Tuesday 24 December 2013

What Happen If My XenApp Farm Cant Connect to the Data Store?

This is one of my favorite interview question, I just don't know why. it seems simple, but some candidates failed to give a proper answer (poor them). I wish all of them better luck next time.

 Okay, now back to the real business. From Citrix Administrators Point-of-View, losing a DB may cost chaos, depending on how severe the issue is. However, from user perspective, nothing is different. Users wont really impacted of this. They still be able to launch Citrix published applications and works as normal. Thanks to Local Host Cache (LHC), it eases the burden of Citrix Admins (oh really?)

 However, although all Citrix XenApp servers have LHC, there are some conditions that Citrix Admins need to remember :
  • There is no grace period for this (MPS 3.0 and above). Users still be able to connect to the Citrix farm (lucky!)
  • Only static information  available to users. No new info can be added and current info cannot be changed (not really...)

 In any circumstances, DO NOT :
  • Restart / reboot the Citrix XenApp servers. it will cause the server to contact DB server. This will result IMA service won't started.
  • Restart IMA service (same reason as above).
  • Re-create LHC (in order to re-create LHC, we need to stop IMA service).

Reference :


Share:
           , , ,       No comments    

Sunday 22 December 2013

Error on Citrix Web Interface - Credential Error

This time, I want to discuss on an error occurred when users want to access Citrix Web Interface. This may happen for new farms or when new XML servers added to the farm. 

Issues :
  • Users received below error when accessing Citrix Web Interface :
Troubleshooting 
  1. From Citrix Web Interface server, go to application log, and search for Event ID 31003 and Event ID 30110.
  2. Those Event IDs indicates that XML service transition failed.

    Event ID 31003 in Application Log

    Event ID 30110 in Application Log

  3. Check which server(s) is/are configured as XML Service servers for the farm, and RDP to the server(s). 

Resolution :
  1. go to Start > run, type regedit and press Enter.



  2.  browse to HKLM\Software\Citrix\IMA

  3. Add a new registry value (ensure it is DWORDS (32-bit) Value)

  4. Set the name as UseNetworkLogon




  5. Right-click at the newly created key, and click Modify...

  6. Change the value data to 1. Ensure the base is Hexadecimal.

  7. This is the final outcomes :

  8. Go to Services, and restart Citrix Independent Management Architecture service.
Share:
           , ,       1 comment    

Monday 9 December 2013

AD Group Scope

Some people are having difficulties to differentiate between Universal, Global and Domain Local groups (including me, sometimes).  The table below illustrates the differences between those group scopes.

Some lesson learnt :-
  • Global groups can be added to Domain Local groups (from the same domain or crossed-domain), but not vice versa
  • For Global groups, you only can add accounts from its domain and its parent Global groups
  • In order to add accounts from any domain, you need to have Local Domain groups, Global groups won’t allow you to do so.
  • Converting a group to Domain Local, add those crossed-domain users, and convert it back to Global group won’t do the trick.
  • Domain Local groups cannot be added to Domain Local groups from any domain except for its domain and the parent.

Group scope
Group can include as members…
Group can be assigned permissions in…
Group scope can be converted to…
Universal
·      Accounts from any domain within the forest in which this Universal Group resides
·      Global groups from any domain within the forest in which this Universal Group resides
·      Universal groups from any domain within the forest in which this Universal Group resides
Any domain or forest
·      Domain local
·      Global (as long as no other universal groups exist as members)
Global
·      Accounts from the same domain as the parent global group
·      Global groups from the same domain as the parent global group
Member permissions can be assigned in any domain
Universal (as long as it is not a member of any other global groups)
Domain local
·      Accounts from any domain
·      Global groups from any domain
·      Universal groups from any domain
·      Domain local groups but only from the same domain as the parent domain local group
Member permissions can be assigned only within the same domain as the parent domain local group
Universal (as long as no other domain local groups exist as members)


noteNote
The information in this table implies that the domain functional level is set to either Windows 2000 native or Windows Server 2003. When the domain functional level is set to Windows 2000 mixed or Windows Server 2003 interim, security groups with universal scope cannot be created, although distribution groups with universal scope are still permitted.


source : http://technet.microsoft.com/en-us/library/cc755692(v=ws.10).aspx
Share:
                 No comments    

Sunday 8 December 2013

XTE Service Cannot be Started


Citrix XTE Server service is one of the essential service in Citrix XenApp. it is directly relates to Session Reliability. What is Session Reliability? Please read from here and here. Is Session Reliability Goood? Hmm, read this article and go figure it out. (such a lazy bum of me, huh?)

 It might occurred in your environment that XTE Server service can't be started at one server, while the rest are fine. Session Reliability option is enabled from Citrix Console.  So, what's next?  


Issues :

You may received below error when you want to start XTE Server service.

 



Troubleshooting 

browse to %programfiles%\Citrix\XTE\Conf, check whether file httpd.conf is existed / is there any content inside the file.



Resolution :
  1. Copy the file from server that is working fine. 

Share:
           , , ,       No comments    

Friday 29 November 2013

No Printers Listed in Citrix XenApp Session - ICA-tcp Listener Configuration Error

Users reports that they are not able to perform printing. Services are up and running, but issue still persist, although after you restarted those Printer Spooler and Citrix Print Management services. 

 In addition, required Service IDs are properly configured. Users reboot their workstations, but to no avail. So, what is next?


Issues :
  • Users may received one or more errors regards to printing. Below are some of the error examples :


 - or - 


  • Meanwhile from server perspective, no printers listed in Printer and Faxes

  • Upon checking the services, both Printer Spooler and Citrix Print Management services are started. Issue remains although those services restarted. Required Service ID (ctx_cpsvcuser) is in place.




Troubleshooting 
  1. Press Start, hover to Administrative Tools, click at Terminal Service Configuration. Or, press Start, choose run type tscc.msc, and press enter.
  2. Right click at ICA-tcp listener, and choose Properties
  3. Inside ICA-tcp Properties, focus on Permission tab. Ensure Service ID ctx_cpsvcuser is listed, with proper permission. If it is not, follow below steps.

 Resolution :
  1. Click at the Advanced button.

  2. Click Add... to add new user
  3. Add this user (ctx_cpsvcuser), press Check Names and OK
    \
  4. For the Permission Entry, Clear the Logon permission and Add Query Information and Virtual Channels with Allow permission.
  5. Ensure you will see the user (ctx_cpsvcuser) added, press Apply and OK.

  6. You will see the ID added to ICA-tcp properties, as below.
Share:
           , , ,       No comments    

Monday 28 October 2013

Cannot Find a Valid Terminal Services License Server

After installing Terminal Services Role to a server, you may want to specify the license server. The Terminal Server will make an attempt to locate the Terminal Service License servers first, before make an attempt to follow automatic license server discovery process. You may see below balloon :


Note that this is for Windows Server 2008. For Windows Server 2003, please go to here.


Description :
  • You want to specify Terminal Services License server, so Terminal Services role can be used by servers.



How To Do :

  1. Go to Start > Administrative Tools > Terminal Services > Terminal Services Configuration. Or you can type tscc.msc in Run box.

  2. Right click at License server discovery mode, and click at Properties.

Share:
           , ,       No comments    

Wednesday 23 October 2013

How To Auto-Create and Configure ctx_cpsvcuser

As mentioned in previous post,  ctx_cpsvcuser can be created and configured with a tool, but it is limited to certain Citrix XenApp versions only :
  • Feature Pack 1 for Presentation Server 4.5
  • Presentation Server 4.5 for Windows Server 2003
  • Presentation Server 4.5 for Windows Server 2003 x64 Edition
  • XenApp 5.0 for Windows Server 2003 x64
  • XenApp 5.0 for Windows Server 2003 x86
Description :
  • Using tool to create Service ID ctx_cpsvcuser in Citrix XenApp servers.

How To Do :
  1. Download the re-creation tool here.
  2. Upload the files to Citrix server.
  3. Run command prompt, browse to the uploaded folder, and run below command.
    32-bit : CtxCpsvc10.exe –install | 64-bit : CtxCpsvc10_x64.exe –install

    1. once done, double check the Citrix Print Management service. Ensure it can be started and set to Automatic.



    Reference :
    Share:
               , , ,       No comments