I’ve found that I’ve had problems with Desktop Director’s Shadow feature for every deployment containing Windows XP images so rather than having to retrace my steps through my notes, I thought it would be a good idea to blog the process.
Remote Assistance Group Policy
One of the most important component to complete is to create a group policy that permits:
- Solicited Remote Assistance
- Offer Remote Assistance
This can only be configured via an Active Directory group policy because if you try browsing into the local policy of a Windows XP desktop, you won’t see the options:
So create a new Active Directory Group Policy Object then navigate to Computer Configuration –> Policies –> Administrative Templates –> System –> Remote Assistance and enable:
Make sure you click on the Show button and add a group containing users who will be shadowing user sessions. For this example, I will put the group domain admins into the Helpers:
Once the policy has been created, proceed with assigning this policy to the OU containing the virtual desktop’s computer object.
To ensure that this policy has been applied, review the groups in the Windows XP’s Computer Management console:
Notice how the screenshot above does not contain a group named Offer Remote Assistance Helpers as the screenshot below:
If the group is missing, it means the policy has not been applied or there is something wrong with the policy itself.
Configuring Master Image
The first step is to check the Windows Firewall/Internet Connection Sharing (ICS) service to ensure that it is not Disabled and is Started. Whether the Startup type is set to Automatic or Manual (I prefer to set it to Automatic and use GPO to turn off the firewall) does not matter so change it to the setting of your preference:
Start the service:
Once the service has been started, execute the winrm quickconfig command in the command prompt:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
P:\Documents and Settings\administrator>winrm quickconfig
WSManFault
Message
ProviderFault
WSManFault
Message = Unable to check the status of the firewall.
Error number: -2147023143 0x800706D9
There are no more endpoints available from the endpoint mapper.
P:\Documents and Settings\administrator>
Now when you execute winrm quickconfig again, you should receive the following output:
P:\Documents and Settings\administrator>winrm quickconfig
WinRM already is set up for remote management on this machine.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Optional
There may be times when the listener on port 5985 no longer shows up when you execute netstat -ano so if that’s the case, execute the following command: winrm invoke restore winrm/config:
P:\Documents and Settings\administrator>winrm invoke restore winrm/config
Restore_OUTPUT
Then proceed to executing winrm quickconfig again:
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Once WinRM has been configured, you are free to disable the firewall if you choose to:
Proceed with re-inventorying your master image if you’re using a personal vDisk, create a new snapshot, then update your desktop catalog:
Once the machines have been updated (make sure they are using the new base image), proceed with trying to shadow a user’s desktop and if you get the following pop up then you should be on your way to successfully shadowing the user’s session:
1 comment:
I am still using windows xp, i think for citrix it is the best. The rest, more about the same. I keep a copy of my files also with google drive for windows which I consider is fine.
Post a Comment