Friday, May 11, 2012

Configuring WinRM for Windows XP SP3 for Citrix XenDesktop 5.5 / 5.6 Desktop Director

I’ve found that I’ve had problems with Desktop Director’s Shadow feature for every deployment containing Windows XP images so rather than having to retrace my steps through my notes, I thought it would be a good idea to blog the process.

Remote Assistance Group Policy

One of the most important component to complete is to create a group policy that permits:

  • Solicited Remote Assistance
  • Offer Remote Assistance

This can only be configured via an Active Directory group policy because if you try browsing into the local policy of a Windows XP desktop, you won’t see the options:

clip_image002

So create a new Active Directory Group Policy Object then navigate to Computer Configuration –> Policies –> Administrative Templates –> System –> Remote Assistance and enable:

image

image

image

Make sure you click on the Show button and add a group containing users who will be shadowing user sessions.  For this example, I will put the group domain admins into the Helpers:

image

Once the policy has been created, proceed with assigning this policy to the OU containing the virtual desktop’s computer object.

To ensure that this policy has been applied, review the groups in the Windows XP’s Computer Management console:

clip_image002[4]

Notice how the screenshot above does not contain a group named Offer Remote Assistance Helpers as the screenshot below:

clip_image002[6]

If the group is missing, it means the policy has not been applied or there is something wrong with the policy itself.

Configuring Master Image

The first step is to check the Windows Firewall/Internet Connection Sharing (ICS) service to ensure that it is not Disabled and is Started.  Whether the Startup type is set to Automatic or Manual (I prefer to set it to Automatic and use GPO to turn off the firewall) does not matter so change it to the setting of your preference:

image

Start the service:

image

Once the service has been started, execute the winrm quickconfig command in the command prompt:

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.

P:\Documents and Settings\administrator>winrm quickconfig

WSManFault

Message

ProviderFault

WSManFault

Message = Unable to check the status of the firewall.

Error number: -2147023143 0x800706D9

There are no more endpoints available from the endpoint mapper.

P:\Documents and Settings\administrator>

image

Now when you execute winrm quickconfig again, you should receive the following output:

P:\Documents and Settings\administrator>winrm quickconfig

WinRM already is set up for remote management on this machine.

image

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

Optional

There may be times when the listener on port 5985 no longer shows up when you execute netstat -ano so if that’s the case, execute the following command: winrm invoke restore winrm/config:

P:\Documents and Settings\administrator>winrm invoke restore winrm/config

Restore_OUTPUT

image

Then proceed to executing winrm quickconfig again:

image

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

Once WinRM has been configured, you are free to disable the firewall if you choose to:

image

Proceed with re-inventorying your master image if you’re using a personal vDisk, create a new snapshot, then update your desktop catalog:

image

image

Once the machines have been updated (make sure they are using the new base image), proceed with trying to shadow a user’s desktop and if you get the following pop up then you should be on your way to successfully shadowing the user’s session:

image

1 comment:

Halman Freud said...

I am still using windows xp, i think for citrix it is the best. The rest, more about the same. I keep a copy of my files also with google drive for windows which I consider is fine.