" -d "0x00000003"
     <!--NeedCopy-->
    

Step 3f: Create a master image

  1. Run /opt/Citrix/VDA/sbin/deploymcs.sh.
  2. (Optional) On the template VM, update the configuration templates to customize the relevant /etc/krb5.conf, /etc/samba/smb.conf, and /etc/sssd/sssd.conf files on all created VMs.

    For Winbind users, update the /etc/xdl/mcs/winbind_krb5.conf.tmpl and /etc/xdl/mcs/winbind_smb.conf.tmpl templates.

    For SSSD users, update the /etc/xdl/mcs/sssd.conf.tmpl, /etc/xdl/mcs/sssd_krb5.conf.tmpl, and /etc/xdl/mcs/sssd_smb.conf.tmpl templates.

    For Centrify users, update the /etc/xdl/mcs/centrify_krb5.conf.tmpl and /etc/xdl/mcs/centrify_smb.conf.tmpl templates.

    Note:

    Keep the existing format used in the template files and use variables such as $WORKGROUP, $REALM, $realm, ${new_hostname}, and $AD_FQDN.

  3. After you finish installing applications on the template VM, shut down the template VM from the VMware. Take a snapshot of the template VM.

Step 4: Create a Machine Catalog

In Citrix Studio, create a Machine Catalog and specify the number of VMs to create in the catalog. When creating the Machine Catalog, choose your master image from the snapshot list.

Image of choosing a master image

Do other configuration tasks as needed. For more information, see Knowledge Center article CTX219270 and Create a machine catalog using Studio.

Step 5: Create a Delivery Group

A Delivery Group is a collection of machines selected from one or more Machine Catalogs. The Delivery Group specifies which users can use those machines, and the applications and desktops available to those users. For more information, see Create Delivery Groups.

Use MCS to create Linux VMs on Nutanix AHV

Step 1: Install and register the Nutanix AHV plug-in

Obtain the Nutanix AHV plug-in package from Nutanix. Install and register the plug-in in your Citrix Virtual Apps and Desktops environment. For more information, see the Nutanix Acropolis MCS plug-in installation guide, available at the Nutanix Support Portal.

Step 1a: Install and register the Nutanix AHV plug-in for on-premises Delivery Controllers

After you install Citrix Virtual Apps and Desktops, select and install the XD MCS AHV Plugin on your Delivery Controllers.

Nutanix AHV plug-in for on-premises Delivery Controllers

Step 1b: Install and register the Nutanix AHV plug-in for cloud Delivery Controllers

After you install Citrix Virtual Apps and Desktops, select and install the CWA MCS AHV Plugin for Citrix Cloud Connectors. Install the plug-in on all Citrix Cloud Connectors that are registered with the Citrix Cloud tenant. You must register Citrix Cloud Connectors even when they serve a resource location without the AHV.

Step 1c: Complete the following steps after installing the plug-in

  • Verify that a Nutanix Acropolis folder has been created in C:\Program Files\Common Files\Citrix\HCLPlugins\CitrixMachineCreation\v1.0.0.0.
  • Run the “C:\Program Files\Common Files\Citrix\HCLPlugins\RegisterPlugins.exe” -PluginsRoot “C:\Program Files\Common Files\Citrix\HCLPlugins\CitrixMachineCreation\v1.0.0.0” command.
  • Restart the Citrix Host, Citrix Broker, and Citrix Machine Creation Services on your on-premises Delivery Controllers or restart the Citrix RemoteHCLServer Service on Citrix Cloud Connectors.

    Tip:

    We recommend that you stop and then restart the Citrix Host, Citrix Broker, and Machine Creation Services when you install or update the Nutanix AHV plug-in.

Step 2: Create a hosting connection to Nutanix in Citrix Studio

  1. For on-premises Delivery Controllers, choose Configuration > Hosting > Add Connection and Resources in the on-premises Citrix Studio. For cloud Delivery Controllers, choose Manage > Hosting > Add Connection and Resources in the web-based Studio console on Citrix Cloud to create a connection to the Nutanix hypervisor.
  2. In the Add Connection and Resources wizard, select Nutanix AHV as the connection type on the Connection page, and then specify the hypervisor address, credentials, and your connection name. On the Network page, select a network for the hosting unit.

    For example, in the on-premises Citrix Studio:

    Creating a hosting connection to Nutanix in the on-premises Citrix Studio

    For example, in the web-based Studio console on Citrix Cloud:

    Creating a hosting connection to Nutanix in the web-based Studio console on Citrix Cloud

  3. On the Network page, select a network for the hosting unit.

Step 3: Prepare a master image on the template VM

A master image contains the operating system, non-virtualized applications, VDA, and other software. To prepare a master image, complete the following steps:

Step 3a: Install the Linux VDA package on the template VM

Note:

To use a currently running VDA as the template VM, skip this step.

Before installing the Linux VDA package on the template VM, install .NET Core Runtime 3.1. For more information, see Installation overview.

Based on your Linux distribution, run the following command to set up the environment for the Linux VDA:

For RHEL/CentOS:

sudo yum –y localinstall <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

For Ubuntu/Debian:

sudo dpkg –i  <PATH>/<Linux VDA DEB>

apt-get install -f
<!--NeedCopy-->

For SUSE 12:

sudo zypper –i install <PATH>/<Linux VDA RPM>
<!--NeedCopy-->

Step 3b: Install the EPEL repository that can offer ntfs-3g

Install the EPEL repository on RHEL 8/CentOS 8, RHEL 7/CentOS 7 so that running deploymcs.sh later installs the ntfs-3g package available in the EPEL repository.

Step 3c: Manually install ntfs-3g on SUSE 12

On the SUSE 12 platform, no repository provides ntfs-3g. Download the source code, compile, and install ntfs-3g manually:

  1. Install the GNU Compiler Collection (GCC) compiler system and the make package:

    sudo zypper install gcc
    sudo zypper install make
    <!--NeedCopy-->
    
  2. Download the ntfs-3g package.

  3. Decompress the ntfs-3g package:

    sudo tar -xvzf ntfs-3g_ntfsprogs-<package version>.tgz
    <!--NeedCopy-->
    
  4. Enter the path to the ntfs-3g package:

    sudo cd ntfs-3g_ntfsprogs-<package version>
    <!--NeedCopy-->
    
  5. Install ntfs-3g:

    ./configure
    make
    make install
    <!--NeedCopy-->
    

Step 3d: Set up the runtime environment

Before running deploymcs.sh, do the following:

  • Change variables in /etc/xdl/mcs/mcs.conf. The mcs.conf configuration file provides variables for setting MCS and the Linux VDA. The following are some of the variables, of which dns and AD_INTEGRATION must be set:

    Note: If a variable can be set with multiple values, put the values inside single quotes and separate them with spaces. For example, LDAP_LIST=’aaa.lab:389 bbb.lab:389.’

    • Use_Existing_Configurations_Of_Current_VDA: Determines whether to use the existing configurations of the currently running VDA. If set to Y, configuration files on MCS-created machines are the same as the equivalents on the currently running VDA. However, you still must configure the dns and AD_INTEGRATION variables. The default value is N, which means the configuration templates on the master image determine the configuration files on MCS-created machines.

    • dns: Sets the DNS IP address.

    • AD_INTEGRATION: Sets Winbind, SSSD (SSSD is not supported on SUSE), PBIS, or Centrify (we support Centrify only on RHEL and CentOS).

    • CENTRIFY_DOWNLOAD_PATH: Sets the path for downloading the Centrify package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • CENTRIFY_SAMBA_DOWNLOAD_PATH: Sets the path for downloading the Centrify Samba package. The value takes effect only when you set the AD_INTEGRATION variable to Centrify.

    • WORKGROUP: Sets the workgroup name (case-sensitive) if you configured it in AD.

  • On the template machine, add command lines to the /etc/xdl/mcs/mcs_local_setting.reg file for writing or updating registry values as required. This action prevents the loss of data and settings every time an MCS-provisioned machine restarts.

    Each line in the /etc/xdl/mcs/mcs_local_setting.reg file is a command for setting or updating a registry value.

    For example, you can add the following command lines to the /etc/xdl/mcs/mcs_local_setting.reg file to write or update a registry value respectively:

     create -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -t "REG_DWORD" -v "Flags" -d "0x00000003" --force
     <!--NeedCopy-->
    
     update -k "HKLM\System\CurrentControlSet\Control\Citrix\VirtualChannels\Clipboard\ClipboardSelection" -v "Flags" -d "0x00000003"
     <!--NeedCopy-->
    

Step 3e: On Nutanix AHV, shut down the template VM. Create and name a snapshot of your master image

Note:

You must prefix Acropolis snapshot names with XD_ for use in Citrix Virtual Apps and Desktops. Use the Acropolis console to rename your snapshots when needed. After you rename a snapshot, restart the Create Catalog wizard to obtain a refreshed list.

Step 4: Create a machine catalog

In Citrix Studio, create a machine catalog and specify the number of VMs to create in the catalog. On the Container page that is unique to Nutanix, select the container that you specified for the template VM earlier. On the Master Image page, select the image snapshot. On the Virtual Machines page, check for the number of virtual CPUs and the number of cores per vCPU.

Do other configuration tasks as needed. For more information, see Knowledge Center article CTX219270 and Create a machine catalog using Studio.

Note:

If your machine catalog creation process on the Delivery Controller takes a significant amount of time, go to Nutanix Prism and power on the machine prefixed with Preparation manually. This approach helps to continue the creation process.

Step 5: Create a delivery group

A delivery group is a collection of machines selected from one or more machine catalogs. The delivery group specifies which users can use those machines, and the applications and desktops available to those users. For more information, see Create delivery groups.

Use MCS to update your Linux VDA

To use MCS to update your Linux VDA, do the following:

  1. Ensure that you installed .NET Core Runtime 3.1 before you update your Linux VDA to the current release.

  2. update your Linux VDA on the template machine:

    Note:

    You can also use the Linux VDA self-update feature to schedule automatic software updates. To achieve this goal, add command lines to the etc/xdl/mcs/mcs_local_setting.reg file on the template machine. For example, you can add the following command lines:

    create -k "HKLM\System\CurrentControlSet\Control\Citrix\SelfUpdate" -t "REG_DWORD" -v "fEnabled" -d "0x00000001" –force
    
    create -k "HKLM\System\CurrentControlSet\Control\Citrix\SelfUpdate" -t "REG_SZ" -v "ScheduledTime" -d "Immediately" –force
    
    create -k "HKLM\System\CurrentControlSet\Control\Citrix\SelfUpdate" -t "REG_SZ" -v "Url" -d "<Your-Azure-Container-Url>" –force
    
    create -k "HKLM\System\CurrentControlSet\Control\Citrix\SelfUpdate" -t "REG_SZ" -v "CaCertificate" -d "<Local-Certificate-Path-of-PortalAzureCom>" --force
    <!--NeedCopy-->
    

    For RHEL 7 and CentOS 7:

    sudo rpm -U XenDesktopVDA-<version>.el7_x.x86_64.rpm
    <!--NeedCopy-->
    

    For RHEL 8 and CentOS 8:

    sudo rpm -U XenDesktopVDA-<version>.el8_x.x86_64.rpm
    <!--NeedCopy-->
    

    For SUSE 12:

    sudo rpm -U XenDesktopVDA-<version>.sle12_x.x86_64.rpm
    <!--NeedCopy-->
    

    For Ubuntu 16.04:

    sudo dpkg -i xendesktopvda_20.12.0.20-1.ubuntu16.04_amd64.deb
    <!--NeedCopy-->
    

    For Ubuntu 18.04:

    sudo dpkg -i xendesktopvda_20.12.0.20-1.ubuntu18.04_amd64.deb
    <!--NeedCopy-->
    

    For Ubuntu 20.04:

    sudo dpkg -i xendesktopvda_20.12.0.20-1.ubuntu20.04_amd64.deb
    <!--NeedCopy-->
    
  3. Edit /etc/xdl/mcs/mcs.conf and /etc/xdl/mcs/mcs_local_setting.reg.

  4. Take a new snapshot.

  5. In Citrix Studio, select the new snapshot to update your Machine Catalog. Wait before each machine restarts. Do not restart a machine manually.

Automate machine account password updates

Machine account passwords, by default, expire 30 days after the machine catalog is created. To prevent password expiration and to automate machine account password updates, do the following:

  1. Add the following entry to /etc/xdl/mcs/mcs.conf before running /opt/Citrix/VDA/sbin/deploymcs.sh.

    UPDATE_MACHINE_PW="enabled"

  2. After running /opt/Citrix/VDA/sbin/deploymcs.sh, open /etc/cron.d/mcs_update_password_cronjob to set the update time and frequency. The default setting updates machine account passwords weekly at 2:30AM, Sunday.

After each machine account password update, the ticket cache on the Delivery Controller becomes invalid and the following error might appear in /var/log/xdl/jproxy.log:

[ERROR] - AgentKerberosServiceAction.Run: GSSException occurred. Error: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)

To eliminate the error, clear the ticket cache regularly. You can schedule a cache cleanup task on all Delivery Controllers or on the domain controller.

Enable FAS on MCS-created VMs

You can enable FAS on MCS-created VMs that run on the following distributions:

  Winbind SSSD Centrify PBIS
RHEL 8, CentOS 8 Yes No No Yes
RHEL 7, CentOS 7 Yes Yes No Yes
Ubuntu 20.04 Yes No No No
Ubuntu 18.04 Yes No No No
Ubuntu 16.04 Yes No No No
Debian 10.9 Yes No No No
SUSE 12.5 Yes No No No

Enable FAS when you are preparing a master image on the template VM

  1. Import the root CA certificate.

    sudo cp root.pem /etc/pki/CA/certs/
    <!--NeedCopy-->
    
  2. Run ctxfascfg.sh. For more information, see Run ctxfascfg.sh.

  3. Set variables in /etc/xdl/mcs/mcs.conf.

    Note:

    You must set all necessary variables in /etc/xdl/mcs/mcs.conf because these variables are called upon VM startup.

    1. Set the value of Use_Existing_Configurations_Of_Current_VDA to Y.
    2. Set the FAS_LIST variable to your FAS server address or multiple FAS server addresses that are separated by semicolons and enclosed by double quotes, for example, FAS_LIST="<FAS_SERVER_FQDN>;<FAS_SERVER_FQDN>".
    3. Set the other variables as required, such as VDI_MODE.
  4. Run the script /opt/Citrix/VDA/sbin/deploymcs.sh.

Enable FAS on an MCS-created VM

If FAS is not enabled on the template machine as described earlier, you can enable FAS on each MCS-created VM.

To enable FAS on an MCS-created VM, do the following:

  1. Set variables in /etc/xdl/mcs/mcs.conf.

    Note:

    You must set all necessary variables in /etc/xdl/mcs/mcs.conf because these variables are called upon VM startup.

    1. Set the value of Use_Existing_Configurations_Of_Current_VDA to Y.
    2. Set the FAS_LIST variable to your FAS server address.
    3. Set the other variables as required, such as VDI_MODE.
  2. Import the root CA certificate.

    sudo cp root.pem /etc/pki/CA/certs/
    <!--NeedCopy-->
    
  3. Run the /opt/Citrix/VDA/sbin/ctxfascfg.sh script. For more information, see Run ctxfascfg.sh.