Navigation
These App Layering pages focus on VMware vSphere as the hypervisor.
- Change Log
- Licensing
- Upgrade Enterprise Layer Manager
- Import Enterprise Layer Manager Appliance
- ELM IP Address
- Silverlight
- First Login
- Appliance Certificate
- File Share
- Active Directory
- User Layers Storage Locations
- Provisioning Services Publishing Agent
- OS Layer and Platform Layer (separate page)
- App Layers, Image Templates, and Publishing (separate page)
Change Log
- 2024 March 27 – Updated Upgrade section, Import Appliance section, and PVS Agent section for Layering 2403
- 2023 July 2 – Updated Upgrade section, Import Appliance section, and PVS Agent section for Layering 2306
- RBAC available in 2306+
- 2022 May 14 – Updated Upgrade section, Import Appliance section, and PVS Agent section for Layering 2204
- Added some newer screenshots/procedures for the HTML5 interface in Layering 2204.
- 2022 Mar 10 – Updated Upgrade section, Import Appliance section, and PVS Agent section for Layering 2202
- In version 2202 and newer, upgrades can now be performed in the HTML5 interface.
Licensing
From Citrix Blog Post A Breakdown of Citrix App Layering Features by Edition: Citrix App Layering is available in all Citrix Virtual Apps and Desktops (CVAD) editions and all Citrix DaaS (Citrix Cloud) editions. This means that you can do the following across any number of Citrix Virtual Apps and Desktops (CVAD) sites in your environment:
- Create an unlimited number of OS, platform and application layers
- Create an unlimited number of layered images
- Create an unlimited number of elastic layers
Citrix Virtual Apps and Desktops (CVAD) Premium Edition customers and all Citrix DaaS customers (Citrix Cloud) also benefit from:
- Multiple hypervisors and/or cloud connections (e.g., Citrix Hypervisor and Azure or Citrix Hypervisor and Hyper-V).
- Non-Premium sites are limited to one hypervisor or cloud connection type.
- Multiple provisioning mechanisms (e.g. Machine Creation Services and Citrix Provisioning).
- Non-Premium sites must select MCS or CPV and use it exclusively with Citrix App Layering.
- Multiple broker types/platforms (e.g. Citrix Virtual Apps and Desktops (CVAD) with VMware Horizon View).
- Non-Premium sites can only use App Layering within their Citrix Virtual Apps and Desktops (CVAD) sites
- User Layers
For Citrix Cloud – Those customers using the Citrix Virtual Apps and Desktops (CVAD) Service are entitled to Premium-level features including all Citrix App Layering capabilities.
Upgrade Enterprise Layer Manager
If you are deploying a new ELM appliance, skip to Import Enterprise Layer Manager.
See Citrix Docs for supported upgrade paths:
ELM 2204 is the last version to support Silverlight, since Silverlight has been removed from ELM 2206 and newer.
To upgrade:
- When you login to the ELM using HTML5, if you click your user menu on the top right, then you might see Upgrade Appliance with an alert next to it. If you don’t see it yet, then you might have to wait for the Download task to complete.
- If you don’t see the upgrade notification, then download it manually:
- Download the upgrade package from Citrix App Layering 2403 at Citrix Downloads. Look for the section named For an existing deployment, download the upgrade package. If you are upgrading from 1911 or older, then this might be your only option.
- In the App Layering file share, create an Upgrade folder.
- Unzip the Upgrade Package and copy the citrix_app_layering_upgrade_pkg_24.3.0.vhd file to the Upgrade folder in the App Layering file share.
- Click your name on the top right and then click Upgrade Appliance.
- If the field is not already populated, then click Browse.
- Browse the file share, select the upgrade disk, and then click Save.
- Click Confirm and Complete.
- In the Confirm Upgrade page, click Upgrade.
- Wait for the upgrade to complete.
- Then click Return to login and login.
- Click Dismiss acknowledging that connector caches have some items removed.
- On the top right, click your username and then click About to see the current version, which should be 24.3.
- Download the upgrade package from Citrix App Layering 2403 at Citrix Downloads. Look for the section named For an existing deployment, download the upgrade package. If you are upgrading from 1911 or older, then this might be your only option.
Offload Compositing
If you upgraded from a version older than 1911, then enable Offload Compositing on your existing Connectors.
- Login to ELM.
- If HTML5 interface, go to Connectors. If Internet Explorer, then go to System > Connectors.
- If HTML5 interface, highlight a connector and click Edit. If Internet Explorer, right-click a Connector and click Edit Connector Config.
- Scroll down and check the box next to Offload Compositing. Version 2304 and newer have a new interface for VMware Connectors.
- Click Confirm and Complete or Save.
Upgrade OS Layer
- From Gunther Anderson at Citrix: You do not uninstall or upgrade the Citrix App Layering Image Preparation Utility – Setup_x64.exe. The current drivers are installed in the ELM, and every time the ELM produces an image for any purpose, it injects the current drivers into it. You do not need to touch your OS layer for that. But you should re-publish all images.
- In a new OS Layer version, you should download and run citrix_app_layering_os_machine_tools_24.3.0.exe to allow it to upgrade your system scripts, but you don’t need to do anything beyond that. For Office 2019, your Machine Tools scripts must be version 1905 or later.
- When Yes when prompted that the tools will be extracted into C:\Windows\Setup\Scripts.
- Replace the existing files. This is especially important for fixing Office activation issues.
- If you look on the taskbar, you might see an open program called Set KMS Version.
- Click Use KMS.
- Then close the window.
- To fix Office activation issues, you’ll also need to create a new version of your Office layer, rerun the optimization tool, and then publish the updated image. More details at Office MAK licensing issues at Citrix Discussions.
- Re-publish your images so ELM can inject the new drivers.
Upgrade Provisioning Services Agent
- If you recently upgraded Provisioning Services server, then you might have to re-register the PVS snap-in:
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll"
- Go to the Citrix App Layering 2403 files and run citrix_app_layering_agent_installer.exe.
- Click Yes to upgrade the agent.
- In the Welcome to the InstallShield Wizard for Citrix App Layering Agent page, click Next.
- In the InstallShield Wizard Completed page, click Finish.
Import Enterprise Layer Manager Appliance
This section is for new installs.
App Layering 4.x availability and recovery concepts guide:
- Layered images, Elastic Layers, and User Layers do not communicate with ELM, so ELM’s availability is not a concern.
- Do not change the vCPUs or memory allocated to the ELM appliance.
- All created layers are stored on the ELM appliance. Simply backup the appliance.
- Layers can be exported from the ELM appliance to a file share and optionally imported to another ELM appliance.
- Elastic Layers and User Layers are always-open VHD files stored on a file share(s) that is separate from the ELM.
- The file share(s) should be highly available. Use a clustering technology (e.g. Scale Out File Server) that supports always-open VHD files.
- It’s not necessary to backup Elastic Layers, but you might want to replicate them to a different datacenter for multi-datacenter access. Make sure the replication tool supports always-open VHD files.
- User Layers should be backed up and/or replicated. Use a backup method that supports always-open VHD files.
Download Appliance
- You can download App Layering 2403 Appliance Installation Package from Citrix Downloads.
- After downloading, extract the 2403.zip file.
Import ELM Appliance
To import the ELM appliance:
- In vSphere Web Client, right-click a cluster, and click Deploy OVF Template.
- In the Select an OVF template page, browse to the vmware_24.3.0.2.ova file, and click Next.
- In the Select name and location page, give the machine a name, and click Next.
- In the Select a compute resource page, select a cluster, and click Next.
- In the Review details page, click Next.
- In the Accept license agreements page, click Accept, and then click Next.
- In the Select storage page, select a datastore. The ELM appliance stores all master layers inside the appliance, so ensure there’s sufficient disk space (typically 300-500 GB) for the virtual appliance.
- You can view the appliance’s consumed disk space inside the ELM Management Console at System > Monitoring and Storage, or System > Manage Appliance.
- To expand the storage, either increase the existing disk size, or add a disk to the VM. Then, on the right, is a link to Expand Storage.
- Select a datastore, select thin provision, or not, then click Next.
- In the Select networks page, click Next.
- In the Ready to complete page, click Finish.
- See Firewall ports at Citrix Docs.
- ELM requires TCP 443 access to every ESXi host. (Source = Citrix CTX228486 Unable to import App Layering OS Layer to ELM from vSphere)
Configure ELM IP Address
- Once imported, power on the ELM appliance.
- Open the virtual machine console.
- After the RUN_ONCE commands are complete, login to the console as administrator with a password of Unidesk1. You might have to press enter before the logon prompt appears.
- Enter c to configure networking.
- Enter s to assign a static network.
- Enter a new IP address for this appliance. Then enter y to save settings and restart networking.
- Press <Enter> to continue.
- While here, feel free to configure the time zone.
- Press / to search. For Central Time, search for chicago, and note the time zone number.
- Press Q to quit the display.
- Enter the time zone number to configure it.
- NTP is configured to use Internet servers. Feel free to change them.
Silverlight
In App Layering 2206 and newer, the Silverlight interface has been removed. This section is only for App Layering 2204 and older, which require Silverlight for some or all features.
- If Silverlight is not installed, use Internet Explorer to connect to ELM and then click the button to install it.
- Uncheck the two boxes, and then click Install now.
- Click Close.
- When you go to the ELM console with Internet Explorer, the screen will be white for a few seconds. Be patient.
- You can login as administrator with Unidesk1 as the default password.
First Login
- In App Layering 2206 and newer, use Edge or Chrome to connect to the ELM. In App Layering 2204 and older, use Internet Explorer to connect to the ELM. Login using administrator and Unidesk1.
- The first time you logon, you are prompted to accept the End User License Agreement.
- Then you are prompted to set three passwords.
- You then see the Get Started wizard.
Appliance Certificate
- In the HTML5 console, go to System > HTTP Certificate Settings.
- In the Internet Explorer Console, go to System > Settings and Configuration.
- Scroll down until you see the HTTP Certificate Settings section. Click the Edit button.
- In HTML5 console, on the right, click Upload to replace the default management certificate.
- In Internet Explorer, scroll down and click Upload.
- In Internet Explorer, scroll down and click Upload.
- Browse to a PEM file that contains an unencrypted RSA key, and one certificate (no chain). You can use OpenSSL to convert a .pfx file to a PEM file.
- Make sure it says that the web server will restart, which means that it’s a valid certificate.
- In Internet Explorer, if you scroll up, it should show you the Common Name of the certificate you uploaded. If it’s the root certificate, then you need to remove the extra certificate from the PEM file.
- Scroll down and click Save.
- Click Yes to restart the web server.
- In Internet Explorer, if you scroll up, it should show you the Common Name of the certificate you uploaded. If it’s the root certificate, then you need to remove the extra certificate from the PEM file.
- It might take a few minutes to apply. Eventually, you should be able to point your browser to the https URL and not see any certificate errors.
- In HTML5 console, at System > Security and Retention Settings, you can change the management console timeout.
- In Internet Explorer console, at System > Settings and Configuration, you can scroll down to the Security Settings section to edit the Management Console idle timeout.
- In Internet Explorer console, at System > Settings and Configuration, you can scroll down to the Security Settings section to edit the Management Console idle timeout.
File Share
- On a Windows file server, create a new share that will store the Elastic Layers. Only SMB shares are supported with Elastic Layers. NFS shares will not work with Elastic Layers.
- For High Availability, you can use any file server High Availability technology like File Server Scale-out Clustering, DFS, etc. For local high availability, Citrix recommends clustering over DFS Replication since DFS failure requires reboot of Elastic Layered Machines.
- Elastic Layers are always-open VHDX files that can’t be replicated using DFS. For HA, build a File Server cluster, like Microsoft Scale Out File Server.,that supports SMB3 Continuous Availability.
- For DR Elastic Layer machines, the registry value HKEY_LOCAL_MACHINE\SOFTWARE\Unidesk\ULayer:RepositoryPath can be configured to point to a file share in a DR site. See CTX222107 You can change the Elastic Layer repository in the registry without reimaging (4.x).
- Give Everyone (or equivalent) Full Control to the share.
- On the Security tab, make sure the Users groups only have Read access (no Modify/Write).
- Add a service account to the share and give it Modify access. ELM uses this service account to upload elastic layers to the share.
- In App Layering 2206 and newer, in Chrome or Edge, go to System and then Network File Share.
- On the top right, click Edit.
- Enter the path and service account credentials. Click Confirm and Complete.
- Click Save.
- On the top right, click Edit.
- In App Layering 2204 and older, in the Internet Explorer console, go to System > Settings and Configuration.
- Scroll down until you get to the Network File Shares section. Click Edit.
- Make sure Windows share is selected. Elastic Layers don’t work on NFS.
- Enter the file share path, the service account credentials.
- Citrix CTX227613 App Layering: Supporting DFS File Shares: The ELM can only access a DFS namespace if SMB 1.0 is enabled on the servers.
- Click Test Network File Share.
- Click Save.
Active Directory
In App Layering 2204 and older, you must use the Silverlight interface. Newer versions of App Layering can use Chrome/Edge.
- Go to System > Directory Services.
- Click Add Directory Junction.
- Enter the address of a domain controller or LDAP Load balancing VIP. According to CTP George Spiers at Citrix Discussions, instead of entering a single domain controller address, you can enter your domain’s FQDN (domain.local) and it will use DNS to find a domain controller.
- . Enter bind account credentials. Click Connect.
- Click Accept and Continue.
- For Specify start point, click the field and select the Base Distinguished Name.
- Give the directory junction a friendly name. Then click Confirm and Complete.
Role Based Access
This is configurable in the HTML5 interface in Citrix App Layering 2204 and newer.
- On the left, click System. In the middle, click Administrators. On the right, on the Directory Administrators tab, click Add Administrators.
- Click Add Accounts.
- Search for the new admin group, check the box next to it, and click Save.
- Click Confirm and Complete.
- Click Add User.
- App Layering 2306 grant the Reader role by default. You can change the role by editing the user.
- Click the drop-down to see other available roles.
- When done, click Confirm and Complete.
In the older Internet Explorer interface:
- Go to Users > Directory.
- Search through the tree and find your ELM Admins group. Select it. On the right, click Edit Properties.
- In the Machine Association page, click the down arrow.
- In the Roles page, change it to Administrator, and click the down arrow.
- In the Confirm and Complete page, click Update Group.
- Logout of ELM.
- Log back in using an AD account that’s in your ELM Admins group.
User Layers Storage Locations
ELM 4.14 and newer support User Layers.
File shares for User Layers are configured at System > User Layer Storage Locations. Each Storage Location can be assigned to different user groups. And you can prioritize the Storage Locations. See Add storage locations for User layers at Citrix Docs. And see David Wilkinson Citrix Application Layering – User layers.
For each new Storage Location:
- Create a Users folder in the root of each share.
- Each Users folder needs permissions that look like the following. CREATOR OWNER needs Full Control. The Users group needs Create Folder/Append Data permission to This folder only.
- In ELM, add Storage Locations and assign them to groups. The first one you add is the default Storage Location for users not assigned to any other Storage Location.
- Then you can add more Storage Locations for specific user groups.
- If users are assigned to multiple Storage Locations, click Prioritize Storage Locations to prioritize the assignment.
Citrix Provisioning Publishing Agent
To publish to Citrix Provisioning, you install the App Layering Agent on the Citrix Provisioning Servers. It’s only needed on one Provisioning Server.
The installation of the Agent can be automated. See Dennis Span Citrix App Layering Agent unattended installation.
From Install the App Layering Agent (required for PVS and Connector Scripts) at Citrix Docs.
- Ensure the Citrix Provisioning services are running as a domain account. Network Service won’t work.
- Run the following command on the PvS 7.7 or newer Server. Note, if you upgrade PvS, you’ll have to run this command again.
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll"
- If Citrix Provisioning 7.6 or newer, then run the following command instead:
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\MCliPSSnapIn.dll"
- If Citrix Provisioning 7.6 or newer, then run the following command instead:
- Go to the App Layering 2403 files you downloaded from Citrix Downloads and run citrix_app_layering_agent_installer.exe.
- In the Welcome to the InstallShield Wizard for Citrix App Layering Agent page, click Next.
- In the License Agreement page, select I accept the terms in the license agreement, and click Next.
- In the Agent Port page, click Next.
- In the Ready to Install the Program page, click Install.
- Enter the ELM FQDN, enter ELM credentials, and click Register.
- Registration logs can be found at C:\Program Files (x86)\Citrix\Agent\Logs.
- In the InstallShield Wizard Completed page, click Finish.
- When an image is published to Provisioning Services, ELM can run a script. Citrix has a sample Versioning and Convert VHD to VHDX script that converts the VHD file to VHDX, and/or adds the published image as a version. The script files can be installed on the PvS server at this time. Later, you specify the path to the script when you create the PvS Connector in ELM while creating an image template.
- Citrix also has a BootPrivate script that modifies the vDisk mode to Private, boots the vDisk on a pre-defined target so that it can run pre-defined layer scripts, shuts down the target, waits for that shutdown, and then switches the mode back to standard.
When deploying an image to PVS, am I missing something or is there a way to simply add a new version to the existing disk? For example I have published the image to PVS, if I do it again (after updates) it will just add a 2nd vDisk to PVS.
Versioning is designed for “in-place” updates. Whereas ELM completely rebuilds the entire image every time you publish. If you prefer in-place updates, you’re welcome to create a version, boot it, install your update, and then promote the version. But anything ELM publishes will be a full image.
Dear Carl,
I created an application layer with office apps, skipped image template selection and assigned elastically to a group.
Published template with Elastic Layer: App layer only, and for SMB share I gave full access to the group, but office apps are not showing and in Event 1310: it is showing a message elastic layer not assigned.
I hope I am doing Elastic assignment correctly, please let me know if I need to make any additional changes.
Thanks,
Ravi.
Did you assign a group to the application? https://www.carlstalhood.com/app-layers-image-templates-and-publishing/#elasticlayers
Hi Carl,
Does app layering ELM allow us to have multiple network adapter/Network. Our SMB file share and hypervisor is on different network segments.
Thanks in advance.
Kind Regards,
Girish.a
Is there no routing between the two segments? What is your hypervisor?
Its vmware. There is no routing between two segments.
See https://discussions.citrix.com/topic/393205-appliance-network-assistance/
Carl,
Is App-Layering support HA? If so, how?
Thanks,
BN
The ELM appliance’s availability has no effect on the published images so there’s no need for ELM HA>
If you enabled Elastic Layers, then the file share that contains the Elastic Layers must be highly available, usually through Scale Out File Server.
HI carl,
After upgrading the App layering appliance to V1903, i am seeing the error when trying to create any layer. “Operation cannot be completed due to lack of permissions. Permission required is ‘Virtualmachine.inventory.CreatefromExisting”. I am using Vsphere 6.7 and my sys account has Admin permission in vcenter and also has the above permission. It was working fine until the upgrade. But since the upgrade i am getting this error message. Very frustrating.
Hello carl,
While create ver in for application layer, then after some time it gives error as “vcenter returned an error: Invalid state” could you please suggest the solution
Has anyone upgraded to Enterprise Layer Manager (ELM) 1902? Any issues or concerns?
I upgraded to the Appliance to 18.12.0.15; also updated the Scripts in the OS layer. The only issue I am encountering is I have 3 legacy applications that are hanging on the installation when creating a App Layer version or creating a new layer. Oddly they do install in the OS layer. No error in eventlogs. Just wondering if anyone encountered this or anything similar.
Has anyone had problems downloading the update package for the ELM? We are getting an error occurred while ‘downloading upgrade media’ The remote server returned an error: (400) Invalid HTTP Request.
Hi Carl. From v. 4.11 of ELM ApplAyering support windows storeapps. But we have problems with it. StoreApps are closed unenxpected. I think because image have one version of store apps, user layer updated it and we have trouble. What recommendation or any guide for store apps and AppLayering?
Hi Carl,
After updating the ELM to 4.15 I have issue with MS WORD (office 365) while saving the file.
Microsoft Word
Word was unable to complete the save because of a file access error.
(C:\Users\usert\Desktop\~WRL1304.tmp)
where to find error?
Whenever I try to setup connectors for pvs or vsphere 3509 or 3504 ports, it just comes back as page cannot be displayed. Same vlan and no firewalls in between. Can’t seem to find any information on this online, any ideas?
Thank you!
I want a 40GB user layer for DefaultUserLayerSizeInGb , I just enter 40 (Hexadecimal value) in the dword key?
I’m not sure. I would think Decimal. You might have to experiment.
Hi Carl,
I have the app Layering vm installed.
App layering with different layers works well. Now we test the Elastic Layer.
But where the hell do we configure the licensing servers of AppLayering ?
I don’t think licensing is enforced yet.
Hey Carl,
Do you have any additional documentation or knowledge on using the “BootPrivate” scripts that Rob made? I’m having a hard time getting those to work.
Can you use App Layering on systems not in XenApp or XenDesktop? We have Platinum lic, but also have an RDS farm that would benefit from App Layering.
I think they have a license for that.
Hi Carl,
What storage types are required for the other layers, elastic must be SMB. how about User Layers and other layers?
Can everything sit in the same SMB network share?
Do User Layers have a SMB and high iOPs requirement?
Yes to all. User Layers can be distributed across multiple shares. There’s some info at https://www.citrix.com/products/citrix-virtual-apps-and-desktops/resources/app-layering-4x-availability-recovery-guide.html
Is Citrix app layering supported in Xendesktop on AWS? If not, what about MCS with personal vDisk?
Trying to find a solution on AWS to easily deploy and manage user desktops from a golden imagine but also allow for personalization
Do you have any news when is Hyper-V Gen2 is supported icw PVS?
Is this correct? “Layering 4.11 adds Session Office 365 Layers to roam Outlook OST files on RDSH VDAs. You can find some information at Enable User layers and What’s new in App Layering 4.11 at Citrix Docs.”
Can’t find much of any info on this or how to set it up
My guess is it does nothing more than enable the Office 365 Layer to be mounted on RDSH. Last version, it was only allowed on virtual desktops. I thing it only stores AppData\Outlook (no Search).
Hi Carl,
on a ESXi 6 Host – the Citrix Applayering Appliance was improted. On initial boot a Firmware Bug was shown –> Firmware Bug CPU1: APIC ID mismatch. How can I solve this problem?
Thanks NIK
I have ELM configured and all seems to be working fine. I was able to create different Layers and as well as published Images.
However it seems the tasks are running permanently, even though they have all be completed “Done).
I am seeing on the “Tasks-bar”, different tasks displaying in turn as if they are still running.
Is this a normal behavior? If not, then what could be going wrong in my installation?
Hi Carl,
I have a Machine Catalog with pvd and a new one, created by MCS with App Layering (user layers).
How I can migrate users data from pvd to user layer?
I don’t think that’s possible.
At least not in any automated way provided by Citrix. If it’s just data, I assume you can write backup and restore scripts.
Thanks Carl, Do you know if Platinum licenses (only) is sufficient for App Layering?
Thanks Carl,
Layered Image via MCS work perfectly.
I try to deploy layered image via Citrix provisioning.
I create a connector from ELM to my provisioning server, the image is deployed correctly as .vhd and i find the vdisk in the provisioning store.
The Provisioned Server don’t want to start and hang showing windows 2012 flag, no BSOD.
Any suggestion?
Kind regards
Alessandro
I am having trouble updating and OS Layer after adding a new version to the layer.
I built the layer with Windows 10 Enterprise build 1703 ISO
I followed the best practices guide from Citrix
App Layering 4.x: Best Practices – https://support.citrix.com/article/CTX225952
App Layering – OS Layer and Platform Layer – https://www.carlstalhood.com/app-layering-os-layer/
After updating windows, I ran the Citrix Optimization tool
https://support.citrix.com/article/CTX224676
Also ran the supplement for App Layering
https://support.citrix.com/article/CTX229705
I added a version to the OS Layer and logged into the Packaging VM to update Windows
When running Windows Updates, I get the error:
There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070422)
I enabled Windows Update service and started, enabled BITS service and started.
Tried to update again, got the same error message.
I downloaded the Windows update troubleshooter tool from Microsoft, ran it but windows still throws the same error after fixing.
https://aka.ms/wudiag
I deployed another windows template VM from the Windows 10 1703 ISO again.
Followed the instructions to the letter. Optimized, shutdown and finalized.
I tried a add a version to that OS layer, I get the same Windows update error as before.
So bottom line is if you run the Optimizer tool, you will not be able to add a version to the OS layer and update it.
I need help on figuring out the correct way to optimize the OS layer and be able to update when new updates are released by Microsoft.
App Layering is running the latest version 4.9
Thanks,
Randy
Hi Carl – I have scoured the internet and I cannot find an answer to my problem.
Failed copying file to D:\Windows 10\7z_2018-02-01_01-33-03.vhd. HTTP status 407: Proxy authentication is required.The error occurred while the remote file was being processed.
I dont know what part of my process is using a proxy server.
Would you know where I can start trouble shooting
Thank you
Regards
Craig
Carl, thanks for your work….really…thank you. You are the king. I find myself referencing this site daily and I am thankful for it’s existence. Very much appreciated.
No problem. It’s the kind of documentation that Citrix should be producing themselves and that I typically do for my customers.
Carl yes this is awesome documentation. Hey I was wondering I had my user layer go to an smb path that I dont want to use , how can I redirect it to the new share path. Also how can I increase the 10gb userlayer they assign.
Thanks for any advice
I assume you can use any VHD expansion method to increase an existing User Layer.
For new User Layers, set HKLM\Software\Unidesk\Ulayer\DefaultUserLayerSizeInGb. https://www.citrix.com/products/xenapp-xendesktop/resources/understanding-elastic-layering.html#tab-37495
Did you configure the User Layer locations in the ELM? After configuring the User Layer Storage Locations, I wonder if you can move the existing layer to the new location.
Carl, thanks for your work, you have the best Citrix website. Question-when using app layering what is the best practice for updating the VMs when using along with xendesktop MCS. Do we have to recreate template then create a new machine catalog or is there a way to make changes directly?
We have a client that has all static VMs delivered via xendesktop, we want to change that and can use non-persistent for many, but what would you recommend for the users that need the same benefits of static but being easier to manage?
User Layers are supposed to allow users to install their own apps.
Yes, use Layering to create your images. Use MCS to push them out to linked clones.
Thanks for the info. Are ‘user layers’ still ‘lab’ functionality or ready for enterprise production?
Do you recommend ‘full clones’ or ‘linked clones’ with personal vdisk or other?
I usually recommend full clones and let SCCM manage them. Storage dedupe eliminates the full clone storage consumption penalty.
Thanks for the info. I just noticed on ELM 4.8 it appears there is no hyper-V connector, how do we use hyper-v with ELM now?
Are you looking for the Hyper-V connector while importing the OS Layer? It’s not there. But if you look for the connector while creating other layers and publishing, it should be there.
Does that mean you have to manually copy the OS layer to ELM first? But what happens when you create a new version (update) of OS layer, manually copy each time? Seems very clunky. I guess I’ll test it, if at least the hyper-v connector works with the other layers.
It’s just the initial OS Layer Import that doesn’t use a connector. Once you have an OS Layer, when you add versions, the Hyper-V connector should be there.
Thanks Carl you are the best. Do you have one of your great step by step guides for hyper-v and app layering, or a link for another site.
George Spiers’ guides are more Hyper-V specific – http://www.jgspiers.com/installing-configuring-unidesk-4/
Great info. I installed the agent on hyper-v host and VMM and both registered successfully. But in the new connector wizard, it says “there are no registered citrix applayering agents” so can’t create the connector.
BTW is it OK to have ELM appliance on VMware with hyper-v VMs or should ELM appliance be running as hyper-v VM? Thanks.
Hi Carl,
Does the Layering agent should work on PVS with Machine Service Account (MSA)?
Thanks!
Hi Carl,
Do you know of anyone else having issues connecting to a nutanix cluster? We can connect after updating to AOS 5.5 – the applayering appliance complains about certificate errors and even if they are ignored it is still unable to connect.
You don’t have to put Imprivata in the platform layer if you don’t want to. I don’t like doing this as you start to stack layer and then you go back to having multiple images/layer to update. If you crate a platform layer that is used for updating other layers and add that platform layer as a prerequisites when creating the App layer for Imprivata, it will see the VDA installed and do all the hooks it needs for it to work. This platform layer will also apply to other as you start to build out the rest of the environment.
CTX226062 breaks Office KMS activation in private image mode boot. I would suggest adding something similar to this…
type c:\Personality.ini | find /I “$WriteCacheType=0” && exit
in the C:\Windows\Setup\Scripts\kmsdir\kmssetup.cmd to bypass the script when running in private image mode.
hello,
how can get ELM console to use commade line like ping or telnet ?
Hi Carl,
When I login to a VDI that configured with cache on ram with overflow and application layer is attached, the cache on the ram is getting full and then the cache disk is getting full.
I think it’s not supposed to be like this, no?
Tanks!
Avi.
When I remove the layer from the user the cache is behave as normal.
Many thanks for describing how to upgrade an on premise ELM from 4.2 to 4.3. I’m giving Citrix very very low marks for their upgrade instructions.
Hi Carl,
Just got an issue after PVS upgrade from 7.13 to 7.14. Were not able to publish new images to PVS. It gave me this error:
“Error: Cannot load Windows PowerShell snap-in Citrix.PVS.Snapin because of the following error: The Windows PowerShell snap-in module c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll does not have the required Windows PowerShell snap-in strong name Citrix.PVS.SnapIn, Version=7.13.0.13008”
Until re-registered the snapin on PVS:
“C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe” “c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll”
Hi Carl, I have a clustered Server 2016 File Server and I am trying to configure my share folder in the latest App Layer 4.3 but keep getting an error saying “The folder cannot be mounted”, mind you I have configured AD in it already.
My suspicion is you’ll have to look at the ELM logs. Or Support can look at them.
AppLayering will replace Citrix AppDisk ? So is AppDisk EOL?
Deprecated, yes.
When installing the app layering agent on my pvs server (7.13 on Server 2016), it errors out:
msi log:
InstallShield 11:18:08: Invoking script function AddCertificate
1: Executable: C:\Program Files (x86)\Citrix\Agent\Citrix.AppLayering.Agent.Service.exe, args: addcert -port=8016 -errorFile=”AddCert.Error”
1: Return Code: 1
1: errorFile: AddCert.Error, resultCode: 1, hErrorFile: 2778, errorMessage: System.Security.Cryptography.CryptographicException: Bad Data.
applayering.agent log:
2017-06-27 11:18:09,594 INFO 1 Program: AddCert called with port: ‘8016’, deleteOldCert: ‘True’, force: ‘False’, errorFile: ‘AddCert.Error’
2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
2017-06-27 11:18:09,954 INFO 3 Shell: EXEC: SSL Certificate bindings:
2017-06-27 11:18:09,954 INFO 3 Shell: EXEC: ————————-
2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
2017-06-27 11:18:09,954 INFO 3 Shell: EXEC: The system cannot find the file specified.
2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
2017-06-27 11:18:09,970 INFO 1 Shell: EXEC: Done – Exit Code: 1
2017-06-27 11:18:16,175 ERROR 1 Program: Exception occured while attempting to add the certificate.
System.Security.Cryptography.CryptographicException: Bad Data.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.Utils._ImportKey(SafeProvHandle hCSP, Int32 keyNumber, CspProviderFlags flags, Object cspObject, SafeKeyHandle& hKey)
at System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters)
at Uni.Core.Services.CertificateManagement.CertificateService.GenerateCertificate(SecureRandom seed, X509Name subjectName, AsymmetricCipherKeyPair subjectKeyPair, X509Name issuerName, AsymmetricKeyParameter issuerPrivKey, String password, IEnumerable`1 extensions, Nullable`1 expiration, Nullable`1 storeLocation, Nullable`1 storeName)
at Uni.Core.Services.CertificateManagement.CertificateService.GenerateCACertificate(String name, String password, Nullable`1 storeLocation, Nullable`1 storeName, Nullable`1 expiration)
at Citrix.AppLayering.Agent.Service.Program.CommandLineArgsHandler.GenSelfSignedCert(Nullable`1 port, Boolean deleteOldCert, Boolean force, String errorFile)
2017-06-27 11:18:16,191 INFO 1 Program: Creating error file AddCert.Error.
I didn’t see anywhere in the install or guide where I could point it to a cert, am I missing something? I know I could use Orca to edit the MSI and skip that step, but what would you recommend?
Me to. Any solution yet ??
Where do I get a head-start on getting to know and use Unidesk in my environment?. I love what it can do so if you could provide some links, this will be appreciated. Also with a shared server desktop non persistent, what do you recommend in regards to deploying unidesk in such an environment?
The article you’re reading contains step-by-step instructions on deploying it. 🙂 Unless something is missing?
Citrix App Layering is the new name for Unidesk.
Unidesk is most beneficial if you have the same applications installed on multiple master images. For maximum compatibility, Unidesk can merge the layers into a single image before the machine even boots. Or, Unidesk can dynamically load layers as users log in, allowing different users to have different layers.
Does App Layer help any if you are stuck working with servers without PVS or MCS? Still VMs just don’t have access to the hypervisor level. Thanks.
See https://www.unidesk.com/support/learn/4.2.0/citrix_app_layering/welcome_platform_support_co4 for the list of supported publishing platforms.
Hi Carl,
shouldn’t it be possible to add a DFS path as a proper network file share for the Enterprise Layer Manager?
At the moment I’m getting a “Failed to mount network file share path” when I try to add a DFS based file share (\\mydomain.local\dfsnamespace\sharetarget).
However, a standard file share to the same server and share (\\fileserver\share) seems to work fine.
Also accessing the DFS share with the Windows Explorer works fine so far.
Do you have a hint for me there?
Best Regards
Ewald
Hi Ewald,
A DFS share is working on my end, so it should work fine.
I would suggest to check your DNS settings on the ELM appliance.
Hi Ewald
Did you read the information in section 1 about using DFS? There’s a thread on the Citrix forums about this.
The idea is to use DFS for replication only. You still point the ELM server(s) directly to each replica server, there’s a registry key for it. https://discussions.citrix.com/topic/386381-dfs-path-and-elastic-layers/#entry1966501
Darren
Requires a SMB 1.0 support from DFS resource. We hit the same problem with Nutanix AFS..
Hi Carl, would you be able to tell me if i start with setting up the ELM under VMware and then later deside to use Hyper-V as the host for my ELM , would i be able to migrate my layers from one ELM to another ?
Thanks
R
There currently is no export/import option for layers. You might have to V2V the ELM to preserve the layers.
Hi Carl,
I’m quite new to Citrix App Layering.
Therefore i’m a bit confused at the moment about how to license Citrix App Layering.
I’m not sure if it is included within XenApp/XenDesktop (maybe Enterprise or Platinum) or if I need to license it separately.
And do I need to purchase some kind of Cloud Services from Citrix in order to get it working?
Thank you in advance for your reply!
Best Regards
Ewald
You need to be on Customer Success Services (Select). Unidesk is included with all editions of XA/XD. But it’s downloaded from Citrix Cloud (just create an account).
Thank you!
That clarifies it for me.
Just one question:
How long does it usually take until a trial request for App Layering gets granted so that I can download the Software/Appliance?
I got it.
In the Download Section on the Citrix website for XenApp & XenDesktop 7.13.x there is a website linked for Citrix App Layering which directs you directly to https://layering.cloud.com.
It seems that I have just missed that part somehow while reading the installation instructions.
Sorry for that!
hi! carl,
I am lass from Paris
could you show indications on connector for mcs and the port used please?
I need to know if there are an agent to installe on xendesktop server or only app layering agent installed on master is ok
For MCS, the template is published directly to the hypervisor. There’s no need for a separate Agent like PvS.
Hi Carl ,
It was not possible to download the agent from the link you supplied. Its only available on Unidesk website in the download section you register and login your account. But all new account have denied access to download it. I was able to get it only by talking to the unidesk support. I have a copy of the installer in my onedrive if you allow me to share it. https://1drv.ms/u/s!AuLfTH_M3TdArRvDVJeYSRIWhv1g
You downloaded App Layering 4.1 from Citrix Cloud?
Thanks for the reply, what about the os layer template creation , would that have to be created on the same hypervisor as the ELM sists on ?
No. It can either get it directly from the hypervisor, or it can be imported from the file share.
Hi Carl,
if my Xendesktop environment runs on a xenserver hyper-visor , is it beneficiary to install the unidesk appliance also on the xenserver platform or is it completely independent and i could put it into our hyper-v cluster ?
Thanks
I can’t think of any reason why it has to run on XenSever since ELM can push layers to multiple hypervisors.
Thanks Carl! Love your documentation!
Hi Carl,
With the Unidesk acquisition by Citrix, what is the future for AppDisk ?
I suppose I shouldn’t waste my time implementing Appdisk and focus myself on Unidesk.
I read several blogs talking about “physical workstations support in a near-future”.
Mounting VHDs on Windows OS is feasible since years now, why Unidesk could not be used with physical computers ? Maybe because of the necessary bandwidth between a workstation and the servers holding the VHDs repository ? Or maybe because the mount has to be carried out in the very early steps of the Windows boot ?
Kind regards
Yvan
Unidesk will replace AppDisk.
Physical is on the roadmap. But I suspect that Cloud is the primary reason for the Unidesk acquisition.