Jere's Techblog
  1. Home
  2. Scripting
  3. PowerShell
  4. Citrix SDK

XenApp:7.x: The users configuration has been manually modified and cannot be changed by studio

Jeremias Kühnis

Symptoms or Error

We are unable to edit the ‘Users’ tab in ‘Edit Delivery Group’ wizard 

Error : The users configuration has been manually modified and cannot be changed by studio

Solution: There are two causes for this problem, but the official Citrix website describes only one of them and offers only one solution for it.

Problem Cause 1 Solution by Citrix

https://support.citrix.com/article/CTX216818

You can just Use the Scriptblock below to Check if there are Differences between the ” *DesktopGroupName* _Direct” (Storefront) and the “*DesktopGroupName*_AG” (Netscaler).

You only have to adjust the first two variables (lines 3 & 4), it’s easier than the description of Citrix article. If there are differences, you can clean them up, unless these differences are deliberately set that way. Then you have to configure this via Powershell and you can’t customize it in the Studio console.

#by J.Kühnis 30.10.2019
Add-PSSnapin *
$DeliveryGroup = "DeliveryGroupName"
$BrokerServer = "BrokerName.f.q.d.n"
Compare-Object (Get-BrokerAccessPolicyRule -AdminAddress $BrokerServer -DesktopGroupName $DeliveryGroup)[0].ExcludedUsers -DifferenceObject (Get-BrokerAccessPolicyRule -AdminAddress $BrokerServer -DesktopGroupName $DeliveryGroup)[1].ExcludedUsers

Problem Cause 2

The second reason for this Issue has no solution except to configure the access only with Powershell, but it’s still nice to know why the Probleme is caused.

I was able to test the problem in two Citrix environments (version 1811 aka Citrix 7.20) and reported it to Citrix. Let’s see if anything is done about it, as already said, the workaround is Powershell.

Cause: The problem occurs when the ExcludeFilterEnabled attribute is set (the value equals ‘True’). The attribute can only be set trough Powershell and the error described above (according to the print screen) is displayed.

The filter is automatically set to True if you have a user or group in the ‘ExcludedUsers’ property. So the rule is, if you make exclude Filter, you control the BrokerAccessPolicy in Powershell.
By the way, you can get the Policy in Powershell:

Get-BrokerAccessPolicyRule -DesktopGroupName DG11
Continue reading...
, , , , , ,
Citrix, Citrix DeliveryController, Citrix SDK, PowerShell
Leave a comment

Verify Citrx HostedMachineID with VmWare Hypervisor

Jeremias Kühnis

Sometimes the HostedMachineID of Citrix does not match that of VmWare. This is often the case when cloning or moving machines. In Citrix Studio you will see the Powerstate of this machines as unknow and you can’t do any VM actions like reboot in the console.

With this script snippet it can be checked. To do this the variable “Broker” must be adjusted in the Script and the PowerCli and CitrixModule (BrokerSnapIn) must be loaded. Furthermore, the connection to the vCenter must be initiated via “Connect-VIServer vCName“.

#25.09.2019by J.Kühnis - Verfiy HostedMachineID with VmWare ESXi Hypervisoer

$Broker = "Enter your BrokerName"
$Brokermachines = Get-BrokerMachine -AdminAddress $Broker | Select MachineName,DNSName,HostedMachineID

Foreach ($Machine in $Brokermachines){
    IF(get-vm $Machine.DnsName -ErrorAction SilentlyContinue){
        IF($Machine.HostedMachineID -eq (Get-View -id (get-vm $machine.DNSName).id).config.uuid){
            Write-Host $Machine.DnsName "HostedMachineID is matching" $Machine.HostedMachineId -ForegroundColor Green
        }Else{
            Write-host $Machine.DnsName "Mismatch ID: VmWare UUID =" (Get-View -id (get-vm $machine.DNSName).id).config.uuid "; Citrix HostedMachineID =" $Machine.HostedMachineID -ForegroundColor Yellow
        }

    }Else{
        Write-host $Machine.DnsName "MachineName not Found on ESXi" -ForegroundColor Yellow
    }
}

Now that the machines have been read out, the connections can be fixed.

vCenter Cert thumbprint update:

# Open an admin POSH console, load the Citrix Modules (asnp citrix*) and cd to XDHyp:/Connections and run ls. Check the SSLThumbprints entry.
asnp citrix*
cd XDHyp:/Connections
ls
Set-Item -LiteralPath "XDHyp:\Connections\vCenters Name" -sslthumbprint "123456789ABCD123456789ABCDE123456789ABCD" -hypervisorAddress https://vcenter-name/sdk

The letters in SSL-Thumbprint must be uppercase.

In this blog the problem is also discussed in detail:

Citrix Studio: Cannot connect to vCenter server due to certificate error

Continue reading...
, , , , , , , ,
Citrix, Citrix DeliveryController, Citrix SDK, Hypervisor, PowerCLI, Scripting, VMWare ESXi
Leave a comment

Scriptblock to check PVS Connection

Jeremias Kühnis

On the fly, I found no way to check which PVS servers & service are online. This is especially important if I want to issue PVS commands from Remote / Orchestrated. Enclosed I have made a small script block to check this. It is certainly not the best way, but it works. One possibility would be to retrieve the status of the PVS-services, but it is unclear whether one can actually connect to the servers trough PVS commands.

#by JKU 09.08.2019
$error.clear()
$k.clear()
$PVSConnectionServers.clear()

$PVSConnectionServers = @("PVS-Server01", "PVS-Server02")

$k = 0
Foreach($PVS_Server in $PVSConnectionServers){
    Set-PvsConnection $PVS_Server
    if($Error -match $PVS_Server){
        #Check Next Server
        $k++
        IF($k -eq $PVSConnectionServers.Count){
            Write-Warning "ALL PVS Servers are not reachable, stop script! $PVSConnectionServers"
            Return
        }
    }Else{
        Break
    }
}

Write-Host "Connecting to $PVS_Server"
Continue reading...
, , ,
Citrix, Citrix PVS, Citrix SDK, PowerShell
Leave a comment

Citrix DeliveryController DB rejoin; The operation could not be performed because of a configuration logging error.

Jeremias Kühnis

To rejoin a Citrix Broker into a existing or migrated Databese, there are a lot of usefull articles:

https://support.citrix.com/article/CTX212941

https://support.citrix.com/article/CTX216504

Problem Cause

In some cases you can’t configure the Monitor and Log DataStore Connections after you deleted the Connection with:

Set-MonitorDBConnection -DataStore Monitor -DBConnection $null -force
Set-MonitorDBConnection -DBConnection $null -force
Set-LogDBConnection -DataStore Logging -DBConnection $null -force
Set-LogDBConnection -DBConnection $null -force

If you like to rejoin the Connection with the following command:

Set-LogDBConnection -DataStore Logging -DBConnection $csLogging

You get the following error:

Set-LogDBConnection : The operation could not be performed because of a configuration logging error.
At line:1 char:1


Set-LogDBConnection -DataStore Logging -DBConnection $csLogging
~~~~~~~~~~~~~~~CategoryInfo : InvalidOperation: (:) [Set-LogDBConnection], InvalidOperationException
FullyQualifiedErrorId : Citrix.XDPowerShell.Status.ConfigurationLoggingError,Citrix.ConfigurationLogging.Sdk.DataStore.Commands.SetLogDBConnectionCommand

Solution 1

There is a possibility to disable the settings before nullify the connections:

Set-LogSite -State "Disabled"
Set-MonitorConfiguration -DataCollectionEnabled $False

then go ahead with this article https://support.citrix.com/article/CTX216504 and reenable the Settings; run those commands as last step:

Set-LogSite -State "Enabled"
Set-MonitorConfiguration -DataCollectionEnabled $true

Solution 2

Just use the “-force” parameter while setting up the DB Connection. Afterwards i recommend to reboot the Broker Server.

Set-LogDBConnection -DataStore Logging -DBConnection $csLogging -force
Set-MonitorDBConnection -DataStore Monitor -DBConnection $csMonitoring -force
Continue reading...
, , , , , , ,
Citrix, Citrix DeliveryController, Citrix SDK
Leave a comment

Invoke Command on Specified MachineCatalog and DeliveryGroup

Jeremias Kühnis

The nice thing about Powershell and the modules/API to other technologies is that you can do simple queries and have a big effect.

The following example starts a service for specified machines in a Citrix 7.x environment.

#by J.Kühnis 06.03.2019
Add-PSSnapin *
$machines = (Get-BrokerMachine * -AdminAddress my.broker.fqdn |
 where-object {($_.CatalogName -match "someMC*") -and ($_.DesktopGroupName -eq "someDG")}).DNSName

Foreach ($machine in $Machines)
 {Write-Host $machine -ForegroundColor Yellow
 invoke-command -ComputerName $machine -ScriptBlock {get-service -name cpsvc | Start-Service} }
Continue reading...
, , , ,
Citrix, Citrix DeliveryController, Citrix SDK, PowerShell
Leave a comment

MCLI Module error after Citrix PVS Update 7.13 to 7.18

Jeremias Kühnis

After Updating Citrix PVS Server i got an Issue with my PVS Scripts.
I couldn’t load the Powershell modules anymore.

Of course I have properly registered the DLL of the PVS Snapin. I executed the following command as admin in the CMD:

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll"

I got this Error:

PS C:\Temp> Add-PSSnapin *

Add-PSSnapin : Cannot load Windows PowerShell snap-in McliPSSnapIn because of the following error: The Windows PowerShell snap-in module C:\Program Files\Citrix\Provisioning Services

Console\McliPSSnapIn.dll does not have the required Windows PowerShell snap-in strong name McliPSSnapIn, Version=7.13.0.13008, Culture=neutral, PublicKeyToken=null.

Solution:

The support article https://support.citrix.com/article/CTX226178 describes some symptomps but the Solution didn’t work.

In my case I had to manually change certain registry keys.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellSnapIns\McliPSSnapIn]

You Can also Copy this into a .REG File and run on the PVS Server (Ensure the Versionnumber is equal to your PVS Version):

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellSnapIns\McliPSSnapIn]
"PowerShellVersion"="5.1"
"Vendor"="Citrix Systems, Inc."
"Description"="This is a PowerShell snap-in that includes the Mcli-Add, Mcli-Delete, Mcli-Get, Mcli-Help, Mcli-Info, Mcli-Run, Mcli-RunWithReturn, Mcli-Set and Mcli-SetList cmdlets."
"ApplicationBase"="C:\\Program Files\\Citrix\\Provisioning Services Console"
"ModuleName"="C:\\Program Files\\Citrix\\Provisioning Services Console\\McliPSSnapIn.dll"
"CustomPSSnapInType"="McliPSSnapIn.McliPSSnapIn"
"Version"="7.18.0.106"
"AssemblyName"="McliPSSnapIn, Version=7.18.0.106, Culture=neutral, PublicKeyToken=null"

Continue reading...
, , ,
Citrix, Citrix PVS, Citrix SDK, PowerShell, Windows
Leave a comment

Delete Citrix Worker from Studio and vCenter

Jeremias Kühnis

With this script one or more servers can be deleted from the Citrix DeliveryController (Citrix Studio) and from the ESXi/vCenter.

To use The Script some variables and values need to be adjusted like the name of the Citrix DeliveryController and vCenter.
Vmware (PowerCLI) and Citrix (SDK) powershellmodules need to be installed.

This only works if the VM name is identical to the Worker Server DNS name. If this is the case, the following string can be deleted in the script [-replace “.FQDN.address”,””]

In my case, the name of the VM is only the “hostname” of the machine and not the DNSname. So the script removes the FQDN name, in order to use the script successfully, this must also be adjusted.

Import-Module *
Add-PSSnapin *

$DeliveryController = "someBrokerDNSName"
Connect-viserver "some vCenter"


Get-BrokerMachine -DNSName anySevernames* -AdminAddress $DeliveryController |  %{
    
    #Delete & Remove From Citrix Studio
    Remove-BrokerMachine $_ -DesktopGroup $_.DesktopGroupName
    Remove-BrokerMachine $_ -Force

    #Delete Permanently from vCenter
    remove-vm ($_.DNSName -replace ".FQDN.Adress","") -DeletePermanently -Confirm:$false

    write-host $_.DNSName -ForegroundColor Green  #Write ServerName

}
Continue reading...
, , , , , ,
Citrix, Citrix DeliveryController, Citrix SDK, PowerCLI, PowerShell, Scripting, VMWare ESXi
Leave a comment

Citrix Broker Count Users

Jeremias Kühnis

Here are some Powershell possibilities to get the amount of sessions or Citrix’s Unique sessions.

Get all Citrix Sessions:

(Get-BrokerSession -MaxRecordCount 100000).count

Get the numbers of sessions per user:

Get-BrokerSession -MaxRecordCount 100000 | group-object UserName | Sort-Object -Descending count

You will get a list with Usernames (SamAccountName) and the Number of Sessions per User

Get the amount of logged in Users:

(Get-BrokerSession -MaxRecordCount 100000 | group-object UserName).count
Continue reading...
, , , , ,
Citrix, Citrix DeliveryController, Citrix SDK, Scripting
Leave a comment