Using My Citrix XenApp 6.5 PowerShell Documentation Script with Remoting

I received an email from a reader wanting to know how to get my Citrix XenApp 6.5 Farm PowerShell documentation script to work remotely.  After I wrote my original script and article, Citrix updated the XenApp 6.5 PowerShell SDK to support Remoting and a Default Computer Name.  Even using the new –ComputerName parameter he was still unable to get my script to work.

Note: This article was updated November 20, 2015. Go to the bottom of this article to see the updated information.

What I did was install the Citrix XenApp 6.5 PowerShell SDK and Group Policy modules on my lab domain controller.  All my lab servers have the Windows Firewall enabled and Server Manager Remote Management enabled.

I found this information in the SDK help file on Remoting Cmdlets:

This section explains how to invoke the XenApp Commands remotely. In XenApp 6.5 the cmdlets can be remoted using
the -ComputerName parameter.  In order to facilitate running existing scripts remotely without having to make
significant changes, a default computer name can be set in the client machine. To do this a new set of cmdlets
was introduced. When the default computer name is set, all the cmdlets will automatically remote to the server
specified without having to explicitly use the -ComputerName parameter every time.

To set the default computer name:

Set-XADefaultComputerName server1

My lab XenApp 6.5 server is named XA65, so I entered

Set-XADefaultComputerName XA65 

on my domain controller.  When I ran my documentation script, I received:

Figure 1

Figure 1

I then ran Microsoft’s Sysinternals ProcMon to get a network trace and found that TCP Port 2513 needed to be opened (Figure 2).

Figure 2

Figure 2

My wife tells me I couldn’t find a 10 gallon (37.8541 Liter) jug of milk on the top shelf of the fridge!  What does this have to do with anything?  DOH! At the top of the help file I now see (Figure 3):

Figure 3

Figure 3

The help text says TCP Port 2513 must be opened on both computers but I found I only needed it opened on the XenApp server.  To me, that is one less port open on my network.

I created a Windows Firewall Rule on my XenApp server to open TCP Port 2513 between the domain controller and my XenApp server (Figure 4).  The “remoteip” will need to be the IP address of the computer used to run the script.

 netsh advfirewall firewall add rule name="Citrix PoSH TCP Port 2513" dir=in action=allow description="Allow communication between XenApp and remote computer running PoSH scripts" enable=yes profile=any remoteip= protocol=tcp localport=2513  
Figure 4

Figure 4

The Windows Firewall GUI shows my new rule created and enabled (Figure 5).

Figure 5

Figure 5

Now my scripts runs (Figure 6).

Figure 6

Figure 6

Now you can use my XenApp 6.5 PowerShell Documentation Script with absolutely no modifications and have it work with remoting.  Thanks Citrix for making this so easy.

Update November 20, 2015:

If you are having an issue connecting, make sure the Citrix XenApp Commands Remoting service is started. I have seen this service in three states at various locations: Manual, Automatic but not Started and Automatic and Started.  Make sure this service is Started and then your remote connection should succeed.

Thanks to my Aussie friend Jeremy Saunders for reminding me to update this article with this information.

Figure 7

Figure 7

, , , , ,

About Carl Webster

Webster is a Sr. Solutions Architect for Choice Solutions, LLC and specializes in Citrix, Active Directory and Technical Documentation. Webster has been working with Citrix products for many years starting with Multi-User OS/2 in 1990.

View all posts by Carl Webster

20 Responses to “Using My Citrix XenApp 6.5 PowerShell Documentation Script with Remoting”

  1. Ansar Says:

    When ran the script I get message- “A remote connection to XA65 could not be established”

    When ran GetXAFarm I get below error

    Get-XAFarm : No DNS entries exist for host XA65

    Please help to run this remotely as I have PS v4 only on jump server.


    • Carl Webster Says:

      From the jump server, can you successfully ping the XenApp 6.5 server you want to establish a remote connection with?



  2. Juliano Says:

    Hi. I am trying to run a script to health check a XenApp 5, but it not work. I installed the XenApp 6.5 SDK in a Data Collector Machine.
    When I try to run a simple command from Powershell with Citrix 6.5 Server SDK, like “GET-XAFarm” i received a message that citrix commands must be executed at the Citrix server or using remoting. Make sure that your user account is a Citrix Administrator and that the IMA service is started.
    But I am logged with admin account, ima service is running.

    When I try to run this command with parameter -localhostonly or -computername it always through a timeout message.
    Get-XAFarm : The open operation did not complete within the allotted timeout of 00:00:00. The time allotted to this operation may have been a portion
    of a longer timeout.

    Additional information. Windows Firewall is closed. telnet to port 2513 is ok. Windows version is 2008 STD 32 bits.
    Powershell commands are ok.
    I run the Enable-psremoting ok.

    I view that the Citrix XenApp Commands Remoting is not installed on servere even after I marked all options when I installed XenApp 6.5.

    Do you have any idea how can I solve this problem?



  3. Jeremy Saunders Says:

    Hi Webster,
    One interesting thing I found is that the XenApp server you are attempting to connect to remotely may not be listening on TCP 2513. This is because the “Citrix XenApp Commands Remoting” service is not started. On this particular customer site it’s set to a Startup Type of Manual. Simply start it and all is good. You may want to add this to your article.


  4. Felton Lewis Says:

    Carl – will this procedure work with 6.0 as well?


  5. Mike Gower Says:

    Hi Carl –
    Awesome job on this!


  6. Javed Says:


    This is the error I get.

    PS C:\Windows\System32\WindowsPowerShell> Add-PSsnapin “Citrix.Xenapp.Commands”
    PS C:\Windows\System32\WindowsPowerShell> get-xafarm
    Get-XAFarm : Could not connect to net.tcp://XXX-XXXXX:2513/Citrix/XenAppCommandsRemoting. The connection attempt
    lasted for a time span of 00:00:02.0280000. TCP error code 10061: No connection could be made because the target machin
    e actively refused it
    At line:1 char:11
    + get-xafarm <<<




  7. Javed Says:

    I am using the 4.1 version on a Xenapp6.5 server and I am getting this error message. Can you please let me know, what is missing and the script is running on the local machine.

    PS C:\Windows\System32\WindowsPowerShell> .\XA65_Inventory_V41.ps1

    Security Warning
    Run only scripts that you trust. While scripts from the Internet can be useful, this script can potentially harm your
    computer. Do you want to run C:\Windows\System32\WindowsPowerShell\XA65_Inventory_V41.ps1?
    [D] Do not run [R] Run once [S] Suspend [?] Help (default is “D”): r
    WARNING: Farm information could not be retrieved
    C:\Windows\System32\WindowsPowerShell\XA65_Inventory_V41.ps1 : A remote connection to XXX-XXXX-XXXX could not be established. Script cannot continue.
    At line:1 char:25
    + .\XA65_Inventory_V41.ps1 <<<<
    + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,XA65_Inventory_V41.ps1



  8. Jim Millard Says:

    With remoting enabled, is there a way to authenticate from a foreign-domain client? IE, I’d like to have this script (and necessary modules) installed on my laptop and be able to use it against my customers’ environment without doing anything to their servers (eg, install the SDK).


    • Carl Webster Says:

      I don’t know about the authentication piece but I bet Don Jones has a blog article somewhere about it.

      XenApp 6.5 includes the standard PoSH stuff to gather everything but the policy data (well the policy data I gather). If you do not need info on the Citrix farm based policies you do not need to install the Citrix.GroupPolicy.Commands module on the servers. BUT, if you do want the policy info, you MUST install that module on the XenApp 6.5 server you will be using to remotely process the script on.



      • Markus Löffler Says:

        Hello Carl,

        i tried the remote execution with V4.2 of your XenApp 6.5 Documentation script. unfortunately it says :

        WARNUNG: Remoting is enabled.
        WARNUNG: The Citrix.GroupPolicy.Commands module does not work with Remoting.
        WARNUNG: Citrix Policy documentation will not take place.

        Even if the Citrix.GroupPolicy.Commands Module is installed on the XenApp Server.
        And the Policy-Chapter is missing in the documentation.

        Do you have any idea or is this by design and the policies are only documented when the script runs directly from a XenApp Server?

        Regards, Markus

      • Carl Webster Says:

        Citrix did not add remoting support to the Citrix.GroupPolicy.Commands Module. The only way to get the policy data in the report is to run the script from a XenApp server. I have never been able to figure out how to get the policy data by using a PowerShell remote session.


  9. Chris Flynn Says:

    Hi Carl,

    I wanted to thank you very much for this, I have made the changes to the firewall with TCP Port 2513 and now it works remotely. I just need to get my networks team to allow that port from my management server and Job Done. This has been extremely helpful.

    I also had this open on the Citrix Forums, which received some other suggestions in case others receive different problems from me they can have a look.

    Can you query XenApp 5 environments with Powershell remotely from a management server? and if so does this also use the same TCP Port 2513?

    Thanks for your help.


Leave a Reply