How to set Citrix XenApp 7.6 Policies with PowerShell

I was recently asked how to create Citrix policies with PowerShell and I must admit that it took me some time to figure it out. If you search for solutions you get only a few hints on how to do it. The best hint came from Ingmar Verheij (https://www.ingmarverheij.com/set-citrix-policies-via-powershell/) but things changed a little but with the latest XenApp and XenDesktop versions.

Why should we use PowerShell to create Citrix Policies?
Lets start with some words why you should use PowerShell and why you should use Citrix Policies without setting them by Group Policy. PowerShell gives us the possibility to create baseline policies for a whole bunch of customers and you can parameterize your installations or you can recreate your homelab automatically.
And… processing local policies should be much faster (I will recheck that argument shortly by comparing the logon duration between locally set Citrix Policies and GPOs).

Now let me explain how to do it:

First of all switch to the following location (you should be doing this on a Controller):

cd "C:\Program Files (x86)\Citrix\Scout\Current\Utilities"

Then import the PowerShell module:

import-module "C:\Program Files (x86)\Citrix\Scout\Current\Utilities\Citrix.GroupPolicy.Commands.psm1"

Let´s check if it is loaded:

get-module

ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Script     0.0        Citrix.GroupPolicy.Commands         {Add-CtxGroupPolicyFilter, Export-CtxGroupPolicy, Get-CtxG...
Manifest   3.1.0.0    Microsoft.PowerShell.Management     {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Con...
Manifest   3.1.0.0    Microsoft.PowerShell.Utility        {Add-Member, Add-Type, Clear-Variable, Compare-Object...}

Looking good. Although the Version 0.0 doesn’t produce much confidence.

Now let´s check what commands are available:

get-command -Module Citrix.GroupPolicy.Commands

CommandType     Name                                               ModuleName
-----------     ----                                               ----------
Function        Add-CtxGroupPolicyFilter                           Citrix.GroupPolicy.Commands
Function        Export-CtxGroupPolicy                              Citrix.GroupPolicy.Commands
Function        Get-CtxGroupPolicy                                 Citrix.GroupPolicy.Commands
Function        Get-CtxGroupPolicyConfiguration                    Citrix.GroupPolicy.Commands
Function        Get-CtxGroupPolicyFilter                           Citrix.GroupPolicy.Commands
Function        Import-CtxGroupPolicy                              Citrix.GroupPolicy.Commands
Function        New-CtxGroupPolicy                                 Citrix.GroupPolicy.Commands
Function        Remove-CtxGroupPolicy                              Citrix.GroupPolicy.Commands
Function        Remove-CtxGroupPolicyFilter                        Citrix.GroupPolicy.Commands
Function        Set-CtxGroupPolicy                                 Citrix.GroupPolicy.Commands
Function        Set-CtxGroupPolicyConfiguration                    Citrix.GroupPolicy.Commands
Function        Set-CtxGroupPolicyFilter                           Citrix.GroupPolicy.Commands

We need to create a new PSdrive before we can move on:

new-psdrive -name LocalFarmGpo -psprovider CitrixGroupPolicy -controller localhost \

Name           Used (GB)     Free (GB) Provider      Root                                               CurrentLocation
----           ---------     --------- --------      ----                                               ---------------
LocalFa...                             CitrixGrou... LocalFarmGpo:\

You should name it exactly like shown above (LocalFarmGpo) because for some reason all the functions in the PSM1 module are hardcoded to that PSDrive. Otherwise you will get errors. Here´s the link to the online documentation: https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-5/cds-sdk-wrapper-rho.html.

See if it´s there:

Get-PSDrive

Name           Used (GB)     Free (GB) Provider      Root                                               CurrentLocation
----           ---------     --------- --------      ----                                               ---------------
Alias                                  Alias
C                  19,61         40,04 FileSystem    C:\                                     Users\Administrator.MACPRO
Cert                                   Certificate   \
D                                      FileSystem    D:\
Env                                    Environment
Function                               Function
HKCU                                   Registry      HKEY_CURRENT_USER
HKLM                                   Registry      HKEY_LOCAL_MACHINE
LocalFa...                             CitrixGrou... LocalFarmGpo:\
LocalGpo                               CitrixGrou... LocalGpo:\
Templates                              CitrixGrou... Templates:\
Variable                               Variable
WSMan                                  WSMan
XDHyp                                  Citrix.Hyp... XDHyp:\

Now we can check how to create a new Citrix policy:

get-help New-CtxGroupPolicy

NAME
    New-CtxGroupPolicy

SYNOPSIS
    Creates group policies.

SYNTAX
    New-CtxGroupPolicy [-PolicyName]  [-Type]  [-Description ] [-Enabled ] [-Priority
    ] [-DriveName ] [-WhatIf] [-Confirm] []

DESCRIPTION
    This cmdlet creates group policies using the Citrix.Common.GroupPolicy provider.

RELATED LINKS
    Set-CtxGroupPolicy
    Remove-CtxGroupPolicy

REMARKS
    To see the examples, type: "get-help New-CtxGroupPolicy -examples".
    For more information, type: "get-help New-CtxGroupPolicy -detailed".
    For technical information, type: "get-help New-CtxGroupPolicy -full".
    For online help, type: "get-help New-CtxGroupPolicy -online"

Okay…

Everything is working and we do know how to create a new GPO:

New-CtxGroupPolicy Test-Policy user

Diving into it:

cd LocalFarmGpo:\

We can now jump into user or computer settings.

Set-CtxGroupPolicyConfiguration Test-Policy user SessionClipboardWriteAllowedFormats Enabled

If you only want to see the settings for a specific Policy you can run:

Get-CtxGroupPolicyConfiguration Test-Policy -ConfiguredOnly

If you want to know all the settings you can set, run the following command:

Get-CtxGroupPolicyConfiguration

This is what it looks like:

Here´s a handy little script that manages loading the Module and creating the PSdrive. You can dive directly with it into the local policies:

# Variables for GPO creation
$PolicyName = Read-Host "Please insert the name of the local Citrix Group Policy you want to create"
$Scope = Read-Host "Please insert the scope of the Policy (user or computer)"

# Import the Module
import-module "C:\Program Files (x86)\Citrix\Scout\Current\Utilities\Citrix.GroupPolicy.Commands.psm1"

# Create the PSDrive
new-psdrive -name LocalFarmGpo -psprovider CitrixGroupPolicy -controller localhost \

# Some commands to get you started...

# Get the available Policies
# Get-CtxGroupPolicy

# Create a new Policy
# New-CtxGroupPolicy $PolicyName $Scope

# Command to retrieve all the configurable items
# Get-CtxGroupPolicyConfiguration

 $obj = Get-CtxGroupPolicyConfiguration $PolicyName $Scope
    PS C:\> $obj.SessionClipboardWriteAllowedFormats = "Enabled"
    PS C:\> Set-CtxGroupPolicyConfiguration $obj
#>

# Configurable Policy Settings

There are tons of configuration items you can configure that way. If you know how to do it it seems like a straight forward process.

Cheers,
Sinisa

Blog - Kommentar verfassen

Cookies müssen aktiviert sein.

---

Bitte haben Sie Verständnis, dass die Abgabe eines Kommentares nur möglich ist, wenn Sie die Cookies akzeptieren.

Weitere Informationen erhalten Sie in der

Datenschutzerklärung

Cookies akzeptieren

Name*

Email*

Kommentar*

750 weitere Zeichen verfügbar

Sicherheitsabfrage *

Bitte geben Sie die Zeichenfolge ein:

 

Senden