Powershell Module for Citrix WEM – Part 3 – EnvironmentalSettings and MicrosoftUsvSettings from GPO and much, much more


It’s been a week and a half since I released version 0.9.4 of the Citrix WEM Powershell module I am working on.

That release got a LOT of attention. It even got me in contact with some of the world’s WEM experts.

I’ve posted about the module before, you can find part 1 here and part 2 here.

Today I release version 1.0.0 which is a Major Release version.

There’s been a ton of development in the module since 0.9.4 which led to some internal releases up until now. I decided not to release since 0.9.4 because there were so much ideas and tweaks to be made.
This Major Release now contains seven functions in all which should help an admin who’s staging a new WEM environment save a lot of time (and I mean a LOT of time).

The primary focus for this module is to take settings from Group Policy Objects that are in place for creating some sort of User Experience for maybe an existing Virtual Desktop environment and grab settings relevant to WEM from these GPO’s.
Some functions are meant to be run from a user’s environment, logged on to RDS, or to a desktop and take settings from these environments to mimic them into WEM.
In other words: Use Powershell to mimic existing User Experience settings to WEM.

To those ends the following seven functions were developed:
citrixwem-00
On a side-note, if anyone knows how to handle function versioning in a module (shows 0.0 here), please let me know, I’d love to learn how to do that.

Quicklinks to the functions and their descriptions:

Function New-VUEMApplicationsXml
citrixwem-01
This function was first released in version 0.9.0 and was the start of the module.
In version 1.0.0 the function has faster code, more parameters and will not output duplicate objects. Some bugs were fixed as well.
The function will now also detect a redirected Start Menu and act accordingly.

Description:

Builds an .xml file containing WEM Action definitions for application shortcuts.
This function supports multiple types of input and creates the file containing the Actions ready for import into WEM.
The function is meant to be used from within a user environment to capture the current Start Menu, or a folder structure of your choosing, into WEM Application Actions.

Parameters:

-Path
Can be a targeted folder or a targeted file. If a folder is specified the function will assume you wish to parse .lnk files.
If omitted the default Start Menu\Programs folders (current user and all users) locations will be used.
-OutputPath
Location where the output xml file will be written to. Defaults to current folder if omitted.
-OutputFileName
The default filename is VUEMApplications.xml. Use this parameter to override this if needed.
-Recurse
Whether the script needs to recursively process Path. Only valid when the Path parameter is a folder. Defaults to $True if omitted.
-FileTypes
Provide a comma separated list of filetypes to process. Only valid when the Path parameter is a folder. If omitted .lnk will be used by default.
-Prefix
Provide a prefix string used to generate Action names (as displayed in the WEM console).
-SelfHealingEnabled
If used will create Actions using the SelfHealingEnabled parameter. Defaults to $False if omitted.
-OverrideEmptyDescription
If used will generate a description based on the Action name, but only if a description is not found during processing. Defaults to $False if omitted.
-Disable
If used will create disabled Actions. Defaults to $False if omitted (create Enabled Actions).

Notes:

By default, if no Path is given the default Start Menu locations will be processed.
If Folder Redirection for the Start Menu folder is detected, that folder will be used instead.

Function New-VUEMNetDrivesXml
citrixwem-02
This function was first released in version 0.9.4.
In version 1.0.0 the function has faster code, more parameters and will not output duplicate objects. Some bugs were fixed as well.
The function will now also accept a .csv file for input.

Description:

Builds an .xml file containing WEM Action definitions for Mapped Network Drives for the current user, or from a .csv file.
This function creates the file containing the Actions ready for import into WEM.
The function is meant to be used from within a user environment to capture the Mapped Drives into WEM NetDrives Actions. You can also use it to grab NetDrives Actions from a .csv file.

Parameters:

-DriveLetter
Will only process the Mapped Drive letter defined by the DriveLetter value.
-OutputPath
Location where the output xml file will be written to. Defaults to current folder if omitted.
-OutputFileName
The default filename is VUEMNetDrives.xml. Use this parameter to override this if needed.
-InputCsv
A csv file containing at least one field: TargetPath (Mandatory). Field DisplayName is optional. For each TargetPath a NetDrive object will be created, with DisplayName, if provided, as DisplayName and written to the output xml file.
Parameter DriveLetter will be ignored if this parameter is used.
-Prefix
Provide a prefix string used to generate Action names (as displayed in the WEM console).
-SelfHealingEnabled
If used will create Actions using the SelfHealingEnabled parameter. Defaults to $False if omitted.
-OverrideEmptyDescription
If used will generate a description based on the Action name, but only if a description is not found during processing. Defaults to $False if omitted.
-Disable
If used will create disabled Actions. Defaults to $False if omitted (create Enabled Actions).

Notes:

Credentials are skipped.

Function New-VUEMPrintersXml
citrixwem-03
This function was first released in version 0.9.5, which was an internal non-public release.
In version 1.0.0 the function has more parameters and will not output duplicate objects. Some bugs were fixed as well.
The function will now also accept a .csv file for input.

Description:

Builds an .xml file containing WEM Action definitions for Mapped Printers for the current user, or from a .csv file.
This function creates the file containing the Actions ready for import into WEM.
The function is meant to be used from within a user environment to capture the Mapped Printers into WEM Printers Actions. You can also use it to grab Printer Actions from a .csv file.

Parameters:

-PrintServer
Will only process the Mapped Printers connected to the Print Server as defined in the value of PrintServer.
-OutputPath
Location where the output xml file will be written to. Defaults to current folder if omitted.
-OutputFileName
The default filename is VUEMPrinters.xml. Use this parameter to override this if needed.
-InputCsv
A csv file containing at least one field: TargetPath (Mandatory). For each TargetPath a Printer object will be created and written to the output xml file.
Parameter PrintServer will be ignored if this parameter is used.
-Prefix
Provide a prefix string used to generate Action names (as displayed in the WEM console).
-SelfHealingEnabled
If used will create Actions using the SelfHealingEnabled parameter. Defaults to $False if omitted.
-OverrideEmptyDescription
If used will generate a description based on the Action name, but only if a description is not found during processing. Defaults to $False if omitted.
-Disable
If used will create disabled Actions. Defaults to $False if omitted (create Enabled Actions).

Notes:

Credentials are skipped.

Function New-VUEMUserDSNsXml
citrixwem-04
This function was first released in version 0.9.4.
In version 1.0.0 the function has faster code and will not output duplicate objects. Some bugs were fixed as well.

Description:

Builds an .xml file containing WEM Action definitions for UserDSN entries.
This function supports multiple types of input and creates the file containing the Actions ready for import into WEM.
The function is meant to be used from within a user environment to capture the User or System DSNs into WEM UserDSN Actions.

Parameters:

-Name
Will only process the DSN defined by $Name.
-OutputPath
Location where the output xml file will be written to. Defaults to current folder if omitted.
-OutputFileName
The default filename is VUEMUserDSNs.xml. Use this parameter to override this if needed.
-SystemDSN
If this parameter is used, the script will process SystemDSN into UserDSN Actions.
-Prefix
Provide a prefix string used to generate Action names (as displayed in the WEM console).
-RunOnce
If used will create Actions using the RunOnce parameter. Defaults to $False if omitted.
-OverrideEmptyDescription
If used will generate a description based on the Action name, but only if a description is not found during processing. Defaults to $False if omitted.
-Disable
If used will create disabled Actions. Defaults to $False if omitted (create Enabled Actions).

Notes:

Seems WEM only supports DSNs based on the “SQL Server” driver, so all DataSources based on other drivers are skipped.
Credentials are skipped.

Function Import-VUEMActionsFromGpo
citrixwem-05
This function was first released in version 0.9.4.
In version 1.0.0 the function has faster code, more parameters and will not output duplicate objects. Some bugs were fixed as well.
The function now also detects Deployed Printers in GPOs.
The function now also captures GPO Filters and outputs them if required.
The function now processes Registry Actions recursively processed when Collections are found.
The function now processes the GPO computer/user setting “RunTheseProgramsAtUserLogon” and User Logon Scripts into WEM External Tasks.

Description:

Imports settings from GPOs and converts them to WEM Action files.
This function only works on GPO Backup files, it will not communicate directly with Active Directory to retrieve the settings.
This function will process the following Action types:

  • VUEMEnvVariables from GPO Preference Environment Variables
  • VUEMExtTasks from GPO Policy Run these programs at user logon and GPO User Logon Scripts
  • VUEMFileSystemOps from GPO Preference Files and GPO Preference Folders
  • VUEMIniFileOps from GPO Preference Ini Files
  • VUEMNetDrives from GPO Preference Drive Mappings
  • VUEMPrinters from GPO Preference Printer Mappings and GPO Deployed Printers
  • VUEMRegValues from GPO Preference Registry Settings
  • VUEMUserDSNs from GPO Preference Data Sources

Parameters:

-GPOBackupPath
This is the path where the GPO Backup files are stored.
GPO Backups are each stored in its own folder like {}.
All GPO Backups in the GPOBackupPath are processed.
-OutputPath
Location where the output xml files will be written to. Defaults to current folder if omitted.
Filter export to a csv file if indicated by the parameter is also stored in this path.
Embedded Logon Scripts and related files are exported to a subfolder in this path. The subfolder will be created if it does not exist.
-Prefix
Provide a prefix string used to generate Action names (as displayed in the WEM console).
-SelfHealingEnabled
If used will override any RunOnce settings found in GPO Backup files. WEM Actions that have the SelfHealing option will have the SelfHealing option enabled. WEM Actions that have the RunOnce option will have the RunOnce option disabled.
-OverrideEmptyDescription
If used will generate a description based on the Action name, but only if a description is not found during processing.
-Disable
If used will create disabled Actions. Defaults to $False if omitted (create Enabled Actions).
-ExportFilters
If used will export all Filters found in the GPO Backups while processing the User Preferences to ‘GPOFilters.csv’ in the output location.

Notes:

DataSources (VUEMUserDSNs)
DataSources are processed into UserDSN actions.
System DSN preferences will be processed as User DSNs.
Seems WEM only supports UserDSN based on the “SQL Server” driver, so all DataSources based on other drivers are skipped.
Credentials are skipped.

Drive Mappings (VUEMNetDrives)
If the GPO for a drive mapping has the action set to D (Delete), the drive mapping preference will be skipped.
The Action Name will be based on TargetPath settings (which is a UNC path).
If the preference has the RunOne switch enabled, the SelfHealing switch will be disabled.
If the preference has the RunOne switch disabled, the SelfHealing switch will be enabled.
Credentials are skipped.

Environment Variables (VUEMEnvVariables)
Both System and User variables from the User GPO will be processed.

Files / Folders (VUEMFileSystemOps)
Since WEM doesn’t differentiate between files and folders where Actions are concerned, both preferences are processed into the same array of actions.
If the GPO for a file or folder action has the action set to D (Delete), the Action Name is suffixed with ” (Delete)”.
For file creation Actions the ActionType is set to 0.
For folder creation Actions the ActionType is set to 5.
For file or folder deletion Actions the ActionType is set to 1.

IniFiles (VUEMIniFileOps)
IniFile User GPO Preferences are processed as is.

Printer Mappings (VUEMPrinters)
If the GPO for a printer mapping has the action set to D (Delete), the printer mapping preference will be skipped.
The Action Name will be based on TargetPath settings (which is a UNC path).
If the preference has the RunOne switch enabled, the SelfHealing switch will be disabled.
If the preference has the RunOne switch disabled, the SelfHealing switch will be enabled.
Printer Mappings are created as Map Network Printer Actions.
Credentials are skipped.
Printer Mappings that were Deployed to the GPO are only processed if the GPOs are in English.

Registry Settings (VUEMRegValues)
If the GPO for a Registry action has the action set to D (Delete), the Action Name is suffixed with ” (Delete)”.
The Action Name will be based on Registry path, suffixed with the value name.
Registry actions in Collections are processed as individual actions, Collection names are omitted.

Run these programs at user logon / User Logon Scripts (VUEMExtTasks)
Default values for these actions: 30s TimeOut, WaitForFinish enabled, RunHidden enabled, RunOnce disabled.
Embedded Logon Scripts are extracted from the GPOs, along with all other files found in that location. Exctracted embedded scripts are exported to [OutputPath]\Embedded Logon Script files. This folder will be created if it does not exist.
External Taskes based on embedded scripts are always Disabled, and have their name prefixed with “[NEEDS FILE LOCATION]”
Run these programs at user logon / User Logon Scripts are only processed if the GPOs are in English.
This is the only action where a Computer Policy setting is also processed.

Function Import-VUEMEnvironmentalSettingsFromGpo
citrixwem-06
This function was first released in version 0.9.6, which was an internal non-public release.
As with the Import-VUEMActionsFromGpo function, this function relies on one or more GPO Backups.

Description:

Imports Environmental Settings from GPOs and converts them to WEM Environmental Settings.
This function only works on GPO Backup files, it will not communicate directly with
Active Directory to retrieve the settings.
Importing the xml into WEM will override any settings already there!

Parameters:

-GPOBackupPath
This is the path where the GPO Backup files are stored.
GPO Backups are each stored in its own folder like {}.
All GPO Backups in the GPOBackupPath are processed, newest to oldest. If duplicate settings are found, the oldest are discarded.
-OutputPath
Location where the output xml file will be written to. Defaults to current folder if omitted.
-Enable
If used will create all settings found in the GPO Backups in Enabled state for WEM.
Use with caution, this will be applied to all agents in the configuration set!

Notes:

This function will process the GPO Backups from newest to oldest. If duplicate settings are found, the newest will be used.
Exclude Administrators is always checked by default.
Settings are only processed if the GPOs are in English.

User Interface: Start Menu
Hide Administrative Tools setting is not checked for in the GPO Backups (No such GPO setting).
Hide Devices and Printers setting is not checked for in the GPO Backups (No such GPO setting).

User Interface: Appearance
Set Background Color setting is not checked for in the GPO Backups (cannot convert #RGB to WEM Named Colors).

User Interface: Edge UI
Disable Switcher setting is not checked for in the GPO Backups (No such GPO setting).
Disable Charms Hint setting is not checked for in the GPO Backups (No such GPO setting).

User Interface: Explorer
Hide Network icon in Explorer setting is not checked for in the GPO Backups (No such GPO setting).

User Interface: Control Panel
Hide Control Panel setting cancels out Show only and Hide specified Control Panel applets.
Show Only specified Control Panel applets cancels out Hide Control Panel and Hide specified Control Panel applets.
Hide specified Control Panel applets cancels out Hide Control Panel and Show only specified Control Panel applets.
GPO Backups are processed for these items in the above order.

User Interface: Advanced Tuning
SBC / HDV Tuning settings are not checked for in the GPO Backups.
These are environment specific settings and should be handled in WEM if you want to enable them.

Function Import-VUEMMicrosoftUsvSettingsFromGpo
citrixwem-07
This function was first released in version 0.9.6, which was an internal non-public release.
As with the Import-VUEMActionsFromGpo and Import-VUEMEnvironmentalSettingsFromGpo functions, this function relies on one or more GPO Backups.

Description:

Imports Microsoft Userstate Virtualization Settings from GPOs and converts them to WEM Microsoft USV Settings.
This function only works on GPO Backup files, it will not communicate directly with Active Directory to retreive the settings.
Importing the xml into WEM will override any settings already there!

Parameters:

-GPOBackupPath
This is the path where the GPO Backup files are stored.
GPO Backups are each stored in its own folder like {}.
All GPO Backups in the GPOBackupPath are processed, newest to oldest. If duplicate settings are found, the oldest are discarded.
-OutputPath
Location where the output xml file will be written to. Defaults to current folder if omitted.
-Enable
If used will create all settings found in the GPO Backups in Enabled state for WEM.
Use with caution, this will be applied to all agents in the configuration set!

Notes:

This function will process the GPO Backups from newest to oldest. If duplicate settings are found, the newest will be used.
Exclude Administrators is always checked by default.
Settings are only processed if the GPOs are in English.

Folder Redirection
Delete local Redirected Folders setting is not checked for in the GPO Backups (No such GPO setting).

All functions will now also accept the -Verbose common parameter, and will write verbose output when you use it.
Normal output for Import-VUEMActionsFromGpo:
citrixwem-10
Verbose output for Import-VUEMActionsFromGpo:
citrixwem-11
And I posted a quick demonstration of importing Environmental Settings and Microsoft USV Settings from GPO Backups into WEM:


You can download the module on Github: https://github.com/msfreaks/Citrix.WEM

A big thank you to James Kindon (@james_kindon) for helping me out during development by letting me pick his brain, testing the module, advice on certain settings, do’s and don’ts, etc.

Until next time,

Arjan Mensch

Advertisements

20+ years experience in Microsoft powered environments. Enjoy automating stuff using scripts, powershell, and even batch files. In my free time (hah! as if there is any) I hunt achievements and gamerscore on anything Xbox Live enabled (Windows Mobile, Windows 8, Windows 10, Xbox 360 and Xbox One). When I'm not doing that I enjoy traveling or riding my Yamaha R1 on the edge ;)

Tagged with: , , ,
Posted in Citrix, Powershell
One comment on “Powershell Module for Citrix WEM – Part 3 – EnvironmentalSettings and MicrosoftUsvSettings from GPO and much, much more
  1. […] that have preferences in them (user context) and convert them into WEM actions. I do this using Arjans PowerShell module that we worked on over Christmas break 2017. Once converted, I remove from the GPO so that it […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog Authors
https://paypal.me/ArjanMensch
BTC:1AiAL6QDbfNPiduYYEoy3iNS2m6UKJW2He
LTC:Lf52uAJiCRQtiegJyKqVvoh4FuvwMkHPae
ETH:0x096a12424e991696ad21cfc0e0f3749ab4f8ce1b
DSH:XnRGpf2v36F5iDT5uFaq7DsHPFF435EPmT
XMR:49UCmvAYNxB3voEVbfL8KDENwcg9SE9PeY5jU8YCaHMuLXHapRmfhgHWbwaVe4vUMveKAzAiA4j8xgUi29TpKXpm3xumqCq

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 400 other followers

Blog Stats
  • 2,751,956 hits
  • An error has occurred; the feed is probably down. Try again later.
%d bloggers like this: