Get me outta here!

Citrixology

by Lal Mohan

Menu

Skip to content
  • About Me
  • Citrix
    • Citrix Cloud
    • NetScaler
    • WEM & UPM
    • XenApp & XenDesktop
    • Citrix Storefront
  • WVD
  • VMware
    • Workspace One

Tag Archives: How to guide WEM

Installing and Configuring Citrix Workspace Environment Manager (WEM) in a Citrix Environment

March 11, 2020 by Lal Mohan

I have done numerous Citrix Workspace Environment Manager (WEM) deployments in the past but never did I think about once doing a blog post on it yet. So, we are doing it this time. For the uninformed, Citrix WEM is a resource management and user persona management tool and is a must-have in every Citrix environment for the following reasons.

  • It’s FREE for all the Enterprise and Platinum customers that have a valid Citrix Customer Success Services (CSS) agreement.
  • It’s super impressive if you have applications that consumes large amounts of memory, which most of the modern apps are.

Refer here if you want to look at what you get with different Citrix licenses https://www.citrix.com/en-au/products/citrix-virtual-apps-and-desktops/feature-matrix.html?_ga=2.163129148.1481679903.1582674361-19471628.1580160671

Overview

WEM has the following simplified architecture (courtesy of Citrix.com)

Workspace Environment Management architecture diagram

There are 3 key pieces for a WEM deployment

  • Infrastructure Services – It is the brain of the whole solution. It helps synchronizing the agent and admin console with the SQL server and Active Directory. This role CANNOT be installed on a Domain Controller and Desktop Delivery Controller according to Citrix.
  • Administration Console – Console is used to configure and manage WEM. This could be installed on any standard Windows machine.
  • Agent – The Workspace Environment Management agent connects to the Workspace Environment Management infrastructure services and is responsible for enforcing the settings you configure by using the administration console. The agent can either be deployed on VDAs or on physical Windows devices (for Transformer use cases). It can be installed on a Windows client (to manage client environments) or on a Windows Server (to manage server environments, or to manage published desktops and applications).

Installation

Pre-Requisites

  • domain service account
  • sysadmin access for the service account on the SQL server(s)
  • an AD group that contains all the WEM admins in the organization
  • Add the service account to local administrator group on the WEM servers

Install WEM Infrastructure Services

Download the installer binaries and run the .exe for Infrastructure Services

Click Install

Click Next


Accept the EULA

Enter the Customer and Organization Name

Click Next

Click Install

Click Finish. The database management utility will start

Click Create Database

The database creation wizard will start.

Click Next

Tick the box for “Use Integrated Connection” if the account that has been used is a sysadmin on the SQL server. if that’s not the case, use another account that has sysadmin rights

Click Next

  • Add the WEM Administrator AD group
  • select the domain service account. This is the broker service account under which the Infra services will be run
  • set a password for the SQL vuemUser

Click Next

You get the database information summary as below

Click OK

Click Finish

Close the Database Management Utility


WEM Infrastructure Services Configuration

On the server where WEM is installed, run the WEM Infrastructure Service Configuration Utility as an administrator.

On the Database settings tab, enter the Database server name and Database Name that was created in the previous step

If there is a failover server, give the secondary SQL server name and instance

On the Network settings tab, leave everything as default

On the Advanced Settings tab, enter the Infrastructure Service account and the vuemUser SQL password.

Enable the Performance Tuning – Tick that

Decide if you want to enable Google Analytics or not

Enable Scheduled Database Maintenance as below

On the Licensing Tab, tick the box for Global license Server override

Click Save Configuration

This will restart the broker service

Click Yes

Close the WEM Infrastructure Service Configuration utility.

Click Yes

Ensure that the Infrastructure service account has full permissions to the DBSync folder. The installation of the Infrastructure service role should set this up correctly but if that isn’t the case, ensure that the permissions are setup like the below. Else, your WEM upgrades will most likely fail in the future.

If you have multiple WEM infrastructure services servers and you are planning to load balance them, you will need to set up a Kerberos SPN. Follow the command below to set it. Service account name is the account used for WEM Infrastructure Service. No need to add the domain name before the service account name

setspn -U -S Norskale/BrokerService [serviceaccountname]

Run the Citrix Workspace Environment Management Infrastructure Services Setup on the rest of the WEM servers.

Once the installation is complete, do NOT run the Database Management Utility but run the WEM Infrastructure Service Configuration utility instead.

Setup the Kerberos SPN (it is case sensitive so be mindful of how you use the service account on the previous servers)

Citrix WEM Console Install

Run the console install on the WEM servers or any other server of your choice

Accept the EULA

Enter the Customer Name and Organization and Click Next

Select Complete and click Next

Click Install

Click Finish

WEM Agent Install

Once the Infra services and console is installed, you can now install WEM agents on the machines that you need to manage via WEM. In our case, they are Citrix VDAs themselves.

Run the installer binaries for Citrix Workspace Environment Management Agent Setup

Click Install


Click Next

Click Next

Select On-Premises deployment

Select Skip Configuration. These settings will be pushed down via GPOs.

Click Next

You can choose to leave the WEM Cache on the C drive but when using PVS or MCS , its is often good practice to move the cache folder to the persistent drives. I have selected to use the MCS Write Cache disk in the example above.

Click Next

Click Install

Click Finish

Click Close

WEM Initial Configuration

Once the console and WEM services roles are installed, a Configuration Set is required to be created so that it could be applied to the machines that you intend to. They are previously called Sites so don’t freak out if you are used to that terminology in the past.

If you already have a backup of the Configuration set, you can now browse to that and select it and import it.

Else, create a new Configuration set

Click Create

Give it a Name and a description

Click OK

Now it’s time to import default recommended settings. You can find them in the WEM download package.

Click Restore

Restore Wizard will open

Select Settings

Click Next

Click Next

Click Browse and pick the Default Recommended Settings

Click OK

Check all the boxes as shown in the picture below

Click Next

Click Restore Settings

Say Yes to the warning above

Wait until the restore is finished

Click Finish

To add the agents in WEM console, Click “Active Directory Objects” and then click Machines

Under Actions pane at the bottom, select Add Object

Pick the computer account that you want the policies to be pushed using the WEM agent. You can also choose to add the whole OU to make things a bit more automated.

The basic config is now there. Now if you want to get a bit more deeper into the WEM or understand the concepts a bit more, please feel free to read the blog I wrote a while ago. It has explanations and best practices that you can follow for your environment and customize it according to your needs. It is a good read, I promise!

https://lalmohan.co.nz/2018/08/15/citrix-workspace-environment-manager-wem-baseline-policies-and-best-practices/

Spread the love:

  • Twitter
  • Facebook
  • LinkedIn
  • Pinterest
  • Reddit
  • Email
  • Print
  • Pocket
  • Tumblr

Like this:

Like Loading...
Citrix Virtual Apps Citrix Virtual Apps and Desktops Citrix Virtual Desktops CVAD Profile Management User Profile Management XenApp XenDesktop XenDesktop 7 Citrix WEMCitrix Workspace Environment ManagerHow to Citrix WEMHow to guide WEMNorskaleStep by step guide for WEM installWEM Install and configureWorkspace Environment Manager 1 Comment

Post navigation

Translate this blog

Recent Posts

  • Integrate Azure MFA with NetScaler Gateway for Two-Factor Authentication
  • Microsoft Windows Virtual Desktops (WVD) or Citrix – The Big Question answered!
  • Desktop Restart – Citrix Storefront Power Management
  • Citrix Machine Creation Services (MCS) – Primer For On-Prem Vs Azure
  • Microsoft DirectAccess breaks Citrix/XenApp application launches – Fix

RSS Citrix Blogs

  • Mennesker og teknologi baner vei for helt nye måter å jobbe på
  • Success Readiness: A foundation for best-in-class customer experience
  • Using Citrix ADM to speed up Citrix ADC pooled capacity configuration
  • Minimizing complexity with service mesh lite architecture
  • Congratulations to the Citrix Americas Partner of the Year Winners for 2020!
  • Citrix TIPs: PIV Key / Smart Card Auth for Citrix Director
  • Drive better outcomes throughout the customer experience journey
  • Tolly Group confirms Citrix ADC’s performance leadership
  • UK workers would forego a chunk of their salary to go remote permanently
  • Reflecting on the most popular HDX innovations of the past two years

RSS Google Cloud Platform

  • Eventarc: A unified eventing experience in Google Cloud
  • The democratization of data and insights: making real-time analytics ubiquitous
  • How we’re helping to reshape the software supply chain ecosystem securely
  • Cloud Profiler provides app performance insights, without the overhead
  • Loading complex CSV files into BigQuery using Google Sheets
  • Top 5 trends for API-powered digital transformation in 2021
  • Think big: Why Ricardo chose Bigtable to complement BigQuery
  • Deeper map customization with zoom level customization and industry optimized map styles
  • What’s new with Google Cloud
  • Lock Statistics: Diagnose performance issues in Cloud Spanner

RSS Trending

  • A deep dive into the Citrix HDX FIDO2 and Windows Hello optimized virtual channel with virtual desktops and apps using USB, NFC, BLE, and built-in authenticators
  • Using Windows Hello FIDO2 capability with web browsers, Microsoft WVD, Teams, and native Windows apps for passwordless logins using your fingerprint or face
  • How to use Azure AD Conditional Access to add a Terms of Use EULA to Citrix Workspace, Microsoft WVD, Office 365, and SaaS apps
  • How to report on Microsoft Authenticator password-less phone sign-in & FIDO2 security key usage using Azure AD & Azure Monitor Log Analytics
  • How to use FIDO2 security keys remotely inside a virtual desktop session hundreds of miles away using Citrix HDX USB redirection and Microsoft Azure AD
  • Work from home reality and making positive IT decisions in response to the COVID-19 Coronavirus pandemic
  • How to use Microsoft WVD, Windows 10 multi-session, FSLogix, & MSIX app attach to build an Azure-powered virtual desktop experience
  • Driving Modern Passwordless Authentication: Citrix Workspace and Microsoft Azure Active Directory
  • Why Windows Hello for Business, Microsoft Authenticator, and FIDO2 are not a suggestion, but a requirement for your Azure AD powered enterprise – PART 2
  • Understanding the passwordless authentication renaissance and how to plan your Microsoft Windows based organization for this change – PART 1

RSS VMware EUC Blog

  • An error has occurred; the feed is probably down. Try again later.

RSS Citrix Guru

  • A look at the upcoming Citrix Identity Platform improvements in Citrix Cloud
  • TOP 10 upcoming features in Citrix Cloud [2019]
  • Citrix Managed Desktops Service is a glimpse into the future of Citrix Cloud services
  • I’ve tested Nutanix Xi Frame and it is…
  • Everything you need to know about WVD, Windows 10 EVD and Citrix
  • EUC Masters Retreat 2019: the conference you want to attend
  • Renewed as Citrix Technology Professional (CTP) for 2019
  • First words from the 2019 Citrix Technology Professionals
  • LTSR vs. CR: Citrix wants customers off LTSR
  • Ultimate Citrix App Layering Guide 2019

RSS Microsoft Azure Blog

  • Azure and HITRUST publish shared responsibility matrix
  • Helping retailers navigate the future
  • Azure SQL Database named among the top 3 databases of 2020
  • Introducing Azure Health Bot—an evolution of Microsoft Healthcare Bot with new functionality
  • 4 common analytics scenarios to build business agility
  • Watch this new series to help you navigate and adopt the cloud
  • 5 ways to save costs by running .NET apps on Azure
  • Azure Cost Management and Billing 2020 year in review
  • Defining roles and responsibilities for cloud cost optimization
  • Azure Stack HCI delivers world-class hyperconverged infrastructure

RSS Amazon AWS

  • New – AWS Transfer Family support for Amazon Elastic File System
  • Amazon Location – Add Maps and Location Awareness to Your Applications
  • New –  FreeRTOS Long Term Support to Provide Years of Feature Stability
  • Announcing AWS IoT Greengrass 2.0 – With an Open Source Edge Runtime and New Developer Capabilities
  • New – AWS IoT Core for LoRaWAN to Connect, Manage, and Secure LoRaWAN Devices at Scale
  • Announcing Amazon Managed Service for Grafana (in Preview)
  • Join the Preview – Amazon Managed Service for Prometheus (AMP)
  • New – AWS Systems Manager Consolidates Application Management
  • New – AWS Systems Manager Fleet Manager
  • Introducing AWS Systems Manager Change Manager

Blog Stats

  • 471,432 hits

Archives

Create a website or blog at WordPress.com
Cancel
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
%d bloggers like this: