New Script: Documenting Citrix Cloud with Microsoft PowerShell V1.00
After a lot of hard work by the testers and myself, we are pleased to release a new Citrix Cloud (CC) / Citrix Virtual Apps and Desktops service (CVADS) documentation script.
There are five important things you should know about this script.
- It works only with Citrix Cloud, it does not support the on-premises product
- Stating the obvious, you must have an account on citrix.cloud.com
- It requires a minimum PowerShell version of 5
- The default output is HTML, not Microsoft Word
- You can select any combination of the four output report types: HTML, MSWord, PDF, and Text
Please see the ReadMe file for the rest of the script’s requirements.
I want to thank several testers who provided lots of feedback, input, sample reports, and worked with me to test fixes, and helped me understand the Citrix Cloud authentication process.
- Arnaud Pain – fellow CTP
- Eric Haavarstein – fellow CTP
- David Prows – fellow IGEL INSIDER
- Devan Tilley – IGEL stud and co-worker of David Prows
There were more testers, but these four went above and beyond the call of duty.
We learned several interesting and odd things along the way.
- Some of the testers had no problem running the script non-elevated, but most of us could not get the Citrix Cloud authentication cmdlet to work unless run from an elevated PowerShell session. That forced me to require an elevation test for the script to run.
- Getting Citrix Cloud authentication figured out was a royal PITA. As covered in the ReadMe file, you can create a named profile or create a “Default” profile. What we found initially was that if you requested to get Citrix Policy data, even if you used a named profile, you would get prompted for authentication on the first call the New-PSDrive by the Citrix policy code. But, if you create a “Default” profile, that profile would automatically be used by New-PSDrive. Getting all this figured out so you can run the script automated as a scheduled task was quite a chore. What we figured out is the easiest thing to do is create the “Default” profile and run the script with that. The “Default” profile is automatically used by the Get-XDAuthentication cmdlet and by New-PSDrive. The bottom line, create a profile named “Default” and it makes using this script much simpler. Thanks to Arnaud, David, Devan, and Eric for answering the 100s of questions I had trying to get this figured out and documented. I added a help text example showing how to use the script as a scheduled task.
- The original goal was to use only the modules provided by Citrix with the Remote SDK. That turned out to cause a lot of frustration. First, documenting the Citrix Policies would not work and we saw a lot of weird errors with retrieving StoreFront information. By that, I mean the StoreFront servers configured in Studio. To make a very long story short, it turns out the cmdlets used to retrieve StoreFront data require the use of the Citrix.Common.GroupPolicy snapin. The only way to get that snapin is to install the Citrix Group Policy Management Console (CGPMC). It appears the way Citrix retrieves StoreFront data requires a PSDrive and without the Citrix.Common.GroupPolicy snapin, the required PSDrive doesn’t exist and cannot get created. Once the CGPMC is installed and the snapin added to the PowerShell session, the required cmdlets work properly. This is a very weird dependency. By the way, no one ever was prompted for authentication for the StoreFront PSDrive, only the Citrix Policy PSDrive. Weird.
- Several testers would get errors if the script was run more than one time in the same PowerShell session with odd PSDrive errors. I recommend that you run the script from a new, elevated PowerShell session each time.
This script is based on the CVAD V3.00 script. It only took a laborious three weeks to turn that script into one that documented Citrix Cloud.
Here are the changes in the V1.00 Citrix Cloud script from the CVAD V3.00 script. Many of the fixes were put into the V3.00 and V2.36 scripts. If it needed fixing in this script, the other scripts needed the same fixes.
- Add a switch statement for the machine/desktop/server Power State
- Add a test to make sure the script is running from an elevated PowerShell session
- Add additional Citrix Cloud administrator permissions:
- Add App-V applications
- Remove App-V applications
- Read Storefront Configuration
- Update Storefront Configuration
- View Filters page Application Instances only
- View Filters page Connections only
- View Filters page Machines only
- View Filters page Sessions only
- Other Permissions
- Customer Update Site Configuration
- Update Site Configuration
- Read database status information
- Export Broker Configuration
- Add UPM Broker Machine Configuration
- Read UPM Broker Machine Configuration
- Delete UPM Broker Machine Configuration
- Added a ValidateSet to the Sections parameter. You can use -Section, press tab, and tab through all the section options. (Credit to Guy Leech)
- Added a -ProfileName parameter for use by Get-XDAuthentication
- For more information, see the Authentication section in the ReadMe file https://carlwebster.sharefile.com/d-sb4e144f9ecc48e7b
- Thanks to David Prows and Devan Tilly for documenting this process for me to use
- Added testing to see if the computer running the script is in a Domain or Workgroup
- If not in a domain, and VDARegistryKeys is set, set it to $False
- If not in a domain, set NoADPolicies to $True
- Added testing to see if the Remote SDK is installed (Thanks to Martin Zugec)
- Change all Write-Verbose $(Get-Date) to add -Format G to put the dates in the user’s locale (Thanks to Guy Leech)
- Change checking some String variables from just $Null to [String]::IsNullOrEmpty
- Some cmdlet’s string properties are sometimes Null and sometimes an empty string
- Change checking the way a machine is online or offline
- Change some cmdlets to sort on the left of the pipeline using the cmdlet’s -SortBy option
- Changed testing for existing PSDrives from Get-PSDrive to Test-Path
- Comment out the code for Session Recording until Citrix enables the cmdlet in the Cloud
- Fixed administrators output by restricting to UserIdentityType -ne “Sid” -and (-not ([String]::IsNullOrEmpty($_.Name)))
- Fixed an issue with “Connections meeting any of the following (Access Gateway) filters”
- If you selected HTML and any other output format in the same run, only the HTML output had any Access Gateway data
- Fixed issue with PowerShell 5.1.x and empty Hashtables for Ian Brighton’s Word Table functions
- PoSH 3, 4, and 5.0 had no problem with an empty hashtable and would create a blank Word table with only column headings
- For many tables, before passing the hashtable to Ian’s function, test if the hashtable is empty
- If it is, create a dummy row of data for the hashtable
- For example, a RemotePC catalog based on OU that contains no machines, or Applications with no administrators
- Instead of having a missing table, the table will now have a row that says “None found”
- Fixed issue with the array used for Appendix A and the CSV file when selecting multiple output formats
- If HTML and Text and MSWord were selected, Appendix A and the CSV file contained three duplicate entries
- Changed from using only one array to three. Changed from using $Script:ALLVDARegistryItems to
- Fixed output issues with Power Management settings
- Fixed several more array out of bounds issues when accessing element 0 when the array was empty
- Fixed Zone output by excluding “Initial Zone” and Zones with a name of “00000000-0000-0000-0000-000000000000”
- For Appendix A, Text output, change the column heading “DDC Name” to “Computer Name” to match the HTML and MSWord/PDF output
- For Zones, add Citrix Cloud Connectors
- For Zones, add MemType into the Sort-Object for Site View and Zone View
- For Zones, for MSWord and PDF output, change the column widths
- Removed a lot of the Licensing code as there are no Get-Lic* cmdlets in the Remote SDK
- Removed all code for BrokerRegistryKeys
- Removed AppendixB
- Removed all code for CEIP
- Removed all code for Hardware
- Removed all code for Microsoft hotfixes, Citrix hotfixes, and installed Windows Features and Roles
- Removed AppendixC, AppendixD, and AppendixE
- Removed all code for the Controllers section
- Also removed code for checking if StoreFront is installed on the Delivery Controller
- Removed all code for the three Citrix SQL databases
- Removed some code for Configuration Logging.
- We don’t have access to Preferences or the Logging database details
- We do have access to the configuration logging high-level action details
- Remove checking for product code MPS since that doesn’t exist in the cloud licenses
- Removed the help text and parameter for $AdminAddress
- Hardcode $AdminAddress to LocalHost
- Removed licensing data that didn’t make sense for Citrix Cloud and added some data that did make sense
- Since the RegistrationState property is an enum, add .ToString() to the machine/desktop/server variable so HTML output is correct
- When getting the Master VM for an MCS based machine catalog, also check for images ending in .template for Nutanix
- When getting the provisioning scheme data for a machine, only process machines with a provisioning type of MCS
- There is no provisioning scheme data for manually or PVS provisioned machines
- When VDARegistryKeys is used, now test the RemoteRegistry service for its status
- If the service is not running, add that information into the various *VDARegistryItems arrays
- Where appropriate, changed all “CVAD” to “CC”
You can always find the most current script by going to https://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/