Installing and Configuring Citrix Provisioning Services 7.1

install-and-configuring-pvs-71-banner

In this step-by-step installation guide I will install Citrix Provisioning Services 7.1 on a Microsoft Windows Server 2012 R2 system. I will install the PVS console, the server itself, configure the PVS farm, installing the target device software, running the Imaging Wizard, and finaly I will apply some optimizations.

For this installation I will use my current DHCP server, Microsoft SQL 2012 server and Citrix License server which are installed on a separate server. In addition to these components, you must also create a folder for the vDisk Store and create a services account before starting the installation.

Services account permissions

The services account needs the following permissions;

Database:

  • db_datareader
  • db_datawriter
  • Execute permissions on stored procedures

System:

  • Run as service
  • Registry read access
  • Program Files\Citrix\Provisioning Services (Full Control)
  • Read/write access to any vDisk location
  • If using Personal vDisk with XenDesktop, XenDesktop Full administrator privilages
  • If using KMS licensing, the service account needs to be a member of the local administrators group

Active Directory:

  • Domain User
  • Create, Reset and Delete computer objects permissions on relating OU’s
  • Reset password permissions on relating OU’s

User who performs the installation

The user you are using for the Citrix Provisioning Services Server installation needs the following SQL Database permissions;

  • DBCreator
  • Security Admin

Prerequisites (on Windows Server 2012 R2)

Provisioning Services Console

  • Microsoft Management Console 3.0
  • Windows PowerShell 2.0
  • Microsoft .NET 3.5 SP1 (when using with XenDesktop)
  • Microsoft .NET 4.0

Provisioning Services Server

  • Windows PowerShell 2.0
  • Microsoft .NET 3.5 SP1 (when using with XenDesktop)
  • Microsoft .NET 4.0

Windows Target Device 

  • Microsoft .NET 3.5 SP1 (when using with XenDesktop)
  • Microsoft .NET 4.0

DHCP Scope options

If PXE is not an option in your environment, you can configure the DHCP services to delivers the bootstrap file location. You can do this with the following DHCP scoop options;

  • 66: Boot Server Host Name
  • 67: Bootfile Name (ARDBP32.BIN)

Installing the Citrix Provisioning Services Console

install-and-configuring-pvs-71-001

Start the setup and click on Console Installation

install-and-configuring-pvs-71-002

Click Install

install-and-configuring-pvs-71-003

Click Next

install-and-configuring-pvs-71-004

Select I accept the terms in the license agreement and click Next

install-and-configuring-pvs-71-005

Click Next

install-and-configuring-pvs-71-006

Click Next

install-and-configuring-pvs-71-007

Select Custom and click Next

install-and-configuring-pvs-71-008

Click Next

install-and-configuring-pvs-71-009

Click Install

install-and-configuring-pvs-71-010

Click Finish

Installing the Citrix Provisioning Services Server

install-and-configuring-pvs-71-011

Select Server Installation

install-and-configuring-pvs-71-012

Select Install Server

install-and-configuring-pvs-71-013

Click on Install

install-and-configuring-pvs-71-014

For the Database Mirroring feature, the SQL native client is required on the server. Of you want to use this feature, click on Yes

install-and-configuring-pvs-71-015

Click Next

install-and-configuring-pvs-71-016

Select I accept the terms in het license agreement and click on Next

install-and-configuring-pvs-71-017

Click Next

install-and-configuring-pvs-71-018

Click Next

install-and-configuring-pvs-71-019

Click Install

install-and-configuring-pvs-71-020

Click Finish

Configuring Provisioning Services (Setting up the farm)

install-and-configuring-pvs-71-021

Click on Next

install-and-configuring-pvs-71-022

In my PoC environment the DHCP Services runs on another server.
Select what is applicable and click “Next”.

install-and-configuring-pvs-71-023

Select what is applicable and click “Next”.

install-and-configuring-pvs-71-024

Click Next

install-and-configuring-pvs-71-025

Browse to the SQL server and click Next

install-and-configuring-pvs-71-026

Fill in the requested information and click “Next”.

install-and-configuring-pvs-71-027

Fill in a Store name (anything you like), browse to the folder created for the vDisk and click Next

install-and-configuring-pvs-71-028

Fill in the Citrix License server address, optional select Validate License server version and communication and click Next

install-and-configuring-pvs-71-029

Select Specified user account, fill in the service account information and click Next

install-and-configuring-pvs-71-030

Click Next

install-and-configuring-pvs-71-031

Click Next

install-and-configuring-pvs-71-032

Select Use the Provisioning Services TFTP service and click Next

install-and-configuring-pvs-71-033

Click Next

install-and-configuring-pvs-71-034

Click Finish

install-and-configuring-pvs-71-035

Click Done

Installing the Citrix Provisioning Services Target Device (on a Windows Server 2012R2 Target)

Before installing the target device software I always disable IPV6 and Large Send Offload. See these steps under Optimizations (below this blog).

install-and-configuring-pvs-71-040

Start the installation and click on Target Device Installation

install-and-configuring-pvs-71-041

Click Target Device Installation

install-and-configuring-pvs-71-042

Click Next

install-and-configuring-pvs-71-043

Select I accept the terms in the license agreement and click Next

install-and-configuring-pvs-71-044

Click Next

install-and-configuring-pvs-71-045

Click Next

install-and-configuring-pvs-71-046

Click Install

install-and-configuring-pvs-71-047

If you want to launch the Imaging Wizard direct after this installation select Launch Imaging Wizard. Click Finish.

Running the Imaging Wizard

For this steps I already created a vDisk as described in this blog: How to create a Citrix XenApp 6.5 vDisk (will also apply for XenDesktop 7).

install-and-configuring-pvs-71-048

Click Next

install-and-configuring-pvs-71-049

Enter the Citrix Provisioning Services server where you created the vDisk and click Next

install-and-configuring-pvs-71-050

Select the vDisk and click Next

install-and-configuring-pvs-71-051

Click Next

install-and-configuring-pvs-71-052

Click Next

install-and-configuring-pvs-71-053

Click Next

install-and-configuring-pvs-71-054

Click Optimize for Provisioning Services

install-and-configuring-pvs-71-055

What to optimize depends on your environment, for example in most cases the Windows Autoupdate services can be disabled (also recommended sins the vDisk is read-only). But if System Center 2012 Endpoint Protection is used in the environment, the Windows Autoupdate services is needed for the anti-virus updates. Apply what is applicable for your environment and click OK.

install-and-configuring-pvs-71-056

Click Finish

install-and-configuring-pvs-71-057

Click Yes to reboot the server. After the reboot the disk will be converted.

Optimizations

Kerberos Security

In an Active Directory environment, the PVS Console, Imaging Wizard and the PowerShell snap-in will first try to communicate with SOAP Service using Kerberos. To let this work, SPNs must be created.To check if the SPNs are created by the PVS installer (in my case with PVS 7.1) run the following command;

-          Setspn –l <Services Account>

If this is not the case, they can be created with the following commands;

-          Setspn –a PVSSoap/<PVS Server Name> <Services Account>
-          Setspn –a PVSSoap/<FQDN> <Services Account>

Local and Remote Concurrent I/O limits

The Local and Remote Concurrent I/O limits controls the number of concurrent outstanding I/O transactions that can be sent to a storage device. By setting either count to 0 allows the PVS Services to run without any limits. If you change these values, the server must be rebooted before they have effect (keep an eye on the vDisk retries, if they are too high, the values must be modified).

installing-and-configuring-pvs-71-optimalizations-003

Within the Provisioning Server console, right click the server and click Properties

installing-and-configuring-pvs-71-optimalizations-004

Click Advanced

installing-and-configuring-pvs-71-optimalizations-005

Change the Local / Remote concurrent I/O limit value to 0 (depending if the vDisks are on the local disk or on a remote location).

Disable IPv6

By default Microsoft Windows will try to communicate over IPv6 when it is enabled. Citrix Provisioning Services is not working with IPv6 jet. To disable IPv6 completely (and not only for a specific NIC) apply the following registry key;

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\

DWORD (32-Bit) Value:  DisabledComponents = 0xffffffff

Disable Large Send Offload

To disable Large Send Offload first open the NIC properties BNNS, go to Advanced.

installing-and-configuring-pvs-71-optimalization-001

Set Large Send Offload V2 (IPv4) to Disabled

Apply the following registry key on the Provisioning Server and the Target device;

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\
DWORD (32-Bit) Value:  DisableTaskOffload = 1

Disable Check for publisher’s certificate and server certificate revocation

When the Citrix Provisioning server has no internet connection you can speed up the management console by disable the “Check for publisher’s certificate revocation” and “Check for server certificate revocation”. To do this open Internet Explorer, go to Internet Options, go to the Advanced tab and uncheck the Check for publisher’s certificate revocation and Check for server certificate revocation under Security.

installing-and-configuring-pvs-71-ie-security-01

Robin is a Technical Consultant with more than 17 years of IT experience. The last few years his main areas of work are designing and implementing Remote Desktop, Remote Applications and Mobility solutions where he specializes in Citrix (XenDesktop, NetScaler, XenMobile) and AppSense (DesktopNow) products.