In the last week of the 2012 – 2013 fiscal year, I will have a five days training on Citrix XenApp 6.5 administration.
Ignoring my bad hand writing, these are two nice diagrams showing how Citrix XenApp works in server and client side. Keeping the big pictures in mind really helps to learn Citrix XenApp.
Module 1: Introducing XenApp
- XenApp Editions: Advanced/ Enterprise/ Platinum
- XenApp Architecture
Basic components: Web interface/ Data collector/ XenApp servers/ Data store database/ License server/ Worker groups/ Zones
Additional components: Load manager/ Access gateway VPX/ XenApp Management Pack/ AppCenter/ Receiver and plugins
Single or multiple farm environment consideration? Business decision/ Different version
XenApp servers: Session-host only/and Controllers (data collector, XML broker)
Data Store database maintains persistent farm data (farm configuration information/ published application configurations/ server configurations/ farm management security/ printer configurations/ license server name and port)
Datastore updates and the LHC (local host cache): The IMA (independent management architecture) service polls the data store DB every 30 minutes or whenever a configuration change is made to the farm.
IMA: It provides the framework for all server-to-server communication that occurs in the XenApp farm (TCP port 2512).
Data collector: It maintains dynamic farm information including server load data and user session status.
Data collector election criteria: Highest XenApp version/ Highest Rank/ Highest Host ID number (queryhr/ qfarm/ querydc commands)
Zones: A logical group of XenApp servers communicating with a single data collector. It can be used to designate physical (geographical) or logical groupings.
Sharing data across zones: The best practice is to keep the number of zones to a practical minimum.
AppCenter: the primary administrative utility.
Module 2: Licensing XenApps
- To License XenApp
purchase license (has to specify the host name) –> install license server –> import license file
License communication process
License types: user/ device
Microsoft CALs and RDS CALs
- License Administration Console
-Citrix vendor daemon port (TCP 7279)
-License server manager port (TCP 27000)
-License Administration console port (TCP 8082)
License server considerations: 200 servers – shared license server/ 200~4000 servers – dedicated license servers/ 4000 servers – dedicated license server for each Citrix product
- License file management
License file locat: %ProgramFiles%(x86)\Citrix\Licensing\MyFiles
Citrix license portal: MyCitrix.com
- High Availability Consideration (30 days recovery grace period)
-Duplicate license server (same hostname, IP address)
-License server clustering (two nodes Microsoft cluster in Active/Passive configuration)
Module 3: Installing XenApp
- XenApp Server Role Manager. The roles are:
-Citrix License serve
– XenApp Server(XenApp installation on a domain controller is not supported)
-Web interface server
-Single sign-on services (Platinum only)
-Power and Capacity management administration (Enterprise and Platinum only)
-EdgeSight server (Platium only)
-Provisioning services (Platinum only)
- Hardware and Software requirements ( 20~40M RAM per connected user)
- Server Configuration Tool (SCT)
- Dynamic Datacenter Provisioning (for session only server)
- XenApp Configuration Options
-Database engine for data store (SQL server/express, Oracle)
-Enable/disable shadowing (If shadowing is prohibited during XenApp installation, it can only enabled at a later time by reinstalling XenApp)
-XML server port (TCP 80). If IIS is installed, IIS and Citrix XML service can share port 80
-Pass-through authentication: If pass-through authentication is not enabled during the installation and is later desired on the server, Receiver must be reinstalled on the server before pass-through authentication can be used.
– IMA encryption needs to be manually configured using CTXKeyTool command
Module 4: Configuring XenApp Administration
- Worker Groups
– publishing applications/ load balancing
– Worker groups are identified as a filter by name only
- Administrator Privilege Levels
Full administration/ View only/ Custom
- Configuring Administrator/ Folder permissions/ Delegating Administration
- Configuration Logging (who, when and what)
– SQL 2005, 2008/ Oracle 11g
– the configuration logging database can be protected using IMA encryption feature
– One database only for one farm