Last Updated on December 25, 2020
Citrix Director 1912 LTSR Installation and Configuration is the fifth article in Citrix Virtual Apps and Desktop 7 1912 LTSR Installation and Configuration Series.
Citrix Virtual Apps and Desktops 7 1912 LTSR Installation and Configuration
- Citrix License Server installation for Citrix virtual Apps and Desktops 7 1912 LTSR
- Citrix Delivery Controller 1912 LTSR Installation and Configuration
- Citrix Storefront 1912 LTSR Installation and Configuration
- Citrix Virtual Delivery Agent (VDA) 1912 LTSR Installation and Configuration
- Citrix Desktop Director 1912 LTSR Installation and Configuration
Following Topics are covered in this article
- SCOM Management Packs
- SSL Certificate
- Citrix Director 1912 LTSR Installation
- Disable “You are not using a secure Connection“
- Bind SSL Certificate to HTTPS in IIS
- Citrix Director HTTP Redirect
- Google Analytics
SCOM Management Packs
Citrix SCOM Management Packs for XenApp and XenDesktop, Provisioning Services, and StoreFront have been phased out in 1912 LTSR. It means that after June 2020, you must remove any SCOM Management Pack from your Citrix Virtual Apps and Desktops 7 1912 LTSR site to keep your LTSR support and benefits. Read more about the deprecated features at Removed Features.
Citrix SCOM Management Pack | Notice of Change | EOM | EOL |
Citrix SCOM Management Pack for XenApp and XenDesktop | Dec 14 2019 | March 2020 | June 2020 |
Citrix SCOM Management pack for Provisioning services | Dec 14 2019 | March 2020 | June 2020 |
Citrix SCOM Management pack for Store Front | Dec 14 2019 | March 2020 | March 2020 |
The alternative is to use Citrix Director 1912 LTSR for monitoring and managing your deployment. Remember! SCOM Management Packs are available to be downloaded for Premium customers that is why Director is an alternative of SCOM for premium customers only. CVAD premium license (platinum) provides following extra features. Visit Citrix Director Version Matrix for the full list.
- Desktop probing
- Hypervisor Alerts Monitoring
- Application probing
- Key RTOP Data display
- Application probing
- Smart alert policies
- Custom Reporting
- Alerting extended for CPU, memory and ICA RTT conditions
- Integration with Citrix ADM
- Proactive monitoring and alerting
- SCOM integration
- Single-session and Multi-session OS Usage
- Session recording integration
SSL Certificate for Citrix Director 1912 LTSR
Since Director is in internal network, I am going to use internal authority to issue the SSL certificate. Please understand that the SSL certificate issued to the hostname of the Director Server will only secure the communication between director and the endpoint.
- If you want to secure communications between Director and Citrix Virtual Apps and Desktops servers (for monitoring and reports) then refer to Data Access Security.
- If you want to secure communications between Director and Citrix ADC (for Citrix Insight) then refer to Configure network analysis.
- If you want to secure communications between Director and License server then refer to secure the License Administration Console.
- Open Run / Certlm.msc
- Right click on Personal Certificate store. Select All Tasks and click on Request New Certificate
![Certificate Manager](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Certificate-Manager.png?resize=502%2C299&ssl=1)
- Click on Next in Before you Begin window
![Citrix Director 1912 LTSR Certificate Enrollment Before you begin](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-Certificate-Enrollment-Before-you-begin.png?resize=627%2C459&ssl=1)
- Select the Enrollment Policy. Expand Details and click on Properties. I am using a Web Server Template with Application Policies set to Server Authentication, Key type as RSA, Key size as 2048 Bits and Private Key is not exportable
![Certificate Enrollment Policy](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Certificate-Enrollment-Policy-1.png?resize=619%2C449&ssl=1)
![Certificate Enrollment Policy Properties](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Certificate-Enrollment-Policy-Properties-1.png?resize=625%2C461&ssl=1)
- Give a Friendly Name in General Tab.
![Certificate Properties General tab](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Certificate-Properties-General-tab-1.png?resize=501%2C510&ssl=1)
- Switch to Subject tab. Select Common name in Type drop down under Subject name. Type the FQDN of the Director Server and click on Add>. Click on Apply and then OK
![Certificate Properties Subject tab](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Certificate-Properties-Subject-tab-1.png?resize=500%2C510&ssl=1)
- Click on Enroll
![Certificate Enrollment Policy Properties](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Certificate-Enrollment-Policy-Properties-1.png?resize=625%2C461&ssl=1)
- Notice that enrollment was successful, enrollment request was auto-approved and the certificate has been installed in Personal Certificate Store of the local computer
![Certificate Store Personal Store Installed Certificate](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Certificate-Store-Personal-Store-Installed-Certificate.png?resize=640%2C139&ssl=1)
Citrix Director 1912 LTSR Installation
- Mount the ISO and go the mounted drive
- Right click on Autoselect.exe and select Run as Administrator
- CVAD Meta Installer will open up. Click on Citrix Director
![Citrix Director 1912 LTSR Installation Meta Installer](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-Installation-Meta-Installer.png?resize=640%2C471&ssl=1)
- Select I have read, understand, and accept the terms of the license agreement. Click on Next
![Citrix Director 1912 LTSR Installation License Agreement](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-Installation-License-Agreement.png?resize=640%2C480&ssl=1)
- Add Delivery Controller(s). If you configured multiple Citrix sites then you can add one Controller for each site. Citrix Director 1912 LTSR or any Director can auto detect other Delivery Controllers within a Site.
![Citrix Director 1912 LTSR Installation Delivery Controllers](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-Installation-Delivery-Controllers.png?resize=640%2C480&ssl=1)
- Select Automatically under Configure firewall rules. Click on Next
![Citrix Director 1912 LTSR Installation Firewall](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-Installation-Firewall.png?resize=640%2C480&ssl=1)
- Click on Install in Summary
![Citrix Director 1912 LTSR Installation Summary](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-Installation-Summary.png?resize=640%2C482&ssl=1)
- Installation will prompt for the reboot. Click on Close
![Citrix Director 1912 LTSR Installation Reboot](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-Installation-Reboot.png?resize=640%2C479&ssl=1)
- Once the server is up, installer will prompt you to locate the media so the installation can resume from where it left at the time of reboot. Mount the media again and select the mount drive within the installer window.
- Installation will resume and once it is completed, click on Finish. Leave Launch Director checked
![Installation Succeeded](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Installation-Succeeded.png?resize=640%2C480&ssl=1)
- Notice in the address that the URL is HTTP. Using http is not a problem unless there is some security guideline from the customer that requires Director to be on HTTPS. In one of the next topic of this article, we will bind the SSL certificate to HTTPS (443) in IIS. Further, in this article we will set up a HTTP Redirect to HTTPS.
![Citrix Director 1912 LTSR home page](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Citrix-Director-1912-LTSR-home-page.png?resize=640%2C355&ssl=1)
Warning – You are not using a secure connection
If you are fine with http then you can remove the warning that says You are not using a secure connection (see above screenshot)
- Open RUN / INETMGR
- Go to Sites / Default Web Site / Director in the left hand pane
- Open Application Settings on the right
![IIS Director Application Settings](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-Director-Application-Settings.png?resize=640%2C339&ssl=1)
- Double click on UI.EnableSslCheck. Change the value to false and click on OK.
![IIS Director Application Settings UI.EnableSslCheck](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-Director-Application-Settings-UI.EnableSslCheck.png?resize=495%2C558&ssl=1)
Bind SSL Certificate to HTTPS in IIS
- Open RUN / INETMGR
- Go to Sites / Default Web Site
- Click on Bindings in the right pane
![IIS Bindings](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-Bindings.png?resize=640%2C245&ssl=1)
- Click on Add in Site Bindings window
- Select https in Type and Select the certificate (certificate’s Friendly name) in SSL Certificate we installed previously. Click on OK
![IIS Bindings HTTPS](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-Bindings-HTTPS.png?resize=640%2C422&ssl=1)
- Click on Close.
![IIS Bindings HTTPS Finished](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-Bindings-HTTPS-Finished.png?resize=640%2C378&ssl=1)
Citrix Director 1912 LTSR HTTP Redirect
For HTTP Redirect to HTTPS to work, you need to download and install IIS URL Rewrite module 2. Although IIS in-built module HTTP Redirect can do the job but it is not robust enough for all use cases. Check out Redirect HTTP to HTTPS with IIS
- Download IIS URL Rewrite Module 2 from https://www.iis.net/downloads/microsoft/url-rewrite#additionalDownloads
![Download IIS Rewrite module](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/Download-IIS-Rewrite-module.png?resize=525%2C430&ssl=1)
- Install it as an Administrator
![IIS Rewrite module Installation](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-Rewrite-module-Installation.png?resize=371%2C257&ssl=1)
- Open RUN / INETMGR
- Go to Sites / Director
- Open URL Rewrite
![IIS URL Rewrite Module](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module.png?resize=640%2C380&ssl=1)
- Click on Add Rules in the right pane
![IIS URL Rewrite Module Add Rule](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Add-Rule.png?resize=176%2C304&ssl=1)
- Select Blank rule and click on OK
![IIS URL Rewrite Module Add Blank Rule](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Add-Blank-Rule.png?resize=589%2C398&ssl=1)
- Give the rule some Name
![IIS URL Rewrite Module Name](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Name.png?resize=640%2C100&ssl=1)
- In Match URL section, select Wildcards in Using from the drop down and type * in the Pattern field
![IIS URL Rewrite Module Rule Match URL](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Rule-Match-URL.png?resize=632%2C227&ssl=1)
- Under Conditions section, click on Add
- Type {HTTPS} in Condition Input. Leave Matches the pattern in Check if input string. Type Off in Pattern. Click on OK
![IIS URL Rewrite Module Add Condition1](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Add-Condition1.png?resize=448%2C320&ssl=1)
![IIS URL Rewrite Module Add Condition2](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Add-Condition2.png?resize=633%2C317&ssl=1)
- Nothing to be done in Server Variables section
- In Actions section, ensure Redirect is select in Action type. Type https://{HTTP_HOST}/Director/LogOn.aspx in Redirect URL
![IIS URL Rewrite Module Action Type](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Action-Type.png?resize=592%2C330&ssl=1)
- Click on Apply in the right pane.
![IIS URL Rewrite Module Apply](https://i0.wp.com/guptanishith.com/wp-content/uploads/2020/04/IIS-URL-Rewrite-Module-Apply.png?resize=188%2C125&ssl=1)
Google Analytics Data Collection
From Citrix Director Documentation – The Director Service starts using Google Analytics to collect usage data anonymously after Director is installed. Statistics regarding the usage of the Trends pages and OData API call analytics are collected. Analytics collection complies with the Citrix Privacy Policy. Data collection is enabled by default when you install Director.
To disable Google Analytics Data Connection:
- Open RUN / Regedit
- Go to HKEY_LOCAL_MACHINE\Software\Citrix\Director
- Set the value of DisableGoogleAnalytics to 1. 1 is Disabled and 0 is Enabled
- If the key doesn’t exist then create it (DWORD).
Hello Gupta, this is absolutely incredible information. We need to setup our Director. I’ll be using your step by step process. I have used your other articles. They were spot on. I don’t have words of appreciation.