Thursday, August 01, 2013

Troubleshooting XenDesktop 5 Registration

 

The Desktop State column in the Desktop Controller provides information about the registration state of the desktop machine; values of Not Registered or Pending indicate that registration has not successfully completed.

image

Let me start with this, IT IS THE FIREWALL ! Client and Server, via the GPO !

image

Virtual Desktop Firewall

  • Registration fails if the firewall on the Virtual Desktop Machine has not had the appropriate exclusions configured to enable DDC’s communication.
  • Follow CTX116843 to fix this

 

Ok, if you made it this far it is more complicated. Start through this list:

Domain Name Services (DNS)

  • use ‘ping <othermachine.yourdomain.com>’ from each other to ensure resolution works

Time Synchronisation not Properly Configured

  • Ensure time is within 3 minutes – Setup NTP on the Hypervisor platform, the Domain Controllers if not already (or the clients if they dont get it from a DC)

XenDesktop VDA Registry Key

  • Verify that the following registry key exists and has correct information:
    (x86) HKEY_Local_Machine\Software\Citrix\VirtualDesktopAgent
    (x64) HKEY_Local_Machine \Software\Wow6432Node\Citrix\VirtualDesktopAgent
    • ‘ListOfDDCs’ REG String
    • ‘NameOfDDC’

image

Service Principal Names (SPNs)

  • The DDC determines the virtual desktop’s SPN by inspecting the servicePrincipalName attribute of the associated computer account in Active Directory. You can inspect the virtual desktop’s computer account using tools such as AD USers and Computers (attribute editor). If the servicePrincipalName attribute does not include an entry with the computer’s FQDN, editing it manually and check to see if that fixes registration problems.

image

image

Domain Membership Problems

  • Removing the machines in question from their domains and re-join them to the domains.

Multiple Network Adapters

  • If the virtual desktops contain multiple network adapters that can be used to communicate with the DDC, this might cause the security negotiation to fail. In that case, try disabling all network adapters except for the one used to communicate with the DDC.

Local Security Policy Settings

  • In case of some images, an overly restrictive security policy settings might prevent the VDA from registering.

image

 

User XDPing, ugly but helpful.

 


XDPing 2.1.1.1

--------------------------------------------------------------------
Local Machine::

  NetBIOS Name = OEH7004
  OS Version   = Microsoft Windows NT 6.1.7601 Service Pack 1
  Platform     = X64 Platform

  Computer Domain: COLVIN.com
    Role       = Member Workstation
    Membership = Verified, SID:S-1-5-21-2723282484-2951877577-328923344-98806 [OK]

--------------------------------------------------------------------
User::

  User Name      = bennetsx
  User Domain    = DEC
  Authentication = Kerberos [OK]
  Groups:
     COLVIN\Domain Users
     Everyone
     BUILTIN\Users
     NT AUTHORITY\INTERACTIVE
     CONSOLE LOGON
     NT AUTHORITY\Authenticated Users
     NT AUTHORITY\This Organization
     LOCAL
     COLVIN\G-SE-XENAPP-BRIMS_HRAR_2010
     COLVIN\Decsharew
Unable to translate group name from SPID  S-1-18-1
[WARNING]
     COLVIN\Allowed RODC Password Replication Group

--------------------------------------------------------------------
Local Machine Time::

  UTC   = 1/08/2013 12:32:54 AM
  Local = 1/08/2013 10:32:54 AM (AUS Eastern Standard Time)
  DST   = No
  NtpServer = time.windows.com,0x9

--------------------------------------------------------------------
Domain Controller(s) Time::

Date/Time from COLVIN.com : 1/08/2013 10:32:54 AM : Time difference (mins): 0 [OK]

--------------------------------------------------------------------
Network Interfaces::

  NIC #0 "Local Area Connection":
    Network      = Ethernet, 2Gb/s, Up
    MAC          = DC:9F:E4:DF:14:6C
    DNS suffix   = COLVIN.com
    DNS servers  = 255.255.11.10 255.255.11.11
    WINS servers = 255.255.2.4 255.255.14.57
    Gateways     = 255.255.18.1
    DHCP server  = 255.255.11.10
    Address #0   = 255.255.18.31/255.255.255.0, Preferred, Origin=Dhcp/OriginDhcp
           Lease = 694799/689961/689961


--------------------------------------------------------------------
WCF Endpoints: WorkstationAgent::
C:\Program Files\Citrix\Virtual Desktop Agent\WorkstationAgent.exe
Version Number :5.0.0.217

XenDesktop version 5
wsHttpBinding:
Citrix.Cds.Protocol.Worker.ILaunch:
 http://localhost/Citrix/VirtualDesktopAgent/ILaunch:
    Ping Service: /Citrix/VirtualDesktopAgent/ILaunch
      Connect = Tcp to ::1:80 via ::1 ("Loopback Pseudo-Interface 1") [OK]
      Service = Listening [OK]
wsHttpBinding:
Citrix.Cds.Protocol.Worker.IDynamicDataQuery:
 http://localhost/Citrix/VirtualDesktopAgent/IDynamicDataQuery:
    Ping Service: /Citrix/VirtualDesktopAgent/IDynamicDataQuery
      Connect = Tcp to ::1:80 via ::1 ("Loopback Pseudo-Interface 1") [OK]
      Service = Listening [OK]
wsHttpBinding:
Citrix.Cds.Protocol.Worker.IConfiguration:
 http://localhost/Citrix/VirtualDesktopAgent/IConfiguration:
    Ping Service: /Citrix/VirtualDesktopAgent/IConfiguration
      Connect = Tcp to ::1:80 via ::1 ("Loopback Pseudo-Interface 1") [OK]
      Service = Listening [OK]
wsHttpBinding:
Citrix.Cds.Protocol.Worker.ISessionManager:
 http://localhost/Citrix/VirtualDesktopAgent/ISessionManager:
    Ping Service: /Citrix/VirtualDesktopAgent/ISessionManager
      Connect = Tcp to ::1:80 via ::1 ("Loopback Pseudo-Interface 1") [OK]
      Service = Listening [OK]
netNamedPipeBinding:
Citrix.Cds.StackManager.IStackManager:
net.pipe://localhost/CitrixIStackManagerEndPoint:
Endpoint -> not Tested - net.pipe://localhost/CitrixIStackManagerEndPoint
[OK]
netNamedPipeBinding:
Citrix.Cds.WorkstationAgent.IHDXConnect:
net.pipe://localhost/Citrix/HDXConnect:
Endpoint -> not Tested - net.pipe://localhost/Citrix/HDXConnect
[OK]

--------------------------------------------------------------------
Workstation Services::

  Service  : WorkstationAgent ("Citrix Desktop Service")
    Status = Win32OwnProcess, Running [OK]
    Prereq =
      LanmanServer (Win32ShareProcess), Running
      PorticaService (Win32OwnProcess), Running
      LanmanWorkstation (Win32ShareProcess), Running

  Service  : PorticaService ("Citrix ICA Service")
    Status = Win32OwnProcess, Running [OK]
    Prereq =
      picapar (FileSystemDriver), Running
      picakbm (KernelDriver), Running
      picadm (FileSystemDriver), Running
      dhcp (Win32ShareProcess), Running
      picaser (FileSystemDriver), Running
      picadd (KernelDriver), Running
      rpcss (Win32ShareProcess), Running

  Service  : Citrix CGP Server Service ("Citrix CGP Server Service")
    Status = Win32OwnProcess, Running [OK]

  Service  : Citrix Encryption Service ("Citrix Encryption Service")
    Status = Win32OwnProcess, Running [OK]
    Prereq =
      Winmgmt (Win32ShareProcess), Running

  Service  : cpsvc ("Citrix Print Manager Service")
    Status = Win32OwnProcess, Running [OK]
    Prereq =
      Spooler (Win32OwnProcess, InteractiveProcess), Running
      PorticaService (Win32OwnProcess), Running
      RpcSs (Win32ShareProcess), Running

--------------------------------------------------------------------
DNS Lookups for Local Machine::

  Host Name  : oeh7004.COLVIN.com
  Address #0 = 255.255.18.31 (rDNS: oeh7004.COLVIN.com) [OK]

--------------------------------------------------------------------
Client Details::
   (Session ID) (Status)    (Name)   (Client IP Address):
       1        WFActive   Console   255.255.54.33

   Estimated Latency:           6
   Estimated Bandwidth:         36.35 Mbps
   Estimated Network Condition: LAN_CONDITIONS
   Session Reliability:         True

--------------------------------------------------------------------
Event Log Check::
  No importent XenDesktop events detected in the last hour.

--------------------------------------------------------------------
Windows Firewall Settings::

Status : Disabled

Current Profile name : Domain
--------------------------------------------------------------------
XenDesktop Farm::

  Farm GUID (GPO)   : Not Set
  Farm GUID (local) : NOT SET
  Farm GUID In Use  : NOT SET
--------------------------------------------------------------------
Registry Based Configurations::

Registry based Controller list (ListOfDDCs) : [Configured]
   Controller : ddcServerd01.COLVIN.com
--------------------------------------------------------------------
Controllers (manually specified)::

  Controller: ddcServerd01.COLVIN.com:80
    DNS Lookup(ddcServerd01.COLVIN.com):
      Host Name  = ddcServerd01.COLVIN.com
      Address #0 = 255.255.18.9 (rDNS: ddcServerd01.COLVIN.com) [OK]
    Ping Service: /Citrix/CdsController/IRegistrar
      Connect = Tcp to 255.255.18.9:80 via 255.255.18.31 ("Local Area Connection") [OK]
      Service = Listening [OK]

  ListOfDDC is set in the registry to enurmerate DDC list [OK]

--------------------------------------------------------------------
Summary::

    Checking version : You are using the latest version. [OK]
    Unable to translate group name from SPID  S-1-18-1 [WARNING]

Number of messages reported = 2

 

 

 

 

 

This information in this comes from here:

http://support.citrix.com/article/CTX123278

http://support.citrix.com/article/CTX126992

http://support.citrix.com/article/CTX117248

Post a Comment

Blog Archive