How to - Create New VDI Listeners and Content Rules using PowerShell - Citrix Virtual Apps

Scope

When a Citrix Admin is required to create a new Server Group it could consist of several new VDI servers being created. These VDI servers need to be added to the LoadMaster which involves creating new Secure Listeners and the associated Content Rules which need to be assigned to the StoreFront Gateway SubVS.

Solution

Utilize the PowerShell Application Programming Interface (API) wrapper using a script that pulls a list of servers from your text file and creates new Secure Listeners and new Content Rules and assign them to the StoreFront Workspace-Receiver Launch App SubVS.

If using HTML5 Web Sockets, you must run the script twice and update the variables. The rules will be assigned to the StoreFront Browser Launch HTML5 App SubVS. 

Note: Ensure there are no white spaces within your list of Real Server IP addresses otherwise you will receive a 422 error. 

For further information on the PowerShell API documentation, refer to the PowerShell Interface Description.

You can download the wrapper from this page: LoadMaster PowerShell API Wrapper.

 

One manual step is required and you only needs to do this once. You must retrieve the content rule number created randomly from the Citrix Virtual Apps and Desktops template. 

Go to Rules & Checking > Content Rules > Body Modification Rules.

Body_response_Rule_Number.png

In this case 29673 will be your rule number for the variable RuleNumber.

 

## This script creates new VDI listeners and ICA rewrite rules and assigns them to the SubVS. Read the comments beside the variables. You can copy the contents to PowerShell. 

 ### Connect to the LoadMaster

$LoadmasterIP = "10.10.10.2" ##Set LoadMaster IP Address
$KempAdmin = "bal"
$KempPassword = "password"  ##Set Bal Password

$SecureString = ConvertTo-SecureString -String $KempPassword -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $KempAdmin, $SecureString
$Login = Initialize-LmConnectionParameters -Address $LoadmasterIP -LBPort 443 -Credential $cred


### Configure the variables

$RuleNumber ="X" ## Substitute X with your RuleNumber in above screenshot
$citrix_starting_index = 11 ## Set the starting index, this will be the next number on the list of your current rules. The Citrix template creates 10 rules, so 11 would be the starting index. 6 is the starting index for the HTML5 template.
$citrix_vs_starting_port = 4441 ## Set the starting port to the next number on the list of your current rules. The Citrix template creates 10 rules beginning at 4440, so 4441 would be the starting index.
$citrix_vs_name ="Citrix_Workspace_VDI_" ## Comment this line out if adding HTML5 Listeners
#$citrix_vs_name ="Citrix_HTML5_VDI_" ## Remove the comment if adding HTML5 Listeners

$ExternalURL="EXTERNAL.DOMAN.COM" ## Set the publicly resolvable URL.
$VirtualServiceIP = "10.1.154.202" ## Set the Virtual Service IP address.
$CertName = "kemptest" ## Set the SSL Certificate. On the Web User Interface (WUI) navigate to Certificates & Security > SSL Certificates > Identifier. 
$RealServerPort ="2598" ## Comment this line out if adding HTML5 Listeners
#$RealServerPort ="8008" ## Remove the comment if adding HTML5 Listeners
$servers = Get-Content .\servers.txt ## List of New VDI Servers taken from file.


### Gets VS SubVS Index. Required for adding new Rules to SubVS
$VSIndex = Get-AdcVirtualService -VirtualService $VirtualServiceIP -VSPort 443 -VSProtocol tcp
$SubVSIndex = ($VSIndex.Data.VS.SubVS[-1]).VSIndex ## Comment this line out if adding HTML5 Listners
#$SubVSIndex = ($VSIndex.Data.VS.SubVS[-3]).VSIndex ## Remove the comment if adding HTML5 

 ### No more updates required

 

for ($i=0; $i -lt $servers.Count; $i++)
{

$RuleName = $citrix_vs_name + ($citrix_starting_index + $i) ##No update
$Port = $citrix_vs_starting_port + $i ## No update
$Pattern = "Address=" + $servers[$i] + ":1494" ## No update
$Replacement = "SSLProxyHost=" + $ExternalURL + ":" + $Port ## No update
$RuleName2= "Citrix_GatewayAddress_"+$RuleNumber ## No update
$RuleName3= "Citrix_SSL_On_"+$RuleNumber ## No update
echo $RuleName
echo $Port
echo $RuleName2
echo $RuleName3

### Creates new VS Secure Listeners
New-AdcVirtualService -VirtualService $VirtualServiceIp -nickname $RuleName -VSPort $Port -VSProtocol tcp -VSType http -SSLAcceleration $true -SSLReencrypt $false -CertFile $CertName -CheckType none

### Adds Real Server to VS
New-AdcRealServer -RealServer $servers[$i] -RealServerPort $RealServerPort -Non_Local 1 -Enable $true -Forward nat -Weight 1000 -VirtualService $VirtualServiceIp -VSPort $Port -VSProtocol tcp

### Creates new ICA Rewrite Rules
New-AdcContentRule -RuleName $RuleName -Type 5 -Pattern $Pattern -Replacement $Replacement -NoCase 1

### Adds new ICA Rules to Sub VS
New-AdcVirtualServiceResponseBodyRule -VSIndex $SubVSIndex -RuleName $RuleName
}

 ## Promotes New Rules
Remove-AdcVirtualServiceResponseBodyRule -VSIndex $SubVSIndex -RuleName $RuleName2 -Confirm:$false
Remove-AdcVirtualServiceResponseBodyRule -VSIndex $SubVSIndex -RuleName $RuleName3 -Confirm:$false

New-AdcVirtualServiceResponseBodyRule -VSIndex $SubVSIndex -RuleName $RuleName2
New-AdcVirtualServiceResponseBodyRule -VSIndex $SubVSIndex -RuleName $RuleName3

 

Was this article helpful?

0 out of 0 found this helpful

Comments