Citrix Provisioning managed by Citrix Cloud

Citrix Provisioning supports a connector for Citrix Cloud integration. It enables provisioned VDAs to be used in the Citrix Virtual Apps and Desktops. This connector provides the same functionality used in on-premises deployments.

What’s required

The following elements are required when using Citrix Provisioning with Citrix Cloud:

  • Citrix Virtual Apps and Desktops Delivery Controller in Citrix Cloud: Citrix Virtual Apps and Desktops builds a version of the Citrix Provisioning PowerShell snap-in (Citrix.PVS.snapin) with a subset of the Citrix Provisioning on-premises cmdlet. This version is built specifically to run in Citrix Cloud and communicate with Citrix Provisioning on-premises through the Citrix Cloud Connector.
  • Citrix Cloud Connector located on-premises: The Cloud Connector acts as a relay which exposes the Azure Provisioning Service endpoints to enable communication between the Citrix Virtual Apps and Desktops Delivery Controller. Also, the Cloud Connector contains a WCF endpoint listening on the Azure Service Bus for communicating with the Provisioning Server.
  • Provisioning Server located on-premises; this server must be version 7.18 or later: The Provisioning Server communicates with the Cloud Connector while establishing SOAP calls to MAPI.
  • Citrix Virtual Apps and Desktops Remote PowerShell SDK: The Provisioning Console installation includes the Citrix Virtual Apps and Desktops SDK. This SDK is replaced by the Citrix Virtual Apps and Desktops Remote PowerShell SDK. The SDK is used by the Citrix Virtual Apps and Desktops Setup Wizard to push VDA records to the Delivery Controller in Citrix Cloud.
  • The Licensing Server must be on-premises: For Citrix Provisioning deployments, the Citrix License Server must be on-premises.

Dependencies

The following dependencies exist when using Citrix Provisioning and Citrix Cloud:

  • Citrix Studio
  • Citrix Cloud Connector, with the Remote Broker Provider (XaXdCloudProxy)
  • Citrix Virtual Apps and Desktops Remote PowerShell SDK

On-premises versus Citrix Cloud deployments

Traditional Citrix Virtual Apps and Desktops deployments using Citrix Provisioning require the management of two distinct elements: both the Citrix Virtual Apps and Desktops deployment and the Citrix Provisioning deployment. Such environments resemble the following image, without the added complexity of illustrating VDA components:

Image of Citrix Virtual Apps and Desktops and Citrix Provisioning deployment

With an on-premises Citrix Provisioning deployment, the Citrix Virtual Apps and Desktops have been extended to work with an on-premises Citrix Provisioning deployment:

Image of extended Citrix Virtual Apps and Desktops deployment

By extending the Citrix Virtual Apps and Desktops deployment, Citrix eliminates the need to operate and manage the deployment while still providing the benefits of a managed Citrix Provisioning deployment.

Citrix Provisioning can add provisioning managed VDAs to a machine catalog in the Citrix Virtual Apps and Desktops Delivery Controller located in Citrix Cloud. This process uses one of two methods:

  • Add new devices using the Citrix Virtual Apps and Desktops Setup Wizard in the Provisioning Console.
  • Import existing Citrix Provisioning devices using the machine catalog creation wizard in Studio.

Citrix Virtual Apps and Desktops Setup Wizard in the Citrix Provisioning Console

The Citrix Virtual Apps and Desktops Setup Wizard (XDSW) enables you to create Citrix Provisioning devices and collections, and then create machine catalogs containing these elements. For this functionality to work with the Delivery Controller in Citrix Cloud, the Citrix Virtual Apps and Desktops SDK must be replaced with the Citrix Virtual Apps and Desktops Remote PowerShell SDK. This Remote PowerShell SDK is responsible for communicating with the Delivery Controller.

Machine catalog setup wizard using Studio

The machine catalog setup wizard imports existing provisioned-managed VMs to a Citrix Virtual Apps and Desktops catalog. In cases such as these, the VMs must be previously created using the Provisioning Console. Consider:

  • Studio uses the PowerShell snap-in PvsPsSnapin to communicate with the Provisioning Server. The PvsPsSnapin is a subset of the existing Citrix Provisioning PowerShell snap-in, Citrix.PVS.Snapin. It contains the following cmdlets:

  • Clear-PvsConnection

  • Get-PvsVersion

  • Get-SimplePvsADAccount

  • Get-SimplePvsCollection

  • Get-SimplePvsDevice

  • Get-SimpleDiskLocator

  • Get-SimpleDiskUpdateDevice

  • Get-SimplePvsSite

  • Get-SimplePvsUpdateTask

  • Set-PvsConnection

Note:

In Citrix Cloud, PvsPsSnapin has been extended to enable communication from the Citrix Virtual Apps and Desktops to the PvsMapiProxyPlugin, a newly created proxy added to the XaXdCloudProxy in the Cloud Connector.

Communication is over a secure channel, HTTPS port 443, including Citrix Provisioning administrator credentials. These credentials are used by the proxy to impersonate the administrator before contacting the Provisioning Server.

Connecting your Citrix Provisioning deployment to the Citrix Virtual Apps and Desktops in Citrix Cloud

To connect an existing Citrix Provisioning deployment to Citrix Cloud:

  1. Add a Cloud Connector to your managed components, for example, resource locations.
  2. Upgrade Citrix Provisioning; you must use the latest version. Refer to the download page.
  3. Replace the Citrix Virtual Apps and Desktops SDK on your Provisioning Console with the Citrix Virtual Apps and Desktops Remote PowerShell SDK.

    When installing this SDK, consider that the Provisioning Console on which this functionality is installed does not communicate with local Citrix Virtual Apps and Desktops deployments. This functionality also applies to the Provisioning Server. Communication exists only to the Citrix Cloud. All devices managed by the Delivery Controller in Citrix Cloud has their vDisk images and VDAs updated to use the Delivery Controller to register with Citrix Virtual Apps and Desktops.

Important:

An on-premises Citrix license server is required in the Citrix Virtual Apps and Desktops Service deployment. Refer to the Licensing page for more information.

Adding the Citrix Cloud Connector

Connecting a Citrix Provisioning deployment to the service requires the addition of the Cloud Connector to your managed components, for example, your resource location. When adding this connector to managed components, consider:

  • The Cloud Connector installs on any domain-joined Windows 2012 R2 machine and Windows Server 2016.
  • The service does not directly call into the Cloud Connector.

To add the Cloud Connector, refer to the instructions on the Citrix Cloud Connector page.

Upgrade Citrix Provisioning

To use Citrix Cloud with Citrix Provisioning, you must use a version that integrates with the Citrix Virtual Apps and Desktops. For optimum performance, Citrix recommends using Citrix Provisioning version 7.18 or later. Access the Applications and Desktops Service Downloads page for the appropriate version.

Using the Citrix Virtual Apps and Desktops remote PowerShell SDK

The Provisioning Console component includes the Citrix Virtual Apps and Desktops SDK; this SDK must be replaced with the Citrix Virtual Apps and Desktops Remote PowerShell SDK.

To use the new SDK

  1. Uninstall the Citrix Virtual Apps and Desktops SDK from the Provisioning Console by removing the following snap-ins:
    • Citrix Broker PowerShell snap-in
    • Citrix Configuration Logging Service PowerShell snap-in
    • Citrix Configuration Service PowerShell snap-in
    • Citrix Delegated Administration Service PowerShell snap-in
    • Citrix Host Service PowerShell snap-in
  2. Download the Remote PowerShell SDK from the Downloads page. Powershell 3.0 is required to be pre-installed.
  3. Install the SDK using the command to execute: CitrixPoshSdk.exe PVS=YES.

    Important:

    Install the downloaded SDK from the command line, and include the argument “PVS=YES.”

    Image of License agreement

    Image of successful installation message

To verify the new SDK installation

  1. Open PowerShell.
  2. Execute the cmdlet: Add-PsSnapin Citrix*.
  3. Execute the cmdlet: Get-BrokerServiceStatus.
  4. Sign in to Citrix Cloud.

Tip:

The Get-BrokerServiceStatus cmdlet indicates that the Delivery Controller is OK.

Image of SDK verification command

Firewall considerations

Firewall configurations typically require zero or minimal updates. Consider the following:

  • On the Provisioning Console, outward bound SDK traffic uses HTTPS (port 443).
  • On the Cloud Connector machine, all traffic is outbound to the cloud over HTTPS (port 443). This process enables the connector and Console to reside behind NATs and HTTP proxies.
  • The new Citrix Provisioning proxy added to the Cloud Connector forwards HTTP (port 80) communications to the Provisioning Server, using wsHttp message security.

Note:

Personal vDisk functionality is not supported.

Administer VDAs

To add Citrix Provisioning managed VDAs to a machine catalog

  • Use the Citrix Virtual Apps and Desktops Setup Wizard in the Provisioning Console, or;
  • Use the machine catalog setup wizard in Studio

Using the Citrix Virtual Apps and Desktops Setup Wizard to add VDAs

The Citrix Virtual Apps and Desktops Setup Wizard creates Citrix Provisioning devices and collections, then creates machine catalogs containing these elements. The Wizard prompts for the Citrix Virtual Apps and Desktops Controller address.

  1. Provide the address of one of the Cloud Connector machines (rather than the Controller address).

    Image of Citrix Virtual Apps and Desktops Controller address

  2. After entering the address of the Cloud Connector, click Next.

    The Citrix Cloud authentication screen appears, prompting for sign-in credentials. This prompt, generated by the Citrix Virtual Apps and Desktops Remote PowerShell SDK, is invoked by the Provisioning Console.

    Image of Citrix Cloud sign-on screen

Tip:

The Citrix Cloud credentials enable the SDK to securely communicate with the Citrix Virtual Apps and Desktops to configure the machine catalogs. The remaining steps in the Citrix Virtual Apps and Desktops Setup Wizard are unchanged. The only difference is the prompt for the Citrix Cloud sign-in credentials when the wizard first invokes the cmdlet in the Remote PowerShell SDK.

Using the machine catalog setup wizard to add VDAs

This Studio wizard adds existing managed Citrix Provisioning VMs to a catalog. In this scenario, the VMs were previously created using the Provisioning Console.

To use this wizard

  1. Access Studio from the Manage tab of the Citrix Virtual Apps and Desktops page.
  2. Select Machine Catalogs in the navigation pane.
  3. Click Create New Catalog in the Actions pane.
  4. Select Citrix Provisioning, and click Next.

    Image of Machine Management screen

  5. On the Device Collection page, provide the address of the Provisioning Server and click Connect.

    Image of Device Collection screen

  6. Provide the login credentials for the Citrix Provisioning administrator and click OK.

    Image of Windows Security screen

    After entering the login credentials, Studio communicates with the Cloud Connector, which then forwards requests to the Provisioning Server using the specified credentials. If a valid Citrix Provisioning administrator is provided, device collections are displayed.

    Image of displayed device collections

    This authentication method represents the only difference between an on-premises Citrix Virtual Apps and Desktops deployment and a Citrix Virtual Apps and Desktops deployment in Citrix Cloud. In an on-premises case, the identity of the Studio user authenticates to the Provisioning Server. In the service model, an explicit authentication is required because Studio runs in an AD environment with no trust relationships to the AD of the Citrix Provisioning deployment.

Error messages in Studio

When setting up a machine catalog using the wizard, the Device Collection screen displays the state of Citrix Provisioning cloud connection. If the feature has not been enabled, an error message appears, indicating that “Citrix Provisioning for Cloud feature is not enabled.”

Image of Citrix Provisioning for Cloud feature is not enabled error

Troubleshooting the Citrix Provisioning Cloud Connector

Use the information in this section to troubleshoot issues related to using the Citrix Virtual Apps and Desktops Setup Wizard for Delivery Controller connectivity.

To verify connectivity

  1. Ensure that the Remote PowerShell SDK is installed and properly configured. Verify that the Remote Powershell SDK is installed by executing the following command: CitrixPoshSdk.exe PVS=YES.
  2. Uninstall the 5 Citrix Virtual Apps and Desktops snap-ins from the Citrix Provisioning Server and Console.
  3. Ensure that the Cloud Connector is on the same VLAN\VNET as the Provisioning Console system, otherwise communication fails.
  4. Ensure that the Citrix Provisioning account is also a member of the local Citrix Provisioning OS Admin group.

Tip:

To install the remote PowerShell SDK on the Provisioning Server, you must uninstall the 5 Citrix Virtual Apps and Desktops snap-ins, then install the remote PowerShell SDK.

Connection problems between the Provisioning Server and the Delivery Controller

Use the information in this section to troubleshoot connectivity problems between the Delivery Controller and the Provisioning Server.

To verify connectivity:

  1. Ensure that the Cloud Connector in the resource location is installed successfully.

  2. Ensure that the Cloud Connector is on the same VLAN\VNET as the Provisioning Console system.

  3. In Citrix Studio, ensure that the Zones screen properly displays the Cloud Connectors.

  4. Verify that at least one Cloud Connector is “Connected:”

    a. Sign in to https://citrix.cloud.com. b. Under Resource locations > Your Resource Location > Cloud Connectors, verify that at least one Cloud Connector is showing status as Green.

  5. Verify that Citrix Provisioning Support in Citrix Cloud is enabled. Ensure that the PvsSupport feature toggle is enabled in the customer’s configuration and by the Citrix Cloud administrator.
  6. Verify that the Citrix Remote Broker Provider is up and running in the Cloud Connector. Refer to the Cloud Connector to see if the Citrix Remote Broker Provider Service is running.

    Image of verification that Citrix Remote Broker Provider Service is running

Considerations when using the Machine Creation Service (MCS) Wizard

Use the information in this section when using the MCS wizard in Studio to import Citrix Provisioning devices into Citrix Virtual Apps and Desktop devices. Verify that:

  • Citrix Provisioning devices exist in the collection.
  • All target devices are joined to the domain at the same OU.
  • A host record of the hypervisor environment where on-prem VMs are located is created in Citrix Virtual Apps and Desktops.
  • The correct domain is chosen before the client’s domain. This process must occur before connecting to the Provisioning Server in the wizard.