PowerShell: Auto logoff Citrix users

NOTE: Have XenApp 6.x and PowerShell? I revisited this problem in XenApp 6.5 with a new PowerShell script. Read about it here.

I recently came across a situation where I needed to clear users off a server in production for testing.  Typically, we assign a load evaluator to keep new users from connecting to it and watch the server.  When a user’s session becomes disconnected, we log the user off.  This can take a while depending on how busy the server is and is about as exciting as watching grass grow.  So, I thought “PowerShell can fix this problem!”  Here’s the result.

# ==============================================================================================
# NAME: CheckXenAppIsFree.ps1
# AUTHOR: Alain Assaf
# DATE : 05/21/2009
# COMMENT: Script that will run on a locked down server and automatically disconnect users
# until there are no more sessions.
# USAGE: .\CheckXenAppIsFree.ps1
# ==============================================================================================

# Prompt for server to watch
if (($citrixserver -eq $null) -or ($citrixserver -eq "")){
$citrixserver=$(Read-Host "Enter Server to watch until no sessions exist.")

# Setup Farm object
$MetaFrameWinAppObject = 3
$MetaFrameWinFarmObject = 1
$myFarm = New-Object -com MetaFrameCOM.MetaFrameFarm

# Checking if user is a Citrix administrator
If ($myFarm.WinFarmObject.IsCitrixAdministrator -eq 0) {
Write-Output "You must be a Citrix admin to run this script`n"

# Checking that the Citrix server exists
$MetaframeServers = $myFarm.Servers | Sort-Object -property ServerName | ? { $_.ServerName -like $citrixserver}
If ($MetaframeServers -eq $null) {
Write-Host "Invalid Citrix server" -ForegroundColor Red
Write-Host "Exiting CheckXenAppIsFree" -ForegroundColor Red

# Getting the currently assigned load evaluator
$le = $MetaframeServers.AttachedLE
$LEName = $le.LEName
$XenAppServerName = $citrixserver.ToUpper()

# If the LE isn't set to Lockdown, then this script will exit
If ($LEName -eq 'Lockdown') {
Write-Host "$XenAppServerName has '$LEName' attached." -ForegroundColor White
} else {
Write-Host "$XenAppServerName does not have a Lockdown LE attached. It has '$LEName' attached." -ForegroundColor White
Write-Host "Exiting CheckXenAppIsFree" -ForegroundColor Red

# Get the current session count
$sessCount = $MetaframeServers.SessionCount

# Check for disconnected users. If none, wait 10 minutes and check again
# If there are disconnected users. Log them off. Continue until there are no more logged in sessions.
while ($sessCount -ge 0) {
$MetaframeServers = $myFarm.Servers | Sort-Object -property ServerName | ? { $_.ServerName -like $citrixserver}
$sessCount = $MetaframeServers.SessionCount
Write-Host "Current session Count = $sessCount on $XenAppServerName" -ForegroundColor White
if ($sessCount -eq 0) { Write-Host "$XenAppServerName is free of users" -ForegroundColor White
} else {
$disconnected = @()
Write-Host "Checking for disconnected users on $XenAppServername" -ForegroundColor White
$disconnected = @($myfarm.Sessions | Where-Object {$_.SessionState -eq 5 -and $_.ServerName -eq $citrixserver})
if ($disconnected[0] -eq $null) {
Write-Host "There are no currently disconnected sessions on $XenAppServerName" -ForegroundColor White
Write-Host "Waiting 10 minutes" -ForegroundColor Red
Start-Sleep -Seconds 600
} else {
Write-host "Logging off disconnected users from $XenAppServerName" -ForegroundColor White
$i = 0
foreach ($user in $disconnected) {
$namedUser = $disconnected[$i].Username
write-host "Logging off $namedUser" -ForegroundColor White


Creating a Green Dashboard – Introduction

Green, the Green Economy, Green-collar jobs…

Green is in the news a lot lately.  Its importance has risen as the economy has slowed and the promise of various virtualization technologies to be “green” or allow a company to be greener has fired up the marketing wings of the companies that sell these technologies.  There are also a lot of ROI and savings reports that come along touting the economic advantages of virtualization.  A recent article by Virtualization Rock Star Brian Madden notes the hidden costs of VDI, which can be applied to any virtualization endeavor. 

So, you run a Citrix farm and provide access to remote users.  Did you know that you’re contributing to the green economy and saving your users and company money?  I intend on showing you how to mesh your user login information along with average costs and savings for telecommuting and displaying the results in a dashboard in real-time.

I’m planning on covering this series in 5 posts:

  • Part 1 – Using scripts to gather external logins to the Citrix Farm
  • Part 2 – Gathering average telecomuting statistics
  • Part 3 – Calculating savings and costs
  • Part 4- Displaying how Green your Citrix farm is in real-time.
  • Part 5 – Results and Conclusion


Citrix Admin Duh moment

From MetaFrameXP
From MetaFrame4.0


Since we had changed our front end to dual NetScalers (9010 Plantium edition) we ran into a problem delivering a certain application. Previously with MSAM (yes, we were one of 2 customers with that gem of a solution) we had 2 sets of servers with different session timeout settings to service internal and external users accessing the application. Users with an external IP (i.e. working from home) got routed to the external servers and vice-versa for internal.
Due to load balancing our connections internally with 2 other Netscalers, We found that the IP forwarded to the farm would be internal, thus making the load evaluator which routed external users useless.  The only way we could find to resolve this was to move the VIP to an externally facing IP, thus our load evaluators would work and route users correctly again.
This brings me to the above picture. In all the years of managing Citrix, I’ve never changed the Access Control screen when publishing an application. Today, we all were looking at it and realized that it might have been a much simpler solution and would have resolved the issue quickly.  That being said, it would have required us to publish 2 different versions of the application in such a way that it would not be obvious to our users.

I just wanted to share this since we all have moments when we cannot see the forest for the trees.



A hard, rough, abrasive look at camel spotting…no dromedaries…no virtualization.

%d bloggers like this: