Load Balance A Citrix Web Interface

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

To me if you don't configure all of your Citrix Web Interfaces (WI) to use a network load balance (NLB) setup you are asking for trouble as you have now created a single point of failure within your environment!

NLB is available in Windows Server 2008 standard and enterprise so you should now have no excuses to implement this in to your environment.

First thing First lets configure 2 Windows 2008 R2 server with NLB, in my test environment the two servers are XenApp.ctxlab.com (192.168.219.129) and XenApp2.ctxlab.com (192.168.219.131) and the NLB address will be XANLB.ctxlab.com (192.168.219.135).


1.  Install the Network Load Balancing feature on both servers that will be hosting both the WI.

2.  Once NLB is installed start the NLB manager and right click to create new cluster.

3.  Enter the first member in the NLB cluster and click Connect and the Next

4.  Check that the IP address is correct and put a tick in the retain suspended state (to help avoid a webserver kicking in after rebooting during controlled maintenance) and click next.

5.  Enter the clusters IP address and Subnet Mask and click on OK.

6.  Add in the FQDN of the cluster and change the Cluster mode to Multicast.

7.  Click on edit to the current port.

8.  Change the port range to 80-80 and the protocol to TCP

9.  Once the port is changed click on finish.

10.  You should now see the first member of the cluster added correctly and add the other member of the cluster.  I wont give a description of each point here as this is done in nearly the exact same way as above I'd add the screenshots to help if anyone gets stuck.

11.  Once you have added the second member to the cluster you should now see both members working correctly.

An error occurred while making the requested connection

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

Recently I had an issue where I was getting the following error when trying to launch a Virtual Desktop via a CAG.

Upon looking closer at the issue I noticed that the Web Interface config had not been setup right and the URL for the STA was actually missing the correct path (http://IPAddressOfDDC/scripts/ctxsta.dll) to the STA and once it was changes to the correct format the Virtual Desktops could launch successfully.

If you have the same issue check the event logs of the Web Interface and see if event ID's 30016 and 30205 are being logged.

Hope this helps someone out.

This operation cannot be performed because the specified virtual disk could not be found.

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

Just had a customer who got the following error when booting a VM

"This operation cannot be performed because the specified virtual disk could not be found."

Turns out that sometimes if you have an ISO mounted in the DVD drive this can sometimes cause the above error.

Hope this helps someone out.

Poor performance with AMD

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

Had some fun recently with some Dell server’s and getting any type of respectable performance from the VM’s on each Xenserver host.

Turns out that if you have a AMD Opteron 62** it is only support on 6.0.2 XenServer (this is all it should require) and even after running the upgrade to 6.0.2 it also then required HOTFIX XS602E016 and to also change the power settings in the BIOS to max power and then upgrade the XenTools of each VM.

Just thought that this might help someone if they are experiencing this type of issue.

Sluggish Windows 7/2008 - XenServer 6.1

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

If you get any issues with sluggish Windows 7 VM’s on XenServer 6.1 ensure you have the following hotfixes applied to the XenHost and then upgrade the XenTools on all VM’s after the Hotfixes have been applied.

XS61E003

XS61E004

XS61E006

XS61E008

XS61E009

XS61E010

Also other possible MS issue could be related to the following - http://support.microsoft.com/kb/2617858

KMS with VDI

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

Anyone doing VDI at somepoint will have to deal with MS licensing and the joys of KMS!  Now if you haven't done it before and you start to read about it on the Technet and what not apparently its really easy to setup and all you need is 25 unique connections to the KMS host to start activating Windows 7 and 5 unique connections for office 2010.  RUBBISH - there's loads of little "gotcha's" that both MS and Citrix don't make you aware of.  

Hopefully this will help a few people out with the pain that is KMS...!

Setting up the KMS Host

NOTE: Always run a CMD in elevated mode.

• Designate a KMS host – has to be 2008 R2 or Windows 7. (You can use 2003... If you have too.)
• Get KMS host key from your MS volume licensing site. DO NOT USE THE KMS CLIENT KEY!
• Run a cscript slmgr.vbs /dlv and you'll see that the KMS Host is currently using a KMS Client key.
• Run cscript slmgr.vbs /ipk XXXXX-KMS-host-key-XXXXX.  This changes the licensing mode to be a KMS Host instead of a KMS Client.
• cscript slmgr.vbs /ato to activate your KMS Host against your MS volume licensing.
• After activating the KMS key, restart the Software Protection Service.
• Re-run a cscript slmgr.vbs /dlv to see the current KMS count is 0 and you'll also notice that the licensing has changes to a KMS Host.

Setting up a KMS Client

• On the golden image if you have changed the license key to a MAK change back to a KMS client key.  Windows automatically comes using a KMS client Key but if you need to change it back use the key from the KMS Client Key website.  DO NOT ENTER THE KMS HOST KEY IN TO A CLIENT!
• On the golden image type the following command to verify the DNS SRV Record: nslookup –type= srv_vlmcs._tcp
• Check that you can ping the KMS host.
• Attempt Windows 7 KMS Client activation using the following command: slmgr.vbs /ato
• The activation attempt will fail with an error that the activation count is insufficient, this is fine but check on the KMS Host that it has received the request by running a cscript slmgr.vbs /dlv on the designated KMKS Host and the count should be 1.
• Since KMS requires 25 unique activation requests to activate the clients spin up 25 desktops.
• VDI-in-a-Box ensure that the activation timer is enabled within the template and for XenDesktop PVS install ensure that the vDisk is set to KMS.

• Now a KMS client will automatically try to register against the KMS host using the DNS SRV record but you can speed this process up by using the VAMT 2.0 to force the activation.   Select 25 or more VM’s and choose to active via KMS.

• Run a cscript slmgr.vbs /dlv to see the current KMS count should be above 25, all other windows 7 VM’s will now rergister.

Setting up Office 2010

• For office make sure that the KMS host has the Microsoft Office 2010 KMS Host License Pack installed along with the KMS Host Office 2010 key from the your MS volume licensing site.
• On the golden image make sure that the Office 2010 installation have the KMS client key and like Windows 7 Office 2010 comes with a KMS Client key.
• From a CMD run a cscript ospp.vbs /dcmid from C:\Program Files (x86)\Microsoft Office\Office14 to see the CMID.
• Start a new CMD and run the following command to allow access to run the Office rearm correctly - icacls C:\ProgramData\Microsoft\OfficeSoftwareProtectionPlatform /grant "Network Service:(OI)(CI)(R,W,D)" /t.
• Start a CMD and run a OSPPREARM.EXE from C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform and this will clear the CMID.
• Rerun a cscript ospp.vbs /dcmid and you'll see the CMID is now cleared.
• Save and/or publish image so that it is now live, if you are using VDI-in-a-Box make sure you tick the "reset activation timer" in the template.
• Activate Office 2010 on 5 desktops by running a CMD from  %programfiles(x86)%\microsoft office\office14\cscript ospp.vbs /act (note: activation will fail for the first 5 desktops and you can also use VAMT 2.0 to do this.)
• Veryify that unique CMIDs are created for each desktop by running %programfiles(x86)%\microsoft office\office14\cscript ospp.vbs /dcmid
• On desktop number 6, KMS activation should work without errors.

I hope this help a few people out and if i get some time I'll put some screenshots of the commands being run just to give a little bit more help.

Troubleshooting Tips
if you have to re-enter a office KMS key as you are currently using a MAK use the following command from %programfiles%\Microsoft Office\Office14.

 cscript ospp.vbs /inpkey:

Thanks

Citrix Access Gateway - Recovery Mode

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

I had an issue this week where I'd setup a XenDesktop environment and everything was looking good and internal testing showed everything was working as it should be.  I moved on to the configuration of the CAG VPX and after configuring just the hostname, Licensing, STA, Access List, Logon Points and the Date and time the CAG would restart it self over and over again until it went in to Recovery Mode.

Upon troubleshooting I started to configure the CAG bit by bit and I found that once I configured the STA the CAG would then restart - very strange.

So I enabled logging on the DDC using the Log EnablerV3 and I could see that I was getting STA error's logged in the broker log, so i started to think that this must have been a dodgy install even though XD installer didn't highlight anything once it had finshed.

So I had a quick peek in the registry and i could see under the following key that the STA identifier wasn't created correctly.

HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\DesktopServer

So I re-ran the Broker_Service_x64.msi from the XD iso and then refreshed the registry and I could now see that the STA identifier was now correctly configured in the registry.

Hope this helps someone out.

1030 Connection Error - VDI-in-a-Box

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

Had an issue the other day on VDI-in-a-Box 5.1.1 where remote access was through a CAG 5.04 and i was getting the dreaded 1030 error!

Checked all the usual places to check for a 1030 error.

• Is the STA generated from the vdiMrg in the CAG.
• Used an SSL checker to see if the SSL was created correctly.
• Checked that the vDesktop DHCP range is in the ICA access control list on the CAG.
• CHecked that the correct ports are opened up on the firewall.

just to name a few.

If you log in to the vdiMgr console and go to advance properties and look under gateways ensure that you have specified the "Internal HDX gateway IP Addresses" which HAS TO point to the internal IP address of the CAG.

A way you can test if you 1030 error is because the "Internal HDX gateway IP Addresses" is wrong is by downloaded and saving the ICA file and seeing if it has been marked with the internal IP address of the vDesktops rather than with the STA.

VDI-in-a-Box - Best Practices

Best Practices: Scale One by One

Creating the VDI-in-a-Box Grid

• Start with one server then expand, or one image then expand
• Scale the grid one server at a time
• Keep host versions consistent
• Assign static IP addresses to servers
• Use of thin provisioning to cut down dramatically on disk space
• Size your server using recommended best practice
• Ensure that you can generate desktops and users can log on before adding a second or third or fourth server to the grid.

Joining servers to the Grid

• Do not join multiple servers at the same time
• Let the second server join, receive images, provision desktops before joining the third

Use IP addresses instead of DNS names

• To remove the dependency on DNS
• For setting up the hypervisor connection
• For the vdiManager console when configuring the Grid
• For the Active Directory User database connection

Create a base image

• Start with an ISO to create a base published image
• Test this base image first and use this to make additional copies for production
• Keep image sizes small (20-30GB). Less storage space consumed
• Create one domain administrator account for both user authentication (Active Directory) and for image syspreps
• Minimize password changes to accounts. You can do this by creating special “Citrix” accounts

Ports

• vdiManager <> Hypervisor | HTTP over SSL/TLS (HTTPS):443
• vdiManager <> Active Directory | LDAP:389 | LDAP over SSL/TLS (LDAPS):636
• Endpoint <> vdiManager | HTTP over SSL/TLS (HTTPS):443
• Endpoint <> Secure Remote Access (CAG VPX) |HTTP over SSL/TLS (HTTPS):443
• Desktop Receiver <> Virtual Desktop | ICA:1494 or 2598 RDP:3389

Logins and username and passwords

• Management COnsole https://vdiMgrIPaddress/admin - Account: vdiadmin/kaviza
• VDI-in-a-Box appliance logon (vdiMgrIPaddress) - User: kvm/kaviza123|User: root/kaviza123
• User logon from a web browser https://vdiMgrIPaddres
• User logon from the Java Client http://vdiMgrIPaddres/dt/vdiclient.jnlp
• User logon from mobile devices http://vdiMgrIPaddres/dt/PNAgent/config.xml

Migrating the Datastore from SQL Express to SQL 2005 or SQL 2008

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

I was recently at a client that had a requirement to migrate their Datastore from an old XenApp server to the enterprise class SQL cluster, the only problem was that the Datastore was a SQL Express 2005 database and which was due to go on to a SQL 2008 instance.

Citrix offers  good pointers for migrating from Access to SQL/Oracle, Oracle to SQL, SQL to Oracle and same version SQL to SQL but nothing for SQL Express to SQL.

My saviour came in the form of Carl Webster (the accidental Citrix Admin) www.carlwebster.com.

Migrating from one database version to the other might be necessary to move the data store to a more powerful server. The best method for migrating between versions of the database is to back up and restore the database using the utilities provided by the database software vendor.

To point a Citrix XenApp Server farm to a new database complete the following steps. For the best performance, complete this procedure on the data collectors after all other servers are reconfigured.


Back up the existing farm database.

Create a new blank database on the destination SQL instance

Create a new DSN file that points to the new database:

Click Start -> Administrative Tools -> Data Sources (ODBC).

Note: What is ODBC?  This is taken from http://support.microsoft.com/kb/110093

"Open Database Connectivity (ODBC) is Microsoft's strategic interface for accessing data in a heterogeneous environment of relational and non- relational database management systems. Based on the Call Level Interface specification of the SQL Access Group, ODBC provides an open, vendor- neutral way of accessing data stored in a variety of proprietary personal computer, minicomputer, and mainframe databases.

 

ODBC alleviates the need for independent software vendors and corporate developers to learn multiple application programming interfaces. ODBC now provides a universal data access interface. With ODBC, application developers can allow an application to concurrently access, view, and modify data from multiple, diverse databases."

Click the File DSN Tab.

Note:  What is the difference between "User DSN", "System DSN" and "File DSN"?  This is taken from http://support.microsoft.com/kb/213772.

User DSN: The User DSN is a data source that is user-specific. A User DSN is stored locally but is available only to the user who creates it.

System DSN: Unlike a User DSN, a System DSN is not user-specific. A System DSN is stored locally and is not dedicated to a particular user. Any user who logs on to a computer that has permission to access the data source can use a System DSN. Some programs, such as Microsoft SQL Server or Microsoft Internet Information Server (IIS), require a System DSN. This DSN must be created on the server where the program is located. System DSNs are stored in the Windows registry under the following key: HKEY_LOCAL_MACHINE\Software\Odbc\Odbc.ini\Odbc Data sources

File DSN: The File DSN is created locally and can be shared with other users. The File DSN is file-based, which means that the .dsn file contains all the information required to connect to the data source. Note that you must install the ODBC driver locally to use a File DSN.  File DSNs are not stored in the Windows registry. The .dsn file is a text file that you can view in any text editor, such as Microsoft Notepad.

Change the Look in to C:\Program Files\Citrix\Independent Management Architecture.  The new DSN must be placed in this folder.  The IMASERVICE service is programmed to look in only this folder.

Click the Add button.

 Click on SQL Server and click Next.

Type in C:\Program Files\Citrix\Independent Management Architecture\WebsterFarmDSMF20.dsn and click Next.

Note: The DSN can be named anything as long as it has a .dsn file extension.  It does not need to contain "MF20" anywhere in the name.

Click Finish.

Enter a Description and type in the name of the SQL Server and click Next.

If a successful connection to the SQL Server is made click Next.  A common problem is the Windows Firewall is not configured to allow SQL traffic (TCP Port 1433).  To configure an instance of SQL Server 2005 to use a static port, follow the steps described in the "How to: Configure a Server to Listen on a Specific TCP Port (SQL Server Configuration Manager)" topic in SQL Server 2005 Books Online.

Note:  If SQL Server is set to use a static port, click Client Configuration, then uncheck Dynamically determine port and enter the value for the static port number.

 If the account listed in the grayed out Login ID authenticates successfully to the SQL Server, Change the default database to the new SQL Server data store and click Next. 

Note: One problem could be the Login ID account is not setup to access the SQL Server.

Click Finish.

Click Test Data Source.

If the message TESTS COMPLETED SUCCESSFULLY is shown, click OK.  Otherwise, you will need to troubleshoot the ODBC connection to the SQL Server.

 Click OK.

Your new DSN is created.  Click OK.

Run the dsmaint config command on the server with the new DSN file:

dsmaint CONFIG /user:LAB\Administrator /pwd:Password1 /dsn:"C:\Program Files (x86)\Citrix\Independent Management Architecture\XA65LABDS.dsn"

Stop and restart the IMA Service.

Important: Restarting the IMA Service instead of restarting the server might cause the SNMP service to initiate Dr. Watson if SNMP is enabled. This error is benign.

Ensure that the server is pointing to the new data store by checking the following registry setting:

HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\IMA\DataSourceName

If the IMA Service started successfully, copy the new DSN file to all servers in the farm.

Run the dsmaint config command to change the IMA Service configuration on all remaining servers in the farm. 

Stop and restart the IMA Service on all servers in the farm.

Internet Explorer crashes in XenDesktop

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

Recently had issue in XenDesktop where IE would just randomly crash.  No event logged nothing!

Now I find there's a few ways that you can troubleshoot this problem.

Log directly in to a vDesktop and see if you can replicate the issue.
Check\Change the version of Citrix Receiver that is install on the endpoint.
Check\Change the version of flash that is installed on the endpoint.

If none of the above point you in the right direction try deleting the following regkey from the vDesktop and updating your MCS or PVS image.

HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\CtxHook\AppInit_Dlls\HDXMediaStreamForFlash\iexplore.exe

XenDesktop Virtual Channels

Please check out www.kaztechsolutions.co.uk for more of my technical posts, alternately please call us on 01932 268289. 

This blog describes how to change the Virtual Channel Priorities in the VDA in XenDesktop 5 and above and it also has which 

Virtual channels are used within an ICA connection exchange specific types of information between a client and server application. A few of the Virtual Channels implemented by Citrix are sound, graphics, CDM, USB, and printing. Based on different user scenarios, Virtual Channels priorities may need to be changed to lessen interactions between different types of content. This article describes how to change priorities of Virtual Channels in XenDesktop 5.

Remote Session Screen Update (THINWIRE) - CTXTW  ,0
Seamless Windows Screen Update (THINWIRE) - CTXTWI ,0
Clipboard - CTXCLIP,1
Client Audio Mapping - CTXCAM ,1
License Management - CTXLIC ,1
Video Server (Dead – Remember VideoFrame ?) - CTXVFM ,1
Program Neighborhood - CTXPN  ,1
CTXSBR ,1
Windows Media Redirection - CTXMM  ,1
Flash - CTXFLSH,1
USB - CTXGUSB,1
Smart Cards - CTXSCRD,1
Still cant find this one - CTXCTL ,1
End User Experience Monitoring - CTXEUEM,1
Client COM Port Mapping - CTXCCM ,2
Client Drive Mapping - CTXCDM ,3
Client Management (Auto-Update) - CTXCM  ,3
Printer Mapping for Non-Spooling Clients - CTXLPT1,3
Printer Mapping for Non-Spooling Clients - CTXLPT2,3
Printer Mapping for Non-Spooling Clients - CTXCOM1,3
Printer Mapping for Non-Spooling Clients - CTXCOM2,3
Printer Mapping for Spooling Clients (nearly all) - CTXCPM ,3
OEMOEM2,3
OEMOEM ,3

If you want to implement these virtual channels on a VDA add the following regkey 

HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\GroupPolicy\Defaults\

Then create a MULTI_SZ named “VirtualChannelPriority” with the following contents but change these to your requirements:

CTXTW  ,0
CTXTWI ,0
CTXCLIP,1
CTXCAM ,1
CTXLIC ,1
CTXVFM ,1
CTXPN  ,1
CTXSBR ,1
CTXMM  ,1
CTXFLSH,1
CTXGUSB,1
CTXSCRD,1
CTXCTL ,1
CTXEUEM,1
CTXCCM ,2
CTXCDM ,3
CTXCM  ,3
CTXLPT1,3
CTXLPT2,3
CTXCOM1,3
CTXCOM2,3
CTXCPM ,3
OEMOEM2,3
OEMOEM ,3