Technical Note – Optimize Windows 10
Citrix.com 1 Table of Contents
Removing Unnecessary Windows 10 Applications 3
Scheduled Task Considerations 4
Microsoft Customer Experience Program 4
Safety 5
Maintenance \ Optimization \ Protection 6
HDX Optimizations 13
OS and User Optimization 13
User Experience Optimizations 14
Optimized for WAN 15
Printing from non-Windows end points (Mac and Linux) 17
www.citrix.com | Technical Note | Windows 10 Optimizations 2
This technical note a collection of Windows 10 optimizations best practices used by Citrix architects in the field. It is not official recommendation from either Citrix or Microsoft, and is only intended as a starting point for administrators to evaluate in their own staging environment.
If deployed correctly, these optimizations can significantly improve the scalability and user-response of Windows 10 virtual desktops delivered using Citrix XenDesktop.
Disclaimer
This White paper is intended for administrators deploying Windows 10 in a XenDesktop 7.x environment. Many of the examples reference non-persistent environments, but the modifications also apply to persistent desktops. The materials in this document are provided “as is” and Citrix hereby disclaims all express or implied representations.
Removing Unnecessary Windows 10 Applications Windows 10 contains many applications after a fresh installation. After installation, Windows 10 Enterprise contains over 50 applications already in my start menu, many of these are the system apps that we want to keep like PowerShell and Command Prompt, but there are many others that are unneeded, and will consume unneeded resources.
Look at the Windows 10 list of default apps by running the following PowerShell command:
Get-ProvisionedAppXPackage -Online|Select DisplayName
www.citrix.com | Technical Note | Windows 10 Optimizations 3
Before creating a master image, the following PowerShell command can be run to cleanup all unnecessary applications.
Get-AppxPackage -AllUsers | Remove-AppxPackage
Scheduled Task Considerations Many of the scheduled tasks listed below were designed to enhance a persistent Operating System. Many Windows 10 instances in XenDesktop are provisioned on-the-fly and discarded upon log-off, using MCS or PVS. The scheduled tasks below may be removed. Below is a sample PowerShell script that removes all task not named Outlook or GoToMeeting.
#Remove all scheduled tasks except task to pin outlook to taskbar
#if -notmatch -or does not work here
$schedule = New-Object -com Schedule.Service
$schedule.connect()
$tasks = $schedule.getfolder("\").gettasks(0)
foreach ($task in ($tasks | select Name)) {
if ($task -notmatch "G2MUpdateTask"){
$task2 = $task
if ($task2 -notmatch "outlook"){
SchTasks /Delete /TN $($task2.name) /f
} } }
Microsoft Customer Experience Program
Tasks Description
Aggregates and uploads Application Application Telemetry information if opted-in to the Experience \ Appraiser Microsoft Customer Experience www.citrix.com | Technical Note | Windows 10 Optimizations 4
Improvement Program.
Application Collects program telemetry information if Experience \ opted-in to the Microsoft Customer ProgramDataUpdater Experience Improvement Program
This task collects and uploads autochk SQM data if opted-in to the Microsoft Customer AutoCHK \ Proxy Experience Improvement Program.
If the user has consented to participate in Customer Experience the Windows Customer Experience Improvement Program Improvement Program, this job collects and \Consolidator sends usage data to Microsoft.
The Kernel CEIP (Customer Experience Improvement Program) task collects additional information about the system and Customer Experience sends this data to Microsoft. If the user has Improvement Program not consented to participate in Windows \KernelCeipTask CEIP, this task does nothing.
Customer Experience This job sends data about windows based on Improvement Program user participation in the Windows Customer \Uploader Experience Improvement Program
The USB CEIP (Customer Experience Improvement Program) task collects Universal Serial Bus related statistics and information about your machine and sends to the Windows Device Connectivity engineering group at Microsoft. The information received is used to help improve the reliability, stability, and overall Customer Experience functionality of USB in Windows. If the user Improvement Program has not consented to participate in Windows \UsbCeip CEIP, this task does not do anything.
Safety
Tasks Description
www.citrix.com | Technical Note | Windows 10 Optimizations 5
Initializes Family Safety monitoring and Shell \ FamilySafetyMonitor enforcement.
Synchronizes the latest settings with Shell \ FamilySafetyRefresh the Family Safety website.
Can be disabled in case an alternative Windows Defender \ Windows virus and malware protection has been Defender CacheMaintenance implemented.
Can be disabled in case an alternative Windows Defender \ Windows virus and malware protection has been Defender CacheMaintenance implemented.
Can be disabled in case an alternative Windows Defender \ Windows virus and malware protection has been Defender Cleanup implemented.
Can be disabled in case an alternative Windows Defender \ Windows virus and malware protection has been DefenderScheduled Scan implemented.
Can be disabled in case an alternative Windows Defender \ Windows virus and malware protection has been DefenderVerification implemented.
This task adjusts the start type for firewall-triggered services when the Windows Filtering Platform start type of the Base Filtering Engine \BfeOnServiceStartTypeChange (BFE) is disabled.
Maintenance \ Optimization \ Protection
Tasks Description
Scans startup entries and raises Application Experience \ notification to the user if there are too StartupAppTask many startup entries.
CHKDSK \ Proactive Scan NTFS Volume Health Scan
The Windows Scheduled Maintenance Diagnosis \ Scheduled Task performs periodic maintenance of
www.citrix.com | Technical Note | Windows 10 Optimizations 6
the computer system by fixing problems automatically or reporting them through the Action Center.
The Windows Disk Diagnostic reports DiskDiagnostic \ Microsoft- general disk and system information to Windows- Microsoft for users participating in the DiskDiagnosticDataCollector Customer Experience Program.
DiskDiagnostic \ Microsoft- This task warns users about faults that Windows- occur on disks that support Self- DiskDiagnosticResolver Monitoring and Reporting Technology
Defrag \ ScheduledDefrag This task optimizes local storage drives
Protects user files from accidental loss by copying them to a backup location FileHistory \ File History when the system is unattended
Measures a system’s performance and Maintenance \ WinSAT capabilities
MemoryDiagnostic \ Schedules a memory diagnostic in ProcessMemoryDiagnosticEvents response to system events.
MemoryDiagnostic \ Detects and mitigates problems in RunFullMemoryDiagnostic physical memory (RAM).
This task analyzes the system looking Power Efficiency Diagnostics \ for conditions that may cause high AnalyzeSystem energy use.
RecoveryEnvironment \ Validates the Windows Recovery VerifyWinRE Environment.
Registry \ RegIdleBackup Registry Idle Backup Task
This task creates regular system SystemRestore \ SR protection points.
The Windows Diagnostic Infrastructure Resolution host enables interactive resolutions for system problems detected by the Diagnostic Policy WDI \ ResolutionHost Service. It is triggered when necessary www.citrix.com | Technical Note | Windows 10 Optimizations 7
by the Diagnostic Policy Service in the appropriate user session. If the Diagnostic Policy Service is not running, the task will not run
In Windows 10, these services are running, by default, and can be stopped and disabled (Caution: Disabling these services can result in applications not working appropriately and will increase troubleshooting time).
Service Name Default State Default Status Notes
Set default state to “Manual” as 3rd party Background software might Intelligent Automatic require the Transfer Service (Delayed Start) Running service.
Device Association Manual (Trigger Service Start) Running
Diagnostic Policy Services Automatic Running
Diagnostic Service Host Manual Running
Diagnostic System Host Manual Running
Diagnostics Tracking Service Automatic Running
Function Discovery Provider Host Manual Running
Function Discovery Manual Running Resource www.citrix.com | Technical Note | Windows 10 Optimizations 8
Publication
Home Group Manual (Trigger Not used in VDI Provider Start) Running environment
Automatic Security Center (Delayed Start) Running
Supports Shell Hardware AutoPlay, which Detection is not typically Service Automatic Running used in VDI.
Not typically used in corporate SSDP Discovery Manual Running environments.
Can enable for dedicated SuperFetch Automatic Running desktops
This will impact the user Themes Automatic Running experience
Windows Connect Now – Config Registrar Not required in Service Manual Running VDI
Consider disabling. Will have a high Automatic impact on server Windows Search (Delayed Start) Running density.
These services are not running, but they are set to Manual or Manual (Trigger Start). Although they are not running, disabling them will prevent their accidental execution in a VDI environment. (Caution: Disabling these services can result in applications not working appropriately and will increase www.citrix.com | Technical Note | Windows 10 Optimizations 9
troubleshooting time).
Service Name Default State Default Status Notes
Manual (Trigger AllJoyn Router Start) Stopped
Application Not needed for Layer Gateway VDI Service Manual Stopped environments.
Drive encryption BitLocker Drive not typically Encryption Manual (Trigger used in VDI Service Start) Stopped environments.
Block Level Windows backup Backup Engine not typically Service Manual Stopped used in VDI.
Bluetooth Hands Manual (Trigger Not typically free Service Start) Stopped used in VDI.
Bluetooth Manual (Trigger Support Service Start) Stopped
Used for network savings to a WAN and BranchCache not typically Service Manual Stopped needed in VDI
Computer Manual (Trigger Browser Service Start) Stopped
Encrypting File Manual (Trigger System Service Start) Stopped
Fax Service Manual Stopped
Not used within Home Group corporate Listener Manual Stopped environments.
Manual Stopped Internet Not used within www.citrix.com | Technical Note | Windows 10 Optimizations 10
Connection VDI Sharing (ICS) environments.
Manual (Trigger Offline Files Start) Stopped
Should only optimize in the Optimize Drives Manual Stopped master image
Retail Demo Manual Stopped
Sensor Monitoring Manual (Trigger Service Start) Stopped
UPnP Device Host Service Manual Stopped
Disable if logs Windows Error are not being Reporting Manual (Trigger gathered and Service Start) Stopped analyzed
Windows Media Not typically Player Network used in VDI Sharing Manual Stopped environments.
Manual (Trigger Only update the Windows Update Start) Stopped master image.
Not typically WLAN used in VDI AutoConfig Manual Stopped environments.
Not typically WWAN used in VDI AutoConfig Manual Stopped environments.
Not typically Xbox Live Auth used in VDI Manager Manual Stopped environments.
Not typically Manual Stopped Xbox Live Game used in VDI www.citrix.com | Technical Note | Windows 10 Optimizations 11
Save environments.
Xbox Live Not typically Networking used in VDI Service Manual Stopped environments.
IMPORTANT
If these services are disabled in the master image, it will be more difficult to effectively manage the master image. For example, if Windows Update is disabled in the master image, an administrator will be required to re-enable the Windows Update Service BEFORE trying to run Windows Update. The administrator will then have to remember to disable Windows Update when the update process is complete.
The following Powershell commands set the Windows Update Service to manual, and also starts the service.
$service ="wuauserv"
$result = (gwmi win32_service -computername $env:computername - filter "name='$service'").startservice() #<------.stopservice()
$result = (gwmi win32_service -computername $env:computername - filter "name='$service'").ChangeStartMode("manual") #<------“automatic”
Administering Services via Group Policy (preferred)
www.citrix.com | Technical Note | Windows 10 Optimizations 12
HDX Optimizations
OS and User Optimization
Optimization Configuration
Disable hibernate Powercfg -h off
Turn Off Data Execution Prention bcdedit /set nx AlwaysOff
Disable System Recovery bcdedit /set recoveryenabled no
Optimization Configuration
Disable default HKEY_USERS\.DEFAULT\ControlPanel\Desktop system Screensaver “ScreenSaveActive”=dword: 00000000
Disable the Windows [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wind 10 First ows\CurrentVersion\Policies\System] Logon Animation “EnableFirstLogonAnimation”=dword:00000000
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Hide Hard Error Control\Windows] Messages “ErrorMode”=dword:00000002
[HKEY_CURRENT_USER\Software\Microsoft\Window Settings “Visual s\CurrentVersion\Explorer\VisualEffects] Effects to Custom” “VisualFXSetting”=dword:00000003
Disable “Show [HKEY_CURRENT_USER\Software\Microsoft\Window translucent selection s\CurrentVersion\Explorer\Advanced] rectangle” “ListviewAlphaSelect”=dword:00000000
Disable “Show [HKEY_CURRENT_USER\Software\Microsoft\Window shadows under s\CurrentVersion\Explorer\Advanced] windows” “ListviewShadow”=dword:00000000
Disable “Animate windows when [HKEY_CURRENT_USER minimizing and \ControlPanel\Desktop\WindowMetrics] maximizing” “MinAnimate”=”0”
Disable “Animations [HKEY_CURRENT_USER\Software\Microsoft\Window www.citrix.com | Technical Note | Windows 10 Optimizations 13
in the taskbar” s\CurrentVersion\Explorer\Advanced] “TaskbarAnimations”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Window Disable “Enable s\DWM] Peek” “EnableAeroPeek”=dword:00000000
Disable “Save [HKEY_CURRENT_USER\Software\Microsoft\Window Taskbar Thumbnail s\DWM] Previews” “AlwaysHibernateThumbnails”=dword:00000000
Disable “Smooth
edges of screen [HKEY_CURRENT_USER \Control Panel\Desktop] fonts” “FontSmoothing”=”0”
Disable the rest of [HKEY_CURRENT_USER \Control Panel\Desktop\] the visual effects “UserPreferencesMask”=RegBin: “90,12,01,80”
Disable “Cursor blink” Disable cursor blink [HKEY_CURRENT_USER \Control Panel\Desktop] rate “CursorBlinkRate”=”-1″
Disable Internet [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Micros Explorer First Run oft\InternetExplorer\Main] Wizard “DisableFirstRunCustomize”=dword:00000001
Reduce menu show [HKEY_CURRENT_USER\ControlPanel\Desktop] delay MenuShowDelay”, “0”
User Experience Optimizations The policies below can be implemented to optimize the Windows 10 user experience. The following policies apply to all users on the machine:
Computer Policy Setting
Audio Over UDP Allowed
Dynamic windows preview Enabled
Image caching Enabled
Session reliability connections Allowed
www.citrix.com | Technical Note | Windows 10 Optimizations 14
WebSockets connections Allowed
Windows Media redirection Allowed
Windows Media redirection buffer size 5 seconds
Windows Media redirection buffer size use Enabled
The following policies apply per user session:
User Policy Setting
Automatic keyboard display Allowed
Client USB device redirection Allowed
Default printer Do not adjust the user's default printer
Desktop Composition Redirection Disabled
Disconnected session timer Enabled
Disconnected session timer interval 2880 Minutes
Extra color compression Enabled
Remote the combo box Allowed
Optimized for WAN This template is intended for task workers in branch offices using a shared WAN connection or remote locations with low bandwidth connections accessing applications with graphically simple user interfaces with little multimedia content. This template trades off video playback experience and some server scalability for optimized bandwidth efficiency. The Optimized for WAN template was first introduced with www.citrix.com | Technical Note | Windows 10 Optimizations 15
XenDesktop 7.6 Feature Pack 3, and it serves as a guideline for users traversing WAN traffic. The example below applies the policy only to users coming through a NetScaler:
www.citrix.com | Technical Note | Windows 10 Optimizations 16
Printing from non-Windows end points (Mac and Linux) When non-Windows Receivers connect to a Windows 2012 Server with Universal Print Driver (UPD) options configured for client printers, the Post-script (PS) and PCL drivers might not be available, therefore the printers will not get auto-created.
Manual Workaround
As a workaround, to use the Citrix UPD for non- Windows clients, such as Mac and Linux, install appropriate drivers on the server manually:
PS driver = HP Color LaserJet 2800 Series PS PCL4 driver = HP LaserJet Series II PCL5c driver = HP Color LaserJet 4500 PCL 5
From the Windows Server 2012, choose Add a printer from Devices and Printers.
Continue through the wizard as if you are adding a local printer though it is not attached.
Click Add a local printer > select LPT1: (Printer Port) > click Windows Update.
www.citrix.com | Technical Note | Windows 10 Optimizations 17
From the new list, browse to HP and select the appropriate driver as listed in the preceding screen shot.
Add the printer.
Automated Process
To automate this process, navigate to C:\windows\System32\DriverStore\FileRepository
The HP drivers from the Windows Update process (Step 3) are located at the below location, but if a different driver is needed, one may need to sort by date created and find the .inf file needed.
C:\windows\System32\DriverStore\FileRepository\prnhp001.inf_amd 64_081cf2b90ec9e6d5
#Mac Printer redirection fix
pnputil -a C:\windows\System32\DriverStore\FileRepository\prnhp001.inf
printui.exe /ia /m "HP Color LaserJet 4500 PCL 5" /h "x64" /v "HP Color LaserJet 4500 PCL 5" /f "C:\windows\System32\DriverStore\FileRepository\prnhp001.inf"
printui.exe /ia /m "HP LaserJet Series II" /h "x64" /v "HP LaserJet Series II" /f "C:\windows\System32\DriverStore\FileRepository\prnhp001.inf"
printui.exe /ia /m "HP Color LaserJet 2800 Series PS" /h "x64" /v "HP Color LaserJet 2800 Series PS" /f "C:\windows\System32\DriverStore\FileRepository\prnhp001.inf" www.citrix.com | Technical Note | Windows 10 Optimizations 18
Enterprise Sales North America | 800-424-8749 Worldwide | +1 408-790-8000 Locations Corporate Headquarters | 851 Cypress Creek Road Fort Lauderdale, FL 33309 United States Silicon Valley | 4988 Great America Parkway Santa Clara, CA 95054 United States Copyright© 2016 Inc. All rights reserved. Citrix, the Citrix logo, and other marks appearing herein are property of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered with the U.S. Patent and Trademark Office and in other countries. All other marks are the property of their respective owner/s.
Citrix.com 19