Install and usage of CitrixGroupPolicyManagement_x64.msi on a non-Domain Controller – standalone server system

Install and usage of CitrixGroupPolicyManagement_x64.msi on a non-Domain Controller – standalone server system

book

Article ID: CTX331116

calendar_today

Updated On:

Description

This article can be used to detail the instructions on how to install and use the Citrix Group Policy Management on a Non-Domain Controller Machine

Instructions

General Steps performed:
  1. Disable IE ESC from Server Manager as well as UAC.
  2. Add Roles and features to OS for MS Group Policy from Server Manager.
  3. Install the latest C++ library:
  4. https://support.microsoft.com/en-us/topic/the-latest-supported-visual-c-downloads-2647da03-1eea-4433-9aff-95f26a218cc0
    • Citrix.com CVAD Download ISO CD for Group Policy MSI.
  5. Download the latest Remote PoSH SDK.
  6. Install Group Policy MSI, then install PoSH SDK, reboot once completed
  7. Logged into the OS with an Enterprise or Domain Admin which is also a local OS admin, run GPMC.msc
  8. Attempt to add a New AD Policy and Add to Delivery Group and supply the Controller of the Cloud Connector system.
  9. At this point the Cloud Auth prompt will appear for you to logon, once completed the drop down for Delivery Groups should populate.
Note: Ensure to download the entire ISO CD from the following releases for use: CVAD 1912CU3 or 2012 as the .MSI installer is available within the ISO CD.
\x64\Citrix PolicyCitrixGroupPolicyManagement_x64.msi
 
  • On the standalone server system you plan to use, you will need to add your Enterprise or Domain admin into the local Remote Desktop Group and local Administrators group so you could then RDP into the system to run GPMC.msc to manage the AD policies, this will also require a Domain admin Auth prompt to proceed further.   
  • As a test Create a New Policy and just add a policy like the Cloud Connector policy option.
    • ​​​​​​​image.png
 
  • Now Filter on Delivery Group and this will require you to Auth into your Citrix Cloud account
  • Supply the Cloud Connector address for the Controller value.
    • ​​​​​​​image.png
    • ​​​​​​​image.png
  • Note: If you don't complete the authentication, the Cloud Auth prompt won't popup again unless you re-start GPMC.msc again from a clean state. If by chance you receive this message, just use the “X” to close this dialog.
    • ​​​​​​​image.png
 
  • After you Auth into your Cloud account then Delivery Group drop down should now be available to Enumerate for selection.
    • ​​​​​​​image.png
 
  • From a VDA, logon and run gpupdate /force to get the new policy or you could wait for AD replication of 15min.
 
  • You can also run gpresult /r from a cmd prompt to see the AD Policy.
    • ​​​​​​​image.png
  • Within the VDA you can also search for the policy name in regedit and ensure it exists.  
    • ​​​​​​​​​​​​​​image.png



Manage Citrix Cloud Policies using Powershell

Note: Do not install the installers on a Cloud Connector or any other Citrix based system, however these two installers can be used together. More Examples will be available in Docs.citrix.com
  1. Download and install the latest Citrix Remote PoSH SDK
    • (Note-This installs the latest .NET installer)
    • Make sure to reboot the system after the SDK gets installed
  2. Download and install the Citrix Group Policy Management MSI installer from CVAD ISO CD.
  3. Ensure to download the entire ISO CD from the following releases for use:
    • CVAD 1912CU3 or 2012 as the .MSI installer is available within the ISO CD.
    • \x64\Citrix PolicyCitrixGroupPolicyManagement_x64.msi
    • Once you download this, Mount it from Explorer and then you can search and install the following MSI Installer:
      • \x64\Citrix PolicyCitrixGroupPolicyManagement_x64.msi​​​​​​​
        • (Note-The Citrix Group Policy provider requires the Visual C++ 2015 runtime libraries.)
        • image.png
  4. Launch PowerShell prompt as Admin.
  5. Run the Following commands in order:
    • Add-PSSnapin citrix*
    • Get-XdAuthentication
    • Add-PSSnapin Citrix.Common.GroupPolicy
    • Get-BrokerController   #Note the DNSName as this will be used for -Controller value
    • New-PSDrive Site -PSProvider CitrixGroupPolicy -Controller "Y410-37-1.prodcp2.local"
      • Note – the Controller address changes roughly every 2 months or less, so it is not advised to hard code this into any scripts.
  6. ​​​​​​​​​​​​​​Go to the user policy:
    • CD Site:\User
  7. Go to the Computer policy:
    • CD Site:\Computer​​​​​​​
  8. Run a dir or ls command to see your policies
    • ​​​​​​​PS>cd Site:\User\Unfiltered
    • PS>Set-ItemProperty . –Name Enabled –Value False

Here the user policy Unfiltered is set to disabled.

----------------------------------------------------------------------------------------------------------------------------------
##User Settings
  • Add-PSSnapin citrix*
  • Get-XdAuthentication
  • Add-PSSnapin Citrix.Common.GroupPolicy
  • Get-BrokerController #Note the DNSName as this will be used for -Controller value
  • New-PSDrive Site1 -PSProvider CitrixGroupPolicy -Controller "Y410-51-1.prodcp2.local"
  • Root: cd Site:\User
  • cd Site1
  • dir
  • cd "policy name"
  • Set-ItemProperty . -Name Enabled -Value False
  • dir

##Computer Settings
  • Add-PSSnapin citrix*
  • Get-XdAuthentication
  • Add-PSSnapin Citrix.Common.GroupPolicy
  • Get-BrokerController #Note the DNSName as this will be used for -Controller value
  • New-PSDrive Site2 -PSProvider CitrixGroupPolicy -Controller "Y410-51-1.prodcp2.local"
  • Root: cd Site:\Computer
  • cd Site2
  • dir
  • cd "policy name"
  • Set-ItemProperty . -Name Enabled -Value False
  • Dir

  •  

Environment

This software application is provided to you as is with no representations, warranties or conditions of any kind. You may use and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that: (a) the software application may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the software application fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the software application. In no event should the software application be used to support ultra-hazardous activities, including but not limited to life support or blasting activities. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SOFTWARE APPLICATION, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the software application.

Additional Information

https://support.microsoft.com/en-us/topic/the-latest-supported-visual-c-downloads-2647da03-1eea-4433-9aff-95f26a218cc0
Powered by Wolken Software