Creating a Citrix Farm inventory report without snap-ins

There are a few excellent scripts out there which can create an inventory report of your Citrix Farm. However, these scripts usually make use of the Citrix PowerShell snap-ins. Most of the data in Citrix Virtual Apps and Desktops (formerly known as XenApp and XenDesktop) is available through the Monitoring Service which is available on the Citrix Delivery Controllers. By using OData queries, most data can be retrieved without using any snap-ins or modules. I did some investigation and created a script which does exactly this.

I’m looking for any input and feedback on this script. So if you have any feedback or run into any problems, feel free to leave a comment or send me an email.

To download the PowerShell script I created, press the “Download Now” button:


Read More

Credentials not saved in Internet Explorer

Last week I ran into a problem where credentials were not being saved in Internet Explorer. When users enter a username and password, Internet Explorer asks to save the credentials.

Users press the “Yes” button, however when you check the Credential Vault, the Web Credentials remain empty.

Read More

PowerShell security issue with file access

I ran into strange behavior of PowerShell, which I consider being a security issue. I don’t know if this is expected behavior built in by Microsoft, but by using this “bug”, you can check the contents of a folder to which you don’t have access permissions. When using the Test-Path cmdlet, the command behaves a bit different than expected.

If Test-Path is used on a file which is in a folder where you don’t have access permissions to (eg. NTFS permissions are set), the command returns $false, but also throws an UnauthorizedAccessException (access denied). However, when the file actually doesn’t exist, the command will only return $false. By catching the error, you know if the file exists or not. By using a brute-force method, you can enumerate the entire contents of the directory. This way it’s possible to find out what kind of applications are installed on a machine, and possibly exploiting weakness in these applications. Read More

Converting Azure Managed Disks to Unmanaged

Microsoft has introduced the ability to create managed disks in Azure a while ago. This feature takes away the manual management overhead for you to keep track of your storage account limits. Managed disks are not stored in “regular” storage accounts, but Microsoft will take care of the VHD placement and will keep track of any IOPS limitions.

For example, a Standard Size VM allows 500 IOPS per disk. The maximum IOPS for a Standard storage account is 20.000 IOPS. This means that you can host a maximum of 40 disks (OS or Data) in a Standard storage account. When you use unmanaged disks, you’ll need to keep track of this limitation yourself. When using managed disks, Microsoft will make sure the 500 IOPS per disk is available, regardless of the storage account.

The conversion of an unmanaged disk to managed is very easy; Microsoft created the ConvertTo-AzureRmVMManagedDisk CmdLet for this. But if you want to convert back from managed to unmanaged, no CmdLet or function in the Azure portal is available for the conversion (for example Azure Site Recovery; very nice feature of Azure, but it doesn’t support managed disks). Converting back to unmanaged is a bit harder, but still possible.

Read More

Use PowerShell to back up your files to an Azure Storage Blob

I was browsing the Microsoft Technet forums last week and came across a question if there’s a way to back up files and folders to an Azure Storage Blob by using PowerShell. I know that Microsoft introduced Azure Site Recovery (ASR) and Azure Backup together with the Azure Backup Agent (MARS) (more information on the Microsoft site) to achieve exactly this functionality.

But thinking further, I thought this could be a nice opportunity to create such a script and get some more knowledge about writing to Azure Storage using PowerShell. So this is exactly what I did: create a script which can create a backup of your files on Azure Blob Storage. This script will check either the last write time of the file, or the MD5 hash of the content (depending on the passed parameters), and copies the files to Azure which are either newer, or have a different MD5 hash. In this article I’ll describe how the script works and what the challenges were when creating the script.

The PowerShell script I created is available on the Microsoft Technet Gallery: https://gallery.technet.microsoft.com/Back-up-files-to-Azure-b9e863d0

Read More

Create VM image and size availability matrix from Azure

In my previous post, I described how to retrieve a list of available VM sizes and images from Azure using PowerShell. I’ve written two scripts which do exactly that. The scripts allow you to create an availability matrix containing either a list of VM sizes or a list of VM images you can use to deploy your IaaS VMs.

These 2 scripts will output to a CSV file which can be imported in Excel to do filtering. This gives you an easy overview on which VM images are available in which Azure locations. The same goes for VM sizes (eg. Basic_A0, Standard_GS1, etc.).

Read More

Getting started with Powershell for Azure

As for every Microsoft product, every task in Microsoft Azure can be scripted using PowerShell. This article will help you get started with the Azure CmdLets.

Checking and downloading the PowerShell Tools

To start off, you’ll need the Azure PowerShell CmdLets installed on your system to be able to run any PowerShell scripts against Azure. To check if the Azure modules are available on your system, you can use the following command:

Get-Module -ListAvailable -Name Azure*

The check is simple; if there’s no output, the Azure PowerShell tools aren’t installed. If they are installed, it looks something like this:

PS C:\Data> Get-Module -ListAvailable -Name Azure*


    Directory: C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager


ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Manifest   0.0.1      AzureRM.AnalysisServices            {Resume-AzureRmAnalysisServicesServer, Suspend-AzureRmAnal...
Manifest   3.1.0      AzureRM.ApiManagement               {Add-AzureRmApiManagementRegion, Get-AzureRmApiManagementS...
Manifest   2.3.0      AzureRM.Automation                  {Get-AzureRMAutomationHybridWorkerGroup, Get-AzureRmAutoma...
Manifest   2.3.0      AzureRM.Backup                      {Backup-AzureRmBackupItem, Enable-AzureRmBackupContainerRe...
Manifest   2.3.0      AzureRM.Batch                       {Remove-AzureRmBatchAccount, Get-AzureRmBatchAccount, Get-...
...

Read More

Configuring Windows Server 2012 Core: PowerShell

As mentioned in my previous post about configuring Windows Server 2012 Core, you have multiple options. One is sconfig, but the preferred method is using PowerShell. PowerShell is a really powerful scripting language and Microsoft is pushing the use in all of their products.

In this post, I will describe how to configure your Windows Server 2012 Core installation using PowerShell. I will describe how to change your computername, set the IP address and join your server to the domain.

Read More

Monitoring XenApp with WMI – Part 2: Citrix Servers

In part 1 of this series I talked about the basics of the Citrix WMI providers. In this part, I will talk about getting all information about a XenApp server, like which farm it belongs to, what applications are published, etc.

Again, I will be using PowerShell to get the WMI classes. I will assume that you are logged in to the XenApp server to do the WMI calls. But all of these calls can be done from another server (as long as you have the correct permissions and WMI isn’t blocked by a firewall). See part 1 to get more information about remote WMI calls.

Read More

Monitoring XenApp with WMI – Part 1: Basics

It has been a long time ago since I last created a new post. Time for a new one! I’ve created a series of posts about starting ICA connections programmatically (by using PowerShell). These posts were about the client-side of ICA connections; in this series, I will talk about using the Windows Management Instrumation (WMI) which allows you to monitor your XenApp environment.

While Citrix did document something on eDocs, it’s not a highly-documented feature. This feature is actually quite useful when, for example, monitoring your environment.

This post is not about WMI basics, so I expect that you already know what WMI is and how it’s used. I’ll be using PowerShell as an example, but any scripting/programming language can be used to access the WMI classes. To get more information about WMI in general, visit the Microsoft MSDN site.

Read More