Design Decision: Application considerations

Microsoft Office and Microsoft 365 are among the most popular workloads delivered by Citrix today. Both Microsoft and Citrix have worked together to develop the best user experience when running Microsoft 365 from a Citrix session in Azure. Their collaboration created applications, processes, and guidance to help you deliver the best of breed solution. You likely have other applications hosted on the Citrix servers that must be analyzed and migrated to Azure. These applications have application data that must be accessible regardless of where the application resides. Here are the questions that you need to answer about Applications and Application Data:

How do I integrate the VDA-hosted applications with Microsoft 365?

  • Use Office 365 ProPlus when installing office

  • Microsoft 365 requires a plan that supports shared computer activation, which is required for any multi-user session hosts

  • After installing Office on a golden image, do not open any Office applications. If you open one Office application, you must reset the image to remove the temporary key which prevents user-level activation. To reset the image, uninstall Office, reboot and then reinstall Office.

  • For earlier versions of Office that use KMS licensing, such as Office 2010 and 2013, you must verify your KMS server is reachable from the Azure cloud. You can make your KMS server accesslble to your Citrix workloads by one of these methods:
    • Migrate your KMS server to the Azure cloud
    • Connect your on-premises data center to Azure using either an ExpressRoute or a Site-2-Site (S2S) Virtual Private Network (VPN)
  • When using FSLogix and Office 365 containers, follow these steps to integrate it with Windows Search, rebooting between each step:
    • Configure Automatic Startup (not delayed) for the Windows Search service. This configuration should be completed before installing Office so Office sets the required hooks.
    • Install Microsoft Office.
    • Install the FSLogix agent.
    • If you do not need Windows Search, you can disable the service. Before disabling the service, go ahead and complete the install steps to save on compute resources, then disable the service. With this approach, if later it is needed, you can enable the service easily.

Should I use FSLogix with Citrix workloads?

  • Use Microsoft GPOs to manage all Microsoft 365 Office settings

  • Microsoft FSLogix is the recommended approach to handle Microsoft365 integration. It handles the Outlook Search, Outlook PSTs and Office activation seamlessly.

  • Microsoft recommends using SSO (ADFS) with Microsoft365 Apps 1704 and above:

    • When ADFS is available, enable the “Automatically activate Office with federated organization credentials” GPO and configure the automatic logon in GPO Security Logon
    • if ADFS is not available, use FSLogix or Citrix Profile Manager to synchronize the following registry key %localappdata%\Microsoft\Office\16.0\Licensing to roam the Microsoft 365 token with the user

How should I configure Outlook? (Cached mode or online mode)?

  • Use Cached Exchange Mode when the following conditions are true:
    • A profile management solution such as FSLogix or Citrix Profile Manager is available to manage the OST file and the search index
    • Users require a more responsive email system
    • Connections between the Outlook client and the mail server have high latency or are frequently disrupted
  • Use Online Mode when the following conditions are true:
    • Low latency network connection is available
  • Use Active Directory Group Policy to configure Outlook Exchange mode, recommended settings include the following:
    • File > Cached Exchange Mode
    • Sync Settings
    • Disable Fast Access
    • Use Cached Exchange mode
    • Cache file

What settings should I use for Microsoft 365 when using Citrix Profile Management?

  • When using Citrix Profile Management use these items to provide a robust user experience and support the OST/PST storage locations and the Search Index locations

    • Use the latest version of Citrix Profile Manager. The latest version has features such as Native Outlook Search and Large File Handling which provide optimizations for Outlook.
    • Enable Large File Handling to allow storing OST/PST files on Azure Files.
    • Include these folders and registry in the Citrix Profile Management configuration:
      • %localappdata%\Microsoft\Office\16.0\Licensing
      • %localappdata%\Microsoft\Credential
      • AppData\Local\Microsoft\Credentials
      • AppData\Local\Microsoft\Windows\WebCache
      • AppData\LocalLow\Microsoft\CryptnetUrlCache
      • AppData\Local\Microsoft\Outlook
      • AppData\Local\Microsoft\Vault
      • AppData\Local\Microsoft\Office
      • AppData\Local\Microsoft\Office\*.qat
      • AppData\Local\Microsoft\Office\*.officeUI
      • AppData\Local\Microsoft\Windows\UsrClass.*
      • HKCU\Software\Microsoft\Office\16.0\Common\Identity\DisableADALatopWAMOverride

Where should I store my application data?

  • Use Azure Migrate or Movere to assess and plan the application migration

  • Check with the application vendors to determine if the software is supported in Azure. If planning to use PVS for streaming, also verify that the vendor supports Gen 2 VMs.

Where should my data be located relative to my application?

  • Data leaving Azure incurs an egress charge. Try to keep the applications and their data as close as possible to one another. Although ideal, this configuration is not always possible. When you cannot keep your data close to the application, focus on minimizing the latency between them.

What costs should I consider when determining my data location?

  • When working in a hybrid cloud environment that prevents both the application and its data from moving to Azure together, move the application first then move the application data. With this approach, the data egress charges are reduced.

How do I integrate Citrix Workspace with Microsoft 365 and Microsoft Teams?

  • For multi-session hosts, install Microsoft Teams after the VDA is installed on your golden image and install it under c:\program files using the ALLUSER=1 flag

  • Updates to the Microsoft Teams agent require an uninstall of the previous version before installing the new version

  • Set the Citrix Microsoft Teams redirection policy to allowed

  • Microsoft Teams relies on Azure Transport Relays the following ports and IP address ranges must be accessible
    • UDP 3478-3481
    • TCP 443
    • 137.106.64.0/18
    • 52.112.0.0/14
    • 52.120.0.0/14
  • Use Citrix Director’s Activity Manager to monitor Microsoft Teams applications such as WebSocketAgent.exe, WebSocketService.exe, and CtxSvcHost.exe

Citrix Optimization for Microsoft Teams on macOS

Deploy Microsoft 365 Apps as part of an operating system image

Deploying Azure Files for Citrix Profile Management and Citrix User Personalization layers

FSLogix Office 365 Container is Now Citrix Ready

Microsoft 365 network connectivity principles

Microsoft Office 365 for Citrix XenApp and XenDesktop 7.x

Microsoft Teams optimization in Citrix Virtual Apps and Desktops environments

Monitor, troubleshoot, and support Microsoft Teams

Design Decision: Application considerations

In this article