Want more Citrix test preparation?

For more Citrix exam preparation, including study guides and weekly updated content, try 7 DAYS FREE of the Exam Prep membership.

Updated 1Y0-A08 XenApp 5 Study Guide

1Y0-A08 Advanced Administration for Citrix XenApp 5.0 for Windows Server 2008

Download the PDF here. 

#Monitoring, Managing and Maintaining the Environment

 

Health Monitoring and Recovery can be configured to monitor the health of many XenApp components, report failures and take actions to correct the issues.

Using Health Monitoring and Recovery, an administrator can monitor the Citrix IMA Service, be alerted to IMA Service failures and configure an automatic restart of the service when it fails.

Citrix Print Manager Service Test determines the health of the Citrix Print Manager service by enumerating session printers. In cases where the test cannot enumerate session printers, such as service hangs or crashes, the test fails.

In the ‘Client display settings’ of the icaclient.adm template, an administrator can configure window width and height, seamless windows, window percentage and full screen for users in a XenApp environment.

Setup the Health Monitoring and Recovery test, checklhc.exe, to automatically check for and send alerts in cases where the local host cache is corrupt.

To enforce single sign-on, setup local username and password using icaclient.adm.

To set up configuration logging properties to log administrative changes and to only allow changes to the farm while the configuration database is available: 1. Ensure an SQL Server or Oracle database is setup and configured. 2. Use the Access Management Console to modify configuration log properties. 3. Select ‘Log administrative tasks to logging database’. 4. Disable ‘Allow changes to the farm when database is disconnected’.

Event Viewer is a Windows MMC snap-in tool that allows administrators to view application, security, setup, system and forwarded event logs on local and remote computers.

To configure Microsoft SQL Server 2000 data store replication, first, create a new database on the SQL server that will be used for the replica. Then move on to configuring everything in Enterprise Manager on the server that is to be used for the master database.

The SQL Replication Test Tool is designed to troubleshoot issues with SQL Immediate Updating Transactional Replication.

If the data store is experience high CPU usage when there should not be significant reads or writes to the data store, it is possible that the data store is not powerful enough to manage a query interval of 30 minutes.

To determine whether or not the data store query interval is causing the high CPU usage on the data store, you can set the query interval to a very large number and test CPU usage. If the CPU usage returns to normal after you set a large query interval, the data store query interval is probably the cause of the high CPU usage. You can adjust the query interval by trial and error.

The Access Management Console is a standalone MMC snap-in used to monitor sessions and create a variety of reports. In addition, an administrator can use the Access Management Console to view hotfix information and configure Health Monitoring and Recovery.

Citrix Print Manager Service Test (cpsvctest.exe) determines the health of the Citrix Print Manager Service by enumerating session printers. In cases where the test cannot enumerate session printers, such as service hangs or crashes, the test fails.

Check Local Host Cache (checklhc.exe) performs an integrity and consistency test on the local XenApp Server’s Local Host Cache (LHC). The integrity check ensures that the data stored in the LHC is not corrupted while the consistency check ensures no duplicate LHC entries.

ICA Listener (icalistener.exe) detects if the XenApp Server is able to accept ICA connections. The test detects the default ICA port, connects to the port, and sends it some data. If the test gets the appropriate data back, the test succeeds. Health Monitoring and Recovery can be configured to send alerts if the test fails.

Single sign-on can be enforced using the icaclient.adm template by enabling pass-through authentication in the ‘Local username and password’ setting.

In the ‘Client display settings’ of the icaclient.adm template, an administrator can configure window width and height, seamless windows, window percentage and full screen for users in a XenApp environment.

To enable seamless windows using the icaclient.adm template, go to Administrative Templates > Citrix Components > Presentation Server Client > User Experience and select ‘Client display settings’ in the right pane. Choose Enable and set ‘Seamless windows’ to True.

Configuration Logging is a feature that tracks administrative changes made to the server farm and logs them to a database from which reports can be generated in the Access Management Console.

Configuration Logging is a feature that tracks administrative changes made to the server farm and logs them to a database from which reports can be generated in the Access Management Console.

All changes to the XenApp farm should be tracked using Configuration Logging and credentials must be entered by an administrator before the log can be cleared. Also, if the Configuration Logging database is disconnected, no changes to the farm should be allowed. The following tasks should be done by the administrator:  Enable Configuration Logging in the Access Management Console,  Select ‘Require administrators to enter database credentials before clearing the log’, Deselect ‘Allow changes to the farm when database is disconnected’.

To enable the Configuration Logging feature (after establishing a connection to the database): From the Start menu, select All Programs > Citrix > Management Consoles and choose Access Management Console or Delivery Services Console. Select a farm. In the task pane, under Common Tasks, click Modify farm properties > Modify configuration log properties. Under Log tasks, select Log administrative tasks to logging database to enable configuration logging.

If you want administrators to be able to make changes to the farm when the database is disconnected, select Allow changes to the farm when database is disconnected, which becomes available when configuration logging is enabled.

To prompt administrators to enter their credentials before clearing the log, under Clearing log, select the Require administrators to enter database credentials before clearing the log check box.

 

#Scaling the Environment to Meet Business Requirements

So that users aren’t directed to folders on the server that is hosting the session, XenApp allows the redirection of the Documents and Desktop folders in a virtualized session to their client system.

Without Special Folder Redirection enabled, the Documents and Desktop icons that appear in a session point to the user’s Documents and Desktop folders on the server. Special Folder Redirection redirects actions, such as opening or saving a file, so that when users save or open files from special folders, they are accessing the special folder on their local computers.

For business continuity, you can specify that if all zone servers go offline, XenApp redirects user connections to a backup zone.

By configuring a Zone Preference and Failover policy in each zone (geographically separated) and filtering the policy by IP address you guarantee that the users will connect to the servers in the zone of whatever geographic area they are in.

Applications that are excluded from being rebased by virtual memory optimization include: Applications that have digitally signed components. Applications whose DLLs are protected by Windows Rights Management. For example, applications such as Office 2003 do not benefit from this feature. Applications whose executable programmatically checks the DLL after it is loaded. Applications that fail after you enable memory optimization.

To minimize bandwidth consumption in a farm with two zones and allow for business continuity if there is an outage, create a policy in each zone that applies to connections in the appropriate zone and specify the zone where the policy is created as the primary zone and the other zone as the backup zone in the zone preference and failover rule.

If there are bandwidth performance concerns, streaming profiles can be hosted on file shares in each office to alleviate the performance issues.

When setting up Special Folder Redirection for users connecting through Web Interface, use the XenApp Web site. Click ‘Manage session preferences’. ‘Provide Folder Redirection to all users’ is enabled by default. So that users cannot make changes to this feature, make sure ‘Allow users to customize Special Folder Redirection’ is deselected. XenApp 5 added this feature so that it no longer has to be configured using a GPO in Active Directory.

To use special folder redirection, users must access the farm with the Citrix XenApp plugin version 11.x or Web Interface.

The CPU Utilization Management/Rebalancer service is installed automatically on multiprocessor systems only. This service should usually be started manually. It should be set to automatic if you decide to use it long-term. Do not start it automatically simply because your server has multiple processors. If throughput is more important than fair sharing, the Rebalancer service can impact server performance negatively.

When setting up Special Folder Redirection for users connecting through the Citrix XenApp plugin, use the XenApp Services site. Click ‘CONFIG.XML’ and click ‘Change session options’. ‘Provide Folder Redirection to all users’ is enabled by default. So that users can enable and disable this feature at will, make sure ‘Allow users to customize Special Folder Redirection’ is selected. XenApp 5 added this feature so that it no longer has to be configured using a GPO in Active Directory.

Most applications can be rebased through virtual memory optimization. There are some that can’t use this feature. Applications that would not benefit from virtual memory optimization are apps that have digitally signed components, apps whose DLLs are protected by Windows Rights Management (WRM) and apps whose executable programmatically checks the DLL after it has been loaded.

When an application that requires virtual memory optimization has application files located on a remote server, the administrator must supply a domain administrator’s username and password that has rights to the remote server in the ‘Memory optimization user’ area during configuration.

To resolve poor application performance on a single-CPU XenApp Server which is hosting CPU-intensive applications, using the Access Management Console, configure ‘Fair sharing of CPU between sessions’ for a server in CPU Utilization Management. The CPU Utilization Management/CPU Rebalancer Service only starts on servers with multiple processors. ICA session limits would be configured to manage the number of ICA sessions allowed per user.

The Citrix CPU Utilization Management/CPU Rebalancer Service is only available on servers with multiple processors.

The CPU Utilization Management/CPU Rebalancer Service is responsible for enhancing resource management on servers with multiple CPUs and should only be run when all CPU intensive applications appear to be running on the same CPU.

To resolve slow logon times when a CPU-intensive application is the cause, using the Access Management Console, configure ‘Fair sharing of CPU between sessions’ for the farm in CPU Utilization Management. The CPU Utilization Management/CPU Rebalancer Service is responsible for enhancing resource management on servers with multiple CPUs and should only be run when all CPU intensive applications appear to be running on the same CPU and disabling it would not solve anything. ICA session limits would be configured to manage the number of ICA sessions allowed per user. Load evaluators would be a factor if it was a load issue, but it’s a CPU/application issue.

When multiple sessions are running on a server, the performance of some sessions can be impacted when one or more sessions dominate the CPU time on the server. An administrator can configure CPU Utilization Management to monitor resources and normalize CPU peaks when the performance of the server farm becomes limited by CPU-intensive operations.

During the profiling process, set up inter-isolation communication for applications profiled independently that should interact as though they are integrated with other profiled applications.

After testing a profile, if you determine that certain operations are required before or after running the application, you can write scripts and add them to the profile. To specify these operations, from the Edit menu, select Profile Properties and use the Pre-launch & Post-exit Scripts page to select scripts.

To add a pre-launch script to a streaming profile, from the Edit menu, select Profile Properties.

To specify a script to run before a streamed application is launched, from the Edit menu, select Profile Properties and use the Pre-launch & Post-exit Scripts page to select scripts.

For streamed applications only, use Alternate Profiles to allow one published application for users on either side of a WAN with file servers on their side. When you create an alternate profile, you create a duplicate of the primary profile that is located on a different file share, which is more accessible to the user device.

For streamed applications only, use Alternate Profiles to allow one published application for users on either side of a WAN with file servers on their side. When you create an alternate profile, you create a duplicate of the primary profile that is located on a different file share, which is more accessible to the user device.

A profile can support multiple targets where the target is a separate installation of the profile-level software targeted for execution on a specific version of the operating system or language. For example, create one target for Windows Vista and another target for Windows XP Professional SP1.

A target denotes a combination of operating system, service pack level, system drive letter and language. Applications can be profiled for each combination of these values to support separate targets; for example: Microsoft Vista for all service packs, drive letter C, and English.

 

#Maintaining Data and Server Integrity

An administrator should search for the hotfix name to make sure all of the servers have the most up-to-date hotfix installed.

When configure Microsoft SQL Server for replication across multiple databases, use the Immediate Updating Subscriber model.

XenApp supports distributed (replicated) databases. XenApp requires data coherency across multiple databases. Therefore, a two-phase commit algorithm is required for storing data in the database. When configuring Microsoft SQL Server for a two-phase commit, use the Immediate Updating Subscriber model. Please note: To avoid corruption, do not use merged replication.

Citrix recommends replicating the data store across all high-latency or low-bandwidth WAN links. A replicated data store ensures all data store reads occur on the network local to the XenApp server.

To download and install critical Citrix updates after you install components, visit the Citrix Hotfixes and Service Packs Web site.

In general, if users experience slow connection times due to high CPU utilization on the data collector, consider dedicating a server to act solely as the zone data collector.

To identify which server contains the SQL or Access database data store, and administrator can examine the DSN file for the database connection details.

With Hotfix Management, check which hotfixes are applicable to your Citrix products, search for particular updates on your system, and identify servers where up-to-date hotfixes must be applied. In the left pane of the console, select Citrix Resources > Configuration Tools > Hotfix Management.

 

#Troubleshooting

The WMI Service directly depends on the IMA Service.

When the IMA Service is restarted, users who are already connected will continue working  uninterrupted, however, new connections will not be allowed until the IMA service is running.

QFARM /offline displays information about servers offline within the farm and all zones or a specific zone. QFARM /tcp displays TCP/IP information for the server farm. QFARM /load displays load information. QFARM /zone displays all data collectors in all zones or only the data collector within a specified zone.

QFARM and QFARM /online return a list of available servers. QFARM /process displays process information. QFARM /disc displays disconnected session information.

To force a new zone data collector election in a zone, an administrator can use QUERYDC -e.

QUERYHR -z displays all of the zones in the farm. QUERYHR displays the host record for the server. QUERYHR -h zonename displays all member servers in the zone specified by zonename. QUERYHR -n displays the farm name.

QUERYHR is an alternate way to display information about member servers in the farm. QUERYDS is an alternate way to obtain information from the data collector for the zone. QUERYDC is an alternate way to administer the data collector for the zone. QFARM provides the administrator with information about the server farm.

QUERYDC is an alternate way to administer the data collector for the zone. QUERYHR is an alternate way to display information about member servers in the farm. QUERYDS is an alternate way to obtain information from the data collector for the zone. QFARM provides the administrator with information about the server farm.

QUERYDS is an alternate way to obtain information from the data collector for the zone. QUERYHR is an alternate way to display information about member servers in the farm. QUERYDC is an alternate way to administer the data collector for the zone. QFARM provides the administrator with information about the server farm.

If the IMA Service does not start after using the CHFARM utility to move a server to a SQL data store, use the following procedure to increase the timeout value of the services so the IMA has more time to start: Open the Registry Editor and go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServicesPipeTimeout.

Create the following value: Name: ServicesPipeTimeout; Type: DWORD; Value: Decimal: 600000 (this value in milliseconds is equal to 10 minutes. You can reduce this if you need to). Restart the server.

When running CHFARM, ensure that the screen after creating the Open Database Connection (ODBC), ODBC Driver Access, that asks for a username, password, and to reenter password contains a user name with a syntax of DomainName\UserName.

The IMA Service may sometimes fail with error code 2147483649. Failed to load plugins imapsss.dll, imaruntimess.dll, 80000001h. The cause of this is the local system account for the IMA Service requires access to the TEMP directory for the local system account. To resolve it, verify that both the TMP and TEMP environment variables point to \%SystemRoot%\temp.

If the RADESessionSs.dll plugin is present in the IMA Subsystems directory, the RadeOffline.mdb file is either missing or corrupt. The resolution is to re-create the RadeOffline.mdb file, by issuing the following command on the affected server: Dsmaint recreaterade; Once the RadeOffline.mdb file is re-created, attempt to restart the IMA Service.

There can be a number of reasons why the IMA Service appears not to have started, including the following: IMA Service load time; IMA Service subsystem; Missing Temp directory; Print spooler service; ODBC configuration; Roaming Profile; Another server with an identical NetBIOS name on the same network. Check http://support.citrix.com/article/CTX105292

TraceView.exe is a Microsoft utility that allows you to view the output of a diagnostics log file that is created when a CDF trace session is completed using either the Access Suite Console or Microsoft’s Tracelog utility. The TraceView.exe utility converts the binary output of a CDF trace log into a readable format. This conversion process is completed by aligning the TraceView.exe utility with trace definition files supplied by Citrix. Trace definition files are in .tmf format. The CDFView.exe utility, which was used previously, is no longer available.

When obtaining a Citrix Diagnostic Facility (CDF) trace for clipboard issues, select the MF_DLL_Vclipbd and MF_Session_Wfshell modules.

When obtaining a CDF trace for the printing subsystem, select the following modules to trace: MF_Library_System, MF_Driver_CpUpdlib, MF_DLL_Ctxprn, MF_Service_CpSvc, MF_DLL_Cpmmon, MF_DLL_CpProv, MF_Library_CpMgmt, MF_Driver_CpUpdUI, MF_DLL_CpMon, MF_Driver_CpUpdrv, MF_Session_Wfshell.

Load Manager values: 0 to 9998 – This is the normal range for Load Manager; 99999 – No load evaluator is configured; 10000 – Load is at 100 percent (full load); 20000 – XenApp Advanced Configuration contains an incorrect server edition or a license mismatch; 99990 – Results when a custom administrator with restricted rights runs the following QFARM commands: QFARM SERVER /APP, QFARM /APP, QFARM/APP <appname> or QFARM /ZONEAPP.

Load Manager values: 0 to 9998 – This is the normal range for Load Manager; 99999 – No load evaluator is configured; 10000 – Load is at 100 percent (full load); 20000 – XenApp Advanced Configuration contains an incorrect server edition or a license mismatch; 99990 – Results when a custom administrator with restricted rights runs the following QFARM commands: QFARM SERVER /APP, QFARM /APP, QFARM/APP <appname> or QFARM /ZONEAPP.

When publishing an application, only the main executable file is specified, however, some applications may spawn additional processes that run in the background and are not closed by the corresponding main executable file. Some processes might create a visible window for added functionality, and others might not. Because theExplorer.exe desktop is not running when launching an application in one of these ways, there is no default mechanism in either XenApp or Windows to terminate these background processes when a user has exited the main application. To close the background process that do not have a visible window, add the process file name to the following registry key with a comma and no spaces between them:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Citrix\wfshell\TWI, ValueName:LogoffCheckSysModules, Type:REG_SZ.

Customers claim that disabling the reconnect Feature of Web Interface’s Workspace Control is not working as designed. This was a new feature in Windows 2003. Windows Server 2003 installations contain a default setting, “Restrict Each User to One Session” in Terminal Configuration under Server Settings that allows users to connect only to one session. To resolve the issue, navigate to Terminal Server Configuration > Server Settings > Restrict Each User to One Session. Change the setting to No. Note: This is a per-server setting and needs to be done on each. Group policies override the configuration set with the Terminal Services Configuration tool.

When troubleshooting ICA 32-bit and web client connectivity problems, first, establish basic connectivity by pinging the server and using telnet to get an ICA sounder, which looks like this: ICAICAICAICA

When launching a published application with Session Reliability, ICA KeepAlive does not function. With Session Reliability, after an ICA session is disconnected on the client side, the session might be recognized as in “active” status longer than the Sessions to keep active setting indicates. This is by design. Session Reliability handles polling to check its condition itself.

When launching a published application with Session Reliability, ICA KeepAlive does not function. With Session Reliability, after an ICA session is disconnected on the client side, the session might be recognized as in “active” status longer than the Sessions to keep active setting indicates. This is by design. Session Reliability handles polling to check its condition itself.

When users can log on to Web Interface through Secure Gateway, but are unable to launch applications, and the message “Error: The resource you requested is no longer available from the servers or the specified user no longer has access to it.” is reported in the Message Center, there are four possible resons for the issue: 1. There is a syntax error in the Web Interface configuration under “Edit Secure Gateway Settings” for the STA address. 2. The Citrix XML broker service may have an unstable Citrix XML Service at the address specified in the Event Viewer Description field. 3. The XenApp server reaches full load and rejects any new connections. 4. One or more of the XenApp servers that publish applications do not have the alternate address defined.

When configuring Secure Gateway and attempting to add a second STA to the configuration and the error: “The ID already exists in this list, please enter a different one” appears, the XenApp server or the server hosting the STA has most likely been cloned, so the details in the configuration of the STA are the same on both servers.

Each STA should have a Unique Identifier (UID). To resolve the issue: 1. Locate the CtxSta.config file and open it in a text editor. 2. Change the value of the UID to a unique value and save the file. 4. After making the change(s), restart the XML Service.

If the error “Event ID 1106, Client printer autocreation failed. The driver could not be installed. Possible reasons for the failure: The driver is not in the list of drivers on the server. The driver cannot be located. The driver has not been mapped” appears when running applications from a XenApp 5 server farm, find the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Print; Add the Value Name: DefaultPrnFlags, the Type: DWORD and the Value: 0×08000000.

For printer drivers that are never to be used in the server farm, add them to the Driver Compatibility list and select “Allow all drivers except those in the list”.

 

The StressPrinters tool can be used to simulate multiple sessions autocreating printers using the same print driver. It can also be used to compare the following among various drivers: CPU load incurred while creating a printer using a particular driver and time required to successfully create a printer using a particular driver.

Sometimes Group Policy Object settings may not get applied for streamed applications, especially in an environment where the desktops are locked down with strict GPOs. When streaming applications, all GPOs get set each time the user logs on.

The registry settings are not applied to the isolation space registry and because the application wrote to the registry at installation, the InstallRoot is looked at and not the local machine (physical registry). The result is that the global set of the GPO is not seen inside isolation and the application is not able to see the registry space. The resolution is to use a pre-launch script that writes to the registry and is configured to run inside of isolation.

The account used to start the Citrix Streaming Service is called CTX_StreamingSvc. This account is a local user account and is part of the Users group only. On the computer with the Streaming Client installed, verify that the Ctx_StreamingSvc user has rights to the following objects in the registry: Full Control: HKEY_LOCAL_MACHINE\SOFTWARE\CITRIX\RADE and HKEY_LOCAL_MACHINE\SOFTWARE\CITRIX\RadeCache.

 

#Optimizing the Environment

Workspace Control allows users to connect to applications being delivered to the user on a different client device using the same session.

Keep-Alive tracks the amount of time since the last time a server had contact with a plugin, sends a packet to the plugin and disconnects the session if the plugin doesn’t respond within a certain time limit or number of tries.

Session Reliability keeps the session displayed on the user’s screen during connection interruption and displays a spinning hour glass until connectivity is resumed.

To recreate the local host cache on a XenApp server, run DSMAINT RECREATELHC on the server and start the IMA Service.

To reduce the load on the data store and to reduce the IMA Service start time, Citrix recommends maintaining cycle boot groups of no more than 100 servers. In large farms with hundreds of servers, or when the database hardware is not sufficient, restart servers in groups of approximately 50, with at least a 10 minute interval between groups.

XenApp servers require the use of the chfarm command to change farm membership.

The best practice for removing a server from a farm is to uninstall the server through the Control Panel using the Add/Remove Programs applet while the server still has a connection to the farm. The uninstall sequence is designed to remove all XenApp registry keys on the server, all XenApp files on the server, and all references to that server in the data store, including published applications, load management rules, trust relationships, etc.

If you are having issues controlling which Universal Printer Driver gets loaded on a 64-bit server, copy the registry key (and all its sub-keys) from HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Citrix\UniversalPrintDrivers to the registry location HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\UniversalPrintDrivers\Driver List and restart the Citrix Print Manager Service. The Citrix Print Manager Service should now successfully read the values, including any administrative modifications, from the HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\UniversalPrintDrivers\Driver List registry key and load the corresponding Universal Printer Drivers.

Auto Client Reconnect detects a broken connection and attempts to reconnect the user to the disconnected session until there is a successful re-connection or the user cancels the reconnection attempts.

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>