We’ve seen an issue recently: Users login to netscaler gateway url and click on the application. It shows the steps like connection in progress, loading profile, negotiating capabilities, processing group policies etc, and immediately disappears.
In Citrix director, under trends, logon performance. Check the logon performance time for the users who had this issue. In the delivery group option, you can select the delivery group that the faulty application is part of, and look for the login time for the users. In our case, we have observed that the login scripts time is more than 10 minutes.
Upon further investigation, we found there is a powershell script in logon policy on the VDA servers, which maps a drive to user’s session. That script log file logged invalid password errors at the step where it maps the drive.
Earlier an AD group was given permissions on that map drive’s share path. A day before, User’s group was removed from that share path folder. This caused the problem. Logon script was trying to map that drive. As user do not have permissions on the share folder, they got login errors. Logon script tried for 10 mins, and then logs the error. After that, application shows up.
Fixing the share path permissions resolved the issue.