Home
  »    »  
StoreFront 2.5 unattended install and config

StoreFront 2.5 unattended install and config

Author: |
Jun
11
2014
 Posted in Citrix No comments

Hi. Today, I will explain how to setup a StoreFront server from scratch with Powershell. I will follow my previous post and just unattend it. For This first try, I didn’t join an Access Gateway (Netscaler Gateway) instance. But I plan to do it in an other post. So, keep in touch !

EDIT V1.2 of this article: As Pascal and Walter said, it is not possible to retreive the passcode from a remote computer with Powershell since this command uses net.pipe. I’ve tested several work around without any success (including psexec). So, I rewrote this post with  the best way I found to achieve this goal. Sorry guys, I probably made a mistake in my lab when I tested the first version.

Prerequisites

  • At least 2 Windows 2012 R2 server.
  • A PFX certificate containing the private key for SSL communications.
  • DNS entry for storefront service fqdn (here : sf.domain.local). Remember Storefront server must be able to reach this DNS name.

Install the first StoreFront server

On the first server, run this Powershell script (replace paths with appropriate values) :

#Install IIS role
Install-WindowsFeature -ConfigurationFilePath IISRole.xml
#import PFX
#path to PFX file
$strPFXPath="c:\exploitation\MyCert.pfx"
#PFX Password
$strPassword="P@ssw0rd"
#Certificate subject
$strCertSubject="CN=sf.domain.local"
certutil -f -importpfx -p $strPassword $strPFXPath
#Bind your certificate to IIS HTTPS listener
$cert=dir Cert:\LocalMachine\My | Where-Object {$_.subject -like $strCertSubject}
$strThumb=$cert.Thumbprint.ToString()
Push-Location IIS:\SslBindings
New-webBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol HTTPS
get-item cert:\LocalMachine\MY\$strThumb | new-item 0.0.0.0!443
Pop-Location
#Install StoreFront
D:\x64\StoreFront\CitrixStoreFront-x64.exe -silent
# hostBase URL for StoreFront (name of the load balanced service, not a server name)
$hostBaseUrl = "https://sf.domain.local"
#XenApp Farm informations
$farmName = "MyFarm"
$XMLport = 80
$XMLtransportType = "HTTP"
$XMLservers = "xdc1.domain.local","xdc2.domain.local"
#SSL port used by storeFront
$sslRelayPort = 443
#Is Storefront load balanced
$loadBalanceStorefront = $TRUE
#type of Farm
$farmType = "XenApp"
#Import SF modules
cd "C:\Program Files\Citrix\Receiver StoreFront\Scripts\"
.\ImportModules.ps1
#Setup Cluster
Set-DSInitialConfiguration -hostBaseUrl $hostBaseUrl -farmName $farmName -port $XMLprot -transportType $XMLtransportType -sslRelayPort $sslRelayPort -servers $XMLservers -loadBalance $loadBalanceStorefront -farmType $farmType
#Start the joining process
Start-DSClusterJoinService
$strPasscode = Get-DSXdServerGroupJoinServicePasscode
$strPasscode.Passcode.ToString() > \\FileServer\share\Passcode.txt

Note that I used IISRole.xml file. This file is easy to generate. Just launch the add role wizard and follow the steps as if you install IIS role (and tools). On the “Confirm installation selections” screen, there is an option (bottom-left) allowing you to “export configuration settings”. It will generate an XML which could be reused on all your servers.

I also used a file share to store my Passcode, which is needed by the server joining the cluster.

 Join Cluster

On the server you want to join to the cluster, run this script :

#Install IIS role
Install-WindowsFeature -ConfigurationFilePath IISRole.xml
#import PFX
#path to PFX file
$strPFXPath="c:\exploitation\MyCert.pfx"
#PFX Password
$strPassword="P@ssw0rd"
#Certificate subject
$strCertSubject="CN=sf.domain.local"
certutil -f -importpfx -p $strPassword $strPFXPath
#Bind your certificate to IIS HTTPS listener
$cert=dir Cert:\LocalMachine\My | Where-Object {$_.subject -like $strCertSubject}
$strThumb=$cert.Thumbprint.ToString()
Push-Location IIS:\SslBindings
New-webBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol HTTPS
get-item cert:\LocalMachine\MY\$strThumb | new-item 0.0.0.0!443
Pop-Location
#Install StoreFront
D:\CitrixStoreFront-x64.exe -silent
#Import SF modules
cd "C:\Program Files\Citrix\Receiver StoreFront\Scripts\"
.\ImportModules.ps1
#name of primary Storefront server
$authorizerHostName="SF1"
#Retrieve the authorization code to join a StoreFront Cluster.
If (Test-Path "\\FileServer\share\PassCode.txt"){
 $authorizerPasscode,$remainingLines = Get-Content "\\FileServer\share\PassCode.txt"
 Write-Host "PassCode : $authorizerPasscode"
 Start-DSXdServerGroupJoinService
 Start-DSXdServerGroupMemberJoin -authorizerHostName $SF_authorizerHostName -authorizerPasscode $authorizerPasscode
 #Later (wait at least 5min...)
 Write-host "Waiting junction"
 Start-Sleep -s 300
 #stop the ClusterJoinService
 $s = New-PSSession -ComputerName $SF_authorizerHostName
 Invoke-Command -Session $s {cd "C:\Program Files\Citrix\Receiver StoreFront\Scripts\"}
 Invoke-Command -Session $s {.\ImportModules.ps1}
 Invoke-Command -Session $s {Stop-DSXdServerGroupJoinService}
 Stop-DSXdServerGroupJoinService
 Write-host "Junction done"
}Else{
 Write-host "No PassCode file in destination"
}

That’s it. The store configuration is basic but functional. I’m still working on a better way to automate this installation… Stay tuned.
Regards
Jerome.

Related Posts

About Author

Jerome QUIEF

Add Your Comment

Your email address will not be published. Required fields are marked *