Product Documentation

Provisioning Services Product Infrastructure

Sep 28, 2016

The Provisioning Services infrastructure design directly relates to administrative roles within a Provisioning Services farm. The Provisioning Services administrator role determines which components that administrator can manage or view in the Console.

There are several components that make up a Provisioning Services farm. The graphic that follows provides a high-level view of a basic Provisioning Services infrastructure and illustrates how Provisioning Services components might appear within that implementation.


The sections that follow provide a brief introduction to Provisioning Services components.

License Server

The product license server is installed within the shared infrastructure or an existing Citrix licence server can be selected.
Note: The license server is selected when the Configuration Wizard is run on a Provisioning Server. All Provisioning Servers within the farm must be able to communicate with the license server.

Provisioning Services Database

The database stores all system configuration settings that exist within a farm. Only one database can exist within a farm and all Provisioning Servers in that farm must be able to communicate with that database. You may choose to leverage an existing SQL Server database or install SQL Server Express, which is free and available from Microsoft.
Note: The database server is selected when the Configuration Wizard is run on a Provisioning Server.


The Console is a utility that is used to manage your Provisioning Services implementation. After logging on to the Console, you select the farm that you want to connect to. Your administrative role determines what you can view in the Console and manage in the farm.
Note: The Console is installed as a separate component and is available from the product installation media. The Provisioning Services Console is an MMC (Microsoft Management Console) snap-in. MMC specific console features are not described in this document. Refer to Microsoft’s MMC documentation for detailed information.

When the Farm node is expanded at the highest level, the Provisioning Services Console window appears. The Console includes the following:

Action Menu

The Action menu displays Provisioning Services tasks that can be performed on an object that is highlighted in the Console. The same tasks are available when you right-click on the object in the Console.

Tasks are object specific and can only be performed if the user has the appropriate role assigned (role-based administration). Your role determines what displays in the Console. For example, if you are a farm administrator, you can perform all tasks and see all objects in the farm. Device administrators can only perform device-collection management tasks on collections to which they have privileges. Administrator roles are described later in this chapter.

Console Tree and Details Pane

To view information about an object in the Details pane, click on the object or folder in the Tree pane. The Details pane provides information such as the objects name and a description of that object.

Properties Menus

To view or change an object’s properties, right-click on the object, then select the Properties menu option. You can also highlight the object in the Console window, then select Properties from the Action menu options. The Properties dialog displays property settings in tabular format.

Network Services

Network services include a DHCP service, Preboot Execution Environment (PXE) service, and a TFTP service. These service options can be used during the boot process to retrieve IP addresses, and locate then download the boot program from the Provisioning Server to the target device. Alternative boot options are also available.

Note: Network services can be installed with the product installation (optional), and then configured when the Configuration Wizard is run. Existing network services within your infrastructure can also be leveraged.


A farm represents the top level of a Provisioning Services infrastructure. The farm is created when the Configuration Wizard is run on the first Provisioning Server that will be added to that farm. Farms provide a farm administrator with a method for managing all components within the farm, such as:
  • Product licensing
  • Farm properties
  • Administrative roles
  • Active Directory configurations
  • Provisioning Servers
  • vDisk images
  • Target devices
  • Target device collections
  • Sites
  • Stores
  • Views
Note: All sites within a farm share that farm’s Microsoft SQL database. The Console does not need to be directly associated with the farm because remote administration is supported on any Console that can communicate with that farm’s network.
The Farms hierarchy in the Console consists of the following major components:
  • Stores
  • Sites
  • Views


A farm contains one or more stores. A store is a logical name that is given to a physical or virtual vDisk storage location. The store name is the common name used by all Provisioning Servers within the farm.

Example One

The physical vDisk for Windows XP resides on a Provisioning Server local to a site. The logical name that is given to this physical location is the store.

Store name (logical name): bostonwinxp

Physical path to the vDisk is: C:\vDisks\

Example Two

The physical vDisk for Windows XP resides on a network share (FinanceVdisks) at the farm level.

Store name (logical name): financevdisks

Physical path to the vDisk for all Provisioning Servers in the farm is: \\financeserver\financevdisks\

Access or visibility to a store depends on the users administrative privileges:
  • Farm administrators have full access to all stores within the farm.
  • Site administrators have access to only those stores owned by the site. They can delete stores owned by the site but they can not modify store properties or add vDisks to the store.
  • Device administrators and device operators have read-only access and can not view store information. Site Administrators may also have read-only access if that store exists at the farm level, or if that store belongs to another site.
Examples of store tasks that a Farm administrator is able to perform includes:
  • Configuring store properties
  • Creating or importing new vDisks
  • Adding new vDisk Versions to the store


One or more sites can exist within a Farm. The first site is created with the Configuration Wizard is run on the first Provisioning Server in the farm. A site provides both a site administrator and farm administrator, with a method of representing and managing components within a site, which includes:
  • Servers
  • vDisk Pools
  • vDisk Update Management components
  • Device Collections
  • Views
  • Hosts

Sites are represented in the Console as follows:



Provisioning Servers

A Provisioning Server is any server that has Stream Services installed, which is used to stream software from vDisks, as needed, to target devices. In some implementations, vDisks reside directly on the Provisioning Server. In larger implementations, Provisioning Servers may get the vDisk from a shared-storage location on the network.

Provisioning Servers also retrieve and provide configuration information to and from the Provisioning Services Database. Provisioning Server configuration options are available to ensure high availability and load-balancing of target device connections.

vDisk Pools

vDisk pools are the collection of all vDisks available to a site. There is only one vDisk pool per site.

vDisk Update Management

In the Console, the vDisk Update Management feature is used to configure the automation of vDisk updates using virtual machines. Automated vDisk updates can occur on a scheduled basis, or at any time that the administrator envokes the update directly from the Console. This feature supports updates detected and delivered from Electronic Software Delivery (ESD) servers, Windows updates, or other pushed updates.

When the Site node is expanded in the Console tree, the vDisk Update Management feature appears. When expanded, the vDisk Update Management feature includes the following managed components:
  • vDisks
  • Tasks

For details on using the vDisk Update Management feature, refer to Automating vDisk Updates.

Device Collections

Device collections provide the ability to create and manage logical groups of target devices. A target device is a device, such as desktop computer or server, that boots and gets software from a vDisk on the network. A device collection could represent a physical location, a subnet range, or a logical grouping of target devices. Creating device collections simplifies device management by performing actions at the collection level rather than at the target-device level.

Note: A target device can only be a member of one device collection.

Device collections are created and managed by farm administrators, site administrators that have security privileges to that site, or device administrators that have security privileges to that collection. Device administrators can not modify the collection itself; only the devices within it. Device operators can only perform tasks on device collections to which they are assigned.


vDisks exist as disk image files on a Provisioning Server or on a shared storage device. A vDisk consists of a VHD base image file, any associated properties files (.pvp), and if applicable, a chain of referenced VHD differencing disks (.avhd).

vDisks are assigned to target devices. Target devices boot from and stream software from an assigned vDisk image.

vDisk Modes

vDisk images are configured to be in Private Image mode (for use by a single device, read/write) or Standard Image mode (for use by multiple devices, read-only with various caching options).

vDisk Chain

Any updates to a vDisk base image may be captured in a versioned differencing disk, leaving the original base disk image unchanged. The following illustrates the basic relationship between a base disk and versions that reference that base disk.

Each time a vDisk is to be updated, a new version of the VHD differencing disk can be created and the file name is numerically incremented, as captured in the table that follows.
  VHD Filename
Base Image win7dev.avhd
Version 1 win7dev.1.avhd
Version 2 win7dev.2.avhd
... ...
Version N win7dev.N.avhd

Booting a vDisk

The method used to locate and boot from a vDisk on a server share is illustrated in the graphic that follows.

  1. The target device begins the boot process by communicating with a Provisioning Server and acquiring a license.
  2. The Provisioning Server checks the vDisk pool for vDisk information, which includes identifying the Provisioning Server(s) that can provide the vDisk to the target device and the path information that server should use to get to the vDisk. In this example, the vDisk shows that only one Provisioning Server in this site can provide the target device with the vDisk and that the vDisk physically resides on the Finance Server (shared storage at the farm level).
  3. The Provisioning Server locates the vDisk on Finance Server, then streams that vDisk, on demand, to the target device.


Views provide a method that allows you to quickly manage a group of target devices. Views are typically created according to business needs. For example, a view can represent a physical location, such as a building or user type. Unlike device collections, a target device can be a member of any number of views.

Views are represented in the Console as follows:

Note: Farm views can include any target device that exists in this farm. Site views can only include target devices that exist within that site.