My first time: Citrix Machine Creation Services (MCS)

After years of MCS virginity I decided it’s finally time to ditch the little farms and try out good ol’ Citrix Machine Creation Services.

Introduction

So today is my very first time: After years of MCS virginity I decided it’s finally time to ditch the little farms and try out good ol’ Citrix Machine Creation Services. In the last ten years I almost exclusively installed small deployments. The big ones have about 150 concurrent user. All are build upon XenApp 6.5 or XenApp 7.6+ with static persistent virtual machines. I always told myself, that static persistent virtual machines, together with a fully automated patch management (for example: PDQ) are enough. And this is still true, because the maintenance effort is virtually not existent. But it really bugs me, that I’m not equally familiar with at least one of the provisioning methods. You might ask, why I don’t try to learn PVS instead. Well, the simple reason is that my stomach tells me not to. The more valid reason is that MCS is included in every XenApp license and doesn’t require additional infrastructure. And additional infrastructure is always a really big topic for the customer.

#PVS will die. CTPs unified in their opinion at #E2EVC. Investment will be feature porting to #MCS.

— Chris Marks (@ChrisJMarks) June 8, 2018

This blog post won’t be a real classical Blog HowTo Guide, but more of a report of my journey to help me keep track about what I do. Maybe others suffer the same knowledge gap and are interested in my findings and the path I take. Continue reading “My first time: Citrix Machine Creation Services (MCS)”

Group Policy: Show only specified Control Panel items for Outlook 2016 via Office 365

Quick Tip Blog article: HowTo whitelist the Outlook 2016/Office 365 control panel item correctly.

I just stumbled over something at a customers environment. We had a Outlook 2016 / Office 365 problem in a XenApp session. We tried to access the Outlook control panel item, but it was missing. This was no surprise, as we have the GPO…

Show only specified Control Panel items

…enabled in every environment. This acts as a whitelisting for the control panel items, so the user only has access to those items, that matter to him. Continue reading “Group Policy: Show only specified Control Panel items for Outlook 2016 via Office 365”

Unable to Delete Resources: There is currently an active background action

An addition to CTX138318 about how to delete an old Citrix Studio Hosting connection.
Instead of deleting every task manually we make use of PowerShell piping and Out-GridView.

Today in Citrix Studio I discovered a dead Hosting connection I set up years ago for some MCS tests. When I tried to simply delete the connection, I received the following message:

The error message leads to the following (helpful!) KB article: CTX138318

Continue reading “Unable to Delete Resources: There is currently an active background action”

How I build and maintain WSUS Server

There are hundreds of WSUS Server Tutorials available in the World Wild Web, and none of them fitted all my needs. I would never say that my way is the best way, but I spent quite some time with WSUS in the last few years and by now all of the servers I maintain work quite stable. (Except 2008, I hate Server 2008).

First of all sorry for the German screenshots, but I thought better German screenshots than no article. The next time I setup a en-US WSUS I will swap the screenshots.

Your best bet IMHO is to switch to Microsoft Windows Server 2016 asap. Server 2008 R2 won’t get Support for Windows 10 Feature Upgrades and Server 2012 R2 got it very delayed through an “interesting” hotfix. Windows Server 2016 seems to be the most reliable choice.
Second lesson I learned is, always install the Microsoft SQL Server Management Studio on the WSUS Server. You will need it sooner than later.
Third lesson is that WSUS will fail sooner or later, if you don’t execute a maintenance script on a regular basis. Continue reading “How I build and maintain WSUS Server”

Taking back control of Windows Update: Install Updates when you want to!

For years we were more than unsatisfied with the options we had to choose from to patch our Microsoft Windows Servers. Without additional utility you are restricted to the few options Group Policy offers. So as I am always searching for a simple but efficient solution to such a painful problem, I combined two fantastic tools, to a powerful Windows Update Scheduler: PDQ Deploy and ABC Update.

tl;dr: If you choose option “3 – Auto download and notify for install” for your WSUS Group Policy, you can take any advanced Task Scheduler like PDQ Deploy in combination with ABC-Update to install Windows Updates scheduled the way YOU want it to be!

Prologue, where is my problem?

First let’s take a look at the options Microsoft offers us and why I refuse to rely on those. If I’m not completely mistaken the only Policy to choose when to patch Windows Updates has been “Configure Automatic Updates” since ever: Continue reading “Taking back control of Windows Update: Install Updates when you want to!”