We are moving down the best practices road and now we come up to Active Directory. This, of course, is just a recommendation as I know everyone’s AD structure will be different. But let’s start out with a long-standing best practice… XenApp servers have warranted their own organizational unit within Active Directory for organizational and policy enforcement purposes. The recommendation has also included breaking out specific XenApp roles or locations into their own OU. Each identical group of servers would have the same policies applied. Typically, this creates an Active Directory structure like the following:
With the inclusion of Provisioning Services into the XenApp architecture, this recommendation does not change. In fact, this best practice becomes even more important because there will probably be special policy settings specifically for provisioned servers. Depending on how Provisioning Services is integrated with XenApp will help to determine if new OUs are required.
- If the OU contains a set of XenApp servers all provisioned with the same vDisk, then any Provisioning Services related policies can be applied to the entire OU.
- If the OU contains provisioned and non-provisioned XenApp servers, all hosting the same applications, then a new OU should be created that contains only the provisioned XenApp servers.
- If the OU contains provisioned and non-provisioned XenApp servers hosting different applications, then multiple OUs should be created containing only identical servers.
With Provisioning Services, the XenApp OU structure might resemble something like the following:
Each OU contains:
- Similar servers: Applications, infrastructure components, XenApp components
- Similar delivery processes: Provisioned or not provisioned
Please comment with your thoughts or if there is another best practices you are wondering about. The list has already grown based on feedback from previous blogs. Stay tuned for more upcoming best practice blogs specifically focused on Provisioning Services and XenApp:
- vDisk Type
- vDisk Cache
- Active Directory
- Application Integration
- Application Streaming Cache
- System-level settings: Page file, drive remapping and multiple drives
- Image Management
- Local Database Storage (event viewer, EdgeSight, AntiVirus updates)
- Plus more if we get some good ideas on other areas of focus
Daniel – Sr. Architect
Follow me on Twitter: http://www.twitter.com/djfeller