Monthly Archives: November 2016

Citrix Workspace Enviroment Manager–Configuration part 2

In the first post on WEM –> I decribed the setup process. In this blogpost I will focus more on configuring the policies and deploying them to a set of users and agents based upon filters.

The setup in WEM is split into a couple of pieces, some of the settings can be applied to a user based upon different filters, some settings a of a global level and cannot be defined to a users or group. So let’s start with the first thing which is an Actions.


here we can define most of the properities which are defined in GPP. Printers, Applications, etc and so on. So for instance we can specify map network drive


So we can speficy the regular settings here and we can also under options speficy more options like reconnect, self-healing and such as we have in GPP. Now next we have filters, which helps us sort out how and who should get actions applied to them. Now there are bunch of different options here to choose from.


So we can have one or multiple filters in a rule. So for instance we can have actions applied on a user based upon XenDesktop farm name, where the client is coming from and time of day for instance. When you have created the filters we need to create a rule and bind the filters to it. So go into Filters –> Rules –> Add


So there specify the filters and click OK. So now that we have a couple of actions specified and an filter we can assign the actions based upon the filter to a set of users.
So go into Assigment –> Configured Users and search for a particular user –> and from there just double click on which action we want to assign to the users. When we bind an action we have the option to add it based upon a filter, for instnace if the users are connecting externally we do not want them to have printers mapped up from the office for instance

Showing assigned actions to a user


Assigning action with filter


So now that we have applied some actions, we can also specify some other settings like Resource Optimization and more Advanced features.  So let’s start with Memory Optimization. For instance, Working Set Optimization which defines that when an application becomes idle for a certain amount of time it is forced to release excess memory until they are no longer idle.


This screenshot shows the difference between optimized memory and non-optimized memory usage. On this two sessions there is one user opening the same PDF document, and after the idle walue kicks inn the memory usage goes down

66 MB vs 3,2 MB memory usage for PDF

We also have other settings which are of a global applied. We can configure, rules to hide the common UI elements, like My computer and so on. Remember also that by default it excludes Administrators from being processed so do not test with administratior accounts unless you remove that value.


From here we can also specify settings for Microsoft USV, Citrix UPM and VMware Persona settings, note that this is for certain versions of these features. The documentation from Citrix is of now quite lacking on that part. The only reference in the PDF documentation states

Please note that some options only work with specific versions of UPM; please consult the
relevant Citrix documentation for detailed instructions.”

From a client perspective there is an taskbar icon which the end-user can interact with the update settings and send feedback from. So for instance applications which are published to an user will end up here and they can start applications directly from here.


There are also other options like Capture screen which will allow end-users to take a screenshot directly and send it to support


The end-users can self-refresh settings which have been applied to the desktop. Or the administration can force update from within the console directly after adding printers / folder or something like that.

Docker platform management for Windows Containers

Previously I’ve blogged about what Containers and some a little bit abou the container ecosystem –> Now lately I’ve been involved in being able to deliver Windows Containers and there lack of container orchestration tools (as of now) Now Windows Container came in Windows Server 2016 & Windows 10 and it is still pretty new. So why? There are plenty of enterprise applications which run for instance .Net based applications or web services and could be converted to a docker container and the same goes for database instances and other smaller services as well so make it easier to scale and deploy.

But linux containers has been here a while already, and of course in the container lifecycle management space there are alot of different vendors in this space. So what does a Container solution deliver in terms of features?

  • 1: Universal Management Plane (Across multiple docker hosts)
  • 2: Common registry
  • 3: An orchestration solution (Swarm, Kubernetes, Marathon)
  • 4: Source code management and integration
    5: Monitoring / Loggings
    6: Persistent Storage configuration
    7: Service Discovery
    8: Deployment and management of Network
    9: Deployment private / public / host

The list is long but this are most of the required features for being able to deliver a CaaS solution. Now for Linux Containers there are alot of tools that we can use (Mesosphere, Kubernetes, Rancher, Openshift, Docker Datacenter) but of course the majority of platforms are running like this, Netflix for instance.

Now as of now Windows Containers are lacking this managmenet platform, as of now we cannot even use Swarm with Windows Containers (ref: another limitation to our Windows implementation of container networking is lack of support for service discovery, since they also cannot use any type of overlay network for multi-host nodes as well such as what Kubernetes and Openshift are using with VXLAN which is also another limitation.

But as of now Microsoft is doing rapid deployment to their public Docker Images

Now I’ve been so fortunate to hear that Docker Datacenter is soon coming with Docker Datacenter for Windows (Beta) you can sign up for the beta here –>

Also that Rancher will be supporting Windows Server 2016 Containers as well –> in an upcoming build.

introduction to Citrix Workspace Enviroment Manager–Part 1

So with the purchase of NorScale, Citrix again has enterede the UEM market. Now instead of going with RES or AppSense (Which is now at Landesk) they aimed for a product which is pretty small in comparison but I belive that this will makes it easier for Citrix to mold it into a product of their own. Now I’ve been eager to try it out for a while, but time has been quite limited over the last couple of months.

Now the product became available for download a couple of weeks back, still lacking quite alot on the documentation and information available but it has now been rebranded of their own. So what about the product, what does it do? It can alter the user enviroment, mapping drives, resources, printers, hide and lockdown the desktop, we can do this based upon different filters for instance LDAP OU, Groups and so on (ill come back to this part a bit later) so think of it as a more powerfull way to do Group Policy Preferences but without the limitations.
Another cool feature is the resource optimization part which allows us to save CPU / Memory.

The infrastructure components as of now are pretty simple deployment, we need to setup the solution to a license server or else you will get an error message(Like the one below)


and also you need to correct license as well which is XenApp and XenDesktop Enterprise and Platinum edition customers with active Software Maintenance.


Now to get started there are a couple of things that need to be in place, before we start installing it.

1: License Server VPX – Version

2: Database server (SQL 2012 +)
3: Server to install the console and the infrastructure role (If you are testing this in a lab don’t install the DB part on the DDC! and not on a domain controller it won’t work properly)

So when you setup the SQL database server, use windows authentication. The Workspace Enviroment Manager download consists of three components, Agent, Console and Infrastructure components. It also contains some Group Policy setting which we will import later.

After installing the infrastructure role on a server you will get a couple of applications available to do the further setup (Administration Console is only after you install the admin console MSI)


Start with Database Management

Then enter the information on the SQL server and name of the database to be created


NOTE: If you are encountering any errors on the setup. Look into the Program files folder of NorScale, there is a log file, “Citrix WEM Database Management Utility log”


On the final page you have a create database button, which would either give you a

Or if something fails you need to take a look at thelog file or in the SQL Server agent log. When the database is created we can go ahead and configure the broker service. Start the Broker Configuration options on the desktop

From there configure the licensing server


Configure the service account


Configure the Database settings


Then lastly save the broker configuration


If everything now is completly setup we now copy the ADMX templates and configure the group policy settings for the agents to connect to the broker. So the ADMX templates needs to be copied into the Central Store and PolicyDefinitions.

And this policy should only be created and applied for machine objects where we want the agent to be used.
Adding the ADMX policy will add a new Citrix policy settings for WorkSpace enviroment management. From there we need to configure the connection broker name and Agent post which it should communicate with. If you wish to alter the port number you need to configure the broker settings configuration again.


If for some reason agents are not connecting to the broker server you can check registry under the following value. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\norscale\Agent host


So the agent can be installed manually using the MSI downloaded or using silent install using the regular flags. After the agent is installed on a host and you’ve done gpupdate on it, it should start appearing inside the management console, under administration and agents


Stay tuned for Part two of Workspace Enviroment Manager where we will take a closer look at defining actions, filters and assigments.

Getting started with Docker Containers monitoring using Microsoft OMS

So been using alot of days the last couple of weeks working with OMS, it is becoming a powerhouse of features, even though you need to be aware of that the data usage can get totally out of control if it is not tuned properly, so it is becoming more like its big brother Operations Manager….

Anyway lets stick to OMS and Docker Container monitoring, which now is a preview feature as of now. It can be used either as a Container running the OMS agent (which is for CoreOS) or installing the OMS agent on a linux host


Now this was released in august, but then I looked at the OMS agent at Docker hub and noticed that this was now changed –>  now we can push the OMS container agent to any of the supported Linux distributions & Docker versions

  • Docker 1.10 thru 1.12.1
    Ubuntu 14.04 LTS, 16.04 LTS
    Amazon Linux 2016.03
    openSUSE 13.2
    CentOS 7
    SLES 12
    RHEL 7.2
    ACS Mesosphere DC/OS 1.7.3, 1.8.4

  • They way to use it is pretty simple you need

  • 1: OMS workspace with workspace ID & Primary key & you need to Docker integration enabled

  • 2: One Docker host

  • From the docker host you run the following to download the OMS agent image to the host.

  • sudo docker pull microsoft/oms

  • After the image has been downloaded you run the following

  • sudo docker run –privileged -d -v /var/run/docker.sock:/var/run/docker.sock -e WSID=”your workspace id” -e KEY=”your key” -p –name=”omsagent” –restart=always microsoft/oms

Now eventually if the docker host has network access you can see the information being updated to OMS


From the solution we can get alot of performance information from the different containers


It can also show the different containers host and docker images that are available in the repository


As of now this ONLY supported Linux Containers and not Windows Containers…. Hopefully Microsoft is moving forward with a Microsoft OMS agent for Windows Containers here as well.