Using XenDesktop with VMware
Using XenDesktop with VMware Infrastructure 3 or vSphere 4 require a few extra steps to set up and configure. VMware Infrastructure 3 and vSphere 4 both have a few different steps for XenDesktop Delivery Controller and XenDesktop Setup Wizard communication along with the proper permissions for the account used to connect to your Virtual Center or vCenter server. In this blog post I am going to go over the steps to set up and configure XenDesktop Delivery Controller and the XenDesktop Setup Wizard communication along with the permissions needed for both VMware Infrastructure 3 and vSphere 4.
XenDesktop Delivery Controller and VMware Infrastructure 3 – Virtual Center 2.5
Virtual Center HTTPS Access
- On the Virtual Center server browse to Documents and SettingsAll UsersApplication DataVMwareVMware VirtualCenterSSL and copy the rui.crt to your XenDesktop Delivery Controller(s) and Provisioning Server(s) with the XenDesktop Setup Wizard.
- Open an MMC and the Certificates snap-in to manage Certificates for the Computer Account on the XenDesktop Delivery Controller(s) and Provisioning Server(s) with the XenDesktop Setup Wizard.
- Expand Certificates > Trusted Root Certificates > Certificates and import the rui.crt.
- Create a host file entry for vmware with the IP address of the Virtual Center server on your XenDesktop Delivery Controller(s) and Provisioning Server(s) with the XenDesktop Setup Wizard. You can also create DNS entry for vmware pointing to your vCenter server instead of editing hosts files on your servers.
- In the Hosting Infrastructure section when creating a desktop group on the XenDesktop Delivery Controller or on the Provisioning Server when the running the XenDesktop Setup Wizard, select VMware Virtualization for the Hosting Infrastructure and enter https://vmware/sdk for the Virtual Center address.
Virtual Center HTTP Access
- Logon to the Virtual Center server.
- Browse to Documents and SettingsAll UsersApplication DataVMwareVMware VirtualCenter.
- Open proxy.xml with the text editor of your choice and find the /sdk section. Change the accessMode to httpAndHttps.
- Restart the vCenter services.
- In the Hosting Infrastructure section when creating a desktop group on the XenDesktop Delivery Controller or on the Provisioning Server when the running the XenDesktop Setup Wizard, select VMware Virtualization for the Hosting Infrastructure and enter http://Virtual Center Server IP address/sdk for the Virtual Center address.
XenDesktop Delivery Controller and vSphere 4 and 4.1
vCenter HTTPS Access
- On the vCenter server browse to Documents and SettingsAll UsersApplication DataVMwareVMware VirtualCenterSSL (Windows 2003) or ProgramDataVMwareVMware VirtualCenterSSL (Windows 2008) and copy the rui.crt to your XenDesktop Delivery Controller(s) and Provisioning Server with the XenDesktop Setup Wizard.
- Open an MMC and the Certificates snap-in to manage Certificates for the Computer Account on the XenDesktop Delivery Controller(s) and Provisioning Server(s) with the XenDesktop Setup Wizard.
- Expand Certificates > Trusted Root Certificates > Certificates and import the trusted root certificate for the SSL certificate copied from the vCenter server in step 1. Also import the certificate to the Trusted People Store.
- For XenDesktop 3.0 – On the XenDesktop Delivery Controller(s) install Citrix XenDesktop hotfix XDE300PM003 and on the Provisioning Server(s) install XenDesktop Setup Wizard XDE300SW001. For XenDesktop 4.0 – On the Desktop Delivery Controller(s) install Citrix XenDesktop hotfix XDE400PM004 and on the Provisioning Server(s) install XenDesktop Setup Wizard XDE400SWx86001 for 32 bit or XDE400SWX64001 for 64 bit.
- Create a host file entry for vmware with the IP address of the vCenter server on your XenDesktop Delivery Controller(s) and Provisioning Server(s) with the XenDesktop Setup Wizard. You can also create DNS entry for vmware pointing to your vCenter server instead of editing hosts files on your servers.
- In the Hosting Infrastructure section when creating a desktop group on the XenDesktop Delivery Controller or on the Provisioning Server when the running the XenDesktop Setup Wizard, select VMware Virtualization for the Hosting Infrastructure and enter https://vmware/sdk for the Virtual Center address.
vCenter HTTP Access
- Logon to the vCenter server
- Browse to Documents and SettingsAll UsersApplication DataVMwareVMware VirtualCenter (Windows 2003) or ProgramDataVMwareVMware VirtualCenterSSL (Windows 2008).
- Open proxy.xml with the text editor of your choice and find the /sdk section. Change the accessMode to httpAndHttps.
- Restart the vCenter services.
- In the Hosting Infrastructure section when creating a desktop group on the XenDesktop Delivery Controller or on the Provisioning Server when the running the XenDesktop Setup Wizard, select VMware Virtualization for the Hosting Infrastructure and enter http://vCenter server IP address/sdk for the Virtual Center address.
Virtual Center and vCenter Permissions
When using XenDesktop with VMware make sure you use an account with the proper permissions to connect to the Virtual Center or vCenter server. This account will be used for both the XenDesktop Delivery Controller and the XenDesktop Setup Wizard to connect to Virtual Center or vCenter.
The account used for XenDesktop Delivery Controller and the XenDesktop Setup Wizard to communicate to Virtual Center or vCenter will need the following permissions. The following permissions need to be propagated to the lower levels in the Virtual Center or vCenter tree. Create a role in Virtual Center or vCenter for XenDesktop with the following permissions:
At the Hosts and Clusters Node
For a complete overview of using XenDesktop with VMware see Citrix eDocs VMware and XenDesktop.
As you can see, using XenDesktop with VMware is pretty straight forward. I recommend using HTTPS access over HTTP access. Using HTTPS access is more secure than HTTP access and doesn’t require modifying the proxy.xml file on your Virtual Center or vCenter server. Note: Using the default Virtual Center or vSphere certificate is not recommended for production use. To change the default SSL certificate see Replacing Virtual Center Server Certificates in Virtual Infrastructure 3 or Replacing vCenter Server Certificates in vSphere 4. To use an Enterprise CA certificate like Microsoft Certificate Services see Replacing vSphere SSL Certificates over at the VirtualVCP IT Virtualization blog.
If you have found this article interesting or if you have any other insights, please feel free to leave comments on this article.
Hey, Love the post! Keep it up, I will definatley be coming back soon!! =)
Thanks, really helped. I was lazy and repalced HTTPS Rerdirect with HTTPandHTTPS and rebooted the vCenter server. All works fine
Thanks for the comments. You are absolutely right about the permissions. They are very important. I will add this to the article. Thanks!
Hi Jarian,
Really need your help. We have been trying to setup xen in our environment for about two months now but we cant seems to get it work. We have created a master image and was able to create a vdisk on the provisional server. The problem that we are having: it will only boot up on the computer that the master image was created on, and blue screen on all other computers.
(2) where can we find or download xendesk delivery controller? Greatly appreciate your help
Are you using VMXNET3 nic on your target devices VMs? If so did you install the PVS hotfix for VMXNET3?
Thanks Jarian, I wasn’t using the VMXNET3 NIC so I have made that adjustment.
I saw a video and they ran xen setup wizard to associate the vdisk with the vms so i downloaded this wizard but am getting an error message saying it cannot find a FARM in active directory. After reading some more I found out that I need xendesktop delivery controller. I spent days looking for this download and I cannot locate it, am I missing something. Please help.
Mike
You download the XenDesktop media and setup a XenDesktop farm/site by logging into MyCitrix > downloads > XenDesktop 5/5.5. Once downloaded setup and install the XenDesktop by using the iso.
The setup wizard for XenDesktop and PVS is a PVS patch. The machine creation services part is built into XenDesktop.
Jarian,
I have two windows 2008 R2 installed on a xenserver. I installed xendesktop on one and PVS on the other.
the server with xendesktop is configured to store all the vms on vcenter 4.0
The computer with the master image has windows 7- adapter VMXNET3 NIC- this master image is on the vcenter
I then convert and lodad the mater image to the pvs server. I don’t have a xendesk delivery controller as mentioned in many post as I am using the express edition. I called Citrix today and they said that the full evaluation version has to be downloaded with the direction of a sales rep.
My clients are set to boot from the network- pc boots ok from the network- found vdisk and started windows – then displayed Blue Screen Error 0x0000007B (0xFFFFF880009A98E8, 0xFFFFFFFFC0000034, 0x0000000000000000, 0x0000000000000000)
Can you say where am going wrong.
Thanks
Hi Jarain,
nice article.
I did a XenDesktop project in combination with VI 3.0 and we used the “Virtual Center HTTPS Access”. The problem with this solution is, that you can address only one virtual center, because you only have one “vmware” DNS/host entry. In our particular case changing the certificate wasn’t a option because even with VMware support on board we couldn’t change the SSL certificate of our Virtual Center cluster. And using HTTP instead of HTTPS was also no option, as we were doing this in the financial sector. Safety comes first!
Also it’s absolute necessary to set proper permissions (http://support.citrix.com/article/ctx118038) on the virtual center. Doing this the wrong way can have very bad impact.
Greetings,
Tim
http://www.timarenz.de