Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#####
- Stand alone XenDesktop MCS VDA Installer
- Written by David Ott
- I wrote this script because I have over 100 stand alone MCS VDAs. Upgrading the VDA software
- becomes a huge pain as you can imagine.
- ***** Pay attention to anything marked with ##### as you will need to customize the script for
- your environment.*****
- This will only work on Windows VDAs!!
- Requirements:
- Know the local admin credentials for your MCS desktops
- VDA Cleanup Utility (google it and download the latest version)
- Citrix Virtual Apps and Desktops .iso extracted to a network share
- Domain credentials for accessing the file share
- How it works:
- 1. You can query your delivery controller for all VDAs you wish to upgrade, or you can run it against individual VDAs
- I'd suggest running it against individual VDAs until you are comfortable with the results. Noted in the first part of the
- script after the BEGIN line
- 2. Once the script knows which computer(s) you wish to upgrade it will create 2 powershell scripts on the C:\ drive of each
- computer, and 2 scheduled tasks to run them.
- 3. The first scheduled task will run as system, add auto logon information into the registry, and restart the computer
- 4. The second scheduled task (the meat and potatoes) will run at logon (local admin user set to auto logon). It will uninstall
- any existing VDA using the VDA Cleanup Utility (always use the latest one Citrix has available), install the new VDA from
- the mapped drive (session recording optional), clean up the auto logon info/files, and reboot.
- #####>
- #####***** BEGIN *****#####
- ##### Remove comment start from the line below to allow the script to grab every MCS desktop in a specified delivery group
- <#$computers = Invoke-Command -ComputerName <your delivery controller> -ScriptBlock {
- asnp citrix*
- ##### Edit the line below with the MCS desktop group name, and the current agent version
- Get-BrokerDesktop -MaxRecordCount 1000 -DesktopGroupName "DESKTOP GROUP NAME" -Filter {(agentversion -lt "1811") -and (sessionstate -ne "active")} | select -expand dnsname
- ##### If you use this remove the end comment below
- }#>
- ##### If you want to run this script against an individual computer enter the computer name below
- ##### (this is how you should run it while testing!)
- ##### If you are querying the delivery controller for all MCS desktops in a delivery group comment the line below
- ##### by adding "#" before $computers
- $computers = "VDA1"#,"VDA2","VDA3"
- ##### enter the path to the extracted .iso
- $drive = "\\server\share\Citrix_Virtual_Apps_and_Desktops_7_1811"
- ##### this is the log file that is created on C: of the MCS desktops - name it something unique for each VDA version
- $logfile = "c:\upgrade1811.log"
- ##### This is the text that is copied to the MCS desktop to allow the local administrator account to logon automatically
- ##### Make sure you update LoCalPassword to the correct local admin password, and Administrator to the local admin account (if not "administrator") - line 57.
- ##### Leave everything else as is.
- $script1 = @"
- `$log = "logfile"
- if (!(test-path `$log)) {
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value "1" -type string
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value "LoCalPassword" -type string ##### Local Admin Password
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value "Administrator" -type string
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultDomainName -Value "computername" -type string
- "Start "+(get-date).ToString() | out-file `$log
- Restart-Computer -force
- break
- }
- "@
- <##### This is the text for the actual upgrade script and you will have to make some changes for your environment.
- Because I am using a domain account I like to obscure the password in the file using a key, but you don't have to do that.
- To use this method highlight the below line in powershell_ise and hit F8 to load the key as a vairable
- $key = (1,43,9,221,4,2,78,42,101,32,45,87,76,12,43,66,12,78,8,94,54,23,22,65)
- To get the obscure string
- "Password1" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString -Key $key
- Take the text from that line and replace it as the text after "$string =" below (one line between quotes) - line 104
- Then update the "domain\username" to the account you want to use in the "$creds" - line 106
- Alternatively if you want to store the password in plain text and avoid that extra work
- change the $password line (105) to:
- `$password "YourPasswordHere" | convertto-securestring -asplaintext -force"
- then comment out lines 103 and 104 by adding a # to the beginning of the line
- Below that you will notice the same lines as from the first script to ensure that the local admin can auto logon if the first script
- did not execute. Like above edit the local admin credentials. - line 112
- below that look for the line that starts with `$installargs (line 152). These are the install arguements for the VDA. The main thing you will want to do
- is update the delivery controllers in that command (fqdns separated by a space).
- If you want to install session recording uncomment lines 157 and 158 by removing the "#" character from the beginning of the line and
- change "sessrecsvr.domain.com" in line 156 to the fqdn of your session recording server
- #####>
- $script = @"
- function cleanup {
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value "0" -type string
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value `$null -type string
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value "PowerUser" -type string
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultDomainName -Value `$null -type string
- #Unregister-ScheduledTask -TaskName upgrade -confirm:`$false
- #unregister-scheduledtask -taskname kickoff -confirm:`$false
- & schtasks /delete /tn kickoff /f
- & schtasks /delete /tn upgrade /f
- ri c:\upgrade.ps1
- ri c:\upgradetmp.ps1
- ri c:\VDACleanupUtility.exe -force
- ri "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix" -recurse -force
- }
- `$share = "$drive"
- `$culog = "`$env:temp\Citrix\VdaCleanup\CleanupToolLog.txt"
- `$log = "logfile"
- `$key = (1,43,9,221,4,2,78,42,101,32,45,87,76,12,43,66,12,78,8,94,54,23,22,65)
- `$string = "76492d1116743f0423413b16050a5345MgB8AHEAVgA2ADMAegBDAEoANgB0AG0AZAB4AEkAdwB1AHIAaABCAFoAMgBjAFEAPQA9AHwAMAAyADAAOAAyADQAMgBmADkAZAA1AGQAOQA1ADgAYwAxADIAMAA2AGQAMwA3AGQANAAxADQAZgAzADMANgAxADUANwBiADQAMQA5ADkAMwBiAGMAZQBlAGQAMgA4AGMAMAAyADAAOQBlAGQANwBlAGUAZQA1ADMANwBiAGMANQA="
- `$password = `$string | ConvertTo-SecureString -Key `$key
- `$creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "domain\username",`$password
- if (!(test-path "citrix:\")) {
- new-psdrive -name Citrix -psprovider filesystem -root `$share -credential `$creds
- }
- if (!(test-path `$log)) {
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value "1" -type string
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value "LoCalPassword" -type string ##### Local Admin Password
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value "Administrator" -type string
- sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultDomainName -Value "computername" -type string
- "Start "+(get-date).ToString() | out-file `$log
- Restart-Computer -force
- break
- }
- `$gc = gc `$log
- if (`$gc -match "vda removal" -eq `$false) {
- "vda removal start "+(get-date).tostring() | Out-File `$log -Append
- if (test-path `$culog) {ri (split-path `$culog -parent) -recurse -force}
- `$p = Start-Process -FilePath C:\VDACleanupUtility.exe -ArgumentList "/silent" -passthru
- wait-process `$p.id
- break
- } else {
- if (get-process vdacleanuputility -ea silentlycontinue) {
- "vda removal continue "+(get-date).ToString() | Out-File `$log -Append
- get-process vdacleanuputility -ea silentlycontinue | wait-process
- }
- if ((gp HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce) -match "citrixvdacleanup") {
- break
- }
- #start-process powershell.exe -argumentlist "-script gc `$log -wait"
- while ((gc `$culog -last 1) -notlike "*upload*") {start-sleep -s 1}
- `$sesrec = gci HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | %{
- gp `$_.pspath | ?{`$_.displayname -like "*recording*" -and `$_.publisher -like "*citrix*"} | select displayname,uninstallstring
- }
- <#if (`$sesrec -ne `$null) {
- "Uninstall Session Recording "+(get-date).tostring() | out-file `$log -append
- if (`$sesrec.uninstallstring -like "*xendesktopsrsetup*") {
- `$uninstall = `$sesrec.uninstallstring | ?{`$_ -like "*xendesktopsrsetup*"}
- & cmd /c `$uninstall /quiet /noreboot
- } else {
- `$uninstall = `$sesrec.UninstallString -replace "msiexec.exe",""
- Start-Process msiexec.exe -ArgumentList "/q /norestart `$uninstall" -Wait
- }
- }#>
- `$dvd = (gwmi win32_logicaldisk | ?{`$_.volumename -like "XA*"} | select -expand deviceid)+"\"
- `$setup = "Citrix:\x64\XenDesktop Setup\XenDesktopVDASetup.exe"
- `$installargs = "/quiet /noreboot /components VDA,PLUGINS /controllers ``"deliverycontroller1.domain.com deliverycontroller2.domain.com``" /install_mcsio_driver /enable_remote_assistance /enable_hdx_ports /enable_hdx_udp_ports /optimize /enable_real_time_transport /enable_framehawk_port /masterimage /virtualmachine /exclude ``"Personal vDisk``",``"Citrix Telemetry Service``""
- "Install VDA "+(get-date).tostring() | out-file `$log -append
- Start-Process `$setup -ArgumentList `$installargs -Wait
- `$sesins = "Citrix:\x64\Session Recording\SessionRecordingAgentX64.msi"
- `$sesinsargs = "/quiet INSTALLLOCATION=``"C:\Program Files\Citrix``" ARPSYSTEMCOMPONENT=``"1``" MSIFASTINSTALL=``"1``" MSIRMSHUTDOWN=``"2``" METAINSTALLER=``"1``" SESSIONRECORDINGSERVERNAME=``"sessrecsvr.domain.com``" SESSIONRECORDINGBROKERPROTOCOL=``"HTTPS``" SESSIONRECORDINGBROKERPORT=``"443``" CLOUD=False REBOOT=ReallySuppress"
- #"Install Session Recording "+(get-date).tostring() | out-file `$log -append
- #start-process `$sesins -argumentlist `$sesinsargs -wait
- cleanup
- restart-computer -force
- }
- "@
- foreach ($computer in $computers) {
- ##### here the text above is placed into .ps1 files on the VDA
- ($script -replace "computername",$computer) -replace "logfile",$logfile | Out-File "\\$computer\c`$\upgrade.ps1"
- ($script1 -replace "computername",$computer) -replace "logfile",$logfile | Out-File "\\$computer\c`$\upgradetmp.ps1"
- ##### Below edit the path for the VDACleanupUtility so it can copy to the VDA
- cp \\server\share\VDACleanupUtility.exe \\$computer\c`$
- ##### if the invoke command fails it probably means winrm is not configured
- ##### if it works then it will create 2 tasks - you will see an error about the one that has a start date in the year 2000 - ignore it
- ##### Edit the Administrator username if it is not logging in as "Administrator" (line 176)
- Invoke-Command -ComputerName $computer -ScriptBlock {
- & schtasks /create /tn kickoff /tr "powershell.exe -executionpolicy unrestricted -file c:\upgradetmp.ps1" /sc ONCE /sd "12/12/2000" /st 12:00 /ru SYSTEM /rl highest
- & schtasks /create /tn upgrade /tr "powershell.exe -executionpolicy unrestricted -file c:\upgrade.ps1" /sc ONLOGON /ru Administrator /rl highest
- & schtasks /run /tn kickoff
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement