Category Archives: Administration

PowerShell: Friday Script Blitz 2

scripts-powershell-scripts-everywhere

Intro

In my current position I’m getting to do a lot of PowerShell scripting. Typically these are quick scripts for maintenance or finding information about our Citrix environment. I’m posting several here to share.

NOTE: These scripts were written against a XenApp 6.5 environment

check-deedrive.ps1

Iterates though all XenApp Servers in the farm and checks that the D: drive is formatted. I wrote this because we found some existing provisioned servers that had unformatted D: drives attached.

Get it from GitHub

count-usrprof.ps1

Iterates though user’s profile directories and counts number of files in specified sub directory. It produces a CSV report (if the file count is above a threshold you set in the script) and also counts the total number of profiles. Useful for confirming your profile management solution is working as expected.

Get it from GitHub

clean-crashdumps.ps1

Iterates though a list of servers and reports on crashdumps. EdgeSight and Windows can collect crashdumps and if you don’t clear them off, the accumulate. This script will generate a CSV report and delete the dumps if the -delete switch is included.

Get it from GitHub

Thanks for reading,
Alain

PowerShell: Friday Script Blitz

everyone-gets-powershell

Intro

In my current position I’m getting to do a lot of PowerShell scripting. Typically these are quick scripts for maintenance or finding information about our Citrix environment. I’m posting several here to share.

NOTE: These scripts were written against a XenApp 6.5 environment.

get-xacmdln.ps1

Lists active published applications’ command lines and working directories based on a search word.

psscriptblitz1a

Get it from GitHub.

get-xawgapps.ps1

Lists active published applications from a designated XA 6.x Worker Group

psscriptblitz1b

Get it from GitHub

get-xasessions.ps1

Displays total, active, and disconnected sessions from a XA 6.x farm

psscriptblitz1c

Get it from GitHub

Happy Friday!
Alain

PowerShell: Drain users from a XenApp Server

drain-xaserver

Intro

Citrix has provided XenApp administrators several tools to control server access. Applying load evaluators and login modes allows us to establish reboot and maintenance schedules. At times, however getting users off a server becomes urgent. In this post we’ll cover a script designed to automatically drain users off a XenApp server with different levels of “aggression”.

Scenario

Your ever-intrepid security team informs you that a user on one of your Citrix servers went to a malicious web site. While everyone is reasonably sure that the web security filters prevented anything bad from happening, you err on the side of caution and implement a standard procedure to remove the system from production, perform a security scan, get the connected users off, and reboot the server (because you’ve naturally implemented PVS and rebooting will remove any changes that have occurred since the image was last sealed). Depending on your idle and disconnection policies, this could take a while. If only there was a way to get users off a system in a timely manner without inconveniencing them too much. Oh wait…PowerShell

Why So Aggressive?

The purpose of the drain-xaserver script is to look for disconnected ICA sessions and log them off your server. But what if your users are busy working away or if you have liberal idle session timeouts? Well, in order to add some urgency to this script, I included a switch parameter that determines how long a session can be idle before it is disconnected and then logged off.

If you choose Green (the default value), then your normal idle timeouts will occur. If you choose Yellow, the idle timeout gets reduced to 30 minutes. If you choose Red, the idle timeout is further reduced to 15 minutes. You can, of course, modify these settings to be longer or shorter. Just to be clear, these settings will override your Farm-wide idle session timeouts on the server you run this script against only while the script is running.

This script checks that a compatible Logon Mode was assigned to the server before sessions get logged off. In this case, the following Logon Modes will allow the script to proceed:

  • ProhibitLogOns
  • ProhibitNewLogOns
  • ProhibitNewLogOnsUntilRestart

Otherwise, the script will not run.

While True…Do Stuff

The script checks the number of ICA sessions and as long as it isn’t zero, keeps checking every 10 minutes (adjust for your environment) for new disconnected sessions. If you have set a Red or Yellow aggression level, line 15 (above) shows how the script calculates the user’s idle time. The LastInputTime value comes from running Get-XASession with the “-full” switch. This queries Citrix for session details that are usually omitted when using Get-XASession.

The Script

I went through a lot of revisions while testing, so please let me know if you run into any issues using this script in a XenApp 6.x environment. You can get the script from GitHub.

Thanks for reading,
Alain