Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ramon Scott – Lead Escalation Engineer

Similar presentations


Presentation on theme: "Ramon Scott – Lead Escalation Engineer"— Presentation transcript:

1 Ramon Scott – Lead Escalation Engineer
Citrix Support Secrets Webinar Series Configuring & Troubleshooting XenDesktop Sites Ramon Scott – Lead Escalation Engineer August 29, 2013 Good afternoon my name is Ramon Scott and I am a Lead Escalation Engineer on the Citrix Escalation Team Today my presentation be on Configuring and Troubleshooting XenDesktop Sites.

2 Presenter Bio: Ramon Scott
Over 17 Years of Experience in IT Joined Citrix in April 2010 Started directly into the Escalation Team – primary focus on XenApp Assigned as the Dedicated Engineer for a Major Strategic Account from Q Moved to XenDesktop team in July 2011 Additional details Bachelor’s Degree in Information Technology with a specialization in Network Administration Certifications: CCA, CCNA, CCDA, MCSE and MCITP-EA Ramon Scott joined the Citrix Escalation team in 2010 and has over seventeen years of experience in technology. He has hundreds of hours of experience in the project management, consultancy and implementation of computing, virtualization, security, and networking solutions. Ramon has a Bachelor’s Degree in Information Technology with a specialization in Network Administration and holds multiple industry standard certifications including CCA, CCNA, CCDA, MCSE and MCITP-EA.

3 Presentation Goals Provide an Understanding of the Architecture
Instruct on How to Configure Provide Proven Troubleshooting Methodologies and Resources I'd like to start by providing the goals of my presentation The first goal is to provide an understanding of the architecture, then instruct on how to configure core components and lastly, provide Proven Troubleshooting Methodologies and Resources This course is based on the XenDesktop 5.x architecture however most of the troubleshooting methodology can be applied to XD 7

4 High-Level XenDesktop Database And Services Architecture
let's begin by looking at the high level XenDesktop database and services architecture

5 Database We will start by looking at the database

6 XenDesktop 5 Database Overview
Supported Databases: SQL Server 2008 SP1 / 2008R2 (including Express) Database Schema Full Relational Schema Tables, Views, Stored Procedures Single Database (for core product) Multiple SQL ‘Schemas’ in Database ‘Schemas’ map onto Windows services running on Broker Broker Database Broker XenDesktop supported databases are: SQL 2008 SP1, R2 and higher including express editions. The database schema has a full relational schema; complete with tables views and stored procedures there is a single database for the core product and there are multiple schemas inside the database schemas map to windows services running on the broker

7 Setup Process XD Console Single Admin Broker Database XD Admin
1. Schema Database 2. Schema XD Admin 3. Verify XD Admin credentials used Separate Admins XD Console Broker 1. Schema Database 3. Schema XD Admin 4. Verify SQL Server Console SQL Admin 2. Schema “Export” (SQL script) SQL Admin credentials used the setup process will depend on the environment What does this mean ? If there is a single administrator account used for SQL and XenDesktop then this admin will generate the schema from the console and the console in turn will connect to the SQL database and execute the script to create the database . <.>Once this script has successfully executed the broker will connect to the database and verify that it is operational In case where their are separate XenDesktop and SQL admin account. the XenDesktop admin will generate the schema from the console, this schema will be exported to a SQL script that should be provided to the SQL admin. Next, the SQL admin will connect to the SQL server console and execute the script to create the database . Once this script has successfully executed the broker will connect to the database and verify that it is operational

8 Database Access Database Security Access Model SQL Login per Broker
Network Service Account “NT AUTHORITY\NETWORK SERVICE” Computer Account “DOMAIN\MACHINE$” SQL Login per Broker Restricted permission set Brokers do not have rights to change schema Controller Database Broker Service Controller Database Broker Service Database access The runtime access performed by the XenDesktop DDCs on the database uses the following security model: In the environment where the controller and the SQL database are housed on the same Server the broker will connect to the database using its local network service accounts . NT AUTHORITY /NETWORK SERVICE On the other hand If the broker and SQL database are on separate servers, the broker will connect to using its computer accounts : “DOMAIN\MACHINE$” there is one SQL login for each broker This account login has a restricted permission that means the broken does not have rights to change the schema The XD database contains a set of pre-configured DB roles which have detailed execute/select permissions hung off them. Each DDC has a dedicated user within the XD database that is a member of the above roles. Each DDC accesses the DB server through its AD machine account which requires it to have a login created for it, and for that login to be mapped to the associated user in the XD DB. The login does not need to be a member of any server-level roles. ´The XenDesktop 5 services access the database using their computer account logins (domain\machine$, or „NT AUTHORITY\NETWORK SERVICE‟ if database is located on a controller ( i.e. SQL Express)

9 Database High-Availability
Broker is critically dependant on Database Existing connections not impacted Creating new connections and reconnecting to desktops impacted Database Failure = Broker Failure Supported Database H/A Options: (expected popularity order) SQL Mirror Virtual Machine H/A SQL Cluster Now discuss our high availability options the Booker is critically dependent on the database however if there is a database failure existing connections will not be impacted but creating new connections and reconnecting to desktops will that means a database failure equals a broker failure the supported high availability options are SQL mirroring ,virtual machine high availability and SQL clustering Citrix Confidential - Do Not Distribute

10 Database Schema Roles and Permissions
XenDesktop Service Database Role AD Identity Service (Acct) ADIdentitySchema_ROLE Broker Service (Broker) chr_Broker chr_Controller Central Configuration Service (Config) ConfigurationSchema_ROLE Machine Creation Service (PvsVM) DesktopUpdateManagerSchema_ROLE Hosting Management Service (Hyp) HostingUnitServiceSchema_ROLE Machine Identity Service (Prov) MachinePersonalitySchema_ROLE Here is a table that Maps the XenDesktop services to the available database schemas

11 Health Checks: XDDBDiag
Provided consistency data check on the data Provides connectivity verification It also provides the following: Virtual Desktop Agent Information Hypervisor Connections Information Policy Information Controller Information Desktop Groups Information SQL Information Current Connections / Connection Log XDDBDIAG to perform basic health check on a XD site you can use the XDDBDiag tool

12 Services We will now transition and review the services architecture

13 XenDesktop 5 Services Architecture
Desktop Studio WCF [80] PowerShell Desktop Director WCF [80] PowerShell Virtual Desktop Agent (VDA) WinRM 2.0 [5985/5986] Controller Machine Creation Service Host Service AD Identity Service Machine Identity Service Broker Service Configuration Service Machine Creation Services Broker Service Infrastructure Services Windows Communication Foundation (WCF) SQL Server The Machine creation service is responsible for the creation and provisioning activities for VMs and master Images Machine Identity Service, this service is responsible for the management of the Disks attached to the VMs AD Identity service, this service is responsible for the maintenance and creation of the AD computer accounts The services combine to make-up the Machine Creation Services Broker service, this service is responsible for VDA registration, Power Management, license enforcement and resource allocation host service , this service manages the hypervisor connections and resources Configuration Service, this service provides directory services metadata storage and security These two services make up the Infrastructure Services All six services maintaining their own separate connection to the backend SQL database So what does this mean for you? Well, when there is an issue with Expanding catalogs , the personality of machines computer accounts lockouts, the troubleshooting efforts will be focused on the Machine creation services If your issue is related to the hypervisor connection storage or its resources, Site configuration or errors in service communication your focus should be directed at the Infrastructure Services And for issues with registration, licensing, power management your efforts will be focused on the Broker Service Desktop studio is the management console used to configure the site and it leverages PowerShell and WCF typically on port 80 Desktop director is a web based portal that can be used to the support and helpdesk teams to monitor and troubleshooting system issues before they become system-critical while at the same time Quickly and seamlessly perform crucial support tasks for their end users including view Performance statistics via WinRM Windows Communication Foundation (or WCF), previously known as "Indigo", is a runtime and a set of APIs (application programming interface) in the .NET Framework for building connected, service-oriented applications SOA: Service-oriented architecture Ref: Each service instance reads and writes to the SQL database periodically using connectionless ADO.net. PoSH – PowerShell WCF – Windows Communication Foundation WinRM – Windows Remote Management

14 Service Status XenDesktop Service PowerShell Cmdlet
AD Identity Service (Acct) Get-AcctServiceStatus Broker Service (Broker) Get-BrokerServiceStatus Central Configuration Service (Config) Get-ConfigServiceStatus Machine Creation Service (Prov) Use Get-ProvServiceStatus Hosting Management Service(Hyp) Get-HypServiceStatus Machine Identity Service (PvsVM) Get-PvsvmServiceStatus You can also receive the current status of any of the core services from the XenDesktop PowerShell prompt by running the the respective command from this list as you can see the syntax is quite intuitive Let’s look at the example in the first row ‘to get the status of the AD identity service , you simply execute the get ‘dash’ acct service status

15 Machine Creation We can now review the concept of Machine Creation

16 Desktop Catalog models
App Profile Profile App PvD PvD Image Existing Dedicated Pooled Pooled with personal vDisk Streamed Streamed with personal vDisk Profile Profile Base Image with Apps App App Image Profile Profile PvD PvD Streamed Base Image with Apps Streamed Base Image Base Image Profile Base Image with Apps Profile Image App App Profile Profile PvD PvD Profile Profile *Image created outside of XenDesktop *Image Streamed from Citrix Provisioning Server (PVS) *Image created with Machine Creation Services (MCS) In XenDesktop 5.6 and higher support , Seven virtual desktop models are supported  we have existing which leverages virtual machines created outside of XenDesktop . These next three are created by desktop through MCS For a dedicated catalog , the image is cloned and provided to multiple user that will have the ability to persist their changes going forward  we then have pooled that create a cloned image that is then referenced as a single base image ; The virtual machines then saves any changes from the base image to a volatile diff disk that is discarded on reboot Then there is pooled with personal vdisk , this allows pooled machines the facility to save change to a separate disk that will persist with them on reboot Next there is streamed, this catalog leverages Citrix PVS server to  stream a non-persistent image to the VM and all changes the image are lost on reboot and lastly we have streamed with Pvds , the steamed images the  facility to save change to a separate disk that will persist with them on reboot  

17 Desktop Catalog models
MCS Pooled Random Static Pooled with PvD* Dedicated PreAssigned First Use PVS Streamed Virtual Physical Streamed with PvD Virtual Only under the MCS options, A pooled catalog can be either Randomly assigned or statically Assigned and then with Dedicated catalogs you can have Pre-Assigned or assigned to a user on first use Pooled with PVD operated like a static pool as the same machine is proved to the users in addition to there unique PVD The dedicated model can be pre-assigned to a user or assigned on first use and they will retain the assignment going forward And Now For The two PVS options , You can either steam to a virtual to physical desktop Where as steamed with PVD, allows you to only steam to Virtual Machines  Ref: Random in that a user gets a new pooled image or the static option in which the same images is provided to the users after reboots. * Behaves like pooled-static

18 MCS – ID Disk, Difference Disk, Base VM
This is what the user sees as Drive C:\ This is hidden from the users view Windows 7 Master Virtual Desktop 1 Diff Disk ID Disk VHD Chain Virtual Desktop 2 Diff Disk ID Disk VHD Chain Virtual Desktop x Diff Disk ID Disk VHD Chain Machine creation service catalogs comprise of three disks, the Master base disk shared among all VMs in the catalog, and for each Virtual desktop, a diff disk and an identity disk The Diff, This is what the user sees as Drive C:\ And the identity disk this is hidden from the users view and maintains the machines personality configuration. This scheme is replicated for each disk that is created. Storage Subsystem

19 MCS with PvD – ID Disk, Diff Disk, Base VM, PVDisk
Windows 7 Master VHD Chain Diff Disk ID Disk Virtual Desktop 1 Personal vDisk This part is hidden from user Merged with the Diff Disk Seen by user as Drive C:\ E.g. Installed apps Seen by the user as Drive P:\ USERDATA e.g. My Documents Free space is the split allocation PVDisk auto-created during catalog creation by copying PvD template from Base VM 10GB by default with 50 / 50 split for App Data / User Data For Machine creation with Personal Vdisk , we have the base, and VM dif and id disk, however there is an addition personal vdisk auto-created by copying the pvd template from the base VM. This disk is 10 GB by default and has a 50/50 split for application data and user data This part is hidden from user and Merged with the Diff Disk and the users accesses its information as drive C:\ eg application data

20 PVS – Streamed vDisk, Cache, Base VM
This is what the user sees as Drive C:\ Visible file on another disk, typically D:\ Windows 7 Master Virtual Desktop 1 Streamed vDisk Write Cache PVS Stream Virtual Desktop 2 Streamed vDisk Write Cache PVS Stream Virtual Desktop x Streamed vDisk Write Cache PVS Stream PVD stream catalogs have the Streams vdisk, the write cache and the Base VM. The Streamed vDisk is what the user sees as Drive C:\ And the Write Cache is visible file on another disk, typically D:\ Storage Subsystem

21 PVS with PvD–Streamed vDisk, Cache, Base VM, PvDisk
Windows 7 Master PVS Stream Streamed vDisk Write Cache Virtual Desktop 1 Personal vDisk This part is hidden from user Seen by user as Drive C:\ E.g. Installed apps Seen by the user as Drive P:\ USERDATA e.g. My Documents Free space is the split allocation PvDisk auto-created during catalog creation by copying PvD template from Base VM 10GB by default with 50 / 50 split for App Data / User Data Streamed with PVD has the base image and for each Virtual desktop there is a streamed vdisk and write cache however it also has the personal vdisk attached . The PVD is the same as in the MCS configuration, I.e.., defaults to 10 GB, there’s a 50/50 split , the application data is hidden and the User data is seen as the as P:\

22 Where are some of the common Issue ?
Hypervisor communication Domain permissions Previously failed attempts still present in database Host Connection configured with incorrect storage Naming convention on the host You may be interested in also learning what are some of the common issues They are: Hypervisor communication Domain permissions Previously failed attempts still present in database The Host Connection configured with incorrect storage repository the host configured with and unsupported Naming convention

23 What logs do we need for this issue ?
Desktop Studio PoSH WCF [80] Broker Machine Creation Service Host Service AD Identity Service Machine Identity Service Broker Service Configuration Service Machine Creation Services Broker Service Infrastructure Services SQL Server So What happened when after you just sold your business unit on the concept of moving to XenDesktop and they request 500 new desktops for tomorrow morning and the wizard Fails ? What logs do we need ? well as previously mentioned for issue with machine creation you need the machine creation services logs from the three services You may also collect the logs from the desktop studio to see what command were run and what errors we actually returned At this point all other logs can be ignored

24 Troubleshooting Methodology
Understand issue history Verify configuration, error logs and alerts Gather and review log data of issues Compare data to working environment When troubleshooting an issue I recommend the following Methodology Understand issue history What changed? When did is Start Any specific images it happens more frequently with? Verify configuration, error logs and alerts Gather and review service log data of issues Compare collected data to a working environment

25 Enabling Log from the Command Line
Service –LogFile <Location> Citrix.MachineCreation.SdkWcfEndpoint.exe -Logfile “c:\xdlogs\MCS-PVSvm.log” Citrix.ADIdentity.SdkWcfEndpoint.exe -LogFile c:\xdlogs\AD.log Citrix.MachineIdentity.SdkWcfEndpoint.exe -LogFile c:\xdlogs\mi.log Citrix provides many methods to enable and collect logs; and I wanted to provide one that was a little less known You can enable the service logs by locating the service executable and launching with the parameter dash logfile and then the valid location for the log file Here we go and enable the machine creation service logs Next the AD identify service logs and lastly the Machine identity service Reference for log enabling C:\Program Files\Citrix\MachineCreation\Service>Citrix.MachineCreation.SdkWcfEndpoint.exe -logfile c:\xdlogs\MCS-PVSvm.log C:\Program Files\Citrix\ADIdentity\Service>Citrix.ADIdentity.SdkWcfEndpoint.exe -logfile c:\xdlogs\AD.log C:\Program Files\Citrix\Host\Service>Citrix.Host.SdkWcfEndpoint.exe -logfile c:\xdlogs\host.log C:\Program Files\Citrix\MachineCreation\Service>Citrix.MachineCreation.SdkWcfEndpoint.exe -logfile c:\xdlogs\MC.log C:\Program Files\Citrix\MachineIdentity\Service>Citrix.MachineIdentity.SdkWcfEndpoint.exe -logfile c:\xdlogs\mi.log

26 Case Study 1 Machine Creation Services
great, We have done quite a lot so far, now lets see how it applies with a case study

27 Case Study 1: MCS Fails after wizard
Background: New Deployment Latest Hotfixes Full Administrator account used Worked before they rebuilt environment Case Study Walk Through This case study is actually something seen in my lab when rebuilding my lab for a new case. This is a New Deployment with the Latest Hotfixes , I utilized account with Full Administrative access to the domain and hypervisor . This environment worked before it was rebuilt

28 Log Analysis: Desktop Studio Logs
Case Study 1: Machine Creation Service fail after wizard 24/04/13 02:37: : DesktopStudio: [6] Script SetActionMetaData(402): [RES] Value: Failed to copy all master images to all of the Hosts. No machines have been added to the Catalog. Search Terms: [Time of Issue] Fail | Error | Exception | Denied So I started by reviewing the Desktop Studio logs The search terms I users were the [Time of Issue].* Fail | Error | Exception | Denied It quickly returned the error seen in the console “Failed to copy all master images to all of the Hosts. No machines have been added to the Catalog.” Ok It tell me I failed however I need to dig further

29 Log Analysis: Machine Creation Service Logs
Case Study 1: Machine Creation Service fail after wizard Failed to copy disk. Reason : SR_HAS_NO_PBDS ManagedMachineException: Failed to copy disk. Reason : SR_HAS_NO_PBDS Concluding job d5ea54c6-b7f1-4d45-ac08-2e2abae39e48 with state DiskConsolidationFailed. WorkflowAddMetadata(, Citrix_DesktopStudio_ExtraWarnings, Failed to copy all master images to all of the Hosts. No machines have been added to the Catalog.) Search Terms: [Time of Issue] Fail | Error | Exception | Denied So I then review the Machine Creation Service log I used the same search terms [Time of Issue].* Fail | Error | Exception | Denied It returned with a from interesting errors First it reported : Failed to copy disk. Reason : SR_HAS_NO_PBDS Then it how and Managed exception with the same error Next it indicated the job I created was concluding with a disk consolidation failed error And finally it reported the error seen in the console and Desktop studio logs So what do you do next, that have a detailed error, we can use it and conduct some research via forums , search engines etc.

30 Root Cause analysis: Misconfiguration
Failed to copy disk Reason : SR_HAS_NO_PBDS Hypervisor Connection’s did not include correct storage for the Master Image Target device disk could not be copied due to this Hypervisor - Storage misconfiguration *Definitions: SR - Storage Repositories PBD - Physical Block Devices So the issue was a misconfiguration The main clue is that message Failed to copy disk Reason : SR_HAS_NO_PBDS So research shows that SRs are Storage Repositories and PBD are Physical Block Devices implies that the sr does not have access to the disk, so we check and found that Hypervisor Connection’s did not include correct storage for the Master Image The Broker could not communicate with the correct storage location and therefore we were not able to create the base master image . When creating the hypervisor connection we followed the defaults of the wizard and did not specify the location that we utilized from images.

31 VDA Startup and Registration

32 VDA Registration Database VDA DDC ListofDDC Registered VDA Controller
WCF Desktop Service Broker Service Database VDA DDC LDAP Active Directory Controller ListofDDC Desktop Service is started Looks up list of DDC from local registry or from personality.ini file Looks up the computer accounts in Active Directory Selects one DDC from the DDCs list at random and then initiates a connection through WCF DDC receives or rejects connection If DDC rejects or does not respond, service wait for the timeout then selects another DDC at random If DDC receives connection, it looks up the VDA computer account Checks that computer account (SID) is in published assignment Initiates WCF Test connection to VDA Queries the VDA state Sets configuration and policies VDA is marked as registered Returns success for registration VDA starts heartbeat ping to DDC

33 Troubleshooting VDA Startup and Registration
XDPing Log Basic Checks Logs: Workstation Agent Logs Broker Logs Network Trace VDA Controller Desktop Service SSL SSL Broker Service

34 XDPING XDPING Can be run on both the DDC and VDA
Used to collect data related to basic components Will verify if the components are working correctly Verify Domain Membership Network Interfaces WCF Endpoints Services DNS lookup Time difference between machine and Domain Controller XDPING CTX123278 Xd Ping report networking information of the machine Performs time checks against the domain Retrieve the current Users information Ref Info: Information and status of Network Interfaces and Network settings. (Console Only) Performs DNS lookup and reverse lookup on the IP address of the device. Information on Time synchronization and time check for Kerberos Authentication (Console Only) User information for login User (Console Only) Including User details, Authentication type used, Group Membership. Machine information (Console Only) Environment information (Computer Name, operating system version, Domain)  Domain membership verification (Membership = Verified, SID:S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXXX [OK]) Information on XenDesktop Services (Windows Communication Foundation Endpoints) installed and confirms if each installed service is responsive. (Console Only) Displays information on the Windows Firewall installed on the VDA and checks if the important ports are configured correctly. Queries the local event log to check for known events that are related to XenDekstop. Provides client bandwidth and response time information from the VDA to the client.

35 Basic Checks Check the Network: Ping , Telnet and NetStat, Firewall
Ensure Services started without errors Listening on the correct port Check time Check configured list of DDCs in registry Bidirectional network tests, verifying that telnet is possible bidirectional, verify that the services are started and are the listening on the correct port Then disable any firewalls We then check the time against the Doman and between the ddc and VDA next we verify the registry entry for the list of ddcs If after these check we still haven’t found the root cause , then we enable service logging on the Vda and broker

36 Case Study 2 Startup and Registration
Its now time to review the second Case Study.

37 Case Study 2: New Catalog Fail to Register
Background: Locked down environment Special configuration needed to manually enable needed services Worked in the Proof of Conference Lab but failed in production Case Study Walk Through

38 Log Analysis: Workstation Agent Service Logs
Case Study 2: New Catalog Fail to Register Failed to register with WCF Fault with detail CallbackCommunicationError, message 'Fail worker callback using SPN host/RS2-SynPool01.lab.net and IP address ' Register FAILURE: HighAvailabilityActive = False, InHighAvailabilityMode = False, _firstRegistrationAttemptTime = 05/18/ :54:31, HighAvailabilityRegistrationTimout = 00:05:00 Message following Error pattern Could not register with any controllers. Waiting to try again in 9407 ms Search Terms: [Time of Issue] Fail | Error | Exception | Denied

39 Log Analysis: Broker Service Logs
Case Study 2: New Catalog Fail to Register Broker:TestWorkerComms failed for worker S caught exception: System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. Search Terms: [Time of Issue] Fail | Error | Exception | Denied

40 Root Cause analysis: Misconfiguration
The DDC was not authorized the initiate a connection to the VDA “Access To Computer From The Network” Computer Policy did not have an entry for the Controlled and the default everyone was removed in production. Resolution: Customer added explicit entry to a Group that included all the Brokers as members DDc not Autorized Policy found that was needed but not enabled Resolution to explicitly enable access

41 Troubleshooting and Support
PVD maintains logs in the base of the volume attached to the VM (alongside the VHD containing the PVD user-installed applications) These logs contain a wealth of information that should be captured and provided to support/engineering if you experience problems Most frequently seen PVD support cases … Failure of PVD to start virtualization (PVD can’t locate volume/VHD, etc.. …) Customers trying to install unsupported apps Customers trying to move PVDs between VMs

42 Troubleshooting and Support (cont’d)
Desktop Director has helpdesk-facing PVD metrics and support % of application area in use / total size % of user profile area in use / total size PVD reset PVD reset allows the helpdesk to reset the application area while leaving the user’s data intact Aka “revert to factory default” Useful to reset PVDs that become wedged due to users installing broken applications

43 VDA Launch

44 VDA Launch Idle SQL WI Preparing New Session
Desktop Service Controller #1 Broker Service DDC SQL WCF Policy Settings ICA Service Broker signals worker to Prepare for a Session Launch Request XML broker queries DB for a ready worker User Clicks to launch session WI

45 VDA Launch (cont’d) Connected Active SQL WI Request to Validate Ticket
Desktop Service Controller #1 Broker Service DDC SQL WCF Policy Settings ICA Service Request to Validate Ticket sent Controller Validates Ticket Validates License Policies Ticket is ValidAuthNTicket Portica gets License ICA file is sent to Endpoint Work State: Connected Work State: Active WI

46 What Happened ? When troubleshooting Vda Issues the best place to start is asking the simple questions what happened What did the user see ?was it just a generic error ? Did the error indicate the actual cause Did the receiver start and disappear without and error Or did the receiver launch and then return and error

47 Troubleshooting VDA Launch
Event Logs (Web Interface, Controller, Storefront) Desktop Studio Broker Logs Workstation Agent Portica Logs Network Packet tracing When trouble shooing a launch issue should start by reviewing the event logs

48 Case Study 3 VDA Launch great, We have done quite a lot so far, now lets see how it applies with a case study

49 Case Study 3: Launch Failure 1030
Background: They recently converted all images to a Citrix PVS image The original image worked All streamed images including the golden image failed to launch Case Study Walk Through

50 Search: Prepare

51 Troubleshooting :VDA Launch
Search Strings: Checkpoint|connectionaccept|WaitforincomingConnection|sessionicaconnect Good Launch

52 Troubleshooting :VDA Launch
Search Strings: Checkpoint|connectionaccept|WaitforincomingConnection|sessionicaconnect Bad launch Add fail|exception|error to search strings

53 Root Cause analysis: MFAphook Module Failed to Load
Conversion via provisioning server had changes the long name format of the drive mfaphook failed to load and this is needed for interaction with the OS. Resolution: Add back short name to system see CTX for more information DDC not Authorized Policy found that was needed but not enabled Resolution to explicitly enable access

54 Tools

55 XD Tools HDX Monitor CDF Control Citrix Scout Site Checker
Desktop Director

56 HDX Monitor Thinwire (Graphics) Direct 3D (Graphics)
Media Stream (aka RAVE) Flash Audio USB Devices

57 HDX Monitor Mapped Client Drives (CDM) Branch Repeater Printer Client
Smart Card Scanner System

58 Citrix Scout / XD Collector (CTX130147)
Push button easy data collection system Makes data collection and upload push button easy Integrates data collected by Scout with the Citrix Tools as a Service (TaaS) backend Simplifies data collection & analysis Citrix Scout used to collect environment information and CDF traces XenDesktop Collector the replacement for Scout with the next Feature Pack release of XenDesktop

59 CDF Control: CTX111961 Tip: Use this tool to remotely enable and collect CDF traces when system are non persistent

60 Site Checker Tool: CTX133767 Enumerate Environment
Checks Services Status Checks service instances registration status Reset Controllers Services instances into Database

61 Desktop Director Web Based Unified view of apps and desktops
End-user details empower the help desk Includes HDX Monitor Access to personal vDisk tasks Desktop Director is a tool that will utilize role-based permission sets to support the daily usage of Citrix products. It enables support teams to perform basic maintenance tasks and to monitor and troubleshoot system issues. Desktop Director 1.0 was introduced with XenDesktop 5 and Desktop Director 2.0 supports troubleshooting XenApp sessions. Role-based access control – assign appropriate permissions to specific roles to perform certain operation. Full administrator can view all and make changes. Read-only administrator can view all but cannot perform tasks. Help desk administrator can perform day-to-day monitoring and maintenance tasks (restarting desktops or logoff sessions).

62 Resources discussed

63 Optimal deployment recommendations
CTX XenDesktop Modular Reference Architecture CTX XenDesktop 5 Database Sizing and Mirroring Best Practices CTX High Availability for Desktop Virtualization - Reference Architecture CTX XenDesktop - Design Handbook CTX XenDesktop Planning Guide - XenDesktop Scalability Whitepaper - Benchmarking Citrix XenDesktop using Login Consultants VSI

64 For More Information CTX132536 - Worker Unregisters at Session Launch
CTX Citrix Scout CTX CDFControl CTX How to enable Controller Service Logging in XenDesktop 5 CTX XDDBDiag: XenDesktop 5 Database Diagnostics CTX XenDesktop 5 Logon Process and Communication Flow

65 For More Information Vmware – Using VMware with XenDesktop
SCVMM Using Microsoft SCVMM 2008 with XenDesktop CTX127538: How to Reconfigure a XenDesktop Site to Use a Mirrored Database CTX : Database Access and Permission Model for XenDesktop 5 CTX LSQuery - License Server Data Collection Tool CTX How to Collect Data for Troubleshooting Licensing Issues

66 Takeaways

67 Presentation Goals Recap
Provide an understanding of the architecture Instruct On How To Configure Provide Troubleshooting Resources USB redirection is a standard feature requirement for Organization and my goal for this session is to review the feature and provide the necessary tools needed to implement and support this technology in your environment • Learn about HDX USB redirection and how it works • How to configure HDX USB redirection correctly for your environment • How to troubleshoot issues with HDX USB redirection

68 About Citrix Services Citrix Services make sure you succeed with your
Educate | Guide | Support | Succeed Citrix Services make sure you succeed with your virtualization programs. How we can help Citrix Education – The fastest, most efficient way to get your team the virtualization skills they need. Online, on-site or in class. citrix.com/training Citrix Consulting – Intensive engagements for complex, critical or just plain massive projects. citrix.com/consulting Citrix Support – Always-on support services that leverage everything we know about best-practice deployment and maintenance. citrix.com/support At Citrix Services - we’re Citrix consultants, teachers and support engineers and we’re all about one thing: making sure you succeed. With our help, you’ll deploy high-performance, robust virtualization and networking projects, faster – with dramatically lower risk and higher return. The best Citrix architects and administrators are the ones who never stop learning – and Citrix Education is here to help you learn those skills. Citrix Consulting gives you direct access to our most experienced virtualization and networking experts. When it’s complex; when it’s mission-critical; when it’s big; That’s when Citrix consultants can really help. On your virtualization journey, you’ll want always-on support from people who really care about your success. There’s no better insurance for your Citrix investment than with Citrix Support.

69 Secrets of the Citrix Support Ninjas
40 insider troubleshooting tips Covering XenDesktop, XenServer, XenApp and NetScaler Citrix Support top engineers FREE eBook Citrix Auto Support Now available! Secrets of the Citrix Support Ninjas is a FREE eBook available next week. The eBook contains 40 insider troubleshooting tips for administrators. So the purpose of the eBook is to help administrators like you keep your Citrix deployments on track. We’ve collected some of their best tips and tricks for running robust Citrix environments and packaged them up into a free eBook. In it, you’ll discover some of the little-known tricks that our own support people use every day to tune, tweak, troubleshoot and test Citrix solutions. You may know a few of these tips. But you probably don’t know them all. And – you never know – you might discover just one that will change your life as an administrator. Let me give you a sneak peak now.

70 Premier Support Calculator
Check it out

71 Next Webinar: September
Title: Troubleshooting a XenDesktop environment using the PowerShell SDK Description: The Citrix XenDesktop PowerShell SDK is the foundation for all interactions with a XenDesktop database and is the same SDK used by Desktop Studio. This deep dive session will include a behind-the-scenes look at several tools used by Citrix Technical Support that utilize the PowerShell SDK, including common configuration cmdlets and scripts. When: Sept 26th Registration Now!

72


Download ppt "Ramon Scott – Lead Escalation Engineer"

Similar presentations


Ads by Google