We will need to create a Group Policy Object that applies certain settings to PVS Target Devices only. These settings include disabling the AD machine account password change, as this will be handled by the PVS server. In addition it includes redirecting the Event Logs to the persistent local drive (i.e. D:\). To do this, complete the following steps:
Citrix PVS 7.6 Install – Part 5: Group Policy for PVS Target Devices
This is part 5 in the Citrix Provisioning Services 7.6 installation and configuration guide. In this article we be configuring a new group policy object (GPO) that will need to be applied to all PVS target machines.
Quick Links
Here are the links to each of the articles that make up this series:
- Citrix PVS 7.6 Install & Configuration Guide – Introduction
- Citrix PVS 7.6 Install & Configuration Guide – Part 1: Installing PVS Server
- Citrix PVS 7.6 Install & Configuration Guide – Part 2: Configuring PVS Server
- Citrix PVS 7.6 Install & Configuration Guide – Part 3: Configuring DHCP for Citrix PVS PXE
- Citrix PVS 7.6 Install & Configuration Guide – Part 4: Creating a Capture VM
- Citrix PVS 7.6 Install & Configuration Guide – Part 5: Group Policy for PVS Target Devices
- Citrix PVS 7.6 Install & Configuration Guide – Part 6: Preparing for Image Capture
- Citrix PVS 7.6 Install & Configuration Guide – Part 7: Capturing the PVS Image
- Citrix PVS 7.6 Install & Configuration Guide – Part 8: Installing Virtual Delivery Agent on the PVS Image
- Citrix PVS 7.6 Install & Configuration Guide – Part 9: Preparing for Production use
- Citrix PVS 7.6 Install & Configuration Guide – Part 10: Creating new PVS Target Devices
- Citrix PVS 7.6 Install & Configuration Guide – Part 11: Creating a PVS-Enabled Machine Catalog
- Citrix PVS 7.6 Install & Configuration Guide – Part 12: Creating a Delivery Group
- Citrix PVS 7.6 Install & Configuration Guide – Part 13: Testing Published Applications
Step-by-Step Guide
1. Log onto your Domain Controller (or a machine with AD tools installed) as a domain administrator
2. Launch Active Directory Users and Computers
3. Create a new OU that will contain all of your PVS Target Devices’ AD Computer Accounts
Note: We are creating a new OU so that it will be easy to apply the Group Policy to just the PVS Target Devices and not any other machines. If you are using PVS with multiple images and would like to seperate your PVS Target Devices into seperate OUs then this is not a problem, as you can easily link and existing GPO to mulitple OUs.
4. Move the PVS Capture VM AD computer account (i.e. WP-CTXAPP-V02) into the new OU you created
5. Here is the OU I created called “PVS Servers” with the PVS target device AD computer account as a member
6. Close Active Directory Users and Computers
7. Launch Group Policy Management and navigate to the new OU you created (i.e. PVS Servers)
8. Right-click the OU and select “Create a GPO in this domain, and Link it here”
9. From the New GPO dialog box, enter a name for the GPO and click OK
10. Right-click the new GPO and select Edit
11. Disable Active Directory Machine Account password changes (as this will be handled by the Citrix PVS 7.6 server)
To do this, complete the following:
- Navigate to Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Local Policies >> Security Options
- Double click the “Domain member: Disable machine account password changes” policy
- Enable the policy
- Click OK to the policy dialog box to save changes
12. Redirect the Event Logs to the D: drive
To do this, complete the following:
-
Navigate to Computer Configuration >> Policies >> Administrative Templates >> Windows Components >> Event Log Service >>
- Double click the “Control the location of the log file” policy
- Enable the policy and configure it to point to D:\Event_Log_name.evtx
- Click OK to the policy dialog box to save changes
- Repeat the steps above for each of the Event Logs (i.e. Application, Security, Setup, and System)
13. Close the GPO and exit Group Policy Management
14. Reboot the PVS Capture VM (i.e. WP-CTXAPP-V02) and ensure the GPO was applied
To check what GPOs have been applied to a machine, complete the following:
- Log into the PVS Capture VM as an administrator
- Launch Command Prompt (Admin)
- Run “gpresult /r” from the command prompt
- Check the Computer Settings >> Applied Group Policy Objects to ensure the GPO was applied (see screenshot below as an example)
Next article…
The next article coming up in the series is: Citrix PVS 7.6 Install & Configuration Guide – Part 6: Preparing for Image Capture.
Do know if there are any specific steps that need to be done when configuring PVS in seperate domain than its target devices? I found ctx134971 but it does not give any steps on regarding PVS and i didn’t find anything in the PVS support documentation. Please send me any links you may have on the topic or any advise on how to do it.
Hi Jim,
Sorry about the delay in reply, I have had some personal circumstances recently that I have had to deal with. To be honest I have never seen an implementation like that and I have never tried it myself. I think the issue you will have is that PVS manages the AD computer account for the targets, so I would say that would need to be in the same domain.
Sorry I couldn’t be of more help
Luca
It should be evtx instead of etvx.
Hi Adam,
Good pick up, thanks! This has been fixed.