Q. Why we use Citrix. Advantages / Disadvantages and evolution of Citrix.
Common terminologies used in Citrix
Citrix enables us to access applications from servers without needing to actually log in to them . The advantages are endless, from reducing the load on the server, the licences that we need to purchase in order to allow multiple logins into a particular server, and also the network bandwidth and processing speed that is required to execute the applications fro each and every terminal session .
Citrix is integrated with active directory from the very first screen that we see when we log in to metaframe . While publishing an application, the group names or the user names that we would need to give access to is also taken from active directory , these being the domain names and the domain level groups .
When you launch an application , the “warning” prompt screen that you get immediately after launching an application is that of you logging into the server . Only after logging into the server will the application launch. Terminal services is very much needed for citrix to run . This is a main pre-requisite before you install citrix on a server . Terminal services would need to be installed in the “application” mode .
Q. How often does the member servers check datastore database?
By default, every 30 minutes.
Q. what happens if datastore connectivity is lost?
If the server loses its connection to the central data store, there’s no limit to how long it will continue to function. (In MetaFrame XP, this is limited to 48 or 96 hours, but that was because the data store also store license information.) But today, the server can run forever from the LHC and won’t even skip a beat if the central connection is lost. In fact now you can even reboot the server when the central data store is down, and the IMA service will start from the LHC with out any problem. (Older versions of MetaFrame required a registry modification to start the IMA service from the LHC.)
Q. How will you remove Citrix server from the farm?
If the server is unresponsive, remove it by right click on server in the console.
For functional server, remove it from add/remove programs
use CHFARM command
Q. How will you remove citrix server from the datastore DB?
When citrix is uninstalled from the server, it cleans the entry from data store database. Additionally you can run this command to remove the entry from Datastore DB.
DSCHECK /servername
Q. How to clean up datastore database?
DSCHEK without parameters will check for consistency and clean up the database. /clean parameter can be used to clean up specific server/application from the datastore but use with caution.
Q. How do you troubleshoot printing issues?
Check print spooler service
Check printer mapping errors in event log
Check printer driver availability n compatibility
Check printer policies for over rides
Q. How do you configure session printers?
Through Citrix policies. Add the printer drivers first, map the printer and then assign to user/group
Q. What are monitors in Netscaler?
Netscaler uses monitors to track the status of back end servers. These monitors can be http, tcp, ping etc
Q. What would you do if you see a service down in Netscaler?
Try pinging the actual server from netscaler CLI and verify its responding.
Q. How to find out the datastore database server name?
Examine the DSN file which contains the connection details to the database.
C:\Program Files\Citrix\Independent Management Architecture\MF20.dsn
The following is an example of an MF20.dsn file from a server connecting to a remote SQL Server instance:
[ODBC]
DRIVER=SQL Server
UID=useraccount
Address=SqlServer,1433
Network=
DATABASE=farmdb
WSID=
APP=Citrix IMA
SERVER=SqlServer
Q. How to verify Datastore DB connectivity?
To determine if a server is communicating regularly with the data store, check the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\CITRIX\IMA\DataStoreFailureTime
If the value is all zeros, the MetaFrame server is communicating with the data store.
Examine the DSN file which contains the connection details to the database.
C:\Program Files\Citrix\Independent Management Architecture\MF20.dsn
The following is an example of an MF20.dsn file from a server connecting to a remote SQL Server instance:
[ODBC]
DRIVER=SQL Server
UID=useraccount
Address=SqlServer,1433
Network=
DATABASE=farmdb
WSID=
APP=Citrix IMA
SERVER=SqlServer
Q. How to verify Datastore DB connectivity?
To determine if a server is communicating regularly with the data store, check the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\CITRIX\IMA\DataStoreFailureTime
If the value is all zeros, the MetaFrame server is communicating with the data store.
Q. How often does the member servers check datastore database?
By default, every 30 minutes.
Q. what happens if datastore connectivity is lost?
If the server loses its connection to the central data store, there’s no limit to how long it will continue to function. (In MetaFrame XP, this is limited to 48 or 96 hours, but that was because the data store also store license information.) But today, the server can run forever from the LHC and won’t even skip a beat if the central connection is lost. In fact now you can even reboot the server when the central data store is down, and the IMA service will start from the LHC with out any problem. (Older versions of MetaFrame required a registry modification to start the IMA service from the LHC.)
Q. How will you remove Citrix server from the farm?
If the server is unresponsive, remove it by right click on server in the console.
For functional server, remove it from add/remove programs
use CHFARM command
Q. How will you remove citrix server from the datastore DB?
When citrix is uninstalled from the server, it cleans the entry from data store database. Additionally you can run this command to remove the entry from Datastore DB.
DSCHECK /servername
Q. How to clean up datastore database?
DSCHEK without parameters will check for consistency and clean up the database. /clean parameter can be used to clean up specific server/application from the datastore but use with caution.
Q. How do you troubleshoot printing issues?
Check print spooler service
Check printer mapping errors in event log
Check printer driver availability n compatibility
Check printer policies for over rides
Q. How do you configure session printers?
Through Citrix policies. Add the printer drivers first, map the printer and then assign to user/group
Q. What are monitors in Netscaler?
Netscaler uses monitors to track the status of back end servers. These monitors can be http, tcp, ping etc
Q. What would you do if you see a service down in Netscaler?
Try pinging the actual server from netscaler CLI and verify its responding.
23) What is Citrix XML service?
The Citrix XML server is a component of Citrix XenApp and XenDesktop that’s used to enumerates available resources and provide secure tickets for users that to use the WebInterface or CloudGateway.
XML service has two functions:
Communicating with the XenApp farm / XenDesktop zones; the XML broker
Generating and validating secure ticket to authorize users, the Secure Ticket Authority (STA)
The Citrix XML server is a component of Citrix XenApp and XenDesktop that’s used to enumerates available resources and provide secure tickets for users that to use the WebInterface or CloudGateway.
XML service has two functions:
Communicating with the XenApp farm / XenDesktop zones; the XML broker
Generating and validating secure ticket to authorize users, the Secure Ticket Authority (STA)
Q. How to change the port used by XML service?
By default XML service uses port 80. But citrix recommends using port 8080 inorder to avoid conflicts with IIS.
To change the port used by XML service:
In XenApp 6 and above – this can be changed via Citrix policies.
In Earlier versions – Use the ctxxmlss command-line utility. This can be done by unloading the Citrix XML Service with /u, changing the port with /r and restarting the XML service.
ctxxmlss /
ctxxmlss /r8080
An alternative method is by changing the port in the registry (and restart the Citrix XML service after changing).
Key :HKLM\System\CurrentControlSet\Services\CtxHTTP
Value: TCP Port
The value is listed in hex, you need to change the view to decimal.
By default XML service uses port 80. But citrix recommends using port 8080 inorder to avoid conflicts with IIS.
To change the port used by XML service:
In XenApp 6 and above – this can be changed via Citrix policies.
In Earlier versions – Use the ctxxmlss command-line utility. This can be done by unloading the Citrix XML Service with /u, changing the port with /r and restarting the XML service.
ctxxmlss /
ctxxmlss /r8080
An alternative method is by changing the port in the registry (and restart the Citrix XML service after changing).
Key :HKLM\System\CurrentControlSet\Services\CtxHTTP
Value: TCP Port
The value is listed in hex, you need to change the view to decimal.
Q.How to recover Citrix License Server?
The Citrix servers can function without contacting the license server and it is 30-days fault tolerant, and in Enterprise version an alert can be set with Resource Manager to send an email in case of License Server Connection Failure. If the license server reconnects at any time in the thirty days the problem resolves itself. If the server is not going to come back up, then the license file, digitally signed with the case-sensitive hostname of the old license server, is the critical component. The license file, a *.lic file, can be backed up to a thumb drive separately, and restored to a new server with the same name of the old license server, and the Citrix License server software installed.
27)How to recover from IMA failing?
There are many reasons that the IMA Service doesn’t start
1. IMA Service load time
2. IMA Service subsystem
3. Missing Temp directory
4. Print spooler service
5. ODBC configuration
6. Roaming Profile
Check the Windows Registry setting: HKEY_LOCAL_MACHINESOFTWARECitrixIMARuntimeCurrentlyLoadingPlugin
If there is no value specified in the CurrentlyLoadingPlugin portion of the above Windows Registry entry then the IMA Service could not connect to the data store or the local host cache is missing or corrupt.
If a CurrentlyLoadingPlugin value is specified the IMA Service made a connection to the data store and the value displayed is the name of the IMA Service subsystem that failed to load.
If administrators see an “IMA Service Failed” error message with an error code of 2147483649 when starting the Presentation Server the local system account might be missing a Temp directory which is required for the IMA Service to run.
Change the IMA Service startup account to the local administrator and restart the server. If the IMA Service is successful in starting under the local administrator account then it is likely that a missing Temp directory for the local system account is causing the problem.
If the Temp directory is not present then manually create one as >Temp. For example: C:\Windows\Temp
Also verify that the TMP and TEMP system environment variables point to the temporary directory. Restart the server to restart the IMA Service
The Citrix servers can function without contacting the license server and it is 30-days fault tolerant, and in Enterprise version an alert can be set with Resource Manager to send an email in case of License Server Connection Failure. If the license server reconnects at any time in the thirty days the problem resolves itself. If the server is not going to come back up, then the license file, digitally signed with the case-sensitive hostname of the old license server, is the critical component. The license file, a *.lic file, can be backed up to a thumb drive separately, and restored to a new server with the same name of the old license server, and the Citrix License server software installed.
27)How to recover from IMA failing?
There are many reasons that the IMA Service doesn’t start
1. IMA Service load time
2. IMA Service subsystem
3. Missing Temp directory
4. Print spooler service
5. ODBC configuration
6. Roaming Profile
Check the Windows Registry setting: HKEY_LOCAL_MACHINESOFTWARECitrixIMARuntimeCurrentlyLoadingPlugin
If there is no value specified in the CurrentlyLoadingPlugin portion of the above Windows Registry entry then the IMA Service could not connect to the data store or the local host cache is missing or corrupt.
If a CurrentlyLoadingPlugin value is specified the IMA Service made a connection to the data store and the value displayed is the name of the IMA Service subsystem that failed to load.
If administrators see an “IMA Service Failed” error message with an error code of 2147483649 when starting the Presentation Server the local system account might be missing a Temp directory which is required for the IMA Service to run.
Change the IMA Service startup account to the local administrator and restart the server. If the IMA Service is successful in starting under the local administrator account then it is likely that a missing Temp directory for the local system account is causing the problem.
If the Temp directory is not present then manually create one as >Temp. For example: C:\Windows\Temp
Also verify that the TMP and TEMP system environment variables point to the temporary directory. Restart the server to restart the IMA Service
Q. What would happen if you stop the IMA service on a server?
Existing users on the server will not face any issues, but no new user connections to the server would be allowed.
Existing users on the server will not face any issues, but no new user connections to the server would be allowed.
Q.How and what is the License requirement in Citrix.
Depends on the need of your application . If a lot of users are accessing an application , you would require more number of citrix licences . Licences can be obtained from “mycitrix.com” , that is a website where you can purchase licences online , and upload them in the license management console on the license server . This console is web based . The license that comes along with the citrix installation CD is valid for one year , after which you would need to update the licenses .
Q.What is a FARM
A collection of servers that have citrix installed in them . When you install citrix on a server for the very first time , you would be prompted one of 2 things :
a . Join the server to an existing farm .
B . Create a new farm .
THE CHOICE IS YOURS !
Q.What is Data Store and why it is used.
A data store is a server in the farm that stores static data in the farm . Static data can be published application configuration information , server configuration information,etc. It is the actual database ( SQL , oracle , MS Access ) that holds all of the information in a farm . Usually applications will not be published in the data store .
Q.What is ICA protocol and how is it used ?
ICA or independent client architecture is a protocol that citrix uses to connect the user to an application on the server . As soon as you click an application, a temporary file gets downloaded to your client machine . This is the ICA file and it would contain various information such as the application name , the name of the server that this user is load balanced to and so on . This is a thin protocol , as all the processing happens on the server and only screen updates and keyboard clicks get transferred back to the client system .
Q.What is Secure Gateway Server and what for Secure Gateway Service is used.
I do not know much about this , but I do know that it is used for authentication of a user request . When a user opens a web page and types in his credentials in the URL for the web link to connect to citrix , a request is sent through secure gateway and to the web server . The response is a secure ticket being assigned to the session by the Citrix STA ( Secure ticketing authority ) via the secure gateway back . Make sure that secure gateway service has been started on the secure gateway server , if secure gateway has been implemented in your citrix farm .
Q.What is the role of Web Server and why IIS and WWW services are required .
This is required to access your citrix account . It does not matter as to which client you use . WWW services are also a part of IIS and would need to be running . Sorry , am very much unaware about this !
Q.What is XML Broker Server and why XML & IMA Services are used on XML Servers.
XML services are used by citrix servers to communicate with each other and from the web interface server to the citrix production servers . Port that is used for XML communication is 8080 . If you log in to a web interface server in any citrix farm , and go to C:\Inetpub\wwwroot\Citrix\MetaFrame\conf\bootstrap.conf , you would find a line saying which server the web interface is communicating to via 8080 . IMA ( Independent management architecture ) is the service that citrix uses to communicate with the licence server , data store , data collector , and essentially all of the citrix activities happen based on the IMA .
Q.What are the FW Ports used for a client to connect to Citrix servers and access the applications.
session reliability - 2598
SG - 443
IMA - 1494
XML – 8080
Q.Is it only Citrix related ports required to be opened OR do we need to get application related ports to be opened.
Depends on the application that we are installing on the server . If there are application specific ports that need to be opened , then yes .
Q.What is meant by DMZ zone ?
Demilitarized zone . This is a highly restricted zone .
Q.What is a Roaming Profile
As soon as you log in to a server , a “profile” would get created with your log in ID as a reference . A “profile” is a folder that will be created that saves display settings , downloaded documents , temporary internet files , cookies , etc. of a user . Under C:\documents and settings\ . When a user logs out of a server , the profile of that particular user will still remain on the server and will not be lost the next time he logs in . So , the next time he logs in to the same server , his profile will be loaded back , it will not create a new one .
Q.What is meant by Single Sign ON (SSO) ?
Supplying your credentials at only a single place and gaining access to multiple applications using the same credentials is called as SSO . When you log in to metaframe , you just give your user ID and password at the log in page . When the application launches on the server , you do not give your credentials to log in to the server . Metaframe takes it from the credentials that you have given in the web page . This is just a small example of single sign on .
Q.What is a Home Folder and how it is set ?
A “home folder” is set under the “Terminal services home folder” options in active directory . This can be set to either “U:” or “V:” or any letter that a person would prefer to want to have . This is essentially a folder on the server that is used by the user to save his data . It would have some limit and is very helpful when the user is not provided a dedicated laptop or a desktop or /and is frequently travelling . He/She can save the information on the home folder , and access it whenever needed .
Q.What are the precaution to be taken while installing an application in Citrix
a . Make sure that you have terminal services installed in the application mode on a server on which you are going to install citrix as citrix uses terminal services to run on . Also make sure that your terminal server is licensed .
b. Citrix recommends that you install citrix before you install any other application , as installing citrix makes a lot of registry changes on the server and also installs a lot of services . The other applications may not work .
C . Make sure you licence citrix by logging onto mycitrix.com and downloading the license file . I think citrix runs without licenses for 30 days after which you will not be able to log in to citrix ( I am not really sure about this , let me know if it is correct ) .
d. There are some other pre-requisites that come along with the citrix installation CD .
Q.Why we need to "CHANGE USER" to "Install" or "Execute" mode while installing an application
Whenever you install an application , you would need to go to the command prompt and type in “change user/install” . The default mode of a server is “execute” mode , you can change this by typing “change user/execute” . To check in which mode the server is running on currently , type “change user/query” . Why changing the mode ? When you install an application on a citrix server , it makes a lot of changes to the registry . This installation should not affect other applications .
Q.What is a "Metaframe Presentation Console "
This is a console where you perform administrative work on your farm . You can :
a . Publish applications .
b. Install packages using the installation manager .
c. Gather load about a farm/server/application using the load evaluator .
d. View/change various settings of citrix servers in the farm .
e. View / change farm settings .
There are many more things that you can perform . There is also an “access suite console” , a “license management console” , etc .
Q.Why Firewall is used in our environment and what are the advantages / disadvantages
Used for security purposes . All the ports are not open in our environment , as they are not needed . Certain applications communicate with servers on certain ports , and only those required are opened .
Q.What is a "Profile Server" and why it is used ?
A “profile server “ is a server that is part of a citrix farm . It is used to store the profiles of users who log in to citrix . When a user logs in to citrix and laucnhes an application , the settings from his profile are loaded and the application will be launched . It works like a roaming profile on a server . You can assign this profile in the “terminal services” profile option in active directory .
Q.What is "Data Collector" and why it is required ?
A data collector is a citrix server that records all the persistent or dynamic data of a farm . The data may range from user log on information , settings of an application , and so on . Data collector is also responsible for load balancing a user to a particular server .
Q.What is a "License Server" and how the same license is assigned to another user when a user logs out
You can view licenses as an ID that is required by every citrix server that would require to be a part of the farm . Anything and everything that accesses citrix needs to have a vaild license . When a user logs in to citrix and launches an application , he would be assigned a citrix license for accessing that particular citrix server of the application . If he launches the application twice, and he gets connected to the same citrix server , then he will be using the same license , if he gets connected to another server , then he will be assigned a different license . Logging out puts back the license into the license pool .
Q.What is meant by "Citrix Rollout" server and what for it is used?
I dont know if this is correct , but here goes : A Server that has all the packages and applications that is needed to be installed on the farm is a rollout server .
Q.What is "Terminal Service License Server" and what for it is used?
Servers that have terminal server licenses on them is called a terminal license server . Whenever you would require to log in to a server remotely , you require terminal services running on that server . It should be licensed too , and a dedicated terminal service license server would generally be allocated to a domain from where all the other servers would get their licenses . You can find this by going to administrative tools -> terminal service licensing . The terminal service license server on the COF domain is kdcw2kofgc01 .
Q.What is meant by "Secure Ticket Authority Servers" and why is it used?
When a user opens a web page and types in his credentials in the URL for the web link to connect to citrix , a request is sent through secure gateway and to the web server . The response is a secure ticket being assigned to the session by the Citrix STA ( Secure ticketing authority ) via the secure gateway back to the user . STA basically sends a secure ticket back to the user acknowledging the session request and by granting the user to log in to citrix .
Q.What is meant by "cofnfuse" / "dmznfuse" etc...
I do not know much about this , Nfuse is the name given to the new technology that citrix has released , and all these are names of the citrix farms that we have in our environment .
Q.If we are told that "All the agents at XYZ Company" are experiencing slow connectivity what needs to be checked and how the issue can be resolved.
Check if you are able to access applications within citrix , if yes , then it might be a network issue at the location where users are located in . Ask them to check with their local network team . You can also check whether the data collector is accepting remote connections and is communicating with the other citrix production servers .
Q.If multiple sites are experiencing slow connectivity, what needs to be done .
No idea . Probably step # 35 can be used , but I know this may only be a part of the solution .
Q.If a customer is not able to access a particular application, what needs to be checked to fix the issue ?
What is the error message that he is getting when he is trying to access this application . It can vary from many things from the load balanced server to which he is getting connected to may be down or not responding to terminal services , or the application itself might be corrupted . His profile might have got corrupted .
Q.What is Load Balancing and how is it used in Citrix?
Load balancing is used to prevent overload of citrix servers , an application published in citrix will be required to run on a minimum of 2 citrix servers to prevent total outage of the application . Users would be redirected to the leaset loaded citrix server . This is done by the data collector .
Q.What is meant by "Super User" and who in XYZ Company has this right ?
You mean the enterprise administrator ? Users who have rights higher than the domain admins are part of this group . One such scenario : They are used while transferring a FSMO role from one domain controller to another . I am not sure who has these rights .
Q.What is "LOB Operation Failed" and how can we fix it ?
Application specific error . You usually resolve it temporarily by performing a reset of the permisssions on the terminal service profile of the user . I think that you can resolve it by clearing out the roaming profiles on servers , but I am not aware if that worked .
No comments:
Post a Comment