Introduction
This Documents highlights the most common Best Practises areas found in customer environments during assessments. Best Practises found that certain issues persist from customer to customer. The goal of this document is to identify these common issues, describe why they pose a potential risk to the implementation and provide Citrix best practices and recommendations to overcome them.
This document describes a generic XenApp Operational guidelines and best practices and specifies the following:
· Server Farm Access Levels
· Server Farm Standards
· Server Farm Release Management, Server Farm Maintenance, Server Farm Patching
· Server Farm Application Configuration
· Server Farm Cluster or HA or DR
Operations will benefit from:
· Well known procedures to manage XenApp Farm.
· Decrease of number of mistakes caused by complex XenApp farm.
· Decrease of number of unnecessary work to troubleshoot.
· Ability to automate Patching by using enterprise tools.
S.No. Access Control List - Operational Best Practices |
01 All the End users should have only User level access on the XenApp or Citrix Presentation Server.
02 All the XenApp Administrator should be the local administrator on all the servers.
03 Anonymous user’s should be set to “No Access”.
04 Windows Groups shouldn’t be XenApp Farm or XenApp Server Administrator.
05 Application Administrator should have limited access to all the XenApp Management Consoles.
S.No XenApp Farm Standards - Operational Best Practices |
01 Single farm and limited zones are recommended.
02 Mixed Farm can be used for up gradation but recommended always single release.
03 Farm settings should be inherited same on the entire server farm.
04 Farm Zone Data Collectors has ample (75%) available space on the system drive.
05 Farm Zone Data collector Servers, do not run or point the Access Management (or Presentation Server) Console (running on another computer) to a Zone Data Collector or XML Broker Server.
06 Failover: Dedicate a Least loaded Preferred Zone Data Collector in each zone.
07 Zone Data Collector servers should not be a Resource Manager Database Connection Server or Farm Metric Server.
08 Enable the setting, Share Information across zones in the properties of the farm.
09 Reduce the load on the data store and to reduce the IMA Service start time, Citrix recommends maintaining cycle boot groups of no more than 100 servers. In large farms with hundreds of servers, or when the database hardware is not sufficient, restart servers in groups of approximately 50, with at least a 10 minute interval between groups.
10. The best practice for removing a server from a farm is to uninstall the server through the Control Panel using the Add/Remove Programs applet while the server still has a connection to the farm.
11. Creating an isolated test or development farm so the production farm’s Data Store is not affected by any components in the test farm.
S.No XenApp Server - Operational Best Practices |
01 All the XenApp Server should have identical in the farm in terms of S/W & H/W.
02 All the XenApp Server should have same patch level across the farm.
03 No Access of any server drive to the user during ICA session. User can save their
Data into Home drive or map drive.
04 Local Admin Account shouldn’t be default. XenApp Administrator will be local administrator.
05 Local Admin Account shouldn’t be default. XenApp Administrator will be local administrator of the XenApp Server.
06 Disable all the not relevant services on all the XenApp servers.
07 Secure the XML traffic from Web Interface to the XML Brokers. (Typically the Zone Data Collectors).
08 Tools such as EdgeSight for Load Testing are excellent options for conducting
Performance and scalability testing. Other tools such as Microsoft System Center Operations Manager (formerly called MOM) are also widely used to complement a monitoring solution.
09 Almost all customers are not properly tuning or optimizing their XenApp servers in some way.
By tuning Kernel Memory and implementing server optimizations, customers can increase user density and ultimately reduce hardware costs by consolidating member servers.
10 Understanding their unique business and technical requirements before designing and implementing a Terminal Server profile solution.
11. Implementing „Custom‟ load evaluators after proper performance and scalability testing. Performance degradation typically occurs when the CPU Utilization or Memory Usage is approximately 80-85%.
12. Many customers do not create a “baseline” Citrix policy. This is typically a policy that applies
All servers or users that have many common settings and optimizations. Unused virtual channels, such as audio or COM port mapping, should be disabled whenever possible to optimize the ICA protocol and improve overall session performance. Bandwidth restrictions and common printing configurations are also ideal candidates for inclusion in a baseline Citrix policy. Citrix policies and Microsoft GPOs are powerful tools that help maintain standardization and consistency.
S.No Print Drivers - Operational Best Practices |
01 Never replicate the Citrix Universal Print Driver or the required HP fallback print
drivers using the auto-replication list.
02 Do not manually replicate large quantities of print drivers during production hours.
03 Always select a specific server as the source when replicating print drivers.
This avoids potential driver mismatches if different versions of the driver exist in
the farm.
04 Use the overwrite option with care when auto-replicating print drivers.
05 An inconsistent set of printer drivers are found across the servers within the farm. This can be verified by accessing the drop-down list within the management console to determine which drivers are installed on each particular XenApp server. By default, users have the ability to install printer drivers on Terminal Servers, so it is important to lock this capability down. In order to proactively circumvent this issue, implement the appropriate Group Policy to disable all users from redirecting printers when connecting using the Remote Desktop Protocol.
S.No Patch or Hot fix Installation - Operational Best Practices |
01 Make sure there are no ICA sessions on the server before installing hot fixes.
02 Install the hot fixes in a console session as opposed to an RDP session.
03 There are recommended order for installing hot fixes in regard to a server’s role.
Data Collector(s)
Database Connection Server
Primary Farm Metric Server
Backup Farm Metric Server
Member Servers
04 Most of the customers don’t have test environment and manually patching citrix production environment. Use centralize automated patching tool for Microsoft Operating system and Citrix. Validate all the patches first in Test environment /UAT and then publish in production.
S.No XenApp on VMware- Operational Best Practices |
01 H/W Requirement: Start with 1 vCPU and only go to 2 max if your VMs start to indicate CPU performance issues. Starts with 4GB RAM (at least a minimum of 2 GB)
02 Use W2K3 enterprise in order to use the advanced vmxnet NIC.
03 Plan for 20-40 concurrent sessions per VM and it is again highly dependent on applications that are being run. Use more VMs hosts as required by the applications being executed.
04 Use the User Profile Hive clean up tool from Microsoft on all Citrix boxes.
05 Ensure that the correct HAL is in place for either single or multi CPUs.
06 Don't P2V an existing Citrix host into a VM .
S.No XenApp Application - Operational Best Practices |
S.No General Best Practices |
01 Users should have a latest Citrix ICA client installed on their desktop / laptop before attempting to connect or accessing the applications.
02 Users need to make sure to “logoff” once they finish their work within the Citrix session. This will help to ensure the unnecessary usage of licenses.
03 To enhance their Citrix experience, we recommend them to save personal data on a network drive. If they have a large TS profile, it will greatly affect their log in and log off process
04 Citrix servers to disconnect and terminate users’ session after X hours of idled time (no activity).
Citrix Administration Assessment Checklist:
Citrix Assessment | YES | NO | Comments |
Single Farm Details if Possible | |||
Mixed Farm Details if Possible | |||
Legacy Environment & Detail | |||
Centralize Licensing | |||
Distributed Licensing | |||
Subscription Advantage signed | |||
Server Health Monitoring Tool | |||
Scalability & Capacity Planning Tool | |||
Access Control list applied in the farm | |||
Equal S/W and H/W configuration on all the servers in the Farm. | |||
Security Standards are applied in the Farm to Access the Applications,Like:FIPS,SSL etc. | |||
All the clients are using latest version | |||
Printer Configurations is same throughout the Farm. | |||
Latest Patches are available in the Farm. | |||
Latest Release are running in the Environment | |||
Legacy H/W & S/W removal projects initiation. | |||
Application Integration recommendation followed | |||
Resources Utilization Report available | |||
Per Server Load Report | |||
Total User Load Report |
No comments:
Post a Comment