Architecture and Operation

IT Asset Management (Cloud)
The Citrix Cloud adapter has been created to collect supplementary VDI data. This data will show:
  • Existing VDI devices and templates
  • Existing delivery groups in Citrix where these VDI devices and templates are installed
  • What users have access to these delivery groups.

The FlexNet Inventory Agent which is installed on the VDI template, collects application evidence from each of the VDI devices purported by the Citrix Cloud adapter. This application evidence shows all of the software that end-users have access to.

To import the collected supplementary VDI data into IT Asset Management, the Citrix Cloud adapter uses the Citrix Remote PowerShell SDK in order to connect to Citrix Cloud and query the relevant API(s).

Citrix Cloud documentation pertaining to the API used for gathering application evidence on the connection server is available here.

There are 4 main components in the Citrix Cloud adapter:
  • Delivery group (Citrix): A collection of existing virtual machines. The FlexNet Inventory Agent collects the application evidence from these machines which is then mapped to users who have access to that delivery group. Note: Access to a delivery group is defined in Active Directory.
  • Inventory Beacon: Connects to a single connection to Citrix Cloud. Inventory is then uploaded to the Batch and Inventory Servers. The inventory beacon also imports data from Active Directory, including groups (and their members), users, and computers, and the security identifiers for each item within Active Directory. (These security identifiers, or SIDs, are the same identifiers that the Citrix Cloud adapter reports for usage of the applications delivered by Citrix Cloud).
  • Inventory Server: Is where the application evidence (.NDI file from each VDI device) is received, processed and imported to the IM inventory database. .NDI files are produced by running the FlexNet Inventory Agent on the VDI.
  • Batch Server: Is where data from the IM Inventory Database is processed and imported to the IT Asset Management Compliance database which in turn drives the VDI template UI. Note: The Citrix Cloud adapter has been configured as a new compliance connection. VDI data is sent to the Batch server as intermediate data files which are then processed (matched/merged) with data from other compliance connections to produce a single view of the data and imported to the IT Asset Management database.

What data is retrieved

The data listed below is retrieved by means of running functions in the PowerShell reader that is used to connect to the Citrix Cloud API on the configured connection server.
Functions Retrieved data
Site name

The Name property of the Citrix site as returned by the Get-BrokerSite cmdlet.

Delivery groups
The delivery groups are interrogated with the Get-BrokerMachine cmdlet. Relevant properties are:
  • DesktopGroupName
  • CatalogName
  • DesktopGroupUUID
Machines
The VDIs are queried with the Get-BrokerMachine cmdlet. Relevant properties are:
  • DNSName
  • DeliveryType
  • PersistUserChanges
User access

User access for Citrix Virtual Desktop is collected with the Get-BrokerAccessPolicyRule and Get-BrokerEntitlementPolicyRule(desktop entitlements).

User access for Citrix Virtual Application is collected with Get-BrokerApplication cmdlet.

Active Directory SID for each user or group in the IncludedUsers property is collected.

Applications
Application data and corresponding delivery group is queried with the Get-BrokerApplication cmdlet. Relevant properties are:
  • AppName
  • ApplicationUID
  • AssociatedDesktopGroupUids
  • AssociatedDesktopGroupUUIDs
  • AssociatedUserSIDs
  • BrowserName
  • Uid.
Test connection A test connection button is available in the FlexNet Beacon UI. Selecting test connection will show a successful test if the configured user is able to successfully log into the API, going through any configured proxy.

If the connection fails, the relevant error is fed back to the user.

IT Asset Management (Cloud)

Current