- Sharing resources from one physical box(like esx, xenserver, hyper v etc) is server virtualization.
- Publishing virtual machines created by xenserver, esx etc to end users is desktop virtualization.
- Xenconvert is used for converting physical machine to VM.
- Multiple OS boots from single VHD file using provisioning services(PVS).
ICA and RDP Differences:
1. RDP works only under TCP/IP, while ICA works on many protocols.
2. RDP doesn’t permit applications to run in a browser, while works for ICA
3. Session Reliability will be there in ICA,it is not in the RDP
4. Encryption is possible in ICA,it is not present in RDP
5. ICA also supports non windows like DOS, UNIX, MACOS, mobiles 6. ICA works at low bandwidth but RDP doesn’t work at low bandwidth
If you loose the connectivity to the DS and if you are loosing PS 3.0 OR later,
* Users can connect to the farm without no issues (no grace period or any time limitation) * Do not restart the servers (as it will try to contact DS and try to refresh the LHC)
* Do not reset the local host cache (it will not rebuild since DS is down)
* 96 hours grace period only applied to PS & Metaframe versions before PS 3.0.
* There is no way to seize PS/XenApp servers try contacting DS upon a reboot, Unless you use Management Console/Delivery console to manage your citrix farm it wont contact DS. * LHC is there to perform the required functionality. Its by design.
Dedicated Data Collector:
Install it like any other citrix server, make it preferred data collector in the mgmt console but don’t publish any applications on the server.
The SmoothRoaming features of Citrix XenApp provide users with uninterrupted access to information. These features include Workspace Control, Session Reliability, and Dynamic Session Reconfiguration. Note: Workspace Control is not supported with Citrix Presentation Server for UNIX. You can use SmoothRoaming features with Advanced Access Control to enable users to move between user devices and gain access to all of their applications when they log on. To use SmoothRoaming, you must have Citrix XenApp 5.0, Presentation Server 4.5, or the Advanced or Enterprise edition of Citrix Presentation Server 3.0 or 4.0 installed on a server in your environment. SmoothRoaming is not available with Citrix Presentation Server Standard Edition.
When socket pooling is enabled, the web interface maintains a pool of sockets, rather than creating a socket each time one is needed and returning it to the operating system when the connection is closed. Enabling socket pooling enhances performance, particularly for SSL connections. Socket pooling is available only for sites created with the authentication points “At Web Interface” or “At Access Gateway”. Socket pooling should not be used when the web interface is configured to use one or more servers running xenapp for unix.
Loadbalance between two applications:
Load balancing is to install the application on two XenApp servers (using same install and settings) and then publish the application and add both the servers in the Servers section of the Published Application. By default, XenApp will load balance the users who use the application between the two servers. It will allow a maximum of 100 users, keeping the load equal between the two servers.
Q: How many farms does the Web Interface support?
A: Web Interface 2.0 supports a maximum of 16 farms. Farms configured beyond 16 are ignored. Web Interface 5.x supports a maximum of 512 farms. As a best practice, Citrix recommends that you do not use more than 10 farms simultaneously. When Web Interface contacts more than 10 farms for each user logging on, the logon process is very slow. Additionally, you can optimize the usage of the farms by utilizing the 512 farms for configuring the user roaming feature to an Active Directory group with a farm.
Posted in Citrix
Q: How many servers are supported in a single farm?
800-1000 servers. Not authorizedly published by citrix, but a reply from citrix expert from citrix forums.
Posted in Citrix Forums
Citrix Provisioning Services
Citrix Provisioning Services enables you to stream a single desktop image to create multiple virtual desktops on one or more servers in a data center. This facility greatly reduces the amount of storage required compared to other methods of creating virtual desktops.
Posted in Citrix
shadowing if not enabled, reinstall xenapp. Shadowing can be configured with a policy. IMA encryption if not enabled, you have options to enable it again. IMA Encryption is a farm-wide setting Q: If during setup, I choose to prohibit shadowing, can I turn it on later? A: No, the decision during setup is permanent. To turn it back on, you would need to reinstall the server.
ISOLATION for each application is given in 5.0 but it is not available in 4.5 access mgmt and presentation server console are different in 5.0 but it is given as single console called delievery services console in 6.0
New Features of XenApp 5.0
Citrix XenApp 5 introduces more than 50 new major enhancements! Some of the most prominent are IPv6 communications, preferential load balancing, and application monitoring utilizing EdgeSight technology. IMA Encryption is a feature that utilizes the AES encryption algorithm to protect sensitive data in the IMA datastore. Configuration Logging is a new feature that allows for the generation of reports that can help you determine what changes have been made to your environment, who made them, and when they were made. 124 MB is needed for the installation of xenapp 5.0 completely, with all the packages.(While installing Citrix Xenapp Access management console, we will have disk cost option. If we click on that option, we can see this size).
To merge shadowers in multiple policies
If you create multiple shadowing policies, you must also select the option to merge shadowers. If you do not enable this option, the resultant policy uses the shadowing policy with the highest priority and ignores the rest of the shadowing policies, even if they do not conflict.
- Depending on the version of XenApp you have installed, from the Start menu, select All Programs > Citrix > Management Consoles and choose Access Management Console orDelivery Services Console.
- Select the farm in the left pane.
- From the Action menu, select Modify farm properties > Modify all properties.
- From the Properties list, select Farm-wide > XenApp > Shadow Policies.
- Under Shadow policies, select the Merge shadowers in multiple policies check box.
In remote desktop(mstsc), if 10 apps are there, and if a user is authorized to use only 5, if RDP permission is given, user will be able to access/view all the 10 apps. Whereas in citrix, we can configure how many apps that a user can have permission.
Methods to secure communication between client and xenapp servers:
- Secure ICA(ICA Encryption)
- Secure Socket Layer Relay (SSL Relay)
- Virtual Private Networking(VPN)
- Citrix Secure Gateway (CSG)
- Citrix Access Gateway or Citrix Netscaler
In a network, latency, a synonym for delay, is an expression of how much time it takes for a packet of data to get from one designated point to another. In some usages (for example, AT&T), latency is measured by sending a packet that is returned to the sender and the round-trip time is considered the latency.
Hop in network
A “hop” has to do with network routing. If you are on a particular IP network, for example 192.168.1.0, and you need to get to 192.168.4.0, data must travel through a router. A router provides interfaces to join at least two distinct networks. If your data travels through only one router to get to a different network, that network is considered to be one “hop” away. Data moving through additional networks to get to the destination network increase the hop count by one for each router. Thus, in the above example, if the first router had an interface attached to the 192.168.1.0 network, and another interface attached to 192.168.2.0; and then if the next router had an interface on 192.168.2.0 and one on 192.168.3.0; and then if the next router had an interface on 192.168.3.0 and one on 192.168.4.0; then the data would travel through –one, two, three– routers to get to the destination network. In this case, network 192.168.4.0 would be three hops away from 192.168.1.0.
Cannot use Ctrix without the following:
- server has terminal services role
- server connects to a MS Client Access License server (MSTCAL)
- server that has role MSTCAL (device/user) and is activated
- server that has Citrix license server software (license service) installed
Inorder to make the commands like Query server, Query Farm etc to work properly we need to install the hotfix available at: http://support.microsoft.com/kb/958652
- Upgrade: Installing a new version of a feature or realise item over an existing version.
- Migration: A clean, new installation of that feature or realise item.
- The configuration of each Web Interface site is held in a file called webinterface.conf which is located in inetpub\wwwroot\Citrix\Websitename\conf
- asynchronous writes is used for data/file transfer between session and our local desktop.
- Lossy compression is a type of compression where a certain amount of information isdiscarded.
- while installing, after you have double clicked on autorun.exe in xenapp 5.0, at the component selection step, if you are not able to see web interface option, that means IIS and ASP.NET have not been installed. Please cancel this installation, and make sure you follow all the steps to install the prerequisites.
- In Windows Server 2008 R2, Terminal Services was renamed Remote Desktop Services.
- If you have 10 users who want to connect to MS Office using citrix you need 10 Citrix Xenapp licenses, 10 RDS licenses and 10 MS Office user licenses.
- lmadmin.exe is the process running on port 8082.
- Citrix roaming profile extension is .dat.
- Each server or published application can have only one load evaluator attached to it.
- Load Throttling, which specifies the impact that logging on has on load and limits the number of concurrent connection attempts the server is expected to handle.
- Worker group is a server resource, and users cannot be added to a worker group.
- Citrix XTE Service is a service network requests for session reliability and SSL from XenApp components.
- SmartAuditor allows an organization to record the on-screen activity of any user’s session,over any type of connection, from any server running XenApp. SmartAuditor uses flexible policies to automatically trigger recordings of XenApp sessions, which enables IT to monitor and examine the user activity in applications and demonstrate internal control, thus ensuring regulatory compliance and successful security audits.
- Easy call voice service is a virtual appliance that enables users to place calls from business applications.
- Hdx mediastream for flash forces the flash player to start in low quality mode instead of default high quality mode.
- Merchandising server obtains new plugins from citrix update service to distribute to client devices.
- If pass through authentication is not enabled during installation, and is later desired on the server, the plugin software must be reinstalled on the server before pass through authentication can be used.
- Administrator should monitor xte service and secure ticket authority if users are experiencing issues when connecting to published resources through Access gateway.
- IMA encryption is no longer part of the XenApp 6.0 installation and must be manually configured using the CTXKEYTOOL command, following installation.
- If your Citrix SMA Service(print manager service) is not starting or having a problem, try with upgrading .net in your citrix machine, or change the Citrix SMA Service to log on as local system.
- Single Sign-on can be installed using the Server Role Manager. With Single Sign-on, users authenticate once and automatically log on to their password-protected resources. Single Sign-on also enforces password policies, monitors all password-related events and automates user tasks, including password changes. EdgeSight monitors applications, devices, sessions, license usage, and the network in real time. SmartAuditor allows the recording of on-screen activity of any user’s session, over any type of connection, from any server running XenApp. Provisioning Services Target Device installs the fully integrated Provisioning Server role.
- The Citrix Print Manager Services test enumerates session printers to determine the health of the Citrix Print Manager service. A failure occurs if the test cannot enumerate session printers.
- The URL of the Secure Ticket Authority can be changed based on whether or not IIS/XML port sharing is used or XML is being run on a different port. If the XML port is changed from the default port 80, be sure to configure the Secure Ticket Authority URL with the new port number when configuring Secure Gateway. The URL would look something like this: http://servername:778/Scripts/CtxSta.dll.
- To configure PDA synchronization using USB-tethering, enable the policy rule ‘Turn on automatic virtual COM port mapping.’ This rule allows USB to virtual COM port emulation in client sessions. This rule is found in a policy at Client Devices > Resources > PDA Devices.
- Synchronous printer creation should be used when applications require all printers to be created first or when applications require a stable printing environment. With synchronous printer creation, printers create before the users have access to interact with and use their sessions. The users must wait for all printers to create in the background before they can perform any activities. Synchronous printer creation is enabled by deselecting the ‘Start this application without waiting for printers to be created’ option in the application properties.
- Health Monitoring and Recovery can be configured to monitor the health of many XenApp components, report failures and take actions to correct the issues. Using Health Monitoring and Recovery, an administrator can monitor the Citrix IMA Service, be alerted to IMA Service failures and configure an automatic restart of the service when it fails.
- XenApp supports distributed (replicated) databases. XenApp requires data coherency across multiple databases. Therefore, a two-phase commit algorithm is required for storing data in the database. When configuring Microsoft SQL Server for a two-phase commit, use the Immediate Updating Subscriber model. Please note: To avoid corruption, do not use merged replication.
- XenApp allows the redirection of the Documents and Desktop folders in a virtualized session to their client system.
- The WMI Service is directly dependent on the IMA Service.
- When the IMA Service is restarted, users who are already connected will continue working uninterrupted, however, new connections will not be allowed until the IMA service is running.
- Until xenapp 5, we had options when right clicked on farm name. All the options are moved to policies from xenapp 6.
- iPad can be used only with services site and not with a website.
- When CAG vpx is setup, all traffic between xenapp servers and user devices are routed to port 443. Even if session reliability is enabled, 2598 traffic is directed to 443.
- Every worker group doesnt have data collector but a zone have.
- If Xenapp and WI are in single machine, Check the option, “Integrate IIS with XML service” while installing.
- Subscription advantage for citrix license is within the given period(by citrix) if any new version is released, we can get the licenses free of cost.
- Xenapp 6 and 6.5 have 4000 startup licenses.
- While configuring new website in WI, choose the option “Set this page as default IIS site” so that http://servername opens our website.
- while adding servers to WI(where we have “use this server list for failover” option)We need to add the servers those are designated as controller and session-host. We should not add which are not designated as session-host.
- To change default citrix image at right hand side corner, create PNG file and paste it in C:\InetPub\WWWroot\Citrix\Xenapp\Media folder. Next, open WI, rightclick on our website, website appearence and Appearence option. Change the default citrixheaderlogo.png and give your file name.
- Adding servers in WI for failover is not load balancing. It is for backup(failover)) XML.For WI Loadbalancing we use Netscalar.
- To publish files and folders (or) web URLs use content option while publishing an application.
- If we publish any content, it wont consume any license.
- To change the error, “An error ocurred while making the requested connection”, goto C:\Program files(X86)\citrix\web interface\5.4.0\languages folder and open the file common_strings.properties(or common_strings). Open with notepad and find “An error ocurred while making the requested connection” and replace with your own customized error message.
- Redirection works only with citrix receiver and not with WI.
- Tier 1 apps are mission critical applications like Exchange server, Database Server etc
- Inorder to make the commands like Query server, Query Farm etc to work properly we need to install the hotfix available at: http://support.microsoft.com/kb/958652.
- While installing XenApp, we might get a warning saying, ” The server on which you are installing xenapp is missing an update for mstlsapi.dll…” It means if we have old citrix clients in our enviornment and if we want those clients to connect to our XenApp server, install the hotfix given at: http://support.microsoft.com/kb/949914
- Within each individual health monitoring and recovery(HMR) Test you can set a recovery action to take should the HMR Test fail. One of those recovery actions is to remove the server from load balancing. Knowing that HMRTests can sometimes be false positives, Citrix included a rate limiter to not remove more than X% of servers from load balancing (basically to prevent a complete farm failure because of a HMRTest failure.
- If our xml service is sharing port with IIS we wont be able to find any service for xml in services.msc. In this case, if we want to restart our xml service use iisreset or restart default website from inetmgr. If xml is not integrated with iis, we will be able to find xml service in services.msc console.
- online plugin is for connecting to hosted apps that are installed directly on server
- offline plugin is for when we want to stream application to user’s machine
- until xenapp5 we created zone preference and failover policy which says, if servers in zone1 are not available, then go to the zone2. In XenApp6 we dont have this feature, but new feature called worker group is added. Now we can create worker group preference and failover policy.
- Application importance X session importance = Resource Allotment
- Turn on CPU utilization management server level policy to preferred load balance and assign the application high, low or normal application importance in application properties, limits option(memory optimization policy is also available in the same path).
- Next we need to configure session importance in user policy.user policy, server session settings policy.
- Citrix advises not to create more than 25 zones.
Citrix Xenapp 6.5
- Load evaluators can now only be assigned to servers via a Worker Groups or OUs and applied by XenApp/AD group policy in xenap 6.5
- For session prelaunch, client v13 is needed.A CCU is used as soon as pre-launch is active.
- To redirect the Adobe Flash content for animations, videos, and applications to client devices, we need to configure HDX MediaStream Flash Redirection. It can be enabled through policy.
- The only difference between citrix receiver and citrix receiver enterprise is, we can control citrix receiver enterprise with a GPO.
- Citrix have removed the ability to assign load evaluators directly to servers
- After citrix receiver enterprise is installed, if the icon is blue then the administrator forgot to to include the ReceiverInside component via command line installation.which means, the admin has prepared the reciever file through a command and forgot to add ReceiverInside component in it.
- Copy client option is not available while installation in 6.5. We need to manually copy client folders to C:\inetpub\wwwroot\citrix\xenapp\clients.
- Multi stream ICA policy will be disabled by default. We need to enable it with a policy.
- Data Collector decides which client request should go to which server.
- Policies are stored in data store.
- Default time for session reliability is 180 seconds.
- Xml service would authenticate a user to AD with LDAP Protocol port 389.
- Edgesight server is called monitoring services now.
- Streamed to server: Applications caching will be done on server.
- Streamed to client: Applications caching will be done on client and client resources will be used. Even when disconnected from server, users can use the app. Default time is 21 days. We can set min time to 2 days from max time to 365 days by policy.
- Policy for offline plugins is found at computer node\offline applications.
- For stream to client to work, offline plugin needs to be installed in client machine. Website and services site should be in dual mode.
- By default all the files or settings saved by a user for any application are saved under user’s name(profile folder will be created) in the server where the application is published.
- In order to run Xenapp Migration tool, you need to execute the powershell command Set-ExecutionPolicy AllSigned, so that you can safely run xenapp migration tool.
- There is no direct upgrade to xenapp 6.5.
- Printer Management and configuration logging settings are not migrated with Xenapp Migration tool(GUI tool or powershell cmdlets).
- It is not recommended to install WI and receiver storefront in a same machine.
- The Delivery Services Console, provides Citrix administrators the ability to manage users, published applications, create worker groups, and perform a variety of other tasks associated with the XenApp farm. The console gathers farm information from two sources: o The data store is used to collect static information o The data collector is queried to assemble dynamic information such as user sessions
- XA6 delivery services console can be installed separately but NOT through Auto-run. Navigate to the Disc Drive then go to Administration\Access Management Console\ and launch CtxInstall.msi
query commands list: