This Article should be leveraged when considering the required permissions for Citrix's Machine Creation Services (MCS). Additionally, this article includes information on how to audit the progress and actions taken during the Machine Creation process.

---

Instructions

AD OU Permissions needed for MCS\VDA Creation process.

 Note: Citrix suggests to create a new Active Directory OU for the Virtual Delivery Agents (VDA) and not use standard Microsoft ones like Default or Computers.
 

• Create an Active Directory OU for the VDA Machines
  • 

Appropriate user access permissions are given for successful machine creation.

Note: During initial setup, use Delegation Control Wizard to keep permissions to minimum use. Permission must be given for the DDC Administrator to create machines in a different forest in a specific Organizational Unit (OU). The following minimum permission can be given for successful machine creation:

• Open Active Directory Users and Computers Microsoft Management Console (MMC).
• Right-click your OU and select Delegate Control.
• On the first screen, click Next.
• In the Users & Groups screen, click Add and pick a user or group you want to delegate rights to and click Next.
  • The best practice is to assign a group rather than a single user, as it is easier to manage and audit.
• In the Tasks to Delegate screen, select Create a custom task to delegate and click Next.
• In the Active Directory Object Type screen, select Only the following objects in folder and select Computer objects.

 

The above mentioned sample code is provided to you as is with no representations, warranties or conditions of any kind. You may use, modify and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that (a) the sample code may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the sample code fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the sample code. In no event should the code be used to support ultra-hazardous activities, including but not limited to life support or blasting activities. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SAMPLE CODE, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Although the copyright in the code belongs to Citrix, any distribution of the sample code should include only your own standard copyright attribution, and not that of Citrix. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the sample code.