Advertisement
david62277

Update MCS VDA 2019

Jan 22nd, 2019
5,940
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <#####
  2. Stand alone XenDesktop MCS VDA Installer
  3. Written by David Ott
  4. I wrote this script because I have over 100 stand alone MCS VDAs.  Upgrading the VDA software
  5. becomes a huge pain as you can imagine.  
  6.  
  7. ***** Pay attention to anything marked with ##### as you will need to customize the script for
  8. your environment.*****
  9.  
  10. This will only work on Windows VDAs!!
  11. Requirements:
  12. Know the local admin credentials for your MCS desktops
  13. VDA Cleanup Utility (google it and download the latest version)
  14. Citrix Virtual Apps and Desktops .iso extracted to a network share
  15. Domain credentials for accessing the file share
  16.  
  17. How it works:
  18. 1. You can query your delivery controller for all VDAs you wish to upgrade, or you can run it against individual VDAs
  19. I'd suggest running it against individual VDAs until you are comfortable with the results.  Noted in the first part of the
  20. script after the BEGIN line
  21. 2. Once the script knows which computer(s) you wish to upgrade it will create 2 powershell scripts on the C:\ drive of each
  22. computer, and 2 scheduled tasks to run them.
  23. 3. The first scheduled task will run as system, add auto logon information into the registry, and restart the computer
  24. 4. The second scheduled task (the meat and potatoes) will run at logon (local admin user set to auto logon).  It will uninstall
  25. any existing VDA using the VDA Cleanup Utility (always use the latest one Citrix has available), install the new VDA from
  26. the mapped drive (session recording optional), clean up the auto logon info/files, and reboot.
  27.  
  28.  
  29. #####>
  30. #####***** BEGIN *****#####
  31. ##### Remove comment start from the line below to allow the script to grab every MCS desktop in a specified delivery group
  32.  
  33. <#$computers = Invoke-Command -ComputerName <your delivery controller> -ScriptBlock {
  34. asnp citrix*
  35. ##### Edit the line below with the MCS desktop group name, and the current agent version
  36. Get-BrokerDesktop -MaxRecordCount 1000 -DesktopGroupName "DESKTOP GROUP NAME" -Filter {(agentversion -lt "1811") -and (sessionstate -ne "active")} | select -expand dnsname
  37. ##### If you use this remove the end comment below
  38. }#>
  39.  
  40. ##### If you want to run this script against an individual computer enter the computer name below
  41. ##### (this is how you should run it while testing!)
  42. ##### If you are querying the delivery controller for all MCS desktops in a delivery group comment the line below
  43. ##### by adding "#" before $computers
  44. $computers = "VDA1"#,"VDA2","VDA3"
  45.  
  46. ##### enter the path to the extracted .iso
  47. $drive = "\\server\share\Citrix_Virtual_Apps_and_Desktops_7_1811"
  48. ##### this is the log file that is created on C: of the MCS desktops - name it something unique for each VDA version
  49. $logfile = "c:\upgrade1811.log"
  50. ##### This is the text that is copied to the MCS desktop to allow the local administrator account to logon automatically
  51. ##### Make sure you update LoCalPassword to the correct local admin password, and Administrator to the local admin account (if not "administrator") - line 57.  
  52. ##### Leave everything else as is.
  53. $script1 = @"
  54. `$log = "logfile"
  55. if (!(test-path `$log)) {
  56. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value "1" -type string
  57. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value "LoCalPassword" -type string ##### Local Admin Password
  58. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value "Administrator" -type string
  59. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultDomainName -Value "computername" -type string
  60. "Start "+(get-date).ToString() | out-file `$log
  61. Restart-Computer -force
  62. break
  63. }
  64. "@
  65.  
  66. <##### This is the text for the actual upgrade script and you will have to make some changes for your environment.
  67. Because I am using a domain account I like to obscure the password in the file using a key, but you don't have to do that.
  68. To use this method highlight the below line in powershell_ise and hit F8 to load the key as a vairable
  69. $key = (1,43,9,221,4,2,78,42,101,32,45,87,76,12,43,66,12,78,8,94,54,23,22,65)
  70. To get the obscure string
  71. "Password1" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString -Key $key
  72. Take the text from that line and replace it as the text after "$string =" below (one line between quotes) - line 104
  73. Then update the "domain\username" to the account you want to use in the "$creds" - line 106
  74. Alternatively if you want to store the password in plain text and avoid that extra work
  75. change the $password line (105) to:
  76. `$password "YourPasswordHere" | convertto-securestring -asplaintext -force"
  77. then comment out lines 103 and 104 by adding a # to the beginning of the line
  78. Below that you will notice the same lines as from the first script to ensure that the local admin can auto logon if the first script
  79. did not execute.  Like above edit the local admin credentials. - line 112
  80. below that look for the line that starts with `$installargs (line 152).  These are the install arguements for the VDA.  The main thing you will want to do
  81. is update the delivery controllers in that command (fqdns separated by a space).
  82. If you want to install session recording uncomment lines 157 and 158 by removing the "#" character from the beginning of the line and
  83. change "sessrecsvr.domain.com" in line 156 to the fqdn of your session recording server
  84. #####>
  85. $script = @"
  86. function cleanup {
  87. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value "0" -type string
  88. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value `$null -type string
  89. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value "PowerUser" -type string
  90. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultDomainName -Value `$null -type string
  91. #Unregister-ScheduledTask -TaskName upgrade -confirm:`$false
  92. #unregister-scheduledtask -taskname kickoff -confirm:`$false
  93. & schtasks /delete /tn kickoff /f
  94. & schtasks /delete /tn upgrade /f
  95. ri c:\upgrade.ps1
  96. ri c:\upgradetmp.ps1
  97. ri c:\VDACleanupUtility.exe -force
  98. ri "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix" -recurse -force
  99. }
  100. `$share = "$drive"
  101. `$culog = "`$env:temp\Citrix\VdaCleanup\CleanupToolLog.txt"
  102. `$log = "logfile"
  103. `$key = (1,43,9,221,4,2,78,42,101,32,45,87,76,12,43,66,12,78,8,94,54,23,22,65)
  104. `$string = "76492d1116743f0423413b16050a5345MgB8AHEAVgA2ADMAegBDAEoANgB0AG0AZAB4AEkAdwB1AHIAaABCAFoAMgBjAFEAPQA9AHwAMAAyADAAOAAyADQAMgBmADkAZAA1AGQAOQA1ADgAYwAxADIAMAA2AGQAMwA3AGQANAAxADQAZgAzADMANgAxADUANwBiADQAMQA5ADkAMwBiAGMAZQBlAGQAMgA4AGMAMAAyADAAOQBlAGQANwBlAGUAZQA1ADMANwBiAGMANQA="
  105. `$password = `$string | ConvertTo-SecureString -Key `$key
  106. `$creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "domain\username",`$password
  107. if (!(test-path "citrix:\")) {
  108. new-psdrive -name Citrix -psprovider filesystem -root `$share -credential `$creds
  109. }
  110. if (!(test-path `$log)) {
  111. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value "1" -type string
  112. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value "LoCalPassword" -type string ##### Local Admin Password
  113. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value "Administrator" -type string
  114. sp 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultDomainName -Value "computername" -type string
  115. "Start "+(get-date).ToString() | out-file `$log
  116. Restart-Computer -force
  117. break
  118. }
  119. `$gc = gc `$log
  120. if (`$gc -match "vda removal" -eq `$false) {
  121. "vda removal start "+(get-date).tostring() | Out-File `$log -Append
  122. if (test-path `$culog) {ri (split-path `$culog -parent) -recurse -force}
  123. `$p = Start-Process -FilePath C:\VDACleanupUtility.exe -ArgumentList "/silent" -passthru
  124. wait-process `$p.id
  125. break
  126. } else {
  127. if (get-process vdacleanuputility -ea silentlycontinue) {
  128. "vda removal continue "+(get-date).ToString() | Out-File `$log -Append
  129. get-process vdacleanuputility -ea silentlycontinue | wait-process
  130.  
  131. }
  132. if ((gp HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce) -match "citrixvdacleanup") {
  133. break
  134. }
  135. #start-process powershell.exe -argumentlist "-script gc `$log -wait"
  136. while ((gc `$culog -last 1) -notlike "*upload*") {start-sleep -s 1}
  137. `$sesrec = gci HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | %{
  138. gp `$_.pspath | ?{`$_.displayname -like "*recording*" -and `$_.publisher -like "*citrix*"} | select displayname,uninstallstring
  139. }
  140. <#if (`$sesrec -ne `$null) {
  141. "Uninstall Session Recording "+(get-date).tostring() | out-file `$log -append
  142. if (`$sesrec.uninstallstring -like "*xendesktopsrsetup*") {
  143. `$uninstall = `$sesrec.uninstallstring | ?{`$_ -like "*xendesktopsrsetup*"}
  144. & cmd /c `$uninstall /quiet /noreboot
  145. } else {
  146. `$uninstall = `$sesrec.UninstallString -replace "msiexec.exe",""
  147. Start-Process msiexec.exe -ArgumentList "/q /norestart `$uninstall" -Wait
  148. }
  149. }#>
  150. `$dvd = (gwmi win32_logicaldisk | ?{`$_.volumename -like "XA*"} | select -expand deviceid)+"\"
  151. `$setup = "Citrix:\x64\XenDesktop Setup\XenDesktopVDASetup.exe"
  152. `$installargs = "/quiet /noreboot /components VDA,PLUGINS /controllers ``"deliverycontroller1.domain.com deliverycontroller2.domain.com``" /install_mcsio_driver /enable_remote_assistance /enable_hdx_ports /enable_hdx_udp_ports /optimize /enable_real_time_transport /enable_framehawk_port /masterimage /virtualmachine /exclude ``"Personal vDisk``",``"Citrix Telemetry Service``""
  153. "Install VDA "+(get-date).tostring() | out-file `$log -append
  154. Start-Process `$setup -ArgumentList `$installargs -Wait
  155. `$sesins = "Citrix:\x64\Session Recording\SessionRecordingAgentX64.msi"
  156. `$sesinsargs = "/quiet INSTALLLOCATION=``"C:\Program Files\Citrix``" ARPSYSTEMCOMPONENT=``"1``" MSIFASTINSTALL=``"1``" MSIRMSHUTDOWN=``"2``" METAINSTALLER=``"1``" SESSIONRECORDINGSERVERNAME=``"sessrecsvr.domain.com``" SESSIONRECORDINGBROKERPROTOCOL=``"HTTPS``" SESSIONRECORDINGBROKERPORT=``"443``" CLOUD=False REBOOT=ReallySuppress"
  157. #"Install Session Recording "+(get-date).tostring() | out-file `$log -append
  158. #start-process `$sesins -argumentlist `$sesinsargs -wait
  159. cleanup
  160. restart-computer -force
  161. }
  162.  
  163. "@
  164.  
  165. foreach ($computer in $computers) {
  166. ##### here the text above is placed into .ps1 files on the VDA
  167. ($script -replace "computername",$computer) -replace "logfile",$logfile | Out-File "\\$computer\c`$\upgrade.ps1"
  168. ($script1  -replace "computername",$computer) -replace "logfile",$logfile | Out-File "\\$computer\c`$\upgradetmp.ps1"
  169. ##### Below edit the path for the VDACleanupUtility so it can copy to the VDA
  170. cp \\server\share\VDACleanupUtility.exe \\$computer\c`$
  171. ##### if the invoke command fails it probably means winrm is not configured
  172. ##### if it works then it will create 2 tasks - you will see an error about the one that has a start date in the year 2000 - ignore it
  173. ##### Edit the Administrator username if it is not logging in as "Administrator" (line 176)
  174. Invoke-Command -ComputerName $computer -ScriptBlock {
  175. & schtasks /create /tn kickoff /tr "powershell.exe -executionpolicy unrestricted -file c:\upgradetmp.ps1" /sc ONCE /sd "12/12/2000" /st 12:00 /ru SYSTEM /rl highest
  176. & schtasks /create /tn upgrade /tr "powershell.exe -executionpolicy unrestricted -file c:\upgrade.ps1" /sc ONLOGON /ru Administrator /rl highest
  177. & schtasks /run /tn kickoff
  178. }
  179. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement