Presentation is loading. Please wait.

Presentation is loading. Please wait.

May, 2013 Delegated Administration Project Excalibur Miho Hoshino, WW Support Readiness.

Published byHector Jennings Modified over 8 years ago

Similar presentations

Presentation on theme: "May, 2013 Delegated Administration Project Excalibur Miho Hoshino, WW Support Readiness."— Presentation transcript:

1 May, 2013 Delegated Administration Project Excalibur Miho Hoshino, WW Support Readiness

2 © 2013 Citrix | Confidential – Do Not Distribute Document management CategoryTracking Information Company:Citrix Systems, Inc. Author(s):Miho Hoshino Owner(s):Worldwide Support Readiness Last modified:May, 2013 Version:Draft 3 Length:20 minutes

3 © 2013 Citrix | Confidential – Do Not Distribute Agenda Feature Description Enhancements from the previous versions Design considerations Troubleshooting References

4 © 2013 Citrix | Confidential – Do Not Distribute Delegated administration in XenDesktop 5.x There are five types of built-in administrator:  Full Administrator Has full administration roles  Machine Administrator Owns the catalogs  Assignment Administrator Can assign desktops to users  Read-only Administrator Can see all aspects of XenDesktop site  Help desk Administrator Can perform day-to-day monitoring and maintenance tasks No granular control for permission

5 © 2013 Citrix | Confidential – Do Not Distribute Delegated administration in Excalibur Provides an enterprise-class administration model and granular permission configuration Uses role and object-based control

6 © 2013 Citrix | Confidential – Do Not Distribute Delegated administration in Excalibur ScopesRoles Full Administrator Read Only Administrator Help Desk Administrator Machine Catalog Administrator Delivery Group Administrator Host Administrator Custom Objects can be in more than one scope Object Administrators Object All Win7Sales Object Full Admin All Help Desk Win7 Machine Catalog Delivery Group Win7 An administrator is associated with one or more role and scope pairs Sales A role has defined permissions

7 © 2013 Citrix | Confidential – Do Not Distribute How to create new administrator Select a role or create a new one Click Finish to enable the new administrator Click Create Administrator Type the name of the administrator user account or browse to it Select a scope or create a new one

8 © 2013 Citrix | Confidential – Do Not Distribute Creating a new scope

9 © 2013 Citrix | Confidential – Do Not Distribute Creating a new role

10 © 2013 Citrix | Confidential – Do Not Distribute Tips: Assigning multiple role and scope pairs Select and right-click an administrator Select Edit Administrator Click Add Select a scope and a role

11 © 2013 Citrix | Confidential – Do Not Distribute Resultant set of permissions (RSOP)

12 © 2013 Citrix | Confidential – Do Not Distribute RSOP report

13 © 2013 Citrix | Confidential – Do Not Distribute Delegated administration component interactions DDC server cmdlet PowerShell Desktop StudioDirector Delegated Administration Service Other Services Admin Config SDK WCF/Soap Call Inter-service Call SQL DB Access Cmdlets that change data ask the Delegated Administration Service if the user has the proper permission to perform the operation

14 © 2013 Citrix | Confidential – Do Not Distribute Delegated Administration Service Provides the core storage of delegated administration configuration Inherits many of the standard service behaviours of a normal XenDesktop Service:  Initial database creation  Schema versioning and updates  Service status and registration with the Configuration Service  A PowerShell admin service  A number of PowerShell cmdlets for managing service lifecycle and registration  Support for an inter-service WCF interface  Support for logging configuration changes

15 © 2013 Citrix | Confidential – Do Not Distribute Desktop Studio Director Active Directory XenDesktop Services Internal delegated administration objects RightRole Permission OperationScope Administrator User/Group Account Known Permission Known Permission Known Operation Scoped Object Indirectly Scoped Object Unscoped Object 1111 1 1 1 * * * * * * * **

16 © 2013 Citrix | Confidential – Do Not Distribute Internal delegated administration objects Descriptions AdministratorRepresents an individual person or a group of people identified by their Active Directory account RoleRepresents a job function, and has defined permissions associated with it. Roles can be built-in or custom ScopeRepresents a collection of objects RightRights determine what an administrator can do and where they can do it. They are expressed as a number of pairs associated with each administrator PermissionRepresents a unit of functionality that an administrator can perform OperationOperations are the indivisible unit of functionality

17 © 2013 Citrix | Confidential – Do Not Distribute PowerShell cmdlets for delegated administration Scope/Role/Permission/PermissionGroup/Administrator/Right cmdlets Get-AdminRevision Get-AdminEffectiveRight Get-AdminEffectiveAdministrator Test-AdminAccess Import-AdminRoleConfiguration Get-AdminRoleConfiguration

18 © 2013 Citrix | Confidential – Do Not Distribute Tracing delegated administration DelegatedAdminDAL DelegatedAdminFiltering DelegatedAdminLog DelegatedAdminLogging DelegatedAdminSnapIn DelegatedAdminDAL DelegatedAdminFiltering DelegatedAdminLog DelegatedAdminLogging DelegatedAdminSnapIn

19 © 2013 Citrix | Confidential – Do Not Distribute Questions? What happens when the service is down? What happens when the database dies? Does the service check users’ permission every time they run cmdlets?

20 © 2013 Citrix | Confidential – Do Not Distribute References http://edocssand.citrix.com/proddocs/topic/xendesktop-7/cds-manage- delegatedadmin.htmlhttp://edocssand.citrix.com/proddocs/topic/xendesktop-7/cds-manage- delegatedadmin.html

21 Work better. Live better.

Download ppt "May, 2013 Delegated Administration Project Excalibur Miho Hoshino, WW Support Readiness."

Similar presentations

Presentation Heading – font Arial

Presentation Heading – font Arial
Futures – Alpha Cloud Deployment and Application Management.

Futures – Alpha Cloud Deployment and Application Management.
System Center Configuration Manager Push Software By, Teresa Behm.

System Center Configuration Manager Push Software By, Teresa Behm.
Provisioning Services

Provisioning Services
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
June, 2013 Remote PC v2 Excalibur - XenDesktop 7 Mick Glover Worldwide Support Readiness.

June, 2013 Remote PC v2 Excalibur - XenDesktop 7 Mick Glover Worldwide Support Readiness.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
SQL Server 2008 Basmah AlQadheeb-213 MIS-2011 1. What is a Database ? A database is a collection of Data that is organized so that it can easily be accessed,

SQL Server 2008 Basmah AlQadheeb-213 MIS What is a Database ? A database is a collection of Data that is organized so that it can easily be accessed,
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
Vikram Thakur Introduction to Active Directory Structure.

Vikram Thakur Introduction to Active Directory Structure.
WCA-B324 Get Up!!! YAAAWWWN! App-V 5.0 Get Ready for… Are You Ready?

WCA-B324 Get Up!!! YAAAWWWN! App-V 5.0 Get Ready for… Are You Ready?

Similar presentations

Ads by Google