Documente Academic
Documente Profesional
Documente Cultură
XenDesktop 7.x
Hands-on Lab Exercise Guide
This session is offered as both an instructor led training and a self-paced online
lab.
Contents
Overview .................................................................................................................................... 2
Exercise 1 .................................................................................................................................. 4
Configuring Internal and External Access for a XenDesktop/XenApp Deployment ..................... 4
Exercise 2 .................................................................................................................................40
Integrating NetScaler Insight Center with Citrix Director to View Session Details ......................40
Exercise 3 .................................................................................................................................58
Using Citrix Scout to Obtain CDF Traces of a Launch and Logon of a Session. ........................58
Exercise 4 .................................................................................................................................75
Understanding How to Read a CDF Log File ............................................................................75
Exercise 5 .................................................................................................................................84
Understanding the Different PowerShell cmdlets Used to Publish an Application from within a VDA
Machine. ...................................................................................................................................84
Optional: Exercise 6 ..................................................................................................................99
Using Citrix Director and CDF Log Files to View Information About a Launched Published
Application ................................................................................................................................99
| 1 |
Overview
Hands-on Training Module
Objective
This training will provide hands-on experience with troubleshooting XenDesktop 7 using Citrix
Director, NetScaler Insight Center and CDF tracing.
Prerequisites
Experience administering XenDesktop would be beneficial.
Audience
Citrix Partners, Customers, Sales Engineers, Consultants, Technical Support.
The Student Desktop is accessed remotely using Citrix Receiver running on your laptop. All
Windows applications such as XenCenter, (the XenServer GUI management tool), are accessed
from the Student Desktop.
| 2 |
Text the student enters or an item they select is printed like this
VMDemo
Start
IP Address
Description / OS
Site1-AD.training.lab
Site1-Insight
Site1-NetScaler
Site1-SQLServer
192.168.10.11
192.168.10.60
192.168.10.50
Site1-Win8Client
Site1-W2K12Srv
Site1-XenApp
Site1-XenDesktop7
192.168.10.200
192.168.10.209
192.168.10.14
192.168.10.16
192.168.10.13
| 3 |
VM Name
Username
Password
Site1-AD.training.lab
Site1-Insight
Site1-NetScaler
Site1-SQLServer
Site1-Win8Client
Site1-W2K12Srv
Site1-XenApp
Site1-XenDesktop7
training\administrator
nsroot
nsroot
training\administrator
training\administrator
training\administrator
training\administrator
training\administrator
Citrix123
nsroot
nsroot
Citrix123
Citrix123
Citrix123
Citrix123
Citrix123
Exercise 1
Configuring Internal and External Access for a
XenDesktop/XenApp Deployment
Overview
In order to generate some key metrics, we will configure our lab environments to be externally
accessible. In our deployment we will utilize NetScaler to load balance access to resources of both
XenDesktop and XenApp using a single StoreFront URL. We will also configure NetScaler Gateway
to allow access to published resources from an external device.
| 4 |
Action
1.
On the Student desktop, launch Citrix XenCenter by clicking on the Citrix XenCenter icon
found on the desktop.
2.
3.
Add the XenServer Credentials details from your Welcome screen here:
Select Add.
4.
In XenCenter, select the Site1-XenDesktop7 VM and click on the console tab. Login with
Domain Administrator credentials:
Username: TRAINING\Administrator
Password: Citrix123
For better performance, switch to a Remote Desktop connection.
| 5 |
5.
The first thing we will do is create a Machine catalog and a Delivery Group so as to
publish a Windows 2012 Server VDA. This can be configured through Citrix Studio but also
using PowerShell. A script has already been created for you and you can run this script to
automatically create both a machine catalog and a desktop group using PowerShell.
| 6 |
6.
You will see the following output where a catalog called Win2K12VDA is created and then
associated to a delivery group called Win2K12 Server.
7.
| 7 |
Navigate to Citrix Studio by double-clicking on the Citrix Studio shortcut found on the
desktop
8.
Navigate to Citrix Studio (Site) -> Machine Catalogs and confirm that the machine
catalog Win2K12VDA has been created
9.
Navigate to Citrix Studio (Site) -> Delivery Groups and confirm that the delivery group
Win2K12 Server has been created.
The VDA machine will take about 3 minutes to register with the delivery controller.
Please do not wait for the VDA to register as this will occur in the background. You can
move ahead with the exercises.
10.
Now that we have created a Machine Catalog as well as a Delivery Group, we can move
ahead to create both external and internal access to the XenDesktop and XenApp
environment.
Click on the Site1-Win8Client VM and choose the Console tab. Login with the following
Credentials:
Username: TRAINING\Administrator
Password: Citrix123
For better performance, switch to a Remote Desktop connection.
| 8 |
11.
Open a browser and navigate to the NetScaler Administration UI using the default
credentials:
http://192.168.10.50
Username: nsroot
Password: nsroot
Deployment Type: NetScaler ADC
Click on Login
| 9 |
12.
First, create the Subnet IP for the NetScaler to contact backend resources. In the First
Time wizard, enter the following parameters:
NetScaler IP Address: 192.168.10.50
Netmask: 255.255.255.0
Subnet IP Address: 192.168.10.51
Subnet IP Address Netmask: 255.255.255.0
Hostname: ns.training.lab
DNS (IP address): 192.168.10.11
Time Zone: GMT-07:00-PDT-America/Los_Angeles
Click Continue.
| 10 |
13.
| 11 |
14.
15.
Save your configuration by clicking on the Save icon on the top right.
| 12 |
16.
Navigate to Configuration -> System -> Settings -> Configure Basic Features.
17.
Enable the following basic features: SSL Offloading, Load Balancing, NetScaler
Gateway and Authentication, Authorization and Auditing.
Click OK.
18.
In the following section, we will setup the necessary components to allow internal and
external ICA connections. First, we will start with the load balancing configuration for
StoreFront; StoreFront is installed on the following VMs: Site1-XenApp and Site1XenDesktop7. This will provide access to published applications and desktops from both
XenApp and XenDesktop 7.
After configuring the load balancing of the StoreFront servers, we will proceed to configure
StoreFront and NetScaler Gateway to allow connections externally.
| 13 |
| 14 |
19.
20.
Click on Next.
21.
Create the services for StoreFront. As we have a StoreFront running on Site1-XenApp and
on Site1-XenDesktop7, we will need to create a service for each StoreFront server.
Add a service for each StoreFront server using the following parameters:
Service Name: SF1-XenApp
Protocol: SSL
Port: 443
22.
| 15 |
23.
Select Create.
24.
Now that you have all the details you need, you can select Add.
| 16 |
25.
Now we need to add the details for the XenDesktop StoreFront Server.
Add a service for the XenDesktop StoreFront server using the following parameters:
Service Name: SF2-XenDesktop (You will need to delete the previous name: SF1-XenApp
and then type in the new data: SF2-XenDesktop)
Protocol: SSL
Port: 443
26.
| 17 |
27.
Select Create.
| 18 |
28.
Now that you have all the details you need, you can select Add.
| 19 |
| 20 |
30.
31.
32.
Next we will configure the required persistence settings for all receiver types to connect
successfully. Persistence is required so that client connections are directed to the same
backend Storefront server during the session.
In the Persistence section, use the following parameters:
Type: SOURCEIP
Timeout(minutes): 2 mins
IPv4 Netmask: 255.255.255.255
Select OK.
| 21 |
33.
Lastly, before we create the virtual server, we need to import the certificate issued to the
internal FQDN for internal connections.
Select Upload.
34.
| 22 |
35.
Select the first drop-down arrow besides Browse and select Appliance. This will open up
the file browser and will display the contents in the /nsconfig/ssl directory.
36.
| 23 |
37.
Click Install.
38.
39.
We are ready to test the load balancing configuration. Open a new browser window and
navigate to the following URL:
https://sflb.training.lab/Citrix/StoreWeb/
sflb.training.lab is the base URL specified on the StoreFront servers. This FQDN
(Full Qualified Domain Name) is mapped to the NetScaler Load balancer Virtual IP address
specified in step 24 above, i.e. 192.168.10.110. This mapping is already configured for you
in the DNS server of training.lab domain.
40.
Select Log On
| 24 |
41.
Once you have logged in, click on Windows Server 2012 Desktop to launch the published
desktop. This verifies that the XenDesktop delivery infrastructure is working properly.
Sign out from the launched desktop.
| 25 |
42.
Select the Apps tab and then click the plus sign. Subscribe to applications Notepad and
Calculator.
Launch an application e.g. Notepad. This verifies that the XenApp delivery infrastructure is
working properly. Close any launched applications and log off from StoreFront.
| 26 |
| 27 |
43.
Save your configuration by returning to the NetScaler Configuration Utility and clicking on
the Save Icon on the upper right corner. Click Yes at the prompt to save the running
configuration.
44.
Next, we need to configure external access. For this we will use the simplified UI for
NetScaler Gateway. Go back to the NetScaler Configuration Utility and navigate to
Configuration -> NetScaler Gateway -> Configure NetScaler Gateway for Enterprise
Store.
45.
Since a NetScaler Gateway has not been configured, you are presented with the getting
started wizard. Click on Get Started.
46.
In NetScaler Gateway Settings configure a name, IP address, and port using the provided
parameters:
Name: NSG10_vserver
IP Address: 192.168.10.100
Port: 443
Click Continue.
| 28 |
47.
In the Certificate Section, select Choose Certificate and ensure the certificate used in this
configuration is: wildcard.mycitrixtraining.net.
Click Continue.
| 29 |
48.
In the Authentication Settings section, we need to configure a new LDAP profile. Select
Configure New and enter the following information:
IP Address: 192.168.10.11
Port: 389
Time out: 3
Base DN: dc=training,dc=lab
Admin Base DN: administrator@training.lab
Server Logon Name Attribute: sAMAccountName
Password: Citrix123
Confirm Password: Citrix123
Secondary Authentication: None
Click Continue.
| 30 |
49.
Click Done.
50.
| 31 |
Close the Simplified UI window to return to the main configuration utility UI.
51.
Save your configuration by clicking on the Save Icon on the upper right corner.
Now, we need to configure StoreFront for external access. In XenCenter, select the Site1XenDesktop7 VM and click on the console tab. Login with Domain Administrator
credentials:
Username: TRAINING\Administrator
Password: Citrix123
| 32 |
53.
54.
Wait until the Citrix Studio console loads completely. This might take around 15-20
seconds. Select the Authentication node (Citrix Storefront -> Authentication) located on
the left pane.
55.
56.
Select Pass-through from Citrix NetScaler Gateway. Leave User name and password
checked.
Click OK.
57.
| 33 |
58.
Click on Add NetScaler Gateway Appliance on the right-hand pane. Enter the following
settings:
Display Name: NSG_site1
Gateway URL: https://your-dashed-fqdn.mycitrixtraining.net (PublicIP1)
Version: 10.0 (Build 69.4) or later
Subnet IP address: 1.1.1.1 (see note below)
Logon Type: Domain
Callback URL: https://your-dashed-fqdn.mycitrixtraining.net (PublicIP1)
(Note: PublicIP1 is available from the http://training.citrix.com/iltevents lab details. Take
the I PublicIP1 and replace the periods (.) between octets and replace them with dashes ().
Example:
PublicIP1: 75.126.143.35
IP address or FQDN: 75-126-143-35.mycitrixtraining.net
Click Next.
TIP: Select and copy the Gateway URL as you will need it in Step 64.
Since we are using the same appliance for StoreFront load balancing as well as
NetScaler Gateway for external access, we are selecting using IP 1.1.1.1 for the subnet IP
to prevent internal XenApp/XenDesktop sessions to be given the parameters for
launching the application through the gateway.
When selecting an IP that is not used by any appliance, StoreFront relies on the X-CitrixGateway header to identify connections originated through the gateway:
http://support.citrix.com/proddocs/topic/access-gateway-10/agee-clg-session-policiesoverview-con.html
| 34 |
59.
In the Secure Ticket Authority settings, enter the same STA used in the gateway settings.
http://XenDesktop.training.lab
61.
Finally, we need to enable remote access in the Store settings. In the left pane, select
Stores, then click on Enable Remote Access from the right-hand pane and complete the
configuration with the following parameters:
Remote Access: No VPN tunnel
NetScaler Gateway appliances: NSG_Site1
Default appliance: NSG_Site1
Click OK.
| 35 |
62.
Now we need to propagate the changes to the second StoreFront server. In the left pane,
select Server Group.
On the right-hand pane, click on Propagate Changes. Click OK on the confirmation
prompt.
63.
| 36 |
64.
It is now time to test external access. From your external workstation, open your
browser and navigate to the external FQDN corresponding IP1
https://your-dashed-fqdn.mycitrixtraining.net/
You browser should be able to display the Access Gateway login.
65.
| 37 |
66.
Once you have logged in, click on Windows Server 2012 Desktop to launch a desktop.
This verifies that the XenDesktop delivery infrastructure is working properly.
Sign out from the launched desktop.
67.
| 38 |
Congratulations, you have configured external access for your XenDesktop and XenApp
infrastructure. Continue to the next exercise.
Exercise Summary
Takeaways from this exercise:
1. Configure a NetScaler load balancer to access resources from both XenDesktop and
XenApp using a single StoreFront URL
2. Configure NetScaler Gateway to allow access to published resources from an external
device
| 39 |
Exercise 2
Integrating NetScaler Insight Center with Citrix Director
to View Session Details
Overview
In this exercise you will launch a published desktop session and look at the rich information that is
available within Citrix Director. Specifically we will look at the different logon stages detailed by
Citrix Director.
Action
1.
The first step is to configure NetScaler Insight Center. In XenCenter, switch to the Site1Insight VM. Click on the Console tab.
2.
If you enter an incorrect value and need to go back to the network configuration setup,
you can do so by running networkconfig from the shell.
| 40 |
3.
We are now ready to connect to the NetScaler Insight Center UI. Switch to the Site1Win8Client VM. Open a new tab in a browser and navigate to the management IP of the
NetScaler Insight Center appliance:
http://192.168.10.60
Username: nsroot
Password: nsroot
4.
| 41 |
Since there is the appliance has never been configured, you are presented with the getting
started wizard. Click on Get Started.
5.
Click Add.
6.
| 42 |
Select VPN to view the NetScaler Gateway details we have configured for StoreFront:
7.
| 43 |
9.
| 44 |
10.
Let us launch a session so we can see details shown in Citrix Director for a live session.
From your external workstation, open your browser and navigate to the external FQDN
corresponding to PublicIP1:
https://your-dashed-fqdn.mycitrixtraining.net/
(
PublicIP1 is available from the http://training.citrix.com/iltevents lab details. Take the
PublicIP1 and replace the periods (.) between octets and replace them with dashes (-)).
Example:
PublicIP1: 75.126.89.228
IP address or FQDN: 75-126-89-228.mycitrixtraining.net
| 45 |
11.
| 46 |
12.
Select Desktop.
13.
Launch Internet Explorer and Windows Explorer within the published desktop. The
shortcuts to these applications are in the desktops taskbar.
14.
| 47 |
15.
16.
| 48 |
17.
Here we can see details of all connections to XenDesktop over the last 60 minutes:
18.
19.
In Activity Manager you can view the list of applications launched by the user.
20.
The Processes tab will show the list of processes running. These can be sorted by Image
Name, CPU, Memory and User Name.
21.
Let us look use the Details tab to view further information about this session. This is found
at the top right-hand corner.
Select Details.
| 49 |
22.
Together with the Activity Manager, there is Machine Details and Session Details.
Machine Details:
In this section you are able to see details about the VDA machine itself, including OS type,
Allocation type and VDA version.
In the second part of this section, you are able to see details about the hosting infrastructure
that this VDA is running on, including Host Name, Machine properties and Load
evaluator index.
Lastly an administrator is also able to control the power of the machine as per below:
Session details:
In this section, you can see details about the session including Latency and the NetScaler
gateway Virtual IP Address (in this example its 192.168.10.51).
| 50 |
23.
Further down the page, information of the Logon Duration is displayed. Both the Logon
Duration as well as the breakdown of the Logon process is displayed:
Logon Duration:
Average time taken for each of the stages within the Logon process:
| 51 |
Further down the page, information of the Network details for this specific session is
displayed. This information is obtained from NetScaler Insight Center.
| 52 |
25.
View the different options listed in the drop down menu to view the graphs available:
26.
27.
28.
Let us inject some latency into the network and then view again the graph details within the
Network tab in Citrix Director.
Here is a simple diagram to illustrate the changes we will make in the next section. After analyzing
the diagram, continue to the next step.
Public Bond
eth4
RemoteSite Uplink
MainSite Uplink
PublicIP #1
PublicIP #2
eth2
eth3
eth1
eth0
WAN emulator
PublicIP #3
PublicIP #4
Site-to-Site link
192.168.30.0/24
Router1
29.
From the Site1-Win8Client, open a new web browser and navigate to the WAN emulator
UI:
http://192.168.30.3
30.
| 53 |
Router2
31.
We will be injecting 200ms delay on the interface eth2. Under eth2 enter 200 into Delay
time (ms). Click Apply Settings to commit the changes.
32.
Now that we have increased latency in the WAN, let us launch a new session so we can
see the changed to the Network graphs within Citrix Director.
From your external workstation, open your browser and navigate to the external FQDN
corresponding to IP1:
https://your-dashed-fqdn.mycitrixtraining.net/
(
IP1 is available from the http://training.citrix.com/iltevents lab details. Take the IP1 and
replace the periods (.) between octets and replace them with dashes (-)).
Example:
IP1: 75.126.89.228
IP address or FQDN: 75-126-89-228.mycitrixtraining.net
You browser should be able to display the Access Gateway login.
| 54 |
33.
34.
Let us go back to Citrix Director. Switch to Site-XenDesktop7 and launch Citrix Director.
35.
36.
Select Details
| 55 |
37.
38.
lab.
39.
| 56 |
Exercise Summary
Takeaways from this exercise:
1. Configured NetScaler Insight Center and integrated it with NetScaler to enable AppFlow
monitoring for NetScaler Gateway
2. Integrated NetScaler Insight Center with Citrix Director
3. Launched a session and viewed the rich information that is shown in Citrix Director
4. Introduced network latency to the WAN and viewed the data obtained by NetScaler Insight
Center within Citrix Director
| 57 |
Exercise 3
Using Citrix Scout to Obtain CDF Traces of a Launch
and Logon of a Session.
Overview
In this exercise we will use Citrix Scout to obtain clear text CDF traces of a launch and logon
session. This exercise will give us an opportunity to see what useful troubleshooting information is
obtained using Citrix Scout.
Action
On the XenCenter console, select Site1-XenDesktop7:
| 58 |
2.
Launch Citrix Scout by going to Start -> All programs -> Citrix
3.
There are two main buttons in Citrix Scout: - Start CDF Trace and Collect & Upload.
The option Start CDF Trace is used to obtain a full CDF trace for all Citrix XenDesktop
components on a machine, be it a Delivery Controller or a Virtual Desktop Agent (VDA).
The option Collect & Upload is used to enable Service Logging Configuration as well as to
obtain site information and machine specific information like event logs, hardware and
software information and registry information.
Service Logging Configuration will edit the config file for each of the XenDesktop
services running on either the Delivery Controller or the VDA to enable clear-text CDF
logging for each of these services. This information is extremely useful when narrowing
down an issue.
To obtain Service Logging, select Collect & Upload.
| 59 |
| 60 |
4.
5.
Enable Service Logging for the Broker Service and select Close.
6.
The next step is to enable Service Logging on the VDA. Check W2k12Srv.training.lab
machine and select the Settings icon
7.
Select Close.
DO NOT click on Continue. We first need to reproduce the issue before we collect the
log files.
| 61 |
8.
Now that we have enabled logging, let us launch a session so we can capture the logging
information that pertains to this session logon and launch process.
From your external workstation, open your browser and navigate to the external FQDN
corresponding to Public IP#2
https://your-dashed-fqdn.mycitrixtraining.net/
(
IP1 is available from the http://training.citrix.com/iltevents lab details. Take the IP1 and
replace the periods (.) between octets and replace them with dashes (-)).
Example:
IP1: 75.126.89.228
IP address or FQDN: 75-126-89-228.mycitrixtraining.net
You browser should be able to display the Access Gateway login.
| 62 |
9.
10.
Now we have launched a session and captured the logging information in the clear-text log
files, let us go back to Scout to obtain the data.
11.
There is a lot of information being collected by Citrix Scout so it will take a few minutes
before this information is available.
| 63 |
12.
Whilst Scout collects a lot of necessary information together with the Service Logs, it is
good to know that there are other methods of enabling Service Logging.
This can be done manually by following Citrix KB article
CTX117452: http://support.citrix.com/article/CTX117452.
13.
| 64 |
Scout will ask you to save a ZIP file with all the collect data in a location of your choice.
Save the file on the desktop.
14.
| 65 |
Scout will give you the option to upload the information collected to the Citrix Tools as a
Service (TaaS) website for analysis. In this case we are not going to avail of this option so
you can click on Cancel.
15.
| 66 |
16.
| 67 |
Scrolling to the bottom of the page will show the results obtained from this tool and will
highlight if there are any inconsistencies. In the below example, no problems were detected
so the message No problems found is shown. The Controller Database Connection
settings are also tested.
17.
Another interesting tab within the context of this lab is the Monitoring Service section which
shows the configuration details for this service amongst others.
The Monitor service supplies most of the data that is displayed in the Desktop Director
dashboard, including session connections, logon durations, connection failures etc.
| 68 |
18.
Select XenDesktop.training.lab tab. Here we can see the different data that is obtained for
each machine. In the Citrix section, XDPing provides useful information to ensure the
Delivery Controller has all the necessary configuration to handle successful registrations of
the VDA machines.
| 69 |
19.
The Broker Service Configuration file shows details of the WCF config file for the Broker
Service. This is the config file which is changed to enable Service Logging for this service.
In fact, we can see the changes that were made to enable Service Logging for this service
as well as the location of where the log file was saved on the local machine.
20.
Next let us look at the data collected for the VDA machine.
Select W2K12Srv.training.lab -> Citrix.
Here you can see a XDPing section which will confirm that the VDA is configured correctly
for a successful registration with the Delivery Controller server.
Selecting Workstation Agent Configuration File shows details of the WCF config file for
the Broker Agent Service. This is the config file which is changed to enable Service Logging
for this service. In fact, we can see the changes that were made to enable Service Logging
for this service as well as the location of where the log file was saved on the local machine.
| 70 |
21.
Do not close Scout for now, as it will delete the downloaded ZIP file for security
reasons. First we want to extract the downloaded zipped folder so that we can view the
clear-text CDF log files that we obtained for the Broker service from the Delivery Controller
as well as the Workstation Agent and ICA Service log files from the VDA machine. These
logs will contain the information we need to view the launch and logon process of a user
onto a VDA machine.
22.
Minimize Scout -> select the Scout created zip file called Scout-<date and time>-Site and
extract the contents of the zip file to the Desktop.
23.
Now that we have this information extracted, we can go ahead and close off Citrix Scout. As
Citrix Scout has enabled the Service Logging on a number of machines, it will prompt you if
you want to turn off this logging before closing off Citrix Scout.
Select Yes.
It is always good practice to stop the logging of these services if no additional logging is
needed. This will prevent the log files from getting too big and use up disk space.
| 71 |
| 72 |
24.
25.
Disable Service Logging for the Broker Service and select Close.
26.
27.
Select cancel and exit off Citrix Scout. The following warning message will be shown as we
havent uploaded the data to Tools as a Service (TaaS) site. As we have an extracted copy
of these logs, we can go ahead and Exit the tool.
You will see that now the zipped file called Scout-<date and time>-Site.zip has been
deleted.
28.
| 73 |
Exercise Summary
Takeaways from this exercise:
1. Using Citrix Scout, obtained relevant CDF traces for the Broker service (on the DC) as well
as the Broker Agent and the ICA service (on the VDA) by enabling the Service logging for
each of these services.
1. Viewed the rich information obtained by Citrix Scout. As seen in this exercise, this
information is very useful when troubleshooting issues related to registration, the database
to mention a few.
| 74 |
Exercise 4
Understanding How to Read a CDF Log File
Overview
In this exercise we will use the information obtained in Citrix Director to help us navigate through
the CDF log files and understand which information is relevant to the launch and logon process.
Action
On XenCenter console and select Site-XenDesktop7
2.
Login as Administrator via RDP
Username: training\administrator
Password: Citrix123
| 75 |
3.
Open the folder Scout-<date and time>-Site which was saved on the desktop in the
previous exercise.
Navigate to Site -> XenDesktop.training.lab -> Citrix -> Broker Service Configuration
file
Open the file called Broker.log.
This is clear-text CDF log file created for the Broker service when we enabled Service
Logging Configuration in the previous exercise.
4.
Open the Broker log file. Here you will see a text file filled with data.
How can we obtain the information we need without reading every line of text?
The best way to obtain the information we need is by following these three simple steps:
1. Obtain the date and time when the user experienced an issue. In our case, we will
be looking through the data of a successful launch process for User1. This data is
available in Citrix Director
2. Use keywords to immediately allow us to see relevant data
3. Using information obtained in both steps 1 and 2, to link the data from the Broker
log file to the BrokerAgent logs from the VDA machine
| 76 |
5.
First we need to obtain the date and time when user 1 last logged onto the machine. This
information is available within Citrix Director.
Navigate to Start -> All Programs -> Citrix -> Citrix Director.
6.
| 77 |
7.
We need to obtain the date and time of when user one logged onto machine. This is crucial
data as it allows us to quickly move through the Broker log file to view the section of the
log which is relevant to this users logon process.
Search for User one in the Search option
| 78 |
8.
As the user is not currently not logged into a session, this is the information that is shown in
Citrix Director:
Here we have information we need about the last connection attempt by this user, if it has
been successful or not, as well the date and time of this log on attempt. Other information
includes the Delivery group where the user attempted a connection as well as the Endpoint
IP address.
A view of all connections for a user can also be seen using the Filters tab. Here we
will also be able to see date and time of any failed connections with reason of that failure
as per below:
9.
| 79 |
Once we have this information, the next step is to use this information together with
different key words to quickly and efficiently find the information we need from the Broker
log file.
10.
Go back to the Broker log file (Open the folder Scout-<date and time>-Site and navigate
to Site -> XenDesktop.training.lab -> Citrix -> Broker Service Configuration file).
Note: There are many different tools that can be used to help with filtering log files, from
Microsoft Excel to more advanced tools. In this case we will use simple Notepad so the
same methodology can be used regardless of the tool being used to read the log file.
Search for the keyword BrokerOpEvent. These are the operational events being
generated by the Broker and sent to the Monitor service, which is reflected in Desktop
Director.
You will find that there are quite a few logs with the keyword BrokerOpEvent but as
we know the date and time when the user logged in, we can skip to the BrokerOpEvent
logs which were generated around the timestamp of the last user connection. In my
example this was at 6:20am
11.
The first relevant BrokerOpEvent event that is seen within the timeframe shown in Citrix
Director is the following:
04/12/13 06:19:57.2553 : BrokerOpEvent:2013-1204T11:19:56.5930000Z:ResourceLaunch(91470b87-a7fb-4184-98f2-8ec6243012f4,
Worker=S-1-5-21-847335651-2972979023-2999829477-1121, Reconnect=False, Windows
Server 2012 Desktop $S1-1, Client=192.168.20.51, Via=fe80::dddd:6822:ca60:703e%16,
31ms, User=S-1-5-21-847335651-2972979023-2999829477-1111, TRAINING\user1,
user1@training.lab, User One, App=False)
Here we find some very useful information including SIDs for both user one as well as the
Worker. This is the published desktop machine the user is connecting to. One piece of
information which is key to identifying relevant information about this session is:
91470b87-a7fb-4184-98f2-8ec6243012f4 This is the session GUID. This GUID is
unique for this session and will be referenced in any log file that is generated, be it the
Broker log file, the BrokerAgent or any other log file within the XenDesktop environment,
including NetScaler! We will be using this session GUID to view relevant information in the
BrokerAgent log.
| 80 |
12.
The next few BrokerOpEvent logs that are seen are the following:
(TIP: use word wrap within Notepad to easily ready through the log file.)
04/12/13 06:20:02.4658 : BrokerOpEvent:2013-1204T11:20:02.2430000Z:SessionValidate(91470b87-a7fb-4184-98f2-8ec6243012f4,
Worker=S-1-5-21-847335651-2972979023-2999829477-1121, Brokered=True,
Failure=None)
04/12/13 06:20:05.9447 : BrokerOpEvent:2013-1204T11:20:05.7930000Z:SessionLogon(91470b87-a7fb-4184-98f2-8ec6243012f4,
Worker=S-1-5-21-847335651-2972979023-2999829477-1121, Via=192.168.20.51,
Client=50.97.181.90, LANDINGVM, 14.1.0.0, HDX, Secure=False, User=S-1-5-21847335651-2972979023-2999829477-1111, TRAINING\user1, user1@training.lab, User
One, Complete=False)
04/12/13 06:20:06.2567 : BrokerOpEvent:2013-1204T11:20:06.1100000Z:SessionTrustedUser(91470b87-a7fb-4184-98f2-8ec6243012f4,
S-1-5-21-847335651-2972979023-2999829477-1111, TRAINING\user1,
user1@training.lab, User One)
04/12/13 06:20:06.3971 : BrokerOpEvent:2013-1204T11:20:06.1970000Z:SessionLogonComplete(91470b87-a7fb-4184-98f28ec6243012f4)
As you can see above, each of the BrokerOpEvent logs have the session GUID
91470b87-a7fb-4184-98f2-8ec6243012f4 which allows you to confirm that these logs
pertain to the session for User one.
13.
Now let us go through the Broker log with the timespan identified, and search for events
with the session GUID 91470b87-a7fb-4184-98f2-8ec6243012f4. Here you will find
detailed information about each of the steps carried out by the Broker Service for this
session launch.
From looking at the logs, you may notice some additional keywords that could be helpful in
filtering through a Broker log file:
XmlServices: This will show you information related to the XML communication between
the broker and the StoreFront server.
BrokerDAL: This will show you information related to the brokers communication with the
database
14.
Once we have this detailed information, we can move onto the BrokerAgent log file and
see the information we can obtain by using the session GUID 91470b87-a7fb-4184-98f28ec6243012f4.
Open BrokerAgent log file by going to the folder Scout -<date and time> -> Site and
navigate to Site -> W2K12Srv.training.lab -> Citrix -> Workstation Agent Configuration
file.
Search for 91470b87-a7fb-4184-98f2-8ec6243012f4. Confirm that the logs are within the
timeframe that was highlighted in Citrix Director.
| 81 |
15.
Apart from the log files above, where else have you seen the Session GUID?
If you go back to Citrix Director, the session GUID is shown in the Network section of a
live session as per below:
16.
| 82 |
Exercise Summary
Takeaways from this exercise:
1. Understand the methodology used to find relevant information within a CDF log file.
2. Used the data obtained from Citrix Director to navigate through the different CDF log files for
each of the services.
3. Identified important keywords which help to navigate to relevant sections of the CDF log file.
| 83 |
Exercise 5
Understanding the Different PowerShell cmdlets Used
to Publish an Application from within a VDA Machine.
Overview
In this exercise we will publish a couple of applications from a VDA machine. We will also look at
different PowerShell cmdlets used under the hood by the application publishing wizard within Citrix
Studio.
Action
On XenCenter console and select Site-XenDesktop7.
| 84 |
3.
4.
Select OK.
| 85 |
| 86 |
5.
6.
Select Next.
7.
| 87 |
8.
Next let us configure File Type Associations (FTA) for the Paint application.
The first step is to place the VDA machine in maintenance mode. Go to Search in the left
pane, select the Server OS Machines tab, then right-clicking W2k12Srv.training.lab and
selecting Turn On Maintenance Mode.
| 88 |
10.
11.
| 89 |
12.
Before we can test the published applications, we need to remove the VDA machine from
maintenance mode.
Go to Search in the left pane, select the Server OS Machines tab, then right-clicking
W2k12Srv.training.lab and selecting Turn Off Maintenance Mode.
Select Yes
| 90 |
13.
Let us confirm that we are able to launch a newly published application. From your
external workstation, open your browser and navigate to the external FQDN
corresponding to Public IP#2 : IP1.mycitrixtraining.net .
(
IP1 is available from the http://training.citrix.com/iltevents lab details. Take the IP1 and
replace the periods (.) between octets and replace them with dashes (-)).
Example:
IP1: 75.126.89.228
IP address or FQDN: 75-126-89-228.mycitrixtraining.net
Your browser should be able to display the Access Gateway login.
| 91 |
| 92 |
14.
Once you are logged in, you will only see the applications published by XenApp. To add the
applications published by XenDesktop, select the white + sign to add applications.
15.
Select All Apps -> Select the following applications: Command Prompt, Paint and
Windows Media Player
16.
As can be below, there is no distinction between the applications published by XenApp and
those published by XenDesktop.
17.
Launch Command Prompt to confirm that you are able to launch an application through
XenDesktop.
18.
Which PowerShell cmdlets are used to query a VDA workstation and obtain the applications
from that machine?
To find this out, let us go back to the XenDesktop Controller server and run the different
cmdlets which will obtain this data.
On XenCenter console and select Site-XenDesktop7.
| 93 |
19.
Launch Citrix Studio (if it is not already launched) by selecting Citrix Studio icon
found within the taskbar.
20.
21.
By launching PowerShell from Citrix Studio, all the XenDesktop modules will already be
loaded within PowerShell. You could also launch PowerShell directly from Windows
Desktop. In this case you will need to run the command asnp Citrix.* and press Enter to
load the XenDesktop modules (asnp is the PoSH Alias for Add-PSSnapin).
| 94 |
22.
The PowerShell cmdlet used to retrieve application from a VDA machine is: GetBrokerMachineStartMenuShortcuts.
Let us run the Get-help cmdlet together with this cmdlet so we can obtain information about
cmdlet Get-BrokerMachineStartMenuShortcuts.
Run cmdlet Get-help Get-BrokerMachineStartMenuShortcuts
23.
Now that we know what this cmdlet does, let us use the cmdlet to retrieve the list of
applications from Windows Server 2012 machine W2k12Srv.training.lab.
Run command: Get-BrokerMachineStartMenuShortcuts MachineName
W2k12Srv.training.lab.
| 95 |
24.
Another interesting PowerShell cmdlet that is used to obtain the FTA (File Type Association)
for each Application. Let us first look at the two PowerShell cmdlets that are used by Citrix
Studio to obtain these details.
Run command: Get-Help Get-BrokerImportedFTA
25.
| 96 |
Now that we understand what the cmdlet does, let us run the command: GetBrokerImportedFTA -ExtensionName ".wmf".
26.
| 97 |
27.
Now that we understand what the cmdlet does, let us run the command: GetBrokerConfiguredFTA -ExtensionName ".wmf"
28.
Exercise Summary
Takeaways from this exercise:
1. Used Citrix Studio to configure and publish a couple of applications from a VDA machine
2. Configured File Type Association for one of the applications
3. Learnt which PowerShell cmdlets are used under the hood within Citrix Studio to retrieve
applications from within a VDA machine as well as the associated FTA for an application.
| 98 |
Optional: Exercise 6
Using Citrix Director and CDF Log Files to View
Information About a Launched Published Application
Overview
In this exercise we will use Citrix Director to assist with published application troubleshooting in
XenDesktop 7 and look at the CDF logs obtained from launching a published application.
Action
| 99 |
Username: training\administrator
Password: Citrix123
3. Launch Citrix Scout by going to Start -> All programs -> Citrix
| 100 |
4. There are two main buttons in Citrix Scout:- Start CDF Trace and Collect & Upload.
The option Start CDF Trace is used to obtain a full CDF trace for all Citrix XenDesktop
components on a machine, be it a Delivery Controller or a Virtual Desktop Agent (VDA).
The option is used to enable Service Logging Configuration as well as to obtain site
information and machine specific information like event logs, hardware and software
information and registry information.
Service Logging Configuration will edit the config file for each of the XenDesktop services
running on either the Delivery Controller or the VDA to enable clear-text CDF logging for each
of these services. This information is extremely useful when narrowing down an issue.
To obtain Service Logging, select Collect & Upload.
| 101 |
6. Enable Service Logging for the Broker Service and select Close.
7. The next step is to enable Service Logging on the VDA. Check W2k12Srv.training.lab
machine and select Settings icon
| 102 |
Select Close.
DO NOT click on Continue. We first need to reproduce the issue before we collect the
log files.
| 103 |
9. Now that we have enabled logging, let us launch a session so we can capture the logging
information that pertains to this session logon and launch process.
From your external workstation, open your browser and navigate to the external FQDN
corresponding to Public IP#2
https://your-dashed-fqdn.mycitrixtraining.net/
(
IP1 is available from the http://training.citrix.com/iltevents lab details. Take the IP1 and
replace the periods (.) between octets and replace them with dashes (-)).
Example:
IP1: 75.126.89.228
IP address or FQDN: 75-126-89-228.mycitrixtraining.net
You browser should be able to display the Access Gateway login.
| 104 |
| 105 |
12. Scout will ask you to save a zip file with all the collect data in a location of your choice. Save
the file on the desktop.
| 106 |
13. Scout will give you the option to upload the information collected to the Citrix Tools as a
Service website for analysis. In this case we are not going to avail of this option so you can
click on Cancel.
14. Minimize Scout -> select the Scout created zip file called Scout-<date and time>-Site and
extract the contents of the zip file to the Desktop.
15. Let us start by looking at the ICA Service log file by going to the folder Scout-<date and
time>-Site and navigate to Site -> W2k12Server.training.lab -> Citrix -> Workstation
Agent Configuration file -> BrokerAgent.
16. What information do we need to identify which logs are relevant to the launch of both the
Command Prompt and Windows Media Player applications?
| 107 |
17. First we need to obtain the date and time when user 1 last logged onto the machine as well
as the Session GUID. This information is available within Citrix Director.
18. Launch Citrix Director and log in using the following credentials:
User name: Administrator
Password: Citrix123
Domain: training
20. In Activity Manager you can view the list of applications launched by the user.
| 108 |
21. Let us look use the Details tab to view further information about this session. This is found at
the top right-hand corner.
Select Details.
22. Let us look at the Network section and find the Session GUID.
23. Now that we have the Session Guid, let us change the format to reflect how it is displayed in
the log files:
ad2acdda-ee5c-4634-80ce-6144955a52e5
| 109 |
24. Let us go back to the BrokerAgent log file called BrokerAgent.log and look for the events
corresponding to this Session Guid:
1232: BrokerAgent:=========>>>>> CONNECTION STARTING POINT PrepareSession
entry Session Key ad2acdda-ee5c-4634-80ce-6144955a52e5, IsReconnect False, Launch
Token ce075acd-9452-4945-9e5b-8257ebbee447, Brokering Token S-1-5-21-30429575112888033547-949915721-1105
Here we see the VDA preparing for an ICA connection. We know that this a new session as
the IsREconnect value is set to False.. We know these logs pertain to User1 as both the
date/time and more importantly the Session Guid matches the details shown in Desktop
Director.
25. Let us see what relevant information we have obtained from Broker log file. Using the same
keywords that we used in exercise 4, lets search through the log file using the keyword
BrokerOpEvent:
16/12/13 06:43:18.5799 : BrokerOpEvent:2013-1216T11:43:18.5770000Z:ResourceLaunch(ad2acdda-ee5c-4634-80ce-6144955a52e5,
Worker=S-1-5-21-847335651-2972979023-2999829477-1121, Reconnect=False, Windows
Meda Player, Client=192.168.20.51, Via=fe80::59a8:b6c6:e3bc:cfd%16, 202ms, User=S-1-521-847335651-2972979023-2999829477-1111, TRAINING\user1, user1@training.lab, User
One, App=True)
Here we can see that App=True showing that the user is launching an application called
Windows Media Player. When we compare this log file to the previous log line in Exercise 4,
step 13 (shown below), this was set to False as in that scenario the user was launching a
published desktop called W2K12 Server:
04/12/13 06:19:57.2553 : BrokerOpEvent:2013-1204T11:19:56.5930000Z:ResourceLaunch(91470b87-a7fb-4184-98f2-8ec6243012f4,
Worker=S-1-5-21-847335651-2972979023-2999829477-1121, Reconnect=False, W2K12
Server: $S1-1, Client=192.168.20.51, Via=fe80::dddd:6822:ca60:703e%16, 31ms, User=S-15-21-847335651-2972979023-2999829477-1111, TRAINING\user1, user1@training.lab, User
One, App=False)
26. Can you find the other four logs (as we did in exercise 4) with in the Broker log which also
contain the keyword BrokerOpEvent and confirm a successful session launch?
| 110 |
27. Other interesting information using keyword: VisibleResource which displays the
applications that are available for user with SID: S-1-5-21-847335651-29729790232999829477-1111.
16/12/13 06:43:32.4327 : BrokerDAL: => VisibleResource(User=S-1-5-21-8473356512972979023-2999829477-1111): Application(Shared): Command Prompt (Command
Prompt): Uid=1, Groups=1
16/12/13 06:43:32.4327 : BrokerDAL: => VisibleResource(User=S-1-5-21-8473356512972979023-2999829477-1111): Application(Shared): Paint (Paint): Uid=2, Groups=1
16/12/13 06:43:32.4327 : BrokerDAL: => VisibleResource(User=S-1-5-21-8473356512972979023-2999829477-1111): Application(Shared): Windows Media Player (Windows
Media Player): Uid=3, Groups=1
28. Congratulations you have finished this exercise.
| 111 |
Exercise Summary
Takeaways from this exercise:
1. Using Citrix Scout, obtained relevant CDF traces for the Broker service (on the DC) as well
as the Broker Agent and the ICA service (on the VDA) by enabling the Service logging for
each of these services.
2. Viewed relevant details of the application launch within Citrix Director
3. Used the data obtained from Citrix Director to navigate through the CDF log files.
| 112 |
Revision:
Change Description
Updated By
Date
1.0
Original version
Karen Sciberras
May 2014
About Citrix
Citrix (NASDAQ:CTXS) is a cloud company that enables mobile workstylesempowering people to
work and collaborate from anywhere, securely accessing apps and data on any of the latest
devices, as easily as they would in their own office. Citrix solutions help IT and service providers
build clouds, leveraging virtualization and networking technologies to deliver high-performance,
elastic and cost-effective cloud services. With market-leading cloud solutions for mobility, desktop
virtualization, networking, cloud platforms, collaboration and data sharing, Citrix helps organizations
of all sizes achieve the speed and agility necessary to succeed in a mobile and dynamic world.
Citrix products are in use at more than 330,000 organizations and by over 100 million users
globally. Annual revenue in 2012 was $2.59 billion. Learn more at www.citrix.com.
| 113 |