Virtualization - Cloud

Author: Ram Prasad (Page 1 of 7)

Step by Step to install Linux Virtual Delivery Agent Installation for RHEL

Unfortunately, citrix has not provided detailed step by step procedure to install VDA on Linux distributions. There are so many articles published to install VDA on windows machines whereas not for Linux distributions.

In one of my recent project, I spent lot of time to install VDA on Red Hat Enterprise Linux due to lack of detailed documentation hence I am publishing below step by step procedure to install VDA on Red Hat Enterprise Linux.

This articles covers below components installation & configuration

• RHEL 8.2 Linux Workstation VM Installation on Nutanix AHV
• XenDesktop VDA 2203 Agent Installation & configuration
• NVIDIA Graphics Drivers Installation
• NVDIA vGPU licensing

The Linux Virtual Delivery Agent (VDA) enables access to the Linux virtual apps and desktops anywhere from any device where Citrix Workspace app is installed. Install the VDA software on your Linux virtual machines, configure the Delivery Controller, and then use Citrix Studio to make the apps and desktops available to users.

Supported Linux distributions
System requirements | Linux Virtual Delivery Agent 2203 LTSR (citrix.com)

RHEL 8.2 Linux Workstation VM Installation

Mount the RHEL 8.2 ISO and boot the VM with ISO

Select “Install Red Hat Enterprise Linux 8.2”

In above options, modify each installation setting based on requirement

As my requirement is Linux “Workstation”, I chosen “Base Environment” , choose options based on your requirement

For VDA, choosing GNOME Applications & GRAPHICS Administration tools is sufficient. Choose based on your requirement

Select Automatic unless you have a specific requirements of partitions

Enable Network to get IP from DHCP and Provide Hostname correctly at this page

Post Selection of all options, you will see below output

Reboot VM post installation

Note:

My Citrix VDI setup do not have proxy connectivity hence to install packages and dependencies, I need to mount YUM repository from locally mounted ISO which avoids internet connectivity for any RPM installations. Ignore YUM repository steps if VM able to connect internet

Steps to mount YUM repository locally

Mount the RHEL installation ISO to a directory like /mnt/disc, e.g.:
mkdir -p /mnt/disc
mount /dev/sr0 /mnt/disc

Create below directories to copy repositories

mkdir /home/BaseOS
mkdir /home/AppStream

Copy the media.repo file from the root of the mounted directory

cp -ivr /mnt/disc/BaseOS/* /home/BaseOS/

cp -ivr /mnt/disc/AppStream/* /home/AppStream/

Unmount /mnt/disc -> do after copying files

Delete files if any found under directory /etc/yum.repos.d/ and create the file vi /etc/yum.repos.d/local.repo

Note: you should have only local.repo file under /etc/yum.repos.d/
Copy and Paste the below text in local.repo

[BaseOS]
name = BaseOS
enabled = 1
gpgcheck = 0
baseurl = file:///home/BaseOS/
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[AppStream]
name = AppStream
enabled = 1
gpgcheck = 0
baseurl = file:///home/AppStream/
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

Save the changes by typing wq!


Clear the cache and check whether you can get the packages list from the DVD repo with below commands

yum clean all
yum repolist enabled

You should get below output

To disable Red Hat Subscription Management warning , edit below file and change enabled value to 0
vi /etc/yum/pluginconf.d/subscription-manager.conf

Install & Configure Linux Virtual Delivery Agent

Prerequisite for VDA: Dotnet runtime is required for VDA installation

URL:
https://dotnet.microsoft.com/en-us/download/dotnet/thank-you/runtime-aspnetcore-6.0.3-linux-x64-binaries

Upload aspnetcore-runtime file to /root directory and execute below command to extract dotnet runtime
cd /root
mkdir dotnet
chmod 777 dotnet ( Note : command to change directory permissions)

Extract runtime to /root/dotnet with below comand


tar -xf aspnetcore-runtime-6.0.3-linux-x64.tar.gz -C /root/dotnet

Download “XenDesktopVDA-22.03.0.18-1.el8_x.x86_64” and upload XenDesktop VDA file to /tmp directory
Note: The version used is Linux Virtual Delivery Agent 2203 an DDC version is 2112

Run below command to install VDA


sudo yum -y localinstall XenDesktopVDA-22.03.0.18-1.el8_x.x86_64.rpm

Post installation of VDA, configure the VDA with below command

/opt/Citrix/VDA/sbin/ctxinstall.sh

Input below values during configuration
• Host name of the machine on which the Linux VDA is to be installed
• IP address of DNA
• IP address of NTP Server
• Domain name – The NetBIOS name of the domain
• Realm name – The Kerberos realm name (Note: Name should be in CAPITAL LETTERS)
• Fully Qualified Domain Name (FQDN) of the domain controller

While configuring VDA, it prompts for dotnet core runtime path, set the dotnet Core Runtime path as “/root/dotnet”

Note

• As my requirement is for graphics (GPU), here I selected “Y” HDX 3D pro. Select “N” if VDI do not require Graphics
• Linux multisession does not support “HDX 3D PRO” select “NO” if requirement is for multi session and no graphics card required.
• If HDX3D pro enabled then mandatorily NIVIDIA graphics drivers are to be installed else, while launching VDA grey screen appears because Linux by default search for graphics drivers

Cross verify the below Inputs before proceed further

Post VDA Installation and configuration. Need to check the below 2 services status
systemctl status ctxvda
systemctl status ctxhdx

NVIDIA Graphics Drivers installation & vGPU license assignment

Follow below steps, if VDI has requirement to enable Graphics else ignore the steps

Prerequisite for NVIDIA Guest drivers installation: Assign GPU or vGPU to VM

Upload the NVIDIA drivers (highlighted) to /root folder

Note: Upload 2 NVIDIA guest drivers(highlighted above) into /root folder

Install the below dependencies one by one before install of NVIDIA drivers
yum install elfutils-libelf-devel libglvnd-devel
yum install gcc
yum install gcc kernel-devel
yum install gcc kernel-headers

Once successfully installed. Install NVIDIA Package with below command

bash ./NVIDIA-Linux-x86_64-450.102.04-grid.run

Note: Without NVIDIA license server assignment, VDI functionality will be minimum hence map NVIDIA license server for complete functionality.

vGPU License Server Assignment on Linux

run below command to check license status

nvidia-smi –q

Ouptut before License server assignment

To provide NVIDIA License Server on Linux workstation, edit the file gridd.conf with below steps


cd /etc/nvidia/

Create new file “gridd.conf ” by using “gridd.conf.template” file
cp gridd.conf.template gridd.conf

Edit the /etc/nvidia/gridd.conf by vi editor with below highlighted values

ServerAddress=IP Address
ServerPort=7070
FeatureType=0
EnableUI=TRUE ( uncomment by removing #)

Stop & start nvidia service for license reflection

sudo nvidia-gridd stop
sudo nvidia-gridd start

Run command nvidia-smi –q to check license status and verify logs /var/logs/messages
If license not applied then restart VM.

Post License server assignment, you should get below output

Note: My use case is to create Machine Catalog with Unmanaged hence I created catalog and assigned VM’s directly to catalog. If your use case is to create Master Image and rollout VDI with MCS, follow below Citrix KB.

URL:https://docs.citrix.com/en-us/linux-virtual-delivery-agent/current-release/installation-overview/use-mcs-to-create-linux-vms.html

KB References

Quick installation by using easy install
XD Collect Traces
Streaming Linux target devices

Spreading users over multiple Azure file shares with FSLogix Profile Containers

Inspired from https://james-rankin.com/articles/spreading-users-over-multiple-file-shares-with-fslogix-profile-containers/

Reference

James Rankin blog script created based on free space criteria but our requirement is based on user count. Below is the snippet for your reference

<# This script created for spreading users over multiple file shares with FSLogix Profile Containers
With Ref https://james-rankin.com/articles/spreading-users-over-multiple-file-shares-with-fslogix-profile-containers/
Script customized as per Citrix VDI  requirement, Azure Subscription will be connected with User Assigned Managed Idenity(UAMI) and UAMI is assigned to Citrix Master Image.
Script is added in Task Scheduler of Master Image and Machine catalog is created with "Machine Profile" option so that all cloned VDI's get UAMI property #> 

# This script count the directories in each share and FSLOgix VHD location is added based on count retrieved. We took directories count as users count can not be measured.

# This Script also created to address the Azure File Handle limit which is 10k per share 

# This script fetches directories count from MULTIPLE AZURE FILE STORAGES AND MULTIPLE SHARES

########### Set TLS 1.2 ###########

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

########### Connect Using User Assigned Managed Identity (UAMI) ###########

Connect-AzAccount -Identity -AccountId <UAMI Client ID>

########### Provide Profile Storage Account Details ###########

# Provide "Profile Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$profilestorageaccount1 = ""        
$profilestorageaccount1RG = "" 
$profilestorageaccount1shares = @(
"profile1",
"profile2"
)
# Provide "Profile Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$profilestorageaccount1sharesfullpath = @(
"\\<storageaccountname>.file.core.windows.net\profile1", 
"\\<storageaccountname>.file.core.windows.net\profile2"
)

# Provide "Profile Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$profilestorageaccount2 = ""
$profilestorageaccount2RG = ""
$profilestorageaccount2shares = @(
"profile3",
"profile4"
)
# Provide "Profile Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$profilestorageaccount2sharesfullpath = @(
"\\<storageaccountname>.file.core.windows.net\profile3",
"\\<storageaccountname>c.file.core.windows.net\profile4"
)

# Provide "Profile Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$profilestorageaccount3 = ""        
$profilestorageaccount3RG = ""      
$profilestorageaccount3shares = @(
)
# Provide "Profile Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$profilestorageaccount3sharesfullpath = @(
)

# Provide "Profile Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$profilestorageaccount4 = ""
$profilestorageaccount4RG = ""
$profilestorageaccount4shares = @(
)

# Provide "Profile Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$profilestorageaccount4sharesfullpath = @(
)

# Provide "Profile Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$profilestorageaccount5 = ""
$profilestorageaccount5RG = ""
$profilestorageaccount5shares = @(
)
# Provide "Profile Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$profilestorageaccount5sharesfullpath = @(
)


########### Provide Office Storage Account Details ###########

# Provide "Office Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$officestorageaccount1 = ""
$officestorageaccount1RG = ""
$officestorageaccount1shares = @(
"office1",
"office2"
)
# Provide "Office Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$officestorageaccount1sharesfullpath = @(
"\\<storageaccountname>.file.core.windows.net\office1",
"\\<storageaccountname>.file.core.windows.net\office2"
)

# Provide "Office Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$officestorageaccount2 = ""
$officestorageaccount2RG = ""
$officestorageaccount2shares = @(
"office3",
"office4"
)
# Provide "Office Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$officestorageaccount2sharesfullpath = @(
"\\<storageaccountname>.file.core.windows.net\office3",
"\\<storageaccountname>.file.core.windows.net\office4"
)

# Provide "Office Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values


$officestorageaccount3 = ""
$officestorageaccount3RG = ""
$officestorageaccount3shares = @(
)
# Provide "Office Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$officestorageaccount3sharesfullpath = @(
)

# Provide "Office Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$officestorageaccount4 = ""
$officestorageaccount4RG = ""
$officestorageaccount4shares = @(
)
# Provide "Office Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$officestorageaccount4sharesfullpath = @(
)

# Provide "Office Storage Account Name and Storage Resource Group Name"  else LEAVE BLANK values

$officestorageaccount5 = ""
$officestorageaccount5RG = ""
$officestorageaccount5shares = @(
)
# Provide "Office Storageaccount Shares FULL PATH" in above SHARES ORDER ONLY

$officestorageaccount5sharesfullpath = @(
)


########### Fetch the Directories in the Profile Shares ###########
$ProfileDirShareCount = @()
$profileorderedShares = @()

if($profilestorageaccount1shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $profilestorageaccount1RG -AccountName $profilestorageaccount1
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $profilestorageaccount1 -StorageAccountKey $value

    foreach($sharename in $profilestorageaccount1shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $profilestorageaccount1sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $ProfileDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($profilestorageaccount2shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $profilestorageaccount2RG -AccountName $profilestorageaccount2
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $profilestorageaccount2 -StorageAccountKey $value

    foreach($sharename in $profilestorageaccount2shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $profilestorageaccount2sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $ProfileDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($profilestorageaccount3shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $profilestorageaccount3RG -AccountName $profilestorageaccount3
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $profilestorageaccount3 -StorageAccountKey $value

    foreach($sharename in $profilestorageaccount3shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $profilestorageaccount3sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $ProfileDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($profilestorageaccount4shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $profilestorageaccount4RG -AccountName $profilestorageaccount4
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $profilestorageaccount4 -StorageAccountKey $value

    foreach($sharename in $profilestorageaccount4shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $profilestorageaccount4sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $ProfileDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($profilestorageaccount5shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $profilestorageaccount5RG -AccountName $profilestorageaccount5
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $profilestorageaccount5 -StorageAccountKey $value

    foreach($sharename in $profilestorageaccount5shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $profilestorageaccount5sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $ProfileDirShareCount += $shareSpace
        $i = $i + 1
    }
}

$SortedProfileShares = $ProfileDirShareCount | Sort-Object freespace | select share
foreach ($item in $SortedProfileShares) {
    $profileorderedShares +=  $item.Share.ToString()
}


########### Fetch the Directories in the Office Shares ###########
$OfficeDirShareCount = @()
$officeorderedShares = @()

if($officestorageaccount1shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $officestorageaccount1RG -AccountName $officestorageaccount1
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $officestorageaccount1 -StorageAccountKey $value

    foreach($sharename in $officestorageaccount1shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $officestorageaccount1sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $officeDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($officestorageaccount2shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $officestorageaccount2RG -AccountName $officestorageaccount2
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $officestorageaccount2 -StorageAccountKey $value

    foreach($sharename in $officestorageaccount2shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $officestorageaccount2sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $officeDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($officestorageaccount3shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $officestorageaccount3RG -AccountName $officestorageaccount3
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $officestorageaccount3 -StorageAccountKey $value

    foreach($sharename in $officestorageaccount3shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $officestorageaccount3sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $officeDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($officestorageaccount4shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $officestorageaccount4RG -AccountName $officestorageaccount4
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $officestorageaccount4 -StorageAccountKey $value

    foreach($sharename in $officestorageaccount4shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $officestorageaccount4sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $officeDirShareCount += $shareSpace
        $i = $i + 1
    }
}
if($officestorageaccount5shares.Count -gt 0)
{
    $i = 0
    $keys = Get-AzStorageAccountKey -ResourceGroupName $officestorageaccount5RG -AccountName $officestorageaccount5
    $value = $keys[0].Value
    $context = New-AzStorageContext -StorageAccountName $officestorageaccount5 -StorageAccountKey $value

    foreach($sharename in $officestorageaccount5shares)
    {
        $directories = Get-AzStorageFile -ShareName $sharename -Context $context
        $dircount = $directories.count
        $shareSpace = New-Object -TypeName psobject
        $path = $officestorageaccount5sharesfullpath[$i]
        $sharespace | Add-Member -membertype NoteProperty -Name Share -value $path
        $sharespace | Add-Member -membertype NoteProperty -Name freespace -value $dircount
        $officeDirShareCount += $shareSpace
        $i = $i + 1
    }
}

$SortedOfficeShares = $OfficeDirShareCount | Sort-Object freespace | select share
foreach ($item in $SortedOfficeShares) {
    $officeorderedShares +=  $item.Share.ToString()
}

########### Remove the Existing VHDLocations Available ###########
$FSLogixProfilePath="HKLM:\software\FSLogix\Profiles"
$FSLogixODFCPath="HKLM:\SOFTWARE\Policies\FSLogix\ODFC"
$FSLogixKeyName="VHDLocations"
if ((get-item -path $FSLogixProfilePath).GetValue($FSLogixKeyName) -ne $null) {
        Remove-itemProperty -path $FSLogixProfilePath -Name $FSLogixKeyName -force
} else {
        # do nothing, no key to delete
}
if ((get-item -path $FSLogixODFCPath).GetValue($FSLogixKeyName) -ne $null) {
        Remove-itemProperty -path $FSLogixODFCPath -Name $FSLogixKeyName -force
} else {
        # do nothing, no key to delete
}
########### Adding New VHDLocation for Profile ###########

### Reason for changing VHDLocation property type to Multi string value is because  that FSLogix need to searches the user profile in all shares hence to keep all shares , regkey should be Mutistring

New-ItemProperty $FSLogixProfilePath -Name $FSLogixKeyName -Value $profileorderedShares -PropertyType MultiString -Force

########### Adding New VHDLocation for Office ###########


New-ItemProperty $FSLogixODFCPath -Name $FSLogixKeyName -Value $officeorderedShares -PropertyType MultiString -Force


########### Write OutPut ###########

$folderPath="C:\Temp"

$ProfileDirShareCount | Export-csv -Path "$folderPath\Profile_Shareleastlog_$((Get-Date).ToString('MM-dd-yyyy_hh-mm-ss')).csv" -NoTypeInformation
$OfficeDirShareCount | Export-csv -Path "$folderPath\Office_Shareleastlog_$((Get-Date).ToString('MM-dd-yyyy_hh-mm-ss')).csv" -NoTypeInformation

FSLogix User profile deletion from Azure file shares

Below script is used to delete user profiles based on user logon names


# Delete the Files in Azure file share by taking input value GPN(logon) which is provided in CSV

### Az.Accounts, Az.Resources & Az.Storage modules are required to execute the script.

# To Set TLS1.2

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12  

$path="C:\Temp" ### Path for input & output files

$NTRUsers=Import-Csv $path\NTRUsersGPN.csv # Input File with UserLogonNames

write-host "NTRUsersGPN Count = $($NTRUsers.Count)"

## Connect Azure Subscription with your own method

# Connect-AzAccount -AccessToken 



#FileShare Details from which the user profiles needs to removed

$StorageAccountName="<Name>"
$fileShareName="<Share Name" # Only one fileshare at a time, to avoid the deletion of profiles in different shares.
$ResourceGroup = (Get-AzResource -Name $StorageAccountName).ResourceGroupName
$Key = Get-AzStorageAccountKey -ResourceGroupName $ResourceGroup -Name $StorageAccountName
$context=New-AzStorageContext -StorageAccountName $StorageAccountName -StorageAccountKey $Key[1].Value

$finalResult=@()
$FilesDirectory=Get-AzStorageFile -Context $context -ShareName $fileShareName 
write-host "FilesDirectory Count = $($FilesDirectory.Count)"

$i=1
foreach($FilesD in $FilesDirectory)
{
    foreach($NTRUser in $NTRUsers)
    {
        if($FilesD.Name -cmatch $NTRUser.UserGPN)
        {
            try
            {
                $Files=$FilesD|Get-AzStorageFile
                foreach($File in $Files)
                {
                    Remove-AzStorageFile -Context $context -ShareName $fileShareName -Path $File.ShareFileClient.Path
                }
                Remove-AzStorageDirectory -Context $context -ShareName $fileShareName -Path $FilesD.Name

                $obj=""|select User,Directory,Status
                $obj.User=$NTRUser.UserGPN
                $obj.Directory=$FileD.Name
                $obj.Status="Success"
                $finalResult+=$obj
            }
            catch
            {
                $obj=""|select User,Directory,Status
                $obj.User=$NTRUser.UserGPN
                $obj.Directory=$FileD.Name
                $obj.Status=$_.Exception.Message
                $finalResult+=$obj
            }         
        }
    }
    $i=$i+1
}

$finalResult | Export-Csv -Path "$path\$($fileShareName)FileSharesDeleteOutput.csv" -Append -Force -NoTypeInformation

NTFS Permission on Assignment on User profile shares

Below script used to assign NTFS permissions( List,Read,Traverse, Create/Append) for FSlogix user profiles, it provides users not to access other folders

#Below script used to assign NTFS permissions( List,Read,Traverse, Create/Append)  for FSlogix user profiles, it provides users not to access other folders
# User Groups/Users are given in input file , Keep Heading(top) GROUPS and provide groupnames under that
# Input your Storage account name and Domain Name in below script

# Whoever runs the below code, he should have full admin privilege

$permission = ":(X,RD,AD,RC)"


$Lists = Import-csv -Path "C:\temp\devgroups.csv"  #group Accounts


$shares = "<Share Name 1>,<Share Name 2>"

$sharelist = $shares.Split(",")

foreach($share in $sharelist)

 {
    $share
    $shrpath=\\<storageAccountName>.file.core.windows.net\$share

    
    foreach($list in $lists)
    {
     $UserName = $list.groups

           
        Invoke-Expression -Command ('icacls $shrpath /grant "<Domain Name>\${UserName}${permission}"')
    }
}

Azure Virtual Machine Orphaned Resources Deletion Script

Post Virtual Machine Deletion in Azure, few resources like Disk,NICs,NSG,Public IP etc.. will remain exists so use below script to cleanup all these orphaned resources

## Gather orphaned resources details using below link and use below script to delete all orphaned resources
https://github.com/scautomation/AzureResourceGraph-Examples/blob/master/resourceQueries/Orphaned%20Resources/OrphanedResource.MD

##########################DeleteOrphanedDisk##########################
$csv = Import-Csv "disk.csv" #name of csv file 

$filetim = (Get-Date).tostring("dd-MM-yyyy-hh-mm")
$Logfile = "log-deletedisk-$filetim.log"

Function LogWrite
{
   Param ([string]$logstring)

 

   Add-content $Logfile -value $logstring
}
Start-Transcript -Path $Logfile
Stop-Transcript

LogWrite " "
LogWrite " "
LogWrite "***** LogFile *****"
LogWrite " "
LogWrite " "

$csv | ForEach-Object {

$diskname = $_.NAME
$state = $_.DISKSTATE
$resourcegroup = $_.RESOURCEGROUP
$location = $_.LOCATION

if($state -like "Unattached")
{

$tim = (Get-Date).tostring("dd-MM-yyyy-hh:mm:ss")
LogWrite "$tim    -    Deleting disk $diskname in $resourcegroup of Location - $location"
Write-Host -ForegroundColor Cyan "Deleting Disk $diskname in $resourcegroup of Location - $location"
Remove-AzDisk -ResourceGroupName $resourcegroup -DiskName $diskname -Force
}
else
{
Write-Host -ForegroundColor Red "Failed to delete the disk $diskname in $resourcegroup of Location - $location since it is Attached" 
$tim = (Get-Date).tostring("dd-MM-yyyy-hh:mm:ss")
LogWrite "$tim    -   Failed to delete the disk $diskname in $resourcegroup of Location - $location since it is Attached"

}
}
#####################################################################
##########################DeleteOrphanedNICs##########################
$csv = Import-Csv "nic.csv" #name of csv file 

$filetim = (Get-Date).tostring("dd-MM-yyyy-hh-mm")
$Logfile = "log-$filetim.log"

Function LogWrite
{
   Param ([string]$logstring)

 

   Add-content $Logfile -value $logstring
}

Start-Transcript -Path $Logfile
Stop-Transcript

LogWrite " "
LogWrite " "
LogWrite "***** LogFile *****"
LogWrite " "
LogWrite " "

$csv | ForEach-Object {

$nicname = $_.NAME
$resourcegroup = $_.RESOURCEGROUP
$location = $_.LOCATION

$tim = (Get-Date).tostring("dd-MM-yyyy-hh:mm:ss")
LogWrite "$tim    -    Deleting NIC $nicname in $resourcegroup of Location - $location"
Write-Host -ForegroundColor Cyan "Deleting NIC $nicname in $resourcegroup of Location - $location"

Remove-AzNetworkInterface -Name $nicname -ResourceGroup $resourcegroup -Force

}
#####################################################################
##########################DeleteOrphanedNSGs#########################
$csv = Import-Csv "nsg.csv" #name of csv file 

$filetim = (Get-Date).tostring("dd-MM-yyyy-hh-mm")
$Logfile = "log-deleteNSG-$filetim.log"

Function LogWrite
{
   Param ([string]$logstring)

   Add-content $Logfile -value $logstring
}

Start-Transcript -Path $Logfile
Stop-Transcript

LogWrite " "
LogWrite " "
LogWrite "***** LogFile *****"
LogWrite " "
LogWrite " "

$csv | ForEach-Object {

$nsgname = $_.RESOURCE
$resourcegroup = $_.RESOURCEGROUP
$location = $_.LOCATION

$tim = (Get-Date).tostring("dd-MM-yyyy-hh:mm:ss")
LogWrite "$tim    -    Deleting NSG $nsgname in $resourcegroup of Location - $location"
Write-Host -ForegroundColor Cyan "Deleting NSG $nsgname in $resourcegroup of Location - $location"

Remove-AzNetworkSecurityGroup -Name $nsgname -ResourceGroup $resourcegroup -Force

}
#####################################################################
##########################DeleteOrphanedPiP##########################
$csv = Import-Csv "pip.csv" #name of csv file 

$filetim = (Get-Date).tostring("dd-MM-yyyy-hh-mm")
$Logfile = "log-deletePIP-$filetim.log"

Function LogWrite
{
   Param ([string]$logstring)

   Add-content $Logfile -value $logstring
}

Start-Transcript -Path $Logfile
Stop-Transcript

LogWrite " "
LogWrite " "
LogWrite "***** LogFile *****"
LogWrite " "
LogWrite " "

$csv | ForEach-Object {

$pipname = $_.NAME
$resourcegroup = $_.RESOURCEGROUP
$location = $_.LOCATION

$tim = (Get-Date).tostring("dd-MM-yyyy-hh:mm:ss")
LogWrite "$tim    -    Deleting Public IP $pipname in $resourcegroup of Location - $location"
Write-Host -ForegroundColor Cyan "Deleting Public IP $pipname in $resourcegroup of Location - $location"

Remove-AzPublicIpAddress -Name $pipname -ResourceGroupName $resourcegroup -Force

}
#####################################################################

FSLogix User Profile Size Reports

Below script used to fetch FSLogix User Profile Size Report with Az Commands

#TLS Enablement

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

# Script fetch details with Azure storage commands

$StorageAccountName="storage account Name" # Dont include file.core.windowsnet, just give storage account name
$fileShares="profile2","profile3","profile4","profile5","profile6"
$ResourceGroup = (Get-AzResource -Name $StorageAccountName).ResourceGroupName
$Key = Get-AzStorageAccountKey -ResourceGroupName $ResourceGroup -Name $StorageAccountName
$context=New-AzStorageContext -StorageAccountName $StorageAccountName -StorageAccountKey $Key[1].Value

$finalResult=@()
foreach($fileShare in $fileShares)
{
    $Files=Get-AzStorageFile -Context $context -ShareName $fileShare | Get-AzStorageFile
    write-host "$($fileShare) Count = $($Files.Count)"
    $i=1
    $Files | ForEach-Object{
    Write-Host "Executing File $i"
    $File=$_.ShareFileClient.Path
    #$FileDetails=Get-AzStorageFile -Context $context -ShareName $fileShareName -Path $File
    #$obj=""|select UserGPN,UserSID,File,SizeInMB,LastModified
    $obj=""|select FileShare,UserGPN,UserSID,File,SizeInMB
    $obj.FileShare=$fileShare
    $obj.UserGPN=($File.Split("/")[0]).Split("_")[0]
    $obj.UserSID=($File.Split("/")[0]).Split("_")[1]
    $obj.File=$_.Name
    $obj.SizeInMB=$_.Length/1024/1024
    #$obj.LastModified=$FileDetails.LastModified
    $finalResult+=$obj
    $i=$i+1
    }
}

$finalResult | Export-Csv -Path C:\Temp\$StorageAccountName"_ProfileSizes_$(get-date -Format yyyyMMdd_hhmmss)".csv -NoTypeInformation

Below script used to fetch FSLogix User Profile Size Report after mapping Azure file share as a Network Drive

Firstly, Map the Azure file share as Mapped Drive and execute below script


$Date = Get-Date -Format dd-MM-yyyy
$FSLogixShareUsers = Get-ChildItem -Recurse -Path "\\<StorageAccountName>.core.windows.net\<Share Name>" | Where-Object {$_.Name -like "*.VHDX"}
ForEach($User in $FSLogixShareUsers){
    $Username = ($User.Name).Split('_')[1] | ForEach{$_.SubString(0,$_.length-5)}
    $Profile = ($User.Length | Measure-Object -Sum).Sum /1GB | Out-String
    $ProfileSize = $Profile | ForEach{$_.SubString(0,$_.Length-8)+"GB"}
    $Report = New-Object PSObject # Creates a Custom Report #
    $Report | Add-Member -MemberType NoteProperty -Name Username -Value $Username
    $Report | Add-Member -MemberType NoteProperty -Name ProfileSize -Value $ProfileSize
    $Report | Export-Csv -NoTypeInformation -Append -Path ('C:\reports\FSLogix_Share_Report_profilecontainer'+$Date+'.csv')
}
$FSLogixShare = ((Get-ChildItem -Recurse -Path "\\<StorageAccountName>.core.windows.net\<Share Name>" | Where-Object {$_.Name -like "*.VHDX"} | Measure-Object Length -Sum).Sum /1GB) | Out-String
$FSLogixShareSize = $FSLogixShare.Split('.')[0]+"GB"

Unable to install Azure/NuGet provider for PowerShell Modules

Thanks to Ali Tajran for helping below content

We need to install the Azure PowerShellGet module. The problem is that we are unable to install NuGet provider and a couple of errors are showing. Warning unable to download from URI, unable to download the list of available providers. After the errors, it did not install. In this article, you will learn why this is happening and the solution for installing NuGet provider for PowerShell.

Install-Module Az.Accounts

Based on above error, tried below commands to install NuGet Provider for Powershell

Run PowerShell as administrator. Run the command Install-Module PowershellGet -Force. When asked to install NuGet provider, press Y and follow with Enter.

After pressing Y and follow with Enter, the output is giving us the following warnings.

  • WARNING:  Unable to download from URI.
  • WARNING: Unable to download the list of available providers. Check your internet connection.
  • Unable to find package provider ‘NuGet’. It may not be imported yet.

OR , you will not able t

Why are we getting this error and what is the solution for unable to install and download NuGet provider?

Find PowerShell version

Find the PowerShell version that is running on the system. We are going to use the Get-Host cmdlet in Windows Server 2016.

Check Transport Layer Security protocols

PowerShell 5.1 enables SSL 3.0 and TLS 1.0 for secure HTTP connections by default. Let’s confirm that with the next step.

Check the supported security protocols on the system.

[PS] C:\>[Net.ServicePointManager]::SecurityProtocol
Ssl3, Tls

As we can see, the security protocols defined in the system are SSL 3.0 and TLS 1.0. Both of the security protocols are deprecated.

Follow below steps to resolve the above error

First, check the SSL version with below command


Solution for unable to install NuGet provider for PowerShell


Now that we gathered all the information, we are going to enable TLS 1.2 on the system. Run both cmdlets to set .NET Framework strong cryptography registry keys. After that, restart PowerShell and check if the security protocol TLS 1.2 is added

The first cmdlet is to set strong cryptography on 64 bit .Net Framework (version 4 and above).

Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Wow6432Node\Microsoft.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type Dword

The second cmdlet is to set strong cryptography on 32 bit .Net Framework (version 4 and above).

Set-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft.NetFramework\v4.0.30319’ -Name ‘SchUseStrongCrypto’ -Value ‘1’ -Type Dword

Restart Powershell and check for supported security protocols.


Run again Install-Module Az.Accounts

Post installation, Import Modules ( Installed Modules can be seen in C:\Program Files\WindowsPowerShell\Modules)

Similarly do for Azure storage modules

Conclusion:

In this article, we learned why we are unable to install Azure &NuGet provider for PowerShell. The solution to this problem is configuring TLS1.2 or higher on the system. After that, you can install NuGet & Azure Modules for PowerShell

« Older posts

© 2022 Tech Blog

Theme by Anders NorenUp ↑