App Layering – Enterprise Layer Manager (ELM) 2403

Last Modified: Mar 27, 2024 @ 1:08 pm

Navigation

These App Layering pages focus on VMware vSphere as the hypervisor.

Change Log

Licensing

From Citrix Blog Post A Breakdown of Citrix App Layering Features by Edition: Citrix App Layering is available in all Citrix Virtual Apps and Desktops (CVAD) editions and all Citrix DaaS (Citrix Cloud) editions. This means that you can do the following across any number of Citrix Virtual Apps and Desktops (CVAD) sites in your environment:

  • Create an unlimited number of OS, platform and application layers
  • Create an unlimited number of layered images
  • Create an unlimited number of elastic layers

Citrix Virtual Apps and Desktops (CVAD) Premium Edition customers and all Citrix DaaS customers (Citrix Cloud) also benefit from:

  • Multiple hypervisors and/or cloud connections (e.g., Citrix Hypervisor and Azure or Citrix Hypervisor and Hyper-V).
    • Non-Premium sites are limited to one hypervisor or cloud connection type.
  • Multiple provisioning mechanisms (e.g. Machine Creation Services and Citrix Provisioning).
    • Non-Premium sites must select MCS or CPV and use it exclusively with Citrix App Layering.
  • Multiple broker types/platforms (e.g. Citrix Virtual Apps and Desktops (CVAD) with VMware Horizon View).
    • Non-Premium sites can only use App Layering within their Citrix Virtual Apps and Desktops (CVAD) sites
  • User Layers

For Citrix Cloud – Those customers using the Citrix Virtual Apps and Desktops (CVAD) Service are entitled to Premium-level features including all Citrix App Layering capabilities.

Upgrade Enterprise Layer Manager

If you are deploying a new ELM appliance, skip to Import Enterprise Layer Manager.

See Citrix Docs for supported upgrade paths:

ELM 2204 is the last version to support Silverlight, since Silverlight has been removed from ELM 2206 and newer.

To upgrade:

  1. When you login to the ELM using HTML5, if you click your user menu on the top right, then you might see Upgrade Appliance with an alert next to it. If you don’t see it yet, then you might have to wait for the Download task to complete.

  2. If you don’t see the upgrade notification, then download it manually:
    1. Download the upgrade package from Citrix App Layering 2403 at Citrix Downloads. Look for the section named For an existing deployment, download the upgrade package. If you are upgrading from 1911 or older, then this might be your only option.
    2. In the App Layering file share, create an Upgrade folder.
    3. Unzip the Upgrade Package and copy the citrix_app_layering_upgrade_pkg_24.3.0.vhd file to the Upgrade folder in the App Layering file share.
    4. Click your name on the top right and then click Upgrade Appliance.
    5. If the field is not already populated, then click Browse.
    6. Browse the file share, select the upgrade disk, and then click Save.

    7. Click Confirm and Complete.
    8. In the Confirm Upgrade page, click Upgrade.

    9. Wait for the upgrade to complete.
    10. Then click Return to login and login.
    11. Click Dismiss acknowledging that connector caches have some items removed.
    12. On the top right, click your username and then click About to see the current version, which should be 24.3.

Offload Compositing

If you upgraded from a version older than 1911, then enable Offload Compositing on your existing Connectors.

  1. Login to ELM.
  2. If HTML5 interface, go to Connectors. If Internet Explorer, then go to System > Connectors.
  3. If HTML5 interface, highlight a connector and click Edit. If Internet Explorer, right-click a Connector and click Edit Connector Config.

  4. Scroll down and check the box next to Offload Compositing. Version 2304 and newer have a new interface for VMware Connectors.

  5. Click Confirm and Complete or Save.

Upgrade OS Layer

  1. From Gunther Anderson at Citrix: You do not uninstall or upgrade the Citrix App Layering Image Preparation Utility – Setup_x64.exe. The current drivers are installed in the ELM, and every time the ELM produces an image for any purpose, it injects the current drivers into it. You do not need to touch your OS layer for that. But you should re-publish all images.
  2. In a new OS Layer version, you should download and run citrix_app_layering_os_machine_tools_24.3.0.exe to allow it to upgrade your system scripts, but you don’t need to do anything beyond that. For Office 2019, your Machine Tools scripts must be version 1905 or later.
  3. When Yes when prompted that the tools will be extracted into C:\Windows\Setup\Scripts.
  4. Replace the existing files. This is especially important for fixing Office activation issues.
  5. If you look on the taskbar, you might see an open program called Set KMS Version.
  6. Click Use KMS.
  7. Then close the window.
  8. To fix Office activation issues, you’ll also need to create a new version of your Office layer, rerun the optimization tool, and then publish the updated image. More details at Office MAK licensing issues at Citrix Discussions.
  9. Re-publish your images so ELM can inject the new drivers.

Upgrade Provisioning Services Agent

  1. If you recently upgraded Provisioning Services server, then you might have to re-register the PVS snap-in:
    "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll"
  2. Go to the Citrix App Layering 2403 files and run citrix_app_layering_agent_installer.exe.
  3. Click Yes to upgrade the agent.
  4. In the Welcome to the InstallShield Wizard for Citrix App Layering Agent page, click Next.
  5. In the InstallShield Wizard Completed page, click Finish.

Import Enterprise Layer Manager Appliance

This section is for new installs.

App Layering 4.x availability and recovery concepts guide:

  • Layered images, Elastic Layers, and User Layers do not communicate with ELM, so ELM’s availability is not a concern.
    • Do not change the vCPUs or memory allocated to the ELM appliance.
  • All created layers are stored on the ELM appliance. Simply backup the appliance.
    • Layers can be exported from the ELM appliance to a file share and optionally imported to another ELM appliance.
  • Elastic Layers and User Layers are always-open VHD files stored on a file share(s) that is separate from the ELM.
    • The file share(s) should be highly available. Use a clustering technology (e.g. Scale Out File Server) that supports always-open VHD files.
    • It’s not necessary to backup Elastic Layers, but you might want to replicate them to a different datacenter for multi-datacenter access. Make sure the replication tool supports always-open VHD files.
    • User Layers should be backed up and/or replicated. Use a backup method that supports always-open VHD files.

Download Appliance

  1. You can download App Layering 2403 Appliance Installation Package from Citrix Downloads.
  2. After downloading, extract the 2403.zip file.

Import ELM Appliance

To import the ELM appliance:

  1. In vSphere Web Client, right-click a cluster, and click Deploy OVF Template.
  2. In the Select an OVF template page, browse to the vmware_24.3.0.2.ova file, and click Next.
  3. In the Select name and location page, give the machine a name, and click Next.
  4. In the Select a compute resource page, select a cluster, and click Next.
  5. In the Review details page, click Next.
  6. In the Accept license agreements page, click Accept, and then click Next.
  7. In the Select storage page, select a datastore. The ELM appliance stores all master layers inside the appliance, so ensure there’s sufficient disk space (typically 300-500 GB) for the virtual appliance.
    1. You can view the appliance’s consumed disk space inside the ELM Management Console at System > Monitoring and Storage, or System > Manage Appliance.
    2. To expand the storage, either increase the existing disk size, or add a disk to the VM. Then, on the right, is a link to Expand Storage.

  8. Select a datastore, select thin provision, or not, then click Next.
  9. In the Select networks page, click Next.
  10. In the Ready to complete page, click Finish.
  11. See Firewall ports at Citrix Docs.

Configure ELM IP Address

  1. Once imported, power on the ELM appliance.
  2. Open the virtual machine console.
  3. After the RUN_ONCE commands are complete, login to the console as administrator with a password of Unidesk1. You might have to press enter before the logon prompt appears.
  4. Enter c to configure networking.
  5. Enter s to assign a static network.
  6. Enter a new IP address for this appliance. Then enter y to save settings and restart networking.
  7. Press <Enter> to continue.
  8. While here, feel free to configure the time zone.
  9. Press / to search. For Central Time, search for chicago, and note the time zone number.
  10. Press Q to quit the display.
  11. Enter the time zone number to configure it.
  12. NTP is configured to use Internet servers. Feel free to change them.

Silverlight

In App Layering 2206 and newer, the Silverlight interface has been removed. This section is only for App Layering 2204 and older, which require Silverlight for some or all features.

  1. If Silverlight is not installed, use Internet Explorer to connect to ELM and then click the button to install it.
  2. Uncheck the two boxes, and then click Install now.
  3. Click Close.
  4. When you go to the ELM console with Internet Explorer, the screen will be white for a few seconds. Be patient.
  5. You can login as administrator with Unidesk1 as the default password.

First Login

  1. In App Layering 2206 and newer, use Edge or Chrome to connect to the ELM. In App Layering 2204 and older, use Internet Explorer to connect to the ELM. Login using administrator and Unidesk1.
  2. The first time you logon, you are prompted to accept the End User License Agreement.

  3. Then you are prompted to set three passwords.




  4. You then see the Get Started wizard.

Appliance Certificate

  1. In the HTML5 console, go to System > HTTP Certificate Settings.

    1. In the Internet Explorer Console, go to System > Settings and Configuration.
    2. Scroll down until you see the HTTP Certificate Settings section. Click the Edit button.
  2. In HTML5 console, on the right, click Upload to replace the default management certificate.

    1. In Internet Explorer,  scroll down and click Upload.
  3. Browse to a PEM file that contains an unencrypted RSA key, and one certificate (no chain). You can use OpenSSL to convert a .pfx file to a PEM file.
  4. Make sure it says that the web server will restart, which means that it’s a valid certificate.

    1. In Internet Explorer, if you scroll up, it should show you the Common Name of the certificate you uploaded. If it’s the root certificate, then you need to remove the extra certificate from the PEM file.
    2. Scroll down and click Save.
    3. Click Yes to restart the web server.

  5. It might take a few minutes to apply. Eventually, you should be able to point your browser to the https URL and not see any certificate errors.
  6. In HTML5 console, at System > Security and Retention Settings, you can change the management console timeout.

    • In Internet Explorer console, at System > Settings and Configuration, you can scroll down to the Security Settings section to edit the Management Console idle timeout.

File Share

  1. On a Windows file server, create a new share that will store the Elastic Layers. Only SMB shares are supported with Elastic Layers. NFS shares will not work with Elastic Layers.
  2. For High Availability, you can use any file server High Availability technology like File Server Scale-out Clustering, DFS, etc. For local high availability, Citrix recommends clustering over DFS Replication since DFS failure requires reboot of Elastic Layered Machines.
    1. Elastic Layers are always-open VHDX files that can’t be replicated using DFS. For HA, build a File Server cluster, like Microsoft Scale Out File Server.,that supports SMB3 Continuous Availability.
  3. For DR Elastic Layer machines, the registry value HKEY_LOCAL_MACHINE\SOFTWARE\Unidesk\ULayer:RepositoryPath can be configured to point to a file share in a DR site. See CTX222107 You can change the Elastic Layer repository in the registry without reimaging (4.x).
  4. Give Everyone (or equivalent) Full Control to the share.
  5. On the Security tab, make sure the Users groups only have Read access (no Modify/Write).
  6. Add a service account to the share and give it Modify access. ELM uses this service account to upload elastic layers to the share.
  7. In App Layering 2206 and newer, in Chrome or Edge, go to System and then Network File Share.

    1. On the top right, click Edit.
    2. Enter the path and service account credentials. Click Confirm and Complete.
    3. Click Save.
  8. In App Layering 2204 and older, in the Internet Explorer console, go to System > Settings and Configuration.

    1. Scroll down until you get to the Network File Shares section. Click Edit.
    2. Make sure Windows share is selected. Elastic Layers don’t work on NFS.
    3. Enter the file share path, the service account credentials.
      1. Citrix CTX227613 App Layering: Supporting DFS File Shares: The ELM can only access a DFS namespace if SMB 1.0 is enabled on the servers.
    4. Click Test Network File Share.
    5. Click Save.

In App Layering 2204 and older, you must use the Silverlight interface. Newer versions of App Layering can use Chrome/Edge.

  1. Go to System > Directory Services.
  2. Click Add Directory Junction.
  3. Enter the address of a domain controller or LDAP Load balancing VIP. According to CTP George Spiers at Citrix Discussions, instead of entering a single domain controller address, you can enter your domain’s FQDN (domain.local) and it will use DNS to find a domain controller.
  4. . Enter bind account credentials. Click Connect.
  5. Click Accept and Continue.
  6. For Specify start point, click the field and select the Base Distinguished Name.
  7. Give the directory junction a friendly name. Then click Confirm and Complete.

Role Based Access

This is configurable in the HTML5 interface in Citrix App Layering 2204 and newer.

  1. On the left, click System. In the middle, click Administrators. On the right, on the Directory Administrators tab, click Add Administrators.
  2. Click Add Accounts.
  3. Search for the new admin group, check the box next to it, and click Save.
  4. Click Confirm and Complete.
  5. Click Add User.
  6. App Layering 2306 grant the Reader role by default. You can change the role by editing the user.
  7. Click the drop-down to see other available roles.
  8. When done, click Confirm and Complete.

In the older Internet Explorer interface:

  1. Go to Users > Directory.
  2. Search through the tree and find your ELM Admins group. Select it. On the right, click Edit Properties.
  3. In the Machine Association page, click the down arrow.
  4. In the Roles page, change it to Administrator, and click the down arrow.
  5. In the Confirm and Complete page, click Update Group.
  6. Logout of ELM.
  7. Log back in using an AD account that’s in your ELM Admins group.

User Layers Storage Locations

ELM 4.14 and newer support User Layers.

File shares for User Layers are configured at System > User Layer Storage Locations. Each Storage Location can be assigned to different user groups. And you can prioritize the Storage Locations. See Add storage locations for User layers at Citrix Docs. And see David Wilkinson Citrix Application Layering – User layers.

For each new Storage Location:

  1. Create a Users folder in the root of each share.
  2. Each Users folder needs permissions that look like the following. CREATOR OWNER needs Full Control. The Users group needs Create Folder/Append Data permission to This folder only.
  3. In ELM, add Storage Locations and assign them to groups. The first one you add is the default Storage Location for users not assigned to any other Storage Location.
  4. Then you can add more Storage Locations for specific user groups.


  5. If users are assigned to multiple Storage Locations, click Prioritize Storage Locations to prioritize the assignment.

Citrix Provisioning Publishing Agent

To publish to Citrix Provisioning, you install the App Layering Agent on the Citrix Provisioning Servers. It’s only needed on one Provisioning Server.

The installation of the Agent can be automated. See Dennis Span Citrix App Layering Agent unattended installation.

From Install the App Layering Agent (required for PVS and Connector Scripts) at Citrix Docs.

  1. Ensure the Citrix Provisioning services are running as a domain account. Network Service won’t work.
  2. Run the following command on the PvS 7.7 or newer Server. Note, if you upgrade PvS, you’ll have to run this command again.
    "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll"

    1. If Citrix Provisioning 7.6 or newer, then run the following command instead:
      "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" "c:\program files\citrix\provisioning services console\MCliPSSnapIn.dll"
  3. Go to the App Layering 2403 files you downloaded from Citrix Downloads and run citrix_app_layering_agent_installer.exe.
  4. In the Welcome to the InstallShield Wizard for Citrix App Layering Agent page, click Next.
  5. In the License Agreement page, select I accept the terms in the license agreement, and click Next.
  6. In the Agent Port page, click Next.
  7. In the Ready to Install the Program page, click Install.
  8. Enter the ELM FQDN, enter ELM credentials, and click Register.
  9. Registration logs can be found at C:\Program Files (x86)\Citrix\Agent\Logs.
  10. In the InstallShield Wizard Completed page, click Finish.
  11. When an image is published to Provisioning Services, ELM can run a script. Citrix has a sample Versioning and Convert VHD to VHDX script that converts the VHD file to VHDX, and/or adds the published image as a version. The script files can be installed on the PvS server at this time. Later, you specify the path to the script when you create the PvS Connector in ELM while creating an image template.
  12. Citrix also has a BootPrivate script that modifies the vDisk mode to Private, boots the vDisk on a pre-defined target so that it can run pre-defined layer scripts, shuts down the target, waits for that shutdown, and then switches the mode back to standard.

Next Steps

127 thoughts on “App Layering – Enterprise Layer Manager (ELM) 2403”

  1. When deploying an image to PVS, am I missing something or is there a way to simply add a new version to the existing disk? For example I have published the image to PVS, if I do it again (after updates) it will just add a 2nd vDisk to PVS.

    1. Versioning is designed for “in-place” updates. Whereas ELM completely rebuilds the entire image every time you publish. If you prefer in-place updates, you’re welcome to create a version, boot it, install your update, and then promote the version. But anything ELM publishes will be a full image.

  2. Dear Carl,

    I created an application layer with office apps, skipped image template selection and assigned elastically to a group.
    Published template with Elastic Layer: App layer only, and for SMB share I gave full access to the group, but office apps are not showing and in Event 1310: it is showing a message elastic layer not assigned.

    I hope I am doing Elastic assignment correctly, please let me know if I need to make any additional changes.

    Thanks,
    Ravi.

  3. Hi Carl,

    Does app layering ELM allow us to have multiple network adapter/Network. Our SMB file share and hypervisor is on different network segments.

    Thanks in advance.

    Kind Regards,
    Girish.a

    1. The ELM appliance’s availability has no effect on the published images so there’s no need for ELM HA>

      If you enabled Elastic Layers, then the file share that contains the Elastic Layers must be highly available, usually through Scale Out File Server.

  4. HI carl,
    After upgrading the App layering appliance to V1903, i am seeing the error when trying to create any layer. “Operation cannot be completed due to lack of permissions. Permission required is ‘Virtualmachine.inventory.CreatefromExisting”. I am using Vsphere 6.7 and my sys account has Admin permission in vcenter and also has the above permission. It was working fine until the upgrade. But since the upgrade i am getting this error message. Very frustrating.

  5. Hello carl,
    While create ver in for application layer, then after some time it gives error as “vcenter returned an error: Invalid state” could you please suggest the solution

  6. I upgraded to the Appliance to 18.12.0.15; also updated the Scripts in the OS layer. The only issue I am encountering is I have 3 legacy applications that are hanging on the installation when creating a App Layer version or creating a new layer. Oddly they do install in the OS layer. No error in eventlogs. Just wondering if anyone encountered this or anything similar.

  7. Has anyone had problems downloading the update package for the ELM? We are getting an error occurred while ‘downloading upgrade media’ The remote server returned an error: (400) Invalid HTTP Request.

  8. Hi Carl. From v. 4.11 of ELM ApplAyering support windows storeapps. But we have problems with it. StoreApps are closed unenxpected. I think because image have one version of store apps, user layer updated it and we have trouble. What recommendation or any guide for store apps and AppLayering?

  9. Hi Carl,

    After updating the ELM to 4.15 I have issue with MS WORD (office 365) while saving the file.
    Microsoft Word
    Word was unable to complete the save because of a file access error.
    (C:\Users\usert\Desktop\~WRL1304.tmp)

    where to find error?

  10. Whenever I try to setup connectors for pvs or vsphere 3509 or 3504 ports, it just comes back as page cannot be displayed. Same vlan and no firewalls in between. Can’t seem to find any information on this online, any ideas?

  11. Thank you!
    I want a 40GB user layer for DefaultUserLayerSizeInGb , I just enter 40 (Hexadecimal value) in the dword key?

  12. Hi Carl,

    I have the app Layering vm installed.
    App layering with different layers works well. Now we test the Elastic Layer.
    But where the hell do we configure the licensing servers of AppLayering ?

  13. Hey Carl,
    Do you have any additional documentation or knowledge on using the “BootPrivate” scripts that Rob made? I’m having a hard time getting those to work.

  14. Can you use App Layering on systems not in XenApp or XenDesktop? We have Platinum lic, but also have an RDS farm that would benefit from App Layering.

  15. Hi Carl,
    What storage types are required for the other layers, elastic must be SMB. how about User Layers and other layers?
    Can everything sit in the same SMB network share?
    Do User Layers have a SMB and high iOPs requirement?

  16. Is Citrix app layering supported in Xendesktop on AWS? If not, what about MCS with personal vDisk?
    Trying to find a solution on AWS to easily deploy and manage user desktops from a golden imagine but also allow for personalization

  17. Is this correct? “Layering 4.11 adds Session Office 365 Layers to roam Outlook OST files on RDSH VDAs. You can find some information at Enable User layers and What’s new in App Layering 4.11 at Citrix Docs.”

    Can’t find much of any info on this or how to set it up

    1. My guess is it does nothing more than enable the Office 365 Layer to be mounted on RDSH. Last version, it was only allowed on virtual desktops. I thing it only stores AppData\Outlook (no Search).

  18. Hi Carl,

    on a ESXi 6 Host – the Citrix Applayering Appliance was improted. On initial boot a Firmware Bug was shown –> Firmware Bug CPU1: APIC ID mismatch. How can I solve this problem?

    Thanks NIK

  19. I have ELM configured and all seems to be working fine. I was able to create different Layers and as well as published Images.

    However it seems the tasks are running permanently, even though they have all be completed “Done).
    I am seeing on the “Tasks-bar”, different tasks displaying in turn as if they are still running.

    Is this a normal behavior? If not, then what could be going wrong in my installation?

  20. Hi Carl,
    I have a Machine Catalog with pvd and a new one, created by MCS with App Layering (user layers).
    How I can migrate users data from pvd to user layer?

      1. At least not in any automated way provided by Citrix. If it’s just data, I assume you can write backup and restore scripts.

  21. Thanks Carl,
    Layered Image via MCS work perfectly.
    I try to deploy layered image via Citrix provisioning.
    I create a connector from ELM to my provisioning server, the image is deployed correctly as .vhd and i find the vdisk in the provisioning store.

    The Provisioned Server don’t want to start and hang showing windows 2012 flag, no BSOD.
    Any suggestion?

    Kind regards
    Alessandro

  22. I am having trouble updating and OS Layer after adding a new version to the layer.
    I built the layer with Windows 10 Enterprise build 1703 ISO
    I followed the best practices guide from Citrix
    App Layering 4.x: Best Practices – https://support.citrix.com/article/CTX225952
    App Layering – OS Layer and Platform Layer – https://www.carlstalhood.com/app-layering-os-layer/

    After updating windows, I ran the Citrix Optimization tool
    https://support.citrix.com/article/CTX224676

    Also ran the supplement for App Layering
    https://support.citrix.com/article/CTX229705

    I added a version to the OS Layer and logged into the Packaging VM to update Windows
    When running Windows Updates, I get the error:

    There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070422)

    I enabled Windows Update service and started, enabled BITS service and started.

    Tried to update again, got the same error message.

    I downloaded the Windows update troubleshooter tool from Microsoft, ran it but windows still throws the same error after fixing.
    https://aka.ms/wudiag

    I deployed another windows template VM from the Windows 10 1703 ISO again.
    Followed the instructions to the letter. Optimized, shutdown and finalized.

    I tried a add a version to that OS layer, I get the same Windows update error as before.
    So bottom line is if you run the Optimizer tool, you will not be able to add a version to the OS layer and update it.

    I need help on figuring out the correct way to optimize the OS layer and be able to update when new updates are released by Microsoft.

    App Layering is running the latest version 4.9

    Thanks,
    Randy

  23. Hi Carl – I have scoured the internet and I cannot find an answer to my problem.

    Failed copying file to D:\Windows 10\7z_2018-02-01_01-33-03.vhd. HTTP status 407: Proxy authentication is required.The error occurred while the remote file was being processed.

    I dont know what part of my process is using a proxy server.

    Would you know where I can start trouble shooting

    Thank you

    Regards

    Craig

  24. Carl, thanks for your work….really…thank you. You are the king. I find myself referencing this site daily and I am thankful for it’s existence. Very much appreciated.

    1. No problem. It’s the kind of documentation that Citrix should be producing themselves and that I typically do for my customers.

      1. Carl yes this is awesome documentation. Hey I was wondering I had my user layer go to an smb path that I dont want to use , how can I redirect it to the new share path. Also how can I increase the 10gb userlayer they assign.
        Thanks for any advice

  25. Carl, thanks for your work, you have the best Citrix website. Question-when using app layering what is the best practice for updating the VMs when using along with xendesktop MCS. Do we have to recreate template then create a new machine catalog or is there a way to make changes directly?

    We have a client that has all static VMs delivered via xendesktop, we want to change that and can use non-persistent for many, but what would you recommend for the users that need the same benefits of static but being easier to manage?

    1. User Layers are supposed to allow users to install their own apps.

      Yes, use Layering to create your images. Use MCS to push them out to linked clones.

      1. Thanks for the info. Are ‘user layers’ still ‘lab’ functionality or ready for enterprise production?
        Do you recommend ‘full clones’ or ‘linked clones’ with personal vdisk or other?

        1. I usually recommend full clones and let SCCM manage them. Storage dedupe eliminates the full clone storage consumption penalty.

          1. Are you looking for the Hyper-V connector while importing the OS Layer? It’s not there. But if you look for the connector while creating other layers and publishing, it should be there.

          2. Does that mean you have to manually copy the OS layer to ELM first? But what happens when you create a new version (update) of OS layer, manually copy each time? Seems very clunky. I guess I’ll test it, if at least the hyper-v connector works with the other layers.

          3. It’s just the initial OS Layer Import that doesn’t use a connector. Once you have an OS Layer, when you add versions, the Hyper-V connector should be there.

          4. Thanks Carl you are the best. Do you have one of your great step by step guides for hyper-v and app layering, or a link for another site.

          5. Great info. I installed the agent on hyper-v host and VMM and both registered successfully. But in the new connector wizard, it says “there are no registered citrix applayering agents” so can’t create the connector.

            BTW is it OK to have ELM appliance on VMware with hyper-v VMs or should ELM appliance be running as hyper-v VM? Thanks.

  26. Hi Carl,

    Do you know of anyone else having issues connecting to a nutanix cluster? We can connect after updating to AOS 5.5 – the applayering appliance complains about certificate errors and even if they are ignored it is still unable to connect.

  27. You don’t have to put Imprivata in the platform layer if you don’t want to. I don’t like doing this as you start to stack layer and then you go back to having multiple images/layer to update. If you crate a platform layer that is used for updating other layers and add that platform layer as a prerequisites when creating the App layer for Imprivata, it will see the VDA installed and do all the hooks it needs for it to work. This platform layer will also apply to other as you start to build out the rest of the environment.

  28. CTX226062 breaks Office KMS activation in private image mode boot.  I would suggest adding something similar to this…

    type c:\Personality.ini | find /I “$WriteCacheType=0” && exit

    in the C:\Windows\Setup\Scripts\kmsdir\kmssetup.cmd to bypass the script when running in private image mode.

  29. Hi Carl,

    When I login to a VDI that configured with cache on ram with overflow and application layer is attached, the cache on the ram is getting full and then the cache disk is getting full.

    I think it’s not supposed to be like this, no?

    Tanks!

    Avi.

  30. Hi Carl,

    Just got an issue after PVS upgrade from 7.13 to 7.14. Were not able to publish new images to PVS. It gave me this error:

    “Error: Cannot load Windows PowerShell snap-in Citrix.PVS.Snapin because of the following error: The Windows PowerShell snap-in module c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll does not have the required Windows PowerShell snap-in strong name Citrix.PVS.SnapIn, Version=7.13.0.13008”

    Until re-registered the snapin on PVS:

    “C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe” “c:\program files\citrix\provisioning services console\Citrix.PVS.snapin.dll”

  31. Hi Carl, I have a clustered Server 2016 File Server and I am trying to configure my share folder in the latest App Layer 4.3 but keep getting an error saying “The folder cannot be mounted”, mind you I have configured AD in it already.

  32. When installing the app layering agent on my pvs server (7.13 on Server 2016), it errors out:

    msi log:

    InstallShield 11:18:08: Invoking script function AddCertificate
    1: Executable: C:\Program Files (x86)\Citrix\Agent\Citrix.AppLayering.Agent.Service.exe, args: addcert -port=8016 -errorFile=”AddCert.Error”

    1: Return Code: 1

    1: errorFile: AddCert.Error, resultCode: 1, hErrorFile: 2778, errorMessage: System.Security.Cryptography.CryptographicException: Bad Data.

    applayering.agent log:

    2017-06-27 11:18:09,594 INFO 1 Program: AddCert called with port: ‘8016’, deleteOldCert: ‘True’, force: ‘False’, errorFile: ‘AddCert.Error’
    2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
    2017-06-27 11:18:09,954 INFO 3 Shell: EXEC: SSL Certificate bindings:
    2017-06-27 11:18:09,954 INFO 3 Shell: EXEC: ————————-
    2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
    2017-06-27 11:18:09,954 INFO 3 Shell: EXEC: The system cannot find the file specified.
    2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
    2017-06-27 11:18:09,954 INFO 3 Shell: EXEC:
    2017-06-27 11:18:09,970 INFO 1 Shell: EXEC: Done – Exit Code: 1
    2017-06-27 11:18:16,175 ERROR 1 Program: Exception occured while attempting to add the certificate.
    System.Security.Cryptography.CryptographicException: Bad Data.

    at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
    at System.Security.Cryptography.Utils._ImportKey(SafeProvHandle hCSP, Int32 keyNumber, CspProviderFlags flags, Object cspObject, SafeKeyHandle& hKey)
    at System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters)
    at Uni.Core.Services.CertificateManagement.CertificateService.GenerateCertificate(SecureRandom seed, X509Name subjectName, AsymmetricCipherKeyPair subjectKeyPair, X509Name issuerName, AsymmetricKeyParameter issuerPrivKey, String password, IEnumerable`1 extensions, Nullable`1 expiration, Nullable`1 storeLocation, Nullable`1 storeName)
    at Uni.Core.Services.CertificateManagement.CertificateService.GenerateCACertificate(String name, String password, Nullable`1 storeLocation, Nullable`1 storeName, Nullable`1 expiration)
    at Citrix.AppLayering.Agent.Service.Program.CommandLineArgsHandler.GenSelfSignedCert(Nullable`1 port, Boolean deleteOldCert, Boolean force, String errorFile)
    2017-06-27 11:18:16,191 INFO 1 Program: Creating error file AddCert.Error.

    I didn’t see anywhere in the install or guide where I could point it to a cert, am I missing something? I know I could use Orca to edit the MSI and skip that step, but what would you recommend?

  33. Where do I get a head-start on getting to know and use Unidesk in my environment?. I love what it can do so if you could provide some links, this will be appreciated. Also with a shared server desktop non persistent, what do you recommend in regards to deploying unidesk in such an environment?

    1. The article you’re reading contains step-by-step instructions on deploying it. 🙂 Unless something is missing?

      Citrix App Layering is the new name for Unidesk.

      Unidesk is most beneficial if you have the same applications installed on multiple master images. For maximum compatibility, Unidesk can merge the layers into a single image before the machine even boots. Or, Unidesk can dynamically load layers as users log in, allowing different users to have different layers.

      1. Does App Layer help any if you are stuck working with servers without PVS or MCS? Still VMs just don’t have access to the hypervisor level. Thanks.

  34. Hi Carl,

    shouldn’t it be possible to add a DFS path as a proper network file share for the Enterprise Layer Manager?
    At the moment I’m getting a “Failed to mount network file share path” when I try to add a DFS based file share (\\mydomain.local\dfsnamespace\sharetarget).
    However, a standard file share to the same server and share (\\fileserver\share) seems to work fine.
    Also accessing the DFS share with the Windows Explorer works fine so far.
    Do you have a hint for me there?

    Best Regards

    Ewald

    1. Hi Ewald,
      A DFS share is working on my end, so it should work fine.
      I would suggest to check your DNS settings on the ELM appliance.

  35. Hi Carl, would you be able to tell me if i start with setting up the ELM under VMware and then later deside to use Hyper-V as the host for my ELM , would i be able to migrate my layers from one ELM to another ?

    Thanks
    R

    1. There currently is no export/import option for layers. You might have to V2V the ELM to preserve the layers.

  36. Hi Carl,

    I’m quite new to Citrix App Layering.
    Therefore i’m a bit confused at the moment about how to license Citrix App Layering.
    I’m not sure if it is included within XenApp/XenDesktop (maybe Enterprise or Platinum) or if I need to license it separately.
    And do I need to purchase some kind of Cloud Services from Citrix in order to get it working?
    Thank you in advance for your reply!

    Best Regards

    Ewald

    1. You need to be on Customer Success Services (Select). Unidesk is included with all editions of XA/XD. But it’s downloaded from Citrix Cloud (just create an account).

      1. Thank you!
        That clarifies it for me.
        Just one question:
        How long does it usually take until a trial request for App Layering gets granted so that I can download the Software/Appliance?

        1. I got it.
          In the Download Section on the Citrix website for XenApp & XenDesktop 7.13.x there is a website linked for Citrix App Layering which directs you directly to https://layering.cloud.com.
          It seems that I have just missed that part somehow while reading the installation instructions.
          Sorry for that!

  37. hi! carl,
    I am lass from Paris
    could you show indications on connector for mcs and the port used please?
    I need to know if there are an agent to installe on xendesktop server or only app layering agent installed on master is ok

    1. For MCS, the template is published directly to the hypervisor. There’s no need for a separate Agent like PvS.

  38. Hi Carl ,

    It was not possible to download the agent from the link you supplied. Its only available on Unidesk website in the download section you register and login your account. But all new account have denied access to download it. I was able to get it only by talking to the unidesk support. I have a copy of the installer in my onedrive if you allow me to share it. https://1drv.ms/u/s!AuLfTH_M3TdArRvDVJeYSRIWhv1g

  39. Thanks for the reply, what about the os layer template creation , would that have to be created on the same hypervisor as the ELM sists on ?

    1. No. It can either get it directly from the hypervisor, or it can be imported from the file share.

  40. Hi Carl,
    if my Xendesktop environment runs on a xenserver hyper-visor , is it beneficiary to install the unidesk appliance also on the xenserver platform or is it completely independent and i could put it into our hyper-v cluster ?

    Thanks

    1. I can’t think of any reason why it has to run on XenSever since ELM can push layers to multiple hypervisors.

  41. Hi Carl,

    With the Unidesk acquisition by Citrix, what is the future for AppDisk ?
    I suppose I shouldn’t waste my time implementing Appdisk and focus myself on Unidesk.
    I read several blogs talking about “physical workstations support in a near-future”.
    Mounting VHDs on Windows OS is feasible since years now, why Unidesk could not be used with physical computers ? Maybe because of the necessary bandwidth between a workstation and the servers holding the VHDs repository ? Or maybe because the mount has to be carried out in the very early steps of the Windows boot ?

    Kind regards

    Yvan

    1. Unidesk will replace AppDisk.

      Physical is on the roadmap. But I suspect that Cloud is the primary reason for the Unidesk acquisition.

Leave a Reply

Your email address will not be published. Required fields are marked *