Citrix XenApp

My Citrix Blog and troubleshooting Information.

Fix Your Citrix License Issues

You can add as much HA and DR infrastructure as you like to your farm but ultimately the license server or RDS license server can bring down your entire estate. Citrix offer a 720 hour grace period which allows you time to fix your license server or bring a new one online. Microsoft RDS license offer 120 days grace period if you havent already used it. This blog post is to address the process of troubleshooting Citrix licensing, monitoring them and the networking ports required to for the service to work.

 

The issue:  A DDC dropped off the site/farm as was unable to connect to a valid license from the license server.

Even with port 27000 open and confirmed by telnet it was still unable to connect.

The additional port 7279 (check in/check out) was opened by networks and I could see in the event logs that Citrix Broker service connected to the license server. However in studio we still could view the license server.

After further investigation I found an error code: XDDS:9509EEA3. This suggested that ports tcp 8082 and 8083 were needed opening as per article: https://support.citrix.com/article/CTX200937

Resolution: The Citrix Web Services for Licensing service listens on port 8083/8082 and is required if you want to view licenses in Studio on a DDC, ports 27000 and 7279 are essential for acquiring licenses.

Networking: DDC to license server is requires ports: TCP 27000, 7279, 8083, 8082 to properly function. Our enviroment is completely locked down so we have to request every port that needs to be opened between hosts.

Monitoring:  Event logs will help you identify license issues look for the following:

  • Error: Source: Citrix Broker Service,   Event 1151, The Citrix Broker cannot contact the license server
  • Error: Source: Citrix Broker Service,   Event 1155, The Citrix Broker will not stop providing desktop and application sessions, this controller is no longer in grace period…. (This is critical and you need to fix the issue ASAP or face losing the DDC/Site)
  • Info: Source: Citrix Broker Service,   Event 1198, The Citrix Broker is successfully consuming licenses from the license server..  (Your back in business)
  • Info: Source: Citrix Broker Service,   Event 1150, The Citrix Broker Service successfully contacted the license server (Your license server is back online, Happy Days)

RDS licensing: Citrix requires your have RDS (Remote Desktop) licenses on an RDS License server, you dont need to configure your VDA for all RDS services and the VDA will install these automatically.

You need to create a GPO to point your Citrix Servers (VDA) to the RDS license server. This came in Windows 2012 as before you could just add the RDS license servers in the control panel.

 

Networking Ports: This can be a pain because you need so many and also a dynamic range, but you can customize the port range: https://support.microsoft.com/en-us/help/154596/how-to-configure-rpc-dynamic-port-allocation-to-work-with-firewalls

Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports¹ TCP <var>random port number between 1024 – 65535</var>
<var>random port number between 49152 – 65535²</var>
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139
SMB TCP 445

RDS Events: This is better explained in the Microsoft article as there are many examples: https://technet.microsoft.com/en-us/library/ee890876(v=ws.10).aspx

You can choose which event IDs are best to monitor, but generally unable to connect, issue or a certifcate related to this service needs to be monitored.

 

 

Whatever Networks Blogging Returns

Hello readers, I back to writing my technical blog, mostly on Citrix issues I’ll cover other topics of interest as well.  over the past 2 years I’ve embarked on a Global Citirx deployment of Netscalers, XenDesktop 7.x and XenServer VDI solutions. To be honest I haven’t had the time or energy to write, but now most of the work is done I can enlighten my readers to some interesting ways to troubleshoot and use Citrix products. There is a lot of useful information and guides already out there so I’ll highlight useful reads and news from Citrix as well as share my own experiences.

Citrix Pre-Launch, Does it really work?

Hey Everyone, Sorry about the absence of an update, I’ve been pretty busy working on a number of projects, I just havent had time to write.  I’ve seen a increase of subscribers, so I hope to write more intertesting and valuable content.  Please note that I’m not allowing any comments at the moment, it’s just too much admin.

I’ve been travelling a bit in the last month in the US to assist in a number of datacentres migrations as the company I work for continues to grow and expand in America this makes my job more interesting 🙂 its nice to catch up with my US collegues and enjoy a few pints around New York.

Well… lets get back to Citrix.

Enviroment: XenApp 6.5, Web Interface 5.4

There are many ways in which we can use Citrix so that our users get ther best experiance. I’m now working on the idea of Citrix pre-luanch, a client has required that their application are automatically launched before they even sit down at the desk.  Some trading applications take a while to load all the binaries, connect to the databases and load the positions.

So is there a way to shave 5 minutes off the day waiting for applications to launch?  Well apprentialy so, but how does this work and is it safe and secure?

Over the next couple of days I’ll be running some tests to see how the pre-launch feature works and what steps are required in the real world. I’ve started but looking at the Citrix documentation on this subject and the changes required on the Citrix Receiver and in the App Center.

The Requirement:

To launch a single trading application which normally takes 5 minutes at a scheduled time.

Update: 

Yes its works, but it depends if you have the Web Interface or StoreFront and the version of Citrix receiver.

 

What to expect: The pre-launch feature starts the applications upon logon of the Citrix Receiver in a disconnected state so then you can reconnect to them quickly when you launch the application. This could be Single Sign on or if you have saved your password in Receiver. The application will not acutally launch, but it will be quicker to access.

When you close the application that was prelaunched the sessions also logs out and the prelaunch app only reoccurs upon next logon or if scheduled.

 

How to configure your enviroment:

This really depends on weather your using the Web Interface or StoreFront. If your using the Web Interface 5.4 then you have to use Citrix Receiver Enterprise 3.4 or below, I only tested with version 3.4 and it worked. If your using Storefront then the latest version of Receiver 4.1 works.

Options:

There are 2 ways to configure the prelaunch feature, the first is to just login to receiver using SSO or entering your password. The second is via a schedule time and this is configured in the registry or GPO so you so wish.

Here is how to configure the registry: http://support.citrix.com/article/CTX130793

 

(Update)  But does it really work? 

Yes, if your using simple applications like Microsoft Office or adobe, however if an application has background processes that loads tables or data then no not really.  However there is a work around and this will allow you to pre launch (start) your Citrix applications.

 

I’ve only tested with Citrix Receiver 3.4 but it should work in 4.1.

Prerequisites:  Users must have saved password checked in Receiver.

This is how you do it:

From the command prompt:

Run: “C:\Program Files (x86)\Citrix\ICA Client\pnagent.exe” /QLaunch “MyFarm:Excel 2007”

You can then add this to a batch process and schedule it to start when you need i.e 9AM every mon-Fri.

If this doesn’t work then check users have saved password enabled and that their password hasn’t expired.

 

How to automatically logoff yourself in Citrix

I’ve been working on a solution to provide users with a self logoff button on the Citrix web Interface. The script shown here check for your session on all servers but the  one your running the logoff script from until the end. So if you been looking for a simple way to just allow users to logoff or reset their own session then have a play with this bat script.

This example is for just 3 servers in a farm, hopefully this will just give you the basic idea and you can easier modify it to your enviroment.

Script

@SET TSXEN01=MYServer1

@SET TSXEN02=MyServer2

@SET TSXEN03=MyServer3

@IF %COMPUTERNAME%==%TSXEN01% GOTO KillTS02
@IF %COMPUTERNAME%==%TSXEN02% GOTO KillTS03
@IF %COMPUTERNAME%==%TSXEN03% GOTO KillTS01
@GOTO EOF

:KillTS02
@Echo Logging off Sessions
@FOR /F “tokens=3 skip=1” %%k in (‘query session %USERNAME% /SERVER:%TSXEN02%’) DO LOGOFF /SERVER:%TSXEN02% %%k
@FOR /F “tokens=3 skip=1” %%g in (‘query session %USERNAME% /SERVER:%TSXEN03%’) DO LOGOFF /SERVER:%TSXEN03% %%g
@FOR /F “tokens=3 skip=1” %%i in (‘query session %USERNAME% /SERVER:%TSXEN01%’) DO LOGOFF /SERVER:%TSXEN01% %%i
GOTO EOF

:KillTS03
@Echo Logging off sessions
@FOR /F “tokens=3 skip=1” %%k in (‘query session %USERNAME% /SERVER:%TSXEN02%’) DO LOGOFF /SERVER:%TSXEN03% %%k
@FOR /F “tokens=3 skip=1” %%g in (‘query session %USERNAME% /SERVER:%TSXEN03%’) DO LOGOFF /SERVER:%TSXEN01% %%g
@FOR /F “tokens=3 skip=1” %%i in (‘query session %USERNAME% /SERVER:%TSXEN01%’) DO LOGOFF /SERVER:%TSXEN02% %%i
@GOTO EOF

:KillTS01
@Echo Logging Off Sessions
@FOR /F “tokens=3 skip=1” %%k in (‘query session %USERNAME% /SERVER:%TSXEN02%’) DO LOGOFF /SERVER:%TSXEN01% %%k
@FOR /F “tokens=3 skip=1” %%g in (‘query session %USERNAME% /SERVER:%TSXEN03%’) DO LOGOFF /SERVER:%TSXEN02% %%g
@FOR /F “tokens=3 skip=1” %%i in (‘query session %USERNAME% /SERVER:%TSXEN01%’) DO LOGOFF /SERVER:%TSXEN03% %%i
@GOTO EOF

:EOF

END Script

This script was tested and used in a live enviroment, however there are no warranties.

Process CSRSS.EXE remains when a Sessions is logged off

Summary: I’m working on an  issue with Citrix XenApp 6.5 on Windows 2008 R2 SP1 where sessions remain after a user logs out. We have a number of different environments all running the same version of Citrix and OS. The troubleshooting begins!

Please see my earlier post, this issue remains, “Down Session and Multiple Instances”

Environment:

OS: Windows 2008 R2 X64 SP1 Enterprise

Citrix: XenApp 6.5

Hardware: Blade

IMPACT: Users logging out of Citrix may end up with multiple sessions and multiple processes which are not visible to the user, meaning less resources on the server until the memory and CPU max out and a reboot is required.  This can also affect applications that are license dependent, using up licenses for dead sessions.

 

Troubleshooting: The first question you have to ask yourself:: Is this a Microsoft or Citrix Issue? The CSRSS.exe is a Microsoft component “Client/Server Runtime subsystem” is mainly responsible for Win 32 Console handling and GUI shutdown, terminating this task will cause a BSOD or the server to reboot. So I’m thinking this is more of an Microsoft issue.

Microsoft have already identified this as an issue in a hotfix before SP1 and it was meant to be included in SP1.

Google hasn’t produced any great results so I’ve open an case with Microsoft and we are now trying HOTFIX: KB2661332

I’ve also installed XenApp 6.5 Roll-up Pack 1

Watch this space to see if the issue has been resolved.

Go to Top