Which AD Groups Have Access to Your Farm?

If you ever get locked out of your PVS Console because someone in your organization changed Active Directory membership groups around, you will need to find out what security groups have permission to access the farm. It’d be super-easy if you could just open your Console…Security tab under Farm Properties. But what if you lost access?

…Fortunately there is a way because it’s all in the database. All you need to do is login to your SQL server, launch SQL Management Studio, expand the PVS database, right-click on the dbo.AuthGroup table, select top 1000 rows, and you will see a list of all the AD user groups that have permissions to access the farm. Then you will most likely realize that your Console user is NOT a member of any of those groups!

AuthGroup

How to Reverse Image a vDisk?

Reverse imaging can be a tedious procedure for some of us but is necessary to keep our vDisks up-to-date with hypervisor tools and cumulative hotfixes for PVS. Here are my 14 steps:

01. Boot your target device to the vDisk you want to reverse image with additional disk attached (same size or larger than the vDisk).
02. Make sure the new disk is visible in Windows Disk Management and mounted as a drive (i.e. D:\).
03. Use BNImage or XenConvert to copy the vDisk to the added drive (both tools are located under C:\Program Files\Citrix\Provisioning Services).
04. Make sure the new volue is set to Active in Disk Management.
05. Set the device to boot from Hard Disk in the PVS console.
06. Boot the device to Hard Drive by manually changing the boot order in BIOS.
07. Remove any antivirus software (Reboot).
08. Remove PVS target device software (Reboot).
09. Update hypervisor tools if necessary (Reboot).
10. Install latest PVS target device software (Reboot).
11. Run the PVS Imaging Wizard (System will reboot automatically and will continue to finish the conversion process). Before reboot change the boot order in BIOS to Network boot.
12. Switch the device to boot from vDisk in the PVS console (in Private or Maintenance Mode).
13. Install Antivirus software.
14. You are done.

What are yours? 🙂

Hotfix 19 (CPVS61019)

CPVS61019 (widely known as Hotfix 19) is the most current patch for PVS 6.1. It contains both server and target binaries and it’s essentially a full reinstall of PVS. Yes, it does require reverse imaging to upgrade your targets but in turn you get a whole lotta fixes from Stream Process to HA failover and Console performance improvements. Highly recommended! Get it here.

Write Cache

In order to work properly in a read-only OS environment, PVS requires persistent storage for a write cache. All data about activities during a vDisk connection is written to this temporary file called write cache. WC (yes, looks awful lot like the European term for toilet) only grows in size and never decreases. Fortunately enough, it is flushed upon reboot. You have three places you can store the WC – locally on the target device hard drive, in the target RAM, or in a directory on the Provisioning Server itself. The new version of PVS 7.1 allows for a forth option – cache on RAM with overflow on HD.

WriteCache

What is Citrix Provisioning Server?

Citrix Provisioning Services is a UDP-based streaming technology designed to deliver an operating system (vDisk) to client devices over the network. PVS uses PXE protocol specs (UNDI) to boot a target device (PXE client) and deliver a bootfile program that contains the instructions necessary to login to a Provisioning Server and start streaming the virtual disk over the network.

There are three really great things about PVS:

1. Single image management

Imagine you have a data center with 100 XenApp servers. Using traditional methods of server management, you would need to login to each and every one of them to make changes such as application updates, Windows patches, and lots of different things or maybe use GPOs to enforce certain modifications, etc.

With Citrix Provisioning Server (PVS) you can use a designated machine as a golden image, create a virtual disk from its hard drive, and assign it to hundreds or even thousands of servers for OS delivery. Since a vDisk has 2 modes – read/write and read-only, you can modify the image in read/write (Private mode) from one device and then stream to all your devices in read-only (Standard mode). That way all the changes made in Private mode update the VHD and can then be streamed to the rest of your devices in Standard mode propagating the changes you made instantaneously!

2. The Power of Read-Only

Read-only VHD is a truly powerful feature of PVS. Every time a machine is connected to a virtual disk from PVS, any changes made by users to the OS (outside of their roaming profiles) are flushed upon reboot! So, let’s say for instance, user John logs into a provisioned target device (e.g. XenApp server, XenDesktop, Windows endpoint, etc.) and messes with network adapter settings, clock, registry, etc., those changes are gone once the machine is shut down. Also, think about viruses! 🙂

3. Scalability

PVS is fully enterprise-ready. Not only you have the option of adding existing machines to Device Collections in the PVS Console but in a virtual environment you can spin them yourself! XenDesktop Setup Wizard and Streamed VM Setup Wizard are at your disposal to quickly create new VMs on the fly when you need them.