XenDesktop 5 FAQ

Table of Contents
General 2
SQL Database 3
Administration 6
Virtual Desktop Agent (VDA) 13
Power Management 16
XenServer 17
Hyper-V 17
VMWare ESX / vSphere 18
Single Sign-On 18
HDX 3D 18
Machine Creation Services (MCS) 18
Remote Access 20
High Availability using NetScaler 20
Troubleshooting 21
References 22
General
Does Quick Deploy have any limitations?
Quick Deploy is designed to rapidly create a new virtual desktop infrastructure using Machine
Creation Services. For that reason, it is not intended to make use of existing virtual,
provisioned, or physical desktops. Also, Quick Deploy assumes all components are installed
on the same server.

Is Remote Desktop Services required?

No. Remote Desktop Services (formally Terminal Services) is no longer required on servers
running the Desktop Delivery Controller.

How do I change the license server or port?

In the Desktop Studio, click the Configuration node, and then, on the top right of the console
under Actions, click Edit licensing.

How is shadowing performed in XenDesktop 5?

Microsoft Remote Assistance is now used to shadow user desktop sessions. Refer to
CTX127388 – [entryID]CTX127388[/entryID]

Policy settings are not being applied properly. How can I determine what is
causing the problem?
If you experience issues when using the Active Directory Group Policy Management Console
to create and configure Citrix policies, refer to CTX127461 – [entryID]CTX127461[/entryID]

Can I redeploy XenDesktop 5 without uninstalling and re-installing?

Yes. The following article provides instruction for creating a new clean environment without
the need to reinstall XenDesktop 5. CTX127421 – [entryID]CTX127421[/entryID]

Where can I find general information about XenDesktop licensing?

Information regarding XenDesktop licensing can be found in CTX128013–
[entryID]CTX128013 [/entryID]

Is there a complete list of downloads for XenDesktop 5?

The complete list of downloads available for XenDesktop 5 can be found in CTX129750 –
[entryID]CTX129750[/entryID]

Is there a list of supported hypervisors for XenDesktop 5?

The complete list of supported hypervisors can be found in CTX131239 –

[entryID]CTX131239[/entryID]
I was able to change the ICA virtual channel priority in XenDesktop 4 by
exporting, editing, and re-importing the Desktop Delivery Controller settings.
How is this done in XenDesktop 5?
These changes are now made on the Virtual Desktop Agent using registry settings. Refer to
CTX128190 – [entryID]CTX128190[/entryID]

I would like to install Web Interface on a separate server. Is there a

recommended order for installing and installing Web Interface for use with
XenDesktop 5?
While Web Access can be installed using the XenDesktop 5 installation media and deselecting
all options except Web Access, it is also possible to install Web Access manually for security
or other deployment reasons using CTX127441 – [entryID]CTX127441[/entryID]

I would like to install Cloud Gateway Express - is this supported with XenDesktop
5

Cloud Gateway Express (Receiver Storefront 1.0) supports XenDesktop 5 and 5.5.

In Desktop Director User/Machine details page, I see that the status of the VDA is
displayed as Non-Brokered. What does that mean?

The VDA is either logged into using Remote Desktop Connection or through the
console. XenDesktop Controller did not broker the connection.

SQL Database
What happens if the database is unavailable?
The new brokers in XenDesktop 5 are intended to be completely stateless whenever possible.
For this reason, almost everything is database-driven and the SQL database that holds all
state information and data becomes extremely important. A XenDesktop 5 farm can only be
highly available if the SQL database is highly available. Citrix recommends and supports
mirroring and clustering as with other products and versions of XenApp and XenDesktop. The
SQL database can also be made somewhat highly available by virtualizing it and leveraging
built-in hypervisor High Availability (HA) functionality. But the database is very important and a
XenDesktop 5 farm/site is essentially unavailable or “down” if the database is down. This is
very different from the IMA architecture where the data store could be unavailable but the farm
is still operational because of local host cache.

Citrix XenServer and Marathon everRun can also be leveraged to support a highly
available Microsoft SQL server. Please refer to CTX129501 - [entryID] CTX129501
[/entryID]
How can I change the default SQL port?
Desktop Studio uses the default SQL server port (1433) to connect to and create the database
schema on your SQL Server 2008 database server. Prior to installing XenDesktop 5 on a
server, the SQL Server Client Network Utility can be used to create a database connection
alias that points to a specific SQL port. Refer to CTX128253 – [entryID]CTX128253[/entryID]

How can I perform a consistency check on the data in a XenDesktop 5 database?

The XDDBDiag utility can be used to perform a consistency check on the data in a
XenDesktop 5 database. It will also output the following diagnostic data: Site Information, VDA
Information, Current Connections/Connection Log, Hypervisor Connections, Policy Information,
Desktop Groups, and Controller Information. Refer to CTX128075 –
[entryID]CTX128075[/entryID]

With the new database structure, can I query the database directly?
It is strongly recommended to use the PowerShell cmdlets to obtain data about the
XenDesktop 5 site. Querying the database directly might result in locking and contention
issues.

Are there instructions available for reconfiguring a XenDesktop 5 site to use a

mirrored database?
Yes. Refer to CTX127538 – [entryID]CTX127538[/entryID]

Which permissions are needed for each operation on the SQL database?
A detailed explanation of the SQL Server database access and permission model used by
XenDesktop 5 is available in CTX127998 – [entryID]CTX127998[/entryID]. See also, Which
tasks require administrative access to the Data Store?

How does the Controller communicate with the database? Does XenDesktop 5
still use IMA?
No, XenDesktop 5 no longer uses the IMA data store as the central database in which to store
configuration information. Instead, a Microsoft SQL Server database is used as the data store
for both configuration and session information. For more information about XenDesktop 5 key
differences, refer to Key Differences in XenDesktop 5.

With the previous XenDesktop versions, we were able to specify the connection
account (to the DB) with the IMA service. Is this functionality still relevant now
that IMA is no longer used?
The routine operation of a XenDesktop 5 site, including use of Desktop Studio/Director, does
not require an administrative account, nor does XenDesktop 5 record any information about a
preferred administrative account for future use.
If you use Desktop Studio to configure the database initially then you need access to the
server using an account with administrative permissions. You also need an account with
administrative access to add or remove controllers to and from the site; however, any
administrative account will do, and it does not need to be the same one that was used to
originally configure the site. So, it is possible to disable or remove the initially used account
from Active Directory, without impacting operation or future maintenance of the site.
The XenDesktop 5 services access the database using their computer account logins
(domain\machine$, or ‘NT AUTHORITY\NETWORK SERVICE’ for a controller on the same
machine as the database server). These logins are created as needed when controllers are
added to the site and are mapped to users within the XenDesktop database. These users are
members of roles that carry the minimal permission set required to allow the services to run.

Which tasks require administrative access to the Data Store?

There are five operations that require administrative access to the server or database. These
must be performed by an administrator and if run directly from Desktop Studio, sysadmin
privilege is required. The operations are:
 Database and schema creation and addition of the first DDC: The minimal membership role
required to run the generated script is dbcreator plus securityadmin
 Adding a subsequent DDC: The script creates a login, a database user, and executes
various stored procedures in the XenDesktop database. Because there is no XenDesktop-
specific database role associated with this, you would minimally need securityadmin and
db_owner privileges.
 Removing a DDC: The script removes a database user and executes various stored
procedures in the XenDesktop database. Because there is no XenDesktop-specific
database role associated with this, you would need db_owner privileges. Note that the
securityadmin role is not required because the login is not removed.
 Adding DDC logins to a mirror server: The script creates just a login suitable for the DDC
(the minimum required configuration on the mirror server in a mirrored configuration). This
requires securityadmin privileges.
 Schema updates: Require db_owner privileges.

Are there any built-in failover mechanisms when using mirrored databases?
CTX127359 details how to configure mirroring. Would failover be automatic once
configured this way?
Running mirroring in synchronous mode with a witness server allows for automatic failover,
see http://technet.microsoft.com/en-us/library/ms189852.aspx.

If SQL Mirroring has been configured for asynchronous mode, what kind of
state/functionality can we expect to lose if we failover to our replicated
database?
Asynchronous mirroring does not support automatic failover (that is not a restriction of
XenDesktop but of SQL Server itself); however, there would not be any loss of functionality as
such in XenDesktop. The issue is that of how far behind the primary server the mirror may lag
if the system is under load; if a failover occurs in asynchronous mode the database will appear
to step back in time by this period. Typically this is not expected to cause significant issues
because the dynamic state of the system should be recovered fairly quickly; however,
configuration changes would be lost. The larger the lag the greater the possibility of
configuration changes being lost in this way. It is important to note that all stress and scalability
testing using mirroring has been done in synchronous mode and the overhead observed was
minimal.

How big will the transaction log become?

The XenDesktop database contains both configuration and state information which must be
updated often. A single Virtual Desktop Agent doing nothing for an hour generates
approximately 62 kilobytes of transaction log data. Average transaction log calculations are as
follows:
 Number of Virtual Desktop Agents X 24 Hours X approximately 62 kilobytes of data
 Example: 10 Virtual Desktop Agent Farm in idle state:
 10 VDA X 24 X 62K = 14.8 megabytes
Note: This can be substantially higher in active environments.
 Taken from: CTX126916 – [entryID]CTX126916[/entryID]

How can I control or minimize the size of the SQL Transaction Log?
The transaction log recovery model is set to Simple by default and does not require any
additional action to control the size of the transaction log. When using database mirroring
which requires the Full Recovery Model, backups of the transaction log should be taken
frequently to avoid consuming excessive space. The data and log files should also be set to a
reasonable size in SQL and not utilize the Auto-Grow option which consumes additional
resources. For more details on the transaction log in XenDesktop 5, refer to CTX126916 –
[entryID]CTX126916[/entryID]

Which SQL Recovery Model is required for a Mirroring configuration?

A mirrored database must always use the Full Recovery Model. The underlying mechanism
that maintains the mirrored server depends on the transaction log containing a full transaction
history of the database, which is only available with the Full Recovery Model. HA solutions
other than mirroring (SQL clustering, XenServer HA, and so on) do not require use of the Full
Recovery Model.

Is a certain SQL version preferred for hosting the database?

The Enterprise Edition is recommended to be used because it is the only version that allows
online indexing of the database. Other versions take the database or individual tables down,
which can lead to an outage of the whole environment.

Where should the Transaction log be placed?

The Transaction log should be based on a dedicated HDD for most efficient sequential
read/write.

Where can I find information on database sizing and maintenance?

The following articles provide information about database maintenance and best practices:
CTX127939 – [entryID]CTX127939[/entryID] and CTX126916 – [entryID]CTX126916[/entryID]

Administration
How can I administer multiple sites?
You can add multiple copies of the Desktop Studio snap-in to the MMC and select a different
site for each one. If you are starting Desktop Studio from the shortcut on the start menu (or
equivalent), it always talks to the site to which the local machine is a part. If you add the snap-
in yourself, it asks you.
The Latency Graph within Desktop Director has a maximum value of 100
Milliseconds. How can I change that?
You can change the maximum value for latency as follows:
1. Open IIS Manager on the server.
2. Browse to Sites > Default Web Site > DesktopDirector.
3. Double-click the Application Settings icon.
4. Edit the UI.GraphMaxLatency value.
5. These steps are equivalent to editing the web.config file directly in
c:\inetpub\wwwroot\DesktopDirector.

Why does the XenDesktop Setup Wizard not seem to work with XenDesktop 5?
The XenDesktop Setup Wizard has not yet been modified to work with XenDesktop 5.0. But
there in an unsupported workaround:
1. Install Provisioning Services 5.6 Service Pack 1 (the previous version is supposed to work
fine) and DDC 4.0 as usual.
2. Install DDC 5.0.
3. Prepare the Master Image with Virtual Desktop Agent 5.0 which is registered to DDC 5.0.
4. Run the Imaging Wizard to set up a standard virtual disk.
5. Run the XenDesktop Setup Wizard as usual, create a Desktop Group on DDC 4.0.
6. Once completed, create Streamed Catalogues on DDC 5.0.
7. Create an Assignment for desired users.
In short, the trick is to install DDC 4.0 to let the Wizard run successfully to create virtual
machines, Active Directory computer accounts, and Provisioning Services target devices; then
go back to XenDesktop 5 to create the Streamed Catalogue and Assignment for desired users.

When will a new version of the XenDesktop Setup Wizard be available for
XenDesktop 5?

new XenDesktop Setup Wizard for XenDesktop 5 is has been built into Provisioning Services
6.0 console. For customers not yet ready to upgrade their Provisioning Services deployment to
6.0, Hotfix CPVS56SP1E029 is available which will add the new wizard to the Provisioning
Services 5.6 SP1 console.

Is there any troubleshooting or logging facility within Desktop Studio?

It is recommended to use the standard CDF trace utility to capture details from Desktop Studio.
However, if necessary, logging may also be enabled by editing the Desktop Studio
configuration file as follows:
1. Navigate to: C:\Program Files\Citrix\Desktop Studio\
2. Open with Notepad: MMcsnapin.dll.config
3. Add to the Applications Settings Section:
<add key="LogFileName" value="C:\logs\Studio.log" />
The Quick Deploy process failed for some reason. How can I go back and re-run
it?
Quick Deploy either completes successfully or fails. If it fails, the administrator must review the
corresponding log files based on the step that failed. The individual operations can then be re-
run, such as adding virtual machines.
How can I customize advanced setting and automate tasks in my XenDesktop 5
environment?
Under the hood, all tasks are carried out using PowerShell cmdlets in XenDesktop 5. There is
even a PowerShell tab in the Desktop Studio Console to see what cmdlet is being called as
you work. It is important to have a general understanding of the PowerShell cmdlets that are
used. Refer to CTX127254 – [entryID]CTX127254[/entryID] for a list of cmdlets which may be
used to perform any task in XenDesktop. Automation can be achieved through a variety of
ways, such as saving PowerShell scripts and running them with Task Scheduler.

How can I migrate from XenDesktop 4 to XenDesktop 5?

Only the Virtual Desktop Agents can be upgraded directly. The backend infrastructure requires
a fresh installation. Refer to Upgrade and Migrate for more information. In short, the following
statements provide the answer:
 An in-place Virtual Desktop Agent upgrade is supported.
 Version 5 Virtual Desktop Agents work with XenDesktop 4 and XenDesktop 5 controllers
 Version 4 Virtual Desktop Agents do NOT work with XenDesktop 5 controllers.

In Desktop Director, can I allow Help Desk administrators the ability to view the
Dashboard and Desktop List pages?

Help Desk administrator can access the User Details page and search for users but by
default cannot view the Dashboard and Desktop List pages. By adding Read-only
permissions, they can. Refer to CTX130942 – Desktop Director Help Desk Admin
Dashboard/Desktop List Page Access

In Desktop Director, what user interface options do I have?

 UI.DistributionDataMaxResults - On the Dashboard of Desktop Director under

Machines panel there are charts/graphs of Servers, Catalogs and Desktop
Groups. By default, Desktop Director will show 5 top for each. Change this value
to increase or decrease the amount to be shown.
 UI.EnableRemoteAssistance - If shadow is not being used, you can disable the
Shadow button on Desktop Director User/Machine details page.
 UI.EnableSslCheck - If SSL is not being used, you can disable the secure
connection warning on the Login page.
 UI.GlobalSearchMaxResults - Search will display the top 5 results. Change this
value to increase or decrease the amount to be shown.
 UI.HighVDiskUsageThreshold - Desktop Director will show an alert if Personal
vDisk usage exceeds this percentage.

These UI options are located under Application settings for Desktop Director as follow:

1. Open IIS Manager on the server.

2. Browse to Sites > Default Web Site > DesktopDirector.
3. Double-click the Application Settings icon.
4. Change UI settings as appropriate.
5. Restart IIS.
Broker / Controller
How are the multiple hypervisor connections exposed in Create Catalog?
You have to specify a separate master virtual machine for each host. The customer is
responsible for keeping these Master virtual machines synchronized in this release.

Because all XenDesktop 5 services are dynamically allocated to each DDC, how
should I configure Web Interface for XML connections?
It is recommended to configure Web Interface with XML load balancing enabled.

What happens when a new broker is added to a site?

The only difference is that the existing database is used rather than creating a new one.
 Get a Schema update script from each of the Services on the new controller.
 Apply the Schemas update to the existing database (using SQL tools).
 Define the database connection details for the each of the new controller services.
 Register each of the new controller services with the configuration service.
 Update one instance of each controller service with the connection details of the new
configuration service that forms part of the new controller).

How can I change the XML port?

After changing the XML port on the Web Interface server, the XML port on the broker can be
changed using the brokerservice command line utility.
Refer to CTX127945 – [entryID]CTX127945[/entryID]

Because all XenDesktop 5 services are dynamically allocated to each Controller,

how should I configure Web Interface for XML connections?

It is recommended to configure Web Interface with XML load balancing enabled.

Does a broker need to be online to be removed from a site?

There is no requirement for the controller being evicted to be active or still in existence for this
to be undertaken.

What happens if a server goes offline? Is there an election process?

There is an election process which uses the database to determine which servers are
available.

If we have thousands of Virtual Desktop Agents starting at 0900 and three

controllers in a site, is only one controller used as the initial contact or can we
load balance it?
Load-balancers, Microsoft NLB, and so on, do not work because Virtual Desktop Agent/Broker
communications is Kerberos based (this is unchanged from previous releases).
Configure all the desktops with the addresses of all brokers. The Virtual Desktop Agent
randomly selects one DDC from the list and tries to register with that DDC. If registration fails
then that DDC is removed from the list and the cycle repeats until the Virtual Desktop Agent
either registers or exhausts the list. In the latter case, with the exhausted list, the Virtual
Desktop Agent waits and repeats the whole process again with the original full list.

How does Web Interface resolve the broker to use?

Web Interface has not changed in terms of resolution; it still uses the defined farms and
options for “Use Server List for Load Balancing” and “Bypass Servers for xx”.

Do Controllers Talk to each other?

Brokers do not typically communicate with each other during normal operation, except if a
service fails (such as with the Machine Identity Service, the Broker service attempts to use the
Machine Identity Service on any other controller, to maintain service).

How can I manage updates for dedicated catalogs of machines?

These need to be managed on an individual basis or by using third party software outside of
XenDesktop because of the changes the user has made to the image.

Should I offload Desktop Director from the active brokers?

For enterprise grade deployments, it is recommended to install Desktop Director on separate
servers to ensure not impacting logon times because of high console usage.

How do I enable logging on the Controller for troubleshooting purposes?

The following article provides instruction for enabling the logging option for the Controller.
CTX127492 – [entryID]CTX127492[/entryID]

Are there any new features for virtual machine-hosted applications with
XenDesktop 5?
The most notable new features for virtual machine-hosted applications for XenDesktop 5 are:
Launch a hosted application when content is opened on the
Content Redirection
client.
Rich Application Provides support for defining all application settings. No
Publishing additional configuration is needed.
Provides the capability to launch multiple applications in a
Session Sharing
single session.

In XenDesktop 4, it was possible to configure logoff behavior in the properties of

the Desktop Group. How is this configured in XenDesktop 5?
Logoff behavior is still set in the console in XenDesktop 5 for most catalog types. However, if
for some reason you wish to change the logoff behavior for a pooled catalog, a PowerShell
cmdlet can be used to modify the logoff behavior. Note the implications of changing this
behavior for a pooled catalog because this means the difference disk is not cleared on reboot
and the next user has access to the previous user’s data. Refer to CTX127842 –
[entryID]CTX127842[/entryID]

Is there a list of registry settings that apply to the XenDesktop 5 Broker service?
A complete list of registry settings used by the Broker service can be found in CTX126704 –
[entryID]CTX126704[/entryID]
Virtual Desktop Agent (VDA)
How does the VDA discover its XenDesktop site andcontroller?
There are three ways of configuring discovery. Important: If the Virtual Desktop Agent is
running on a 64-bit operating system, then you must replace HKLM\Software\Citrix with
HKLM\Software\Wow6432Node\Citrix in the registry settings mentioned below.
 Registry based discovery (DEFAULT): The Virtual Desktop Agent checks the following
registry keys for a list of brokers:
(Configured during installation)
HKLM\Software\Citrix\VirtualDesktopAgent\ListOfDDCs

(Configured using GPOs)

HKLM\Software\Policies\Citrix\VirtualDesktopAgent\ListOfDDCs

 OU based discovery: The Virtual Desktop Agent checks the following registry keys for the
GUID of the XenDesktop OU:
(Configured during installation)
HKLM\software\citrix\VirtualDesktopAgent\FarmGUID

(Configured using GPOs)

HKLM\Software\Policies \Citrix\VirtualDesktopAgent\FarmGuid

Then it discovers the actual controllers using the XenDesktop Service Connection Point
(SCP) and the Controllers Group.

 Quick deploy discovery: Quick Deploy is a new farm discovery mechanism meant for
demonstration environments and some other uses. In Quick Deploy, MCS creates the file
C:\Personality.ini on the Virtual Desktop Agent and places the List of DDCs that the Virtual
Desktop Agent is to register with. If neither the registry-based nor OU-based discovery
mechanism is defined, then the Workstation Agent reads the List of DDCs from the
personality INI file and registers with one of the listed DDCs.
What does the Virtual Desktop Agent do during a registration attempt?
The Virtual Desktop Agent performs five steps during registration:
1. Instructs the Policy subsystem to update policies from the Domain Controller.
2. If ListOfDDCs is defined, then the Virtual Desktop Agent attempts to register with one of the
DDCs listed.
3. If ListOfDDCs is NOT defined and the OU is defined, then the Virtual Desktop Agent
attempts to register with one of the DDCs obtained from the Active Directory OU.
4. If the ListOfDDCs and OU are NOT defined and the C:\personality.ini file exists and
contains a ListOfDDCs, then the Virtual Desktop Agent attempts to register with one of the
DDCs obtained from this list.
5. If a list of DDCs is not defined as mentioned above or registration fails, the Virtual Desktop
Agent waits for a certain period and retries the process. The minimum wait time starts with
a random time selected between seven and ten seconds. Each registration failure results in
the wait time being doubled, up to a maximum of two minutes. Recovery from a network
failure results in a reset to the timeout value to the minimum value with the expectation of a
quicker registration.

Is there any communication between a Virtual Desktop Agent and a Broker after
the registration is complete?
The Virtual Desktop Agent maintains a heartbeat to the registered DDC; this is essentially a
ping to make sure the connection with the DDC is still alive. Should the heartbeat fail, the
Virtual Desktop Agent de-registers with the DDC (this usually fails as the DDC connection is
gone) and restarts the registration process.

Are there any recommendations for deploying the XenDesktop 5 Virtual Desktop
Agent using Active Directory group policy?
For instructions on how to deploy or upgrade the Virtual Device Agent msi package using
Microsoft Active Directory Group Policy (GPO), refer to CTX127301 –
[entryID]CTX127301[/entryID]

In Desktop Director, I am getting permission errors for activity charts and HDX
data?

VDA installation, when Real Time Monitoring is selected, will configure Windows
Remote Management service but user permissions will have to be set after installation.
Refer to: http://support.citrix.com/proddocs/topic/director-200/director-cfg-machine-
permission.html(See ConfigRemoteMgmt.exe tool section).

Is there a way to improve WinRM performance for Desktop Director?

Threads can be increased for WinRM. To do this, on the VDA, run the following the
command on an elevated command prompt:
winrm set winrm/config/Service @{MaxConcurrentOperationsPerUser="400"}
Power Management
What is a buffer and how does it work?
A buffer is an extra, standby set of unallocated machines that are turned on, ready for users to
connect. For shared desktop groups and unallocated machines in private desktop groups,
desktops in the buffer are turned on when the number of machines in the pool drops below the
threshold set by the buffer size. This is a percentage of the desktop group size (default is ten
percent). For large desktop groups, a significant number of machines may therefore be turned
on when the threshold is exceeded, so plan your desktop group sizes accordingly or adjust the
default buffer size using the SDK.
The buffer can be configured using the following command:
Set-BrokerDesktopGroup <Your Desktop Group> -PeakBufferSizePercent <Percent of
desktops for buffer>
Example: Set-BrokerDesktopGroup TB_Group -PeakBufferSizePercent 10
The default buffer is 10 percent (As for the 100 desktops example, the buffer would be 10
desktops). Two buffer values exist: PeakBufferSizePercent and OffPeakBufferSizePercent
The buffer setting is very similar to the old Idle Desktop setting of XenDesktop 4. So, when set
to 10 desktops, XenDesktop always tries to keep 10 virtual machines running idle and shuts
down and powers on virtual machines accordingly.
The total number of desktops powered on at a certain time depends on the load. For example:
 100 virtual machines in a desktop group
 Power Management set to 20 virtual machines + Buffer set to 10 percent. This means 20
virtual machines are running when no users are connected.
 When 5 users log in, still 20 virtual machines are running, because the available buffer is
still above the threshold of 10 percent
 When 10 users log in, still 20 virtual machines are running, because the available buffer is
equal the threshold of 10 percent
 When 15 users log in, 25 virtual machines are running, because the buffer dropped below
10 percent and it had to start an additional 5 virtual machines to restore the 10 percent
buffer
XenServer
Why does catalog creation fail when using the “Other install media” template?
If you have created a virtual machine with the “Other Install media” template, go the Storage
tab for the virtual machine in XenCenter and ensure that the disk is in “device position” 0. By
default, the template creates it in position 1. Citrix recommend all users upgrade to XenServer
5.6SP2 or later.

Hyper-V
What can I do if I do not see any storage locations in SCVMM?
If you are using XenDesktop to create your virtual machines, rather than selecting an existing
catalog, configure your Hyper-V deployment as follows:
 For a single Hyper-V host deployment, create a Windows network share that is writeable by
the System Center Virtual Machine Manager (SCVMM) administrator account on the
Hyper-V server.
 For a multiple Hyper-V host deployment, ensure your Hyper-V hosts are set up in a Hyper-
V Failover Cluster with Cluster Shared Volume storage. On one of your Hyper-V servers,
create a Windows network share that is writeable by the SCVMM administrator account for
the Cluster Shared Volume mount point, typically C:\ClusterStorage. For more information
about setting up a Hyper-V Failover Cluster with Cluster Shared Volume storage, see your
Microsoft documentation.
See also, CTX127578 – [entryID]CTX127578[/entryID]

What must I consider when using XenDesktop 5 and Hyper-V within a multi
domain environment?
A single domain is the simplest and fastest way to integrate XenDesktop5 into a proof-of-
concept, however if a Multi-Domain environment is required there are few things to consider
before getting started.
First, a two-way trust must be enabled. If the hosts running Windows 2008 R2 with the Hyper-
V role enabled are on Domain A and the virtual machines running SCVMM, XenDesktop, and
other infrastructure services are on Domain B, then local administrative group permissions
must be granted to the SCVMM administrator account that resides on domain B for the
Windows 2008 R2 servers that reside on Domain A. This is required because when using
Quick Deploy, specific calls are made to enumerate the file share that resides on the Windows
2008 R2 host. Without the appropriate level of permissions for the SCVMM account, which is
querying the host to see the file share, the file share does not appear and you cannot continue.

How can I configure my XenDesktop 5 Virtual Desktop Agent s for VLAN Tagging
in Hyper-V?
Refer to: CTX127596 – [entryID]CTX127596[/entryID]
VMWare ESX / vSphere
I am having trouble creating a connection to a vSphere installation. What should
I consider when creating these connections?
The most common reason for a failure to create a connection to a vSphere installation is that
Windows has not been set up correctly to trust the SSL certificate used by vSphere.
Instructions for configuring Windows to trust the SSL certificate supplied with vSphere can be
found in the product documentation.
It is strongly recommended that you use HTTPS to access a vSphere installation. If this is not
possible, it is possible to modify the vSphere configuration to allow HTTP access using the
article listed below. If you do this, consider using IPSec or an equivalent mechanism to protect
HTTP communication.
CTX125578 – [entryID]CTX125578[/entryID] (See, the section beginning with Modify the Web
proxy service on vCenter Server to support HTTP.)

How can I create a VMware user account with minimum permission to manage
Machine Creation Services on XenDesktop 5.0?
Refer to: CTX127546 – [entryID]CTX127546[/entryID]

Single Sign-On
Are there any special considerations for using Single Sign-on with
XenDesktop 5?
For information on installing and configuring Single Sign-on (formerly Citrix Password
Manager) with XenDesktop 5, refer to CTX127811 – [entryID]CTX127811[/entryID]

HDX 3D
Does HDX 3D work with XenDesktop 5?
No. The HDX 3D Pro Graphics 1.1 software, which must be installed on top of an XenDesktop
4 Virtual Desktop Agent, also requires a XenDesktop 4 DDC.

Machine Creation Services (MCS)

Why does Citrix recommend NFS for MCS, but not iSCSI and Fibre Channel?
NFS is recommended in the first instance because it offers thin provisioning which creates a
small initial footprint for snapshots that grow on demand, whereas iSCSI and FC do not. This
feature minimizes the storage space requirements considerably while also minimizing the time
it takes to create new machines (Full copy versus small footprint snapshot). The following
diagram illustrates this behavior.
Does Machine Creation Services (MCS) require a certain version of XenServer?
Citrix XenServer 5.6 Standard and Enterprise editions are required for Machine Creation
Services. Citrix XenServer 5.6 Feature Pack 1 is not supported in this release.

Should MCS be used for enterprise deployments?

Until additional scalability information is available, Machine Creation Services should be used
only for small to medium size VDI deployments.

I have run into a problem with Active Directory accounts being locked when I
terminated MCS while it was creating virtual machines. How can I unlock these
accounts and repair the site?
When creating virtual machines through Machine Creation Services, the Active Directory
computer accounts are put into a locked state to stop the accounts being used more than
once. When the virtual machine creation process finishes, these accounts are unlocked.
However, if the creation process is forcibly terminated, the unlocking of the accounts might not
happen. Refer to CTX127429 – [entryID]CTX127429[/entryID]

Something has gone wrong while MCS was creating virtual machines. Is there
anywhere I can look for more information?
If the action which failed was a background action in Desktop Studio, more information may be
available using PowerShell. Start a PowerShell prompt from the Powershell tab in Desktop
Studio and run the Get-ProvTask cmdlet. If there are any failed tasks, these might contain
further information. If the failed task is of type "NewVirtualMachine", further information might
be available by executing the following command:

To list all tasks:

Get-ProvTask

To get more information about a specific task:

Get-ProvTask -TaskID <id>
See the Troubleshooting section of this document for additional instruction on how to enable
logging or to perform a CDF trace to gather additional debug information.

Remote Access
How can I make Access Gateway Smart Access work with XenDesktop 5?
As with XenApp or earlier XenDesktop versions, it is necessary to trust XML requests. Within
XenDesktop 5 this must be done using the following PowerShell command:
Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $true

High Availability using NetScaler

We use NetScaler to provide High Availability in our environment. Are there any
guidelines for using NetScaler to provide High Availability for our XenDesktop
environment?
To create a Disaster Recovery (DR) configuration using NetScaler with XenDesktop 5, refer to
CTX127563 – [entryID]CTX127563[/entryID]

Are there any guidelines for using Netscaler with Desktop Director?

Director Director can be load-balanced just like other web apps using Netscaler. Some
considerations:

 Load balancing needs to implement COOKIEINSERT persistence.

 Desktop Director configuration (web.config file) is stored locally on the server.
Changes to the config would need to by sync across all Desktop Director servers.
 “Saved Searches” are stored locally on the Desktop Director servers. In order to
have access to the “Saved Searches” across multiple Desktop Director servers,
you would need to store this data on a network share.
1. Open IIS Manager on the server.
2. Browse to Sites > Default Web Site > DesktopDirector
3. Double-click the Application Settings icon.
4. Edit the Service.UserSettingsPath value to the network share location.

These steps are equivalent to editing the web.config file directly in

c:\inetpub\wwwroot\DesktopDirector.
Troubleshooting
The event logs do not contain relevant information for the problem I am
experiencing. What kind of logging or tracing is available to get additional
information?
When an error dialog or the event logs are not clear about the problem you are experiencing,
you can enable debug logging to provide additional information. Refer to CTX127492 –
[entryID]CTX127492[/entryID] and CTX127969 – [entryID]CTX127969[/entryID]
Additionally, the CDF tracing can be used to trace any of the XenDesktop 5 services and
modules, if the log files fail to provide sufficient details. Refer to CTX111961 –
[entryID]CTX111961[/entryID]
References
Citrix XenDesktop Design Handbook: (http://bit.ly/xdhandbook)