How to Change Citrix Studio Default Use Port (80) to Custom Port

How to Change Citrix Studio Default Use Port (80) to Custom Port

book

Article ID: CTX232520

calendar_today

Updated On:

Description

The FMA services in XenDesktop 7.x use port 80 for communication by default. For security reasons, Customers may want to change the default use port (80) to custom port so that they can access Citrix Studio by using custom port.

Instructions

This is possible with the following PowerShell script. The below script will change the addresses of all FMA services and The service instances will also be re-registered with Central Configuration Service (CCS) to update it with the new addresses.

function ChangeSDKAddress {

    param ([string] $servicePrefix,
           [string] $servicePath,
           [string] $newPort,
           [string] $newAdminAddress,
           [string] $configServiceAdminAddress)
 
    # Get a list of the old service instances. These will be replace with the new service address (including the new port)
    $serviceInstanceCmd = "Get-ConfigRegisteredServiceInstance -AdminAddress {0} -InterfaceType SDK -ServiceType {1}" -f $configServiceAdminAddress, $servicePrefix
    write-host $serviceInstanceCmd
    $oldServiceInterfaces = Invoke-Expression $serviceInstanceCmd
 
    # Change the port number of the services
    $cmd = "&'{0}\{1}' {2} {3}" -f $xenDesktopInstallPath, $servicePath, "/SDKPort", $newPort
    write-host $cmd
    Invoke-Expression "$cmd"
 
    # Wait for the service to boot (just a precaution, the service should have started before the last command exited)
    sleep 20
 
    # Register the new service instances (these have the new address)
    $serviceInstanceCmdFormatString = "Get-{0}ServiceInstance -AdminAddress {1} | Where-Object -Property InterfaceType -Value Sdk -EQ" 
    $serviceInstanceCmd = $serviceInstanceCmdFormatString  -f $servicePrefix, $newAdminAddress 
    write-host $serviceInstanceCmd
    $newServiceInterfaces = Invoke-Expression $serviceInstanceCmd
 
    $oldServiceInterfaces | Unregister-ConfigRegisteredServiceInstance -AdminAddress $newAdminAddress
    $newServiceInterfaces | Register-ConfigServiceInstance -AdminAddress $newAdminAddress
}
 
 
$xenDesktopInstallPath = "C:\Program Files\Citrix"
$newPort = EnterNewPortNumberHere
$oldAdminAddress = "localhost"
$newAdminAddress = $oldAdminAddress + ":" + $newport
 
$services = @{
     "Acct"       = "AdIdentity\Service\Citrix.ADIdentity.exe";
     "Config"    =  "Configuration\Service\Citrix.Configuration.exe"
     "Hyp"        = "Host\Service\Citrix.Host.exe"
     "Applib"    = "AppLibrary\Service\Citrix.Applibrary.exe";
     "Analytics"  = "Analytics\Service\Citrix.Analytics.exe";
     "Broker"     = "Broker\Service\BrokerService.exe";
     "Log"        = "ConfigurationLogging\Service\Citrix.ConfigurationLogging.exe";
     "Admin"      = "DelegatedAdmin\Service\Citrix.DelegatedAdmin.exe";
     "EnvTest"    = "EnvTest\Service\Citrix.EnvTest.exe";
     "Prov"       = "MachineCreation\Service\Citrix.MachineCreation.exe";
     "Monitor"    = "Monitor\Service\Citrix.Monitor.exe";
     "Orch"       = "Orchestration\Service\Citrix.Orchestration.exe";
     "Sf"         = "Storefront\Service\Citrix.Storefront.exe";
     "Trust"       = "Trust\Service\Citrix.Trust.exe";
}
 
asnp *citrix*
 
ChangeSDKAddress "Config" "Configuration\Service\Citrix.Configuration.exe" $newPort $newAdminAddress $oldAdminAddress
 
foreach ($serviceName in $services.Keys)
{
    ChangeSDKAddress $serviceName $services[$serviceName] $newPort $newAdminAddress $newAdminAddress
}
 

The script would allow any computer to access the Delivery Controller (local and remote) using the new port number. Just take notice of below variables:

$XenDesktopInstallPath = "C:\Program Files\Citrix"
$newPort = NewPortNumber
$oldAdminAddress = "localhost"
$newAdminAddress = $oldAdminAddress + ":" + $newport

Since the script has localhost as the value for comms assuming we are executing this script locally on the DDC. "Localhost" is used used to point the script to a DDC, it will not be set as any configuration. The port number would be the only thing that changes.

In 7.12+ XenApp/XenDesktop site where the DDC(s) and VDAs have been configured to communicate over a non-default port by following above steps, if the site goes into outage (Local Host Cache) mode due to the database being unavailable, VDAs will fail to re-register with the DDC(s).
From each DDC run the following command:

C:\Program Files\Citrix\Broker\Service\HighAvailabilityService.exe –VdaPort <CORRECT PORT #>

Where CORRECT PORT is the non-default port you have configured per and to match that which is configured for BrokerService.exe.
 

Note:
1. Opening XenDesktop Studio after port modification, the Studio queries for the delivery controller address which must be specified, including the new port       <DeliveryControllerAddress>:<port >“.
 
2. Citrix recommends to take snapshot of controllers and backup of the database before making above changes.

3. This change must be performed on each controller within the XenDesktop 7.9 site. Citrix strongly recommends you to configure all controllers within the XenDesktop site     equally.

4. Make sure port 80 is still allowed or added to firewall exceptions between all the delivery controllers for inter service communication and PVS servers. For example, Host service uses SDK port 80 to call HCL(Hypervisor Connection Library) to establish successful communication between PVS servers -> Delivery Controllers and hypervisor. This is required to create new hosting connection and to retain power state of virtual machines. 

Environment

The above mentioned sample code is provided to you as is with no representations, warranties or conditions of any kind. You may use, modify and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that (a) the sample code may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the sample code fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the sample code. In no event should the code be used to support ultra-hazardous activities, including but not limited to life support or blasting activities. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SAMPLE CODE, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Although the copyright in the code belongs to Citrix, any distribution of the sample code should include only your own standard copyright attribution, and not that of Citrix. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the sample code.
Powered by Wolken Software