Secrets of the Citrix Support Ninjas


Published on

Let’s face it. Citrix technology is pretty complex stuff – and it touches just about every other part of your IT infrastructure.

As an administrator, you need to be at the top of your game.

Fortunately, you’re never alone when you deploy Citrix. We’ve got a whole ecosystem of support services and free self-support resources and tools to help (see the last page for a quick overview).

Ninja power: A lot of our best advice for administrators comes from the ridiculously smart people who run our Premier Support and hardware maintenance helpdesks. They help thousands of people every week and, in doing so, they’ve learned a hell of a lot about
the things that can go wrong.

So we thought we’d ask some of our best support people to share their favorite tips for administrators, then we organized them by product so you could browse them and discover some goodies to take back to your job.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Secrets of the Citrix Support Ninjas

  1. 1. Secrets ofthe CitrixSupport Ninjas
  2. 2. Stuff happens.Let’s face it. Citrix technology is pretty complex stuff – and ittouches just about every other part of your IT infrastructure.As an administrator, you need to be at the top of your game.Fortunately, you’re never alone when you deploy Citrix. We’vegot a whole ecosystem of support services and free self-supportresources and tools to help (see the last page for a quick overview).Ninja powerA lot of our best advice for administrators comes from theridiculously smart people who run our Premier Support andhardware maintenance helpdesks. They help thousands of peopleevery week and, in doing so, they’ve learned a hell of a lot aboutthe things that can go wrong.So we thought we’d ask some of our best support people to sharetheir favorite tips for administrators, then we organized them byproduct so you could browse them and discover some goodiesto take back to your job.Good luck out there.The Citrix Support team
  3. 3. A short commercialfor Auto SupportThe secret all our supportNinjas use every day.The one tool that helps all of our support Upload your log file Be proactive.people quickly solve problems for our Here’s the start page. Auto Support is great forcustomers is something we call Auto troubleshooting. But top admins useSupport (formerly known as TaaS). Let Auto Support analyse it it regularly as a system health check – – looking for known issues. even if no performance issues or errorsAuto Support is a quick and easy have occurred.troubleshooting tool for administrators like Get your full reportyou. If you open a case with Citrix Support, – including recommended fixes, links Even if you don’t find any issues, you’llchances are they’ll ask you to upload your to the perfect support article and best- get a System Snapshot that profileslog file to Auto Support first. practice advice for your configuration. your entire environment in one place. Which can be pretty useful.Now, we’ve made this powerful tool Auto Support is available foravailable to all customers online so you XenDesktop, XenServer, NetScaler So come back to Auto Supportcan diagnose and fix problems quickly. and (this just in) XenApp. whenever you’ve made a significantHere’s how it works: change to your Citrix deployment. And we’re adding new plug-ins, fixes Or stop by for some peace of mind and recommendations all the time, every few months. so Auto Support keeps getting better and better. Auto Support handles log files for: • XenDesktop • XenServer • NetScaler • XenApp
  4. 4. The Ninja SecretsGrab your katana and turn the page.
  5. 5. NetScaler1 Learn to troubleshoot in the command-line interface.You see more information as a result of 4 If the NetScaler has multiple MIPs/SNIPs and you don’t know the source IP communicating to a particular 6 In order to test NetScaler connectivity to the NTP server:one command instead of several clicks backend server, create a service under »»disable NTP in GUI (system -> NTP)in the GUI. load balancing for the particular backend »»SSH to CLI server and bind a ping or tcp monitor to it. »»shellAn example: Show service <servicename> »»ntpdate <IP of NTP server>gives you ALL the service information, AND O pen an SSH session and type »»f successful enable NTP in the GUI. Ithe monitor, AND the last monitor status. the following command in shell: Otherwise, check for firewalls... »» –an Host Port2 Is one of your users not getting the access they want and expect?These commands will give you real-time »»Host: BackendIPAddress »»Port: Portnumberinformation of all authentication requestsdone from the NetScaler. You won’t find thisinformation in any logs. 5 If multiple kernels are located on the flash, and you want to know which one the appliance will use when it next reboots»»SSH to CLI (i.e. to identify if an install but no reboot»»shell has taken place), check the version in»»cat /tmp/aaad.debug loader.conf by running this command: cat /flash/boot/loader.conf3 If you type “Sysctl –a” into the command line, it gives you thelimitations and information relatedto the model of NetScaler you’re using.
  6. 6. 7 Use: 10 You can execute shell commands from the NetScaler command line interface by simply typing ‘shell’ beforehttp://Netscaler-ip-address/menu/guia the shell command. Example:instead of: shell ls –la /flashhttp://Netscaler-ip-address/menu/neo This is particularly useful when you only have GUI access to the NetScaler / Accessin the NetScaler version 10 when accessing Gateway Enterprise appliance. You canthe management page of NetScaler. It gives push these commands through the dialogthe look and feel of 9.3 version. box at System - Diagnostics - Command Line Interface.8 While taking a nstrace, set the packet size to zero to collectthe complete payload. 11 Use the Winscp tool ( to edit text- based files in the NetScaler instead9 While logging into the NetScaler, of using vi editor at the page where you are promptedfor credentials, click on “show options”and choose the page that you want togo into instead of the configuration. 12 While logging into the NetScaler, at the page where you are prompted for credentials, click on “show options” and increase the session timeout for a longer session.
  7. 7. XenApp1 From a cmd prompt on a XenApp Server, type: 4 Wondering if that print driver will work with XenApp? Use StressPrinters to get the answer!cpatch /l | findstr /i hotfixname Find it here:This command string lists only the installed.It does not include all the extraneousinformation about the hotfixes providedwhen running cpatch /L 5 You can try all seamless flags at once if you enter this: »» egistry Key: HKEY_LOCAL_MACHINE R SYSTEMCurrentControlSetControl2 Use the Citrix Scout tool to collect logs and CDFtraces from selected computers. CitrixwfshellTWI »»Value Name: SeamlessFlags »»Value Type: 3EFFB7Citrix Scout is also used in conjunction withAuto Support to help resolve known issues.3 Whenever you need to troubleshoot a XenApp environment, do not forgetCitrix Quick Launch.This little fella can help to reduce thenumber of items you have to troubleshoot:Is it the web interface?Is it a published application?Is it some client or server setting?Go to CTX122536 ( and downloadthe latest release!
  8. 8. 6 Here’s a nifty tip to prevent auto- creation of client printers. 8 Here’s a great way to fix display corruption issues: Change ForceLVBMode to 1 under the»» se the Group Policy Editor in Windows U following registry key on client machines: or the Citrix Delivery Services Console in XenApp to create and name a User- 32bit: HKLMSOFTWARECitrixICA type policy. ClientEngineConfigurationAdvanced»»n the Printing section of the policy, I ModulesWFClient navigate to Drivers.»» elect the Printer driver mapping S 64bit: HKLMSOFTWAREWow6432Node and compatibility policy rule. CitrixICA ClientEngineConfiguration»» lick Add, type the name of the C AdvancedModulesWFClient printer driver to be excluded.»»Select “Do not create”. 9 Break out of a seamless window to see if the weird display issue7 This is an ingenious little tool that is seen in a fixed window. tests if Citrix ports are open and Shift and F2.listening for a connection.It’s called Citrix Port Check Utility.Get it here:
  9. 9. XenDesktop1 When troubleshooting VDA registration Crucially, the IP address reported for the issues, follow these easy steps: remote machine by the ping command in each case should match the IP address 4 CDFMarker is a great way to seriously reduce the amount of CDF tracing you»»Run Nslookup Ip address of the VDA from reported by the ipconfig command on the need to analyze. the DDC CDF traces can grow to 100’s of thousands relevant machine. of lines very quickly, but by using CDFMarker»»Run Nslookup full qualified name of the VDA from the DDC If there is any discrepancy, fix the problem you can identify the area of interest in the»»Run Nslookup Ip address of the DDC from with your DNS configuration and restart trace straight away, avoiding the need to the VDA either the VDA and or the DDC controller, analyze thousands, or even hundreds of»»Run Nslookup full qualified name of the as appropriate. thousands of lines of tracing! DDC from the VDA Get the tool here:»» erify you can ping the VDA from the DDC. V 3»» erify you can ping the DDC from the VDA. V Multiple Network Adapters If the virtual desktops contain multiple2 If registration fails and you get the error message “DNS is not properly network adaptors that can be used to communicate with the DDC, this might 5 You can quickly and easily optimize the user experience on XenApp XenDesktop with the help andconfigured”, then this tip will be useful: cause the security negotiation to fail. recommendations of HDX Monitor.Registration fails if the VDA or the DDC In that case, try disabling all networkcontroller sees an incorrect IP address adapters except for the one used tofor the other party. Complete the followingexperiment to see if this is an issue: communicate with the DDC. 6 This is a useful PowerShell command to perform a health check on the Broker Service.On both machines, start a command shellwindow and run the following commands: CTX127254/help/Get-»»ipconfig BrokerConnectionLog.html»»ping othermachine.domain.comBoth machines should be able to ping eachother successfully by DNS name (this meansusing the fully qualified domain name (FQDN)including the bit and not thesimple NetBIOS name).
  10. 10. 7 Refer to the blog post below or CTX117248 for a good list of whattypically causes VDA registration issues. 9 The XD Site Checker Tool is great for troubleshooting site services registration issues.They explain how to resolve them: 10 Here is a little tip that saves me time and effort every time I troubleshoot XenDesktop issues,8 I frequently refer to (blog post) or CTX117248 for a good list whattypically causes VDA registration issues, especially VDA registration problems. XDPing: It’s a very useful tool that automates the verification of configuration settingsand they explain how to resolve them: in a XenDesktop environment. Download it here:
  11. 11. XenServer1 Always run a metadata backup before any significant modificationto the pool, such as a hotfix installation After just a few minutes, the new template VM will be visible as a hidden object in XenCenter and (voilà!) you can now export You can now browse the pool resources as if you were connected to the live pool. This will show the pool data from the pointor upgrade. using OVF. in time the status report was taken.2 While trying to export virtual machines This can be very helpful when trying to from a XenServer box, any attempt touse the OVF format may fail. 3 If you run vm-exports from the command line interface instead of XenCenter you can get much faster recover storage that has been disconnected since SR UUID’s and SCSI ids can be seen in a GUI instead of having to locate theThe XenCenter log file (in %appdata% export speeds. information in a log.CitrixXenCenterLogXencenter.log) shows Why? Because you’re not using thesomething like: 2012-07-23 16:14:56,676 Windows transfer methods or compressingDEBUG XenAdmin.Actions.ActionBase on the fly on a less powerful workstation.[4132] - System.Exception: Failed to export.--- System.Xml.XmlException: Rootelement is missing. 4 Review historical pool status and other useful information using a pool status report:When you wish to use the OVF format,XenServer relies on a “Transfert VM” whichis a hidden object in XenCenter. So, if you Click “Add New Server” in XenCenter,don’t see it in your XenCenter (View/Hidden and in the server block enter the pathObject) as a grayed template, no OVF to the xapi-db.xml file in the status report.export can be done! Here’s an example: C:UsersblaineaDesktopstatus-In that situation, make sure a default report012-09-27-15-48-142012-09-27-15-SR is set (required to rebuild the transfer 48-22-1-bugtool-xenHAbug-virtual machine) in XenCenter and, from report-20120927154726xapi-db.xmlthe command line interface, run:[root@PARCCSXEN ~]# /opt/xensource/packages/files/transfer-vm/
  12. 12. 5 Extra RAM can sort a lot of host issues but good storage speed is priceless. 8 While applying a bunch of patches, you do not need to reboot the physical host after every patch unless it is a prerequisite for another patch (this is6 Use the XAPI DB Parsing tool to create a report that can be viewedin a web browser. normally not the case). Just install all of them one by one and then give one final reboot. This will save you a lotThis can be very helpful if a status report of time.was taken recently and - if for some reasonVDI associations were lost – the report willprovide the UUIDs of the VDIs so they canbe re-associated either manually or usinga script. 9 Use CPU exclusive pinning on large systems to get the best performance from XenServer with the new utility “xl”. This was first introduced quietly in 6.0 and is fully implemented in 6.1.7 If you are using OVS, capturing traces on the bond won’t work.Use tcpdump on the two physicalinterfaces. If you are using somethinglike eth0 and eth1, try:»»tcpdump -i eth0 -s 0 -w /tmp/eth0.pcap »»tcpdump -I eth1 -s 0 -w /tmp/eth1.pcap Then, when you’re donefg then ctrl+c to end the first, and againto end the second.
  13. 13. There you have it.Now you’ve learned the secretsof some of our top Support Ninjas,go in peace.We hope you took away some great tips.And do let us know if you’ve got tips likethese you’ve learned from your owndeployment experiences. We’ll share ourfavorites in a Knowledge Center articleor in social media channels.A big doumo arigatou gozaimasu(“thank you”) to our Citrix Support ninjas:Ronan O’Brien, Magnus Esse,Durga Kiran Bolagani, Gene Whitaker,Paul Gardner, David McGeough,Frederic Serriere, Nicholas Vasille,Rene Alfonso, Nicholas Connolly,Frank Nicosia, Colm Naish, Michael Ryan,Martin Zugec, Kenneth Baldwin,Marek Dresler, Corin Goodier, Blaine Anaya,Gareth O’Brien and Trijot Singh Baweja.
  14. 14. Try Auto Support nowUpload your log file to Auto Supportand we’ll give you a quick systemsnapshot, plus any errors, fixes andbest-practice advice.
  15. 15. More ResourcesOur XenDesktop Blog The Citrix Knowledge PodioFor best-practice advice Center The social collaborationfrom some of our Dig in - we share platform that you maketop people. everything we know. your own.The XenDesktop eDocumentation AppDNASupport Forum All our documentation The applicationThere’s not a lot this in an easy-to-use format. compatibility testingcommunity doesn’t tool that acceleratesknow about desktop The Ask the Architect blog and de-risks migration.virtualization. An excellent team blog by some of the best inThe XenDesktop Design the business.HandbookWith referencearchitectures, planningguides and lots more.
  16. 16. About Citrix ServicesWe’re Citrix consultants, How we can help Plus free tools resources,teachers and support including:engineers and we’re all Citrix Consultingabout one thing: making Intensive engagements for The Knowledge Centersure you succeed. complex, critical or just Online forums, plain massive projects. documentation andWith our help, you’ll deploy support resourceshigh-performance, robust Citrix Supportvirtualization and networking Always-on support Citrix Auto Supportprojects, faster and with services that leverage The automated onlinedramatically lower risk everything we know about troubleshooter andand higher return. best-practice deployment health-checker. and maintenance.From free online tools and Project Accelerator24x7 support to intensive Citrix Education The project managementtraining, live events and The fastest, most efficient environment for yourdeeply committed way to get your team the entire desktopconsulting engagements virtualization skills they virtualization project.– we’re here for you. need. Online, on-site or in class.