To add a connection to a XenServer server in XenDesktop, open Citrix Studio and go to "Hosting".
Select "Citrix XenServer" and specify connection information to your XenServer server
- To secure your XenServer server with HTTPS, refer to our tutorial : XenServer - Securing the connection using SSL (HTTPS).
- If the connection to xenserver server fails, make sure you have created the "xenserver.votre-domaine.lan" record in your local DNS server.
Enter a name for these resources and select the server's network to use for these virtual machines.
Select the local storage space to use on the XenServer server.
Note: If desired, you can store personal vDisks on another local storage of the XenServer server.
For simplicity and flexibility, we will :
Thus, the management of "Administrator" accounts of our virtual machines will be entirely managed in the Active Directory and not on each virtual machine. These accounts allow administrators to perform these tasks as an administrator on your user's virtual machines.
Before creating our users, we created several folders with the following structure :
Note : An organizational unit in an Active Directory is similar to a folder that contains files.
We create a user "InformatiAdmin" in the "Users" folder.
Note : Right click -> New -> User.
We create a "PVS-Admins" group with : "Global" scope and a "Security" type.
Note : Right click -> New -> Group.
Once you have added the group, right click on it and click "Properties".
Then, go to the "Members" tab and click "Add".
Select the users to add to this group.
Note : click on "Advanced" to perform a search in Active Directory.
Now, our "InformatiAdmin" user is member of the "PVS-Admins" group.
A GPO can manage policies for a group of computers linked to the Active Directory.
In our case, our GPO will be applied to computers that are located in the "Citrix PVS" folder or one of its subfolders.
Specify a name for this GPO.
Right-click on the GPO you just created and click "Edit".
In this GPO, we will create three strategies :
To redirect the "Application", "Security" and "System" event logs of Windows in the virtual disk that will serve as write cache, we will first create or update a "EventsLogs" folder on this virtual disk.
For this, go to "Computer configuration -> Settings -> Windows settings -> Files". Then, right-click in the right side and click on "New -> Folder".
As our virtual machine will own only one partition (the C partition that will hold Windows), the disk serving as the write cache automatically obtain the letter "D".
Select "Action: Update" and specify "D:\EventLogs" as path.
To redirect the "Application" events log of Windows in this folder, go to : Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Event Log Service -> Application.
Right click on "Control the location of the log file" and click "Edit".
Check "Enabled" and specify "D:\EventLogs\Application.evtx" as log file path.
Do the same for the 2 other events logs :
- Security | Path : D:\EventLogs\Security.evtx
- System | Path : D:\EventLogs\System.evtx
For now, the group and users that we have created in Active Directory, users are simple and a simple group. In order for these users are recognized as administrators in these virtual machines, we need to add them in the "Administrators" group of these virtual machines.
For that, go to: Computer Configuration -> Preferences -> Control Panel Settings -> Local Users and Groups.
Right-click in the right side and click on "New -> Local Group".
Select "Action : Update" and "Group name : Administrators (integrated)", then, click "Add" (at the bottom).
Click on the "..." button.
Specify the name of the group that we created in the Active Directory.
In our case : PVS-Admins.
Note: If necessary, click the "Advanced" button to perform a search in the Active Directory.
Our group will be a member of the "Administrators" group of our virtual machines.
A line has appeared in the list.
To prevent the user from receiving security notifications of his virtual machine, we will disable this icon (it's the little white flag located next to the time).
For that, go to : User Configuration -> Policies -> Administrative Templates -> Start Menu and Taskbar.
Right-click on "Remove the Action Center icon" and click "Edit".
Select "Enabled" and click "OK".
The GPO is configured.
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2020 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.