Friday, March 25, 2016

XenApp 6.5 Remote Powershell

Recently I wanted to be able to remotely run a powershell script against my XenApp 6.5 farm to be able to manipulate the logon mode.  This can easily be done with Powershell from the hosts themselves, but I ran into issues when running it from workstations or in my case a monitoring service.

Goal: Remotely run a powershell script from a monitoring service to disable logons if a specific failure occured.  In addition, query the server what what the servers are currently set to.

Requirements:
  1. XenApp AppCenter / DSC installed on remote machine
  2. Patch DSCXAMx650W006 installed on remote machine
  3. CitrixXenAppCommandsRemoting Service set to Automatic and Running on at least one server in the farm.
  4. Port 2513 open
Note: if a XA server is installed in Session host mode then it will have the Command Remoting service disabled.

Once you have AppCenter installed and the patch installed you should be set.  Open Powershell up (I prefer to use ISE)

First we need to add the Citrix snappin.  Add-PSSnapin Citrix*
For the command we'll need two components to make it work.
  1. -Computername parameter, this is going to be the XA Server that has the XenApp Command Remoting Service enabled and running on it.  
  2. -Servername parameter, this is going to be the XA Server that you want information on.  If you do not include this parameter then it will return information on all servers in the farm.

Example:
Let's say I want to find out all information for a single server in my farm.  In this instance XAADM is my data collect that has the Commands Remoting service running on it and XA01 is the server I want information on.  In this instance we could run the following:

Get-XAServer -ComputerName XAADM -ServerName XA01

Great, now we can use this to disable logons on a server remotely.  https://www.citrix.com/blogs/2013/03/14/how-to-put-xenapp-servers-to-maintenance-mode/

Set-XAServerLogonMode -ComputerName $Comp -LogOnMode $LogonMode -ServerName $Server
options:

  • AllowLogOns
  • ProhibitNewLogOnsUntilRestart
  • ProhibitNewLogOns
  • ProhibitLogOns

or to get a list of LogonMode status:
$(Get-XAServer -ComputerName XAADM -ServerName XA01).LogonMode


Errors and causes:
Citrix XenApp Commands Remoting Service:
Get-XAServer : Could not connect to net.tcp://s-xa01:2513/Citrix/XenAppCommandsRemoting. The connection attempt lasted for a time span of
00:00:01.0010632. TCP error code 10061: No connection could be made because the target machine actively refused it x.x.x.x:2513.
At line:1 char:3
+ $(Get-XAServer -ComputerName S-XA01).LogonMode
+   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Get-XAServer], EndpointNotFoundException
    + FullyQualifiedErrorId : System.ServiceModel.EndpointNotFoundException,Citrix.XenApp.Commands.GetServerCmdlet

cause:
This error indicated that the "CitrixXenAppCommandsRemoting" service was not running on the specified "Servername"


Citrix Remoting:
Get-XAServer : Citrix commands must be executed at the Citrix server or using remoting. Make sure that your user account is a Citrix
administrator and that the IMA service is started.
At line:1 char:1
+ Get-XAServer
+ ~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Get-XAServer], InvalidOperationException
    + FullyQualifiedErrorId : ImaInteropError,Citrix.XenApp.Commands.GetServerCmdlet

cause:
Command was issued using -servername which works if proper remoting is setup with certificate, This can be challenging to setup, instead use -computername to target the remoting service along with -servername to target the server needed.  IE Get-XAServer -Computername XAwithRemotingService -Servername XAwantinginfofrom