Preview: Aggregate multiple Citrix DaaS instances

Introduction

This article is intended for customers with multiple instances of the Citrix DaaS (formerly Citrix Virtual Apps and Desktops service). The aggregation feature:

• Enables end users in the specified service instances to log on to one Citrix Workspace URL (customer.cloud.com). Those users can then access all their app and desktop icons, regardless of the service instance in which those resources are deployed.
• Enables help desk administrators to see help desk related information for all service instances in one Monitor console.
• Enables administrators to manage multiple instances from a single interface. In the upper right corner of the Full Configuration management interface, those administrators can easily switch between different instances.

The feature uses a hub and spoke approach. This article describes the PowerShell scripts that aggregate service instances from spokes to a hub. Scripts are also provided to remove previously aggregated instances.

This article uses the following terminology:

• Spoke: The customer whose instance of the Citrix DaaS is enumerated from.
• Hub: The customer whose instance of the Citrix DaaS is enumerated to.
• Get script: A PowerShell script that retrieves the current enumerations for a specific Citrix Cloud customer.
• Post to Citrix Cloud script: A PowerShell script that adds a Citrix Cloud enumeration for a specific Citrix Cloud customer.
• Post to service script: A PowerShell script that adds a Citrix DaaS enumeration for a specific Citrix Cloud customer.
• Delete from service script: A PowerShell script that removes an aggregation in the Citrix DaaS for a specific Citrix Cloud customer.
• Delete from Citrix Cloud script: A PowerShell script that removes an aggregation in Citrix Cloud for a specific Citrix Cloud customer.
• Customer: When one company subscribes to more than one instance of the Citrix DaaS, each service instance has a unique customer ID. So, in the context of this feature, each instance is considered a customer.

Configuration overview

Complete the following tasks:

1. Decide which customer will serve as the hub. That decision can be affected by various reasons, such as geography (region) and network resources.

2. Verify current aggregation: Run the Get script to determine which customers (if any) are currently aggregated to a hub customer.

3. Set up an aggregation in Citrix Cloud: Customize and run the Post to Citrix Cloud script, once for each spoke customer, identifying the hub instance.

4. Set up an aggregation in the Citrix DaaS: Customize and run the Post to service script, once for each spoke customer, identifying the hub instance.

5. Run the Get script again to verify setup of the intended aggregation.

Later, if you want to change the configuration:

• Remove an aggregation in the Citrix DaaS: Customize and run the Delete from service script to remove an aggregation in the Citrix DaaS.
• Remove an aggregation in Citrix Cloud: Customize and run a Delete from Citrix Cloud script to remove an aggregation from Citrix Cloud.

Requirements

• Full administrator access to the spoke and hub customers (the instances of the Citrix DaaS).
• Familiarity with Citrix Cloud and basic PowerShell principles.
• Windows PowerShell Integrated Scripting Environment (ISE).
• Items used by Citrix Cloud Services APIs. For guidance, see the API documentation overview. To customize the scripts, you need:
  • Customer IDs of your Citrix DaaS instances.
  • Bearer token value (CWSAuth) used for authentication and authorization when calling APIs. To learn how to retrieve your Citrix CWSAuth value, see CTX330675.

Configuration example

An administrator wants to aggregate five instances of the Citrix DaaS. Each instance is considered a customer.

• This example refers to the customers as A, B, C, D, and E.
• The administrator decides that customer C will be the hub. A, B, D, and E will be the spoke sites.
• This is the first time that instances are being aggregated.

1. Since this is the first time the service instances are being aggregated, the administrator knows that there are no existing enumerations (links from spokes to the hub). Otherwise, the administrator would customize and run the Get script to ensure that there are no enumerations.

2. The administrator customizes and runs the Post to Citrix Cloud script, once for each spoke customer, to set up the aggregation in Citrix Cloud. Each time, the script indicates the bearer token, the customer ID of the hub (customer C), and the customer ID of a non-hub customer (customer A, B, D, or E).

   • Post to Citrix Cloud script #1: Specifies the bearer token, the customer ID of the customer A (spoke), and the customer ID of customer C (hub).
   • Post to Citrix Cloud script #2: Specifies the bearer token, the customer ID of the customer B (spoke), and the customer ID of customer C (hub).
   • Post to Citrix Cloud script #3: Specifies the bearer token, the customer ID of the customer D (spoke), and the customer ID of customer C (hub).
   • Post to Citrix Cloud script #4: Specifies the bearer token, the customer ID of the customer E (spoke), and the customer ID of customer C (hub).

3. The administrator customizes and runs the Post to service script, once for each spoke customer, to set up the aggregation in the Citrix DaaS. Each time, the script indicates the bearer token, the customer ID of the hub (customer C), and the customer ID of a non-hub customer (customer A, B, D, or E).

   • Post to service script #1: Specifies the bearer token, the customer ID of customer A (spoke), and the customer ID of customer C (hub).
   • Post to service script #2: Specifies the bearer token, the customer ID of customer B (spoke), and the customer ID of customer C (hub).
   • Post to service script #3: Specifies the bearer token, the customer ID of customer D (spoke), and the customer ID of customer C (hub).
   • Post to service script #4: Specifies the bearer token, the customer ID of customer E (spoke), and the customer ID of customer C (hub).

4. After running the four Post to Citrix Cloud and four Post to service scripts, the administrator runs the Get script with the bearer token and the customer ID of the hub (customer C).

   The script output lists the four spoke customers (A, B, D, and E).

5. Later, the administrator decides to remove a spoke (customer E) from the aggregation. (As a precaution, the administrator might run the Get script first, to verify that customer E is still being aggregated.)

   1. The administrator customizes the Delete from service script to specify the bearer token, the customer ID of customer E (spoke to be removed), and the customer ID of customer C (hub). That script removes the enumeration of customer E from the service.

   2. After successfully running the Delete from service script, the administrator customizes and runs the Delete from Citrix Cloud script to remove the enumeration of customer E from Citrix Cloud.

   After running the Delete scripts, the administrator runs the Get script to ensure that customer A, B, and D remain as a spoke to hub C.

Verify current aggregation

The Get script displays current aggregation information, if any.

Get script

$headers = @{}
$headers.Add("Accept","application/json")
$headers.Add("Content-Type","application/json")
$headers.Add("Authorization","CWSAuth bearer=XXXXXXX")

$uri = "https://trust.citrixworkspacesapi.net/CustomerID/links"
$resp = Invoke-WebRequest -Method Get -Uri $uri -Headers $headers
Write-Host "Citrix Cloud Status Code: $($resp.RawContent)"

$uri = "https://resourceprovider.apps.cloud.com/CustomerID/aggregation"
$resp = Invoke-WebRequest -Method Get -Uri $uri -Headers $headers
Write-Host "CVAD Status Code: $($resp.RawContent)"
<!--NeedCopy-->

Prepare and run the Get script

1. Open the PowerShell ISE and paste the Get script into the working pane.
2. On line 4, replace CWSAuth bearer=XXXXXXX with your CWSAuth value (for example, CWSAuth bearer=AbCdef123Ghik…). This value is a long hash that resembles a certificate key.
3. On lines 6 and 10, replace CustomerID with the customer ID of the hub customer.
4. Run the script.

Expected output:

• If the customer does not have an enumeration, linkedCustomer and SPOKE-CUSTOMER ID are empty.
• If the customer has an enumeration, the customer ID of the spoke customer is shown.

Set up an aggregation in Citrix Cloud

The Post script links a customer in Citrix Cloud.

Post to Citrix Cloud script

$headers = @{}
$headers.Add("Accept","application/json")
$headers.Add("Content-Type","application/json")
$headers.Add("Authorization","CWSAuth bearer=XXXXXXX")

$uri = "https://trust.citrixworkspacesapi.net/HubCustomerID/links"

$resp = Invoke-RestMethod -Method Get -Uri $uri -Headers $headers
$allLinks = $resp.linkedCustomers + @("SpokeCustomerID")

$body = @{"customers"=$allLinks}
$bodyjson = $body | ConvertTo-Json

$resp = Invoke-WebRequest -Method Post -Uri $uri -Headers $headers -Body $bodyjson -ContentType 'application/json'
Write-Host "Citrix Cloud Status Code: $($resp.RawContent)"
<!--NeedCopy-->

Prepare and run the Post to Citrix Cloud script

1. Open the PowerShell ISE and paste the Post to Citrix Cloud script into the working pane.
2. On line 4, replace CWSAuth bearer=xxxxxxx1 with your CWSAuth value (for example, CWSAuth bearer=AbCdef123Ghik…). This value is a long hash that resembles a certificate key.
3. On line 6, replace HubCustomerID with the customer ID of the hub customer.
4. On line 9, replace SpokeCustomerID with the customer ID of the spoke customer.
5. Run the script.

Set up an aggregation in the Citrix DaaS

The Post to service script links a customer in the Citrix DaaS.

Post to service script

$headers = @{}
$headers.Add("Accept","application/json")
$headers.Add("Content-Type","application/json")
$headers.Add("Authorization","CWSAuth bearer=XXXXXXX")

$uri = "https://resourceprovider.apps.cloud.com/HubCustomerID/aggregation"

$body = @{SpokeCustomerId="SpokeCustomerID"}
$bodyjson = $body | ConvertTo-Json

$resp = Invoke-RestMethod -Method Put -Uri $uri -Headers $headers -Body $bodyjson -ContentType 'application/json'
Write-Host "Status Code: $($resp.RawContent)"
<!--NeedCopy-->

Prepare and run the Post to service script

Get a fresh bearer token to reflect the changes that the Post to Cloud script made in Citrix Cloud.

1. Open the PowerShell ISE. (If the PowerShell ISE is already open, clear the ISE working pane.) Paste the Post to service script into the working pane.
2. On line 4, replace CWSAuth bearer=XXXXXXX1 with your CWSAuth value (for example, CWSAuth bearer=AbCdef123Ghik…). This value is a long hash that resembles a certificate key.
3. On line 6, replace HubCustomerID with the customer ID of the hub customer.
4. On line 9, replace SpokeCustomerID with the customer ID of the spoke customer.
5. Run the script.

Remove an aggregation in the service

The Delete from service script removes an aggregation from the Citrix DaaS.

Delete from service script

$headers = @{}
$headers.Add("Accept","application/json")
$headers.Add("Content-Type","application/json")
$headers.Add("Authorization","CWSAuth bearer=XXXXXXX")

$uri = "https://resourceprovider.apps.cloud.com/HubCustomerID/aggregation"

$body = @{SpokeCustomerId="SpokeCustomerID"}
$bodyjson = $body | ConvertTo-Json

$resp = Invoke-WebRequest -Method Delete -Uri $uri -Headers $headers -Body $bodyjson -ContentType 'application/json'
Write-Host "Response: $($resp.RawContent)"
<!--NeedCopy-->

Prepare and run the Delete from service script

1. Open the PowerShell ISE and paste the Delete from service script into the working pane.
2. On line 4, replace CWSAuth bearer=XXXXXXX1 with your CWSAuth value (for example, CWSAuth bearer=AbCdef123Ghik…). This value is a long hash that resembles a certificate key.
3. On line 6, replace HubCustomerID with the customer ID of the hub customer.
4. On line 8, replace SpokeCustomerID with the customer ID of the spoke customer.
5. Run the script.

Remove an aggregation in Citrix Cloud

The Delete from Citrix Cloud script removes an aggregation in Citrix Cloud.

Delete from Citrix Cloud script

$headers = @{}
$headers.Add("Accept","application/json")
$headers.Add("Content-Type","application/json")
$headers.Add("Authorization","CWSAuth bearer=XXXXXXX")

$uri = "https://trust.citrixworkspacesapi.net/HubCustomerID/links/SpokeCustomerID"

$resp = Invoke-WebRequest -Method Delete -Uri $uri -Headers $headers
Write-Host "Response: $($resp.RawContent)"
<!--NeedCopy-->

Prepare and run the Delete from Citrix Cloud script

1. Open the PowerShell ISE. (If the PowerShell ISE is already open, clear the working pane.) Paste the Delete from Citrix Cloud script into the working pane.
2. On line 4, replace CWSAuth bearer=XXXXXXX1 with your CWSAuth value (for example, CWSAuth bearer=AbCdef123Ghik…). This value is a long hash that resembles a certificate key.
3. On line 6, replace HubCustomerID with the customer ID of the hub customer.
4. On line 6, replace SpokeCustomerID with the customer ID of the spoke customer.
5. Run the script.

After the Delete from Citrix Cloud script completes, run the Get script to validate that the aggregation was removed.