Sum303 implementing and troubleshooting the citrix receiver for windows
Download
1 / 64

SUM303 Implementing and Troubleshooting the Citrix Receiver for Windows - PowerPoint PPT Presentation


  • 125 Views
  • Uploaded on

SUM303 Implementing and Troubleshooting the Citrix Receiver for Windows. Christian Suarez. Senior Escalation Engineer. May 8, 2012. Tweet about this session with hashtag #SUM303 and #CitrixSummit. Agenda. Overview of Citrix Receiver for Windows

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' SUM303 Implementing and Troubleshooting the Citrix Receiver for Windows' - samuel-pitts


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Sum303 implementing and troubleshooting the citrix receiver for windows
SUM303 Implementing and Troubleshooting the Citrix Receiver for Windows

Christian Suarez

Senior Escalation Engineer

May 8, 2012



Agenda
Agenda #CitrixSummit

  • Overview of Citrix Receiver for Windows

  • Implementing the Citrix Receiver with Merchandising Server

    1- Setup Merchandising Server

    2- Prepare and Download Plug-ins

    3- Deploy Citrix Receiver

    4- Deliver and Maintain Plug-ins

  • Troubleshooting the Citrix Receiver

  • Citrix Receiver for Mac

  • Questions?



IT #CitrixSummit

Citrix Receiver

desktops

apps

data

SaaS



Components
Components #CitrixSummit

Component

Definition

Citrix Receiver

and Receiver Updater

Software that manages and updates

for Windows and Mac

Citrix Plug

-ins on user desktops

Virtual appliance responsible for managing

Citrix Merchandising Server

software deliveries from IT

Merchandising Server

Web console used for configuring and

Administrator Console

managing software deliveries

Service that uploads software plug-ins and

Citrix Update Service

MetaData

on Merchandising Servers

Individual

Citrix clients

or agents managed

Plug-ins & MetaData

Citrix Plug-ins

by Citrix Receiver

http://*.citrix.com


Architecture
Architecture #CitrixSummit

Active Directory

Administrator Console

Merchandising Server

1011011010 SSL 1011011010

Citrix Receiver

LDAP 1011010 LDAP 10110101

1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101110 SSL 1011 101101110 SSL 1011 SSL 1011 101101110 101

101 HTTP 10110 HTTP 10110 HTTP 19

Data Center

Update Service

1011011010 SSL 1011011010 SSL 101

Citrix Receiver

External End User

Internal End User


Merchandising server requirements
Merchandising Server Requirements #CitrixSummit

Browser for Admin

Directory

Virtual Server

Hardware

Console

Services

Minimum:

XenServer

5.x

8 GB

disk

space

Active Directory

Internet Explorer 7,8, or 9

1 GB RAM

2003 SP2 or

VMWare

Recommended

:

Firefox 4.x or 5

later

vSphere

4.0, ESX 3.5,

2-8 GB RAM

VMWare

Server 2.x

2

CPUs



Step 1 building merchandising server
Step 1: Building Merchandising Server #CitrixSummit

  • Hostname, IP Address, Gateway and DNS

  • FQDN to match certificates

  • Use Static IP

Active Directory

Administrator Console

Merchandising Server

C1trix321

1011011010 SSL 1011011010

LDAP 1011010 LDAP 10110101

Data Center

1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101110 SSL 1011 101101110 SSL 1011 SSL 1011 101101110 101

10110 HTTP 10110 HTTP 10110 HT

Update Service

101 HTTP 10110 HTTP 10110 HTTP 10110

Citrix.com



Merchandising server features
Merchandising Server Features #CitrixSummit

  • Anonymous Deliveries

    • Using System Token enables Receiver to configure plug-ins without users needing to authenticate

  • Enhanced Roaming

    • Beacon websites improves roaming and avoids interrupting users with unneccesary authentication messages

  • Improved reporting when syncing Active Directory


User authentication with user tokens
User Authentication with User Tokens #CitrixSummit

  • Users must authenticate with AD before downloading the Receiver

  • User Tokens are created and kept in the registry on the client

  • Subsequent authentication request will be suppressed

  • Token expiration is defined in the Administrator Console (6 months default)


Anonymous deliveries with system tokens
Anonymous Deliveries with System Tokens #CitrixSummit

  • Allows Citrix Receiver install with a system token without users needing to authenticate

  • Kept in the registry on the client

  • System Tokens are manually created from Merchandising Server Admin Console

  • Reporting and delivers based on

    • Machine Name, IP Address, or Domain membership

  • System Tokens never expire


Enhanced roaming with beacons
Enhanced Roaming with Beacons #CitrixSummit

  • Beacons allow the Receiver to determine whether the user is inside or outside the corporate firewall

  • When the user must go through the VPN, Receiver prompts with the Connect to Delivery Services logon dialog

  • As users move from place to place, Receiver and secure access plug-in will:

    • smoothly re-establish tunnels if outside the firewall

    • not establish tunnels while inside the firewall.

  • Avoids interrupting the user with unnecessary VPN authentication pop-ups



Step 2 downloading plugins to merchandising server
Step 2: Downloading Plugins to Merchandising Server #CitrixSummit

/usr/local/apache-tomcat-6.0.16/webapps/appliance/WEB-INF/classes/appliance.properties

Administrator Console

Merchandising Server

1011011010 SSL 1011011010

Data Center

1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101110 SSL 1011 101101110 SSL 1011 SSL 1011 101101110 101

10110 HTTP 10110 HTTP 10110 HT

Update Service

101 HTTP 10110 HTTP 10110 HTTP 10110

https://pluginupdate.citrix.com/updateservice/services/updateService

Citrix.com


Citrix plugins for windows
Citrix Plugins for Windows #CitrixSummit

  • Online

  • Self-service

  • Secure Access

  • Offline

  • Single Sign-on

  • Service Monitoring

  • Acceleration

  • EasyCall

  • Profile Management**

  • XenVault


New citrix sharefile plugins for windows
NEW! Citrix ShareFile Plugins for Windows #CitrixSummit

  • ShareFile Desktop Widget

  • ShareFile Outlook Plug-in

  • Citrix ShareFile Plug-in for Receiver


Step 3 delivering citrix receiver updater
Step 3: Delivering Citrix Receiver Updater #CitrixSummit

  • Updater for Mac

  • Mac OS 10.5, 10.6, 10.7

  • Updated Java

  • Elevated Privileges

Citrix Receiver for Mac

Citrix Receiver

1011011010 SSL 1011011010 SSL 1011011

1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101110 SSL 1011 101101110 SSL 1011 SSL 1011 101101110 101

Data Center

1011011010 SSL 1011011010 SSL 1011011

  • Updater for Windows

  • .NET 2.0 or later

  • Internet Explorer 7 or 8

  • Firefox 2.x or 5.x

  • Administrator Privileges

Citrix Receiver for Windows

External End Users

Internal End Users


Receiver for windows installation packages
Receiver for Windows Installation Packages #CitrixSummit

Citrix Receiver Standard - CitrixReceiver.exe

User experience is consistent across all Receiver platforms

Full set of features like Self-Service with one-click configuration

Full Citrix CloudGateway interoperability

Automatic install from Web Interface or Receiver for Web

Can be installed with Electronic Software Distribution (ESD) tools

Ensure free space in user’s Temp directory


Receiver for windows installation packages1
Receiver for Windows Installation Packages #CitrixSummit

Citrix Receiver Enterprise - CitrixReceiverEnterprise.exe

Supports legacy XenApp Services, formerly PNA Services

XenApp Services are limited to LAN connections

Required for Smart Card Authentication

Requires Administrator to install

Can be installed with Electronic Software Distribution (ESD) tools


Ways to deploy the receiver for windows
Ways To Deploy the Receiver for Windows #CitrixSummit

Delivery Method

User Action

Required

Where to apply

User authentication required

to

Managed or Unmanaged

Merchandising Server Download

complete installation

Computers dedicated to users

User authentication required

to

Managed Computers

Electronic Software Distribution

(ESD)

complete installation

dedicated to users

Anonymous Delivery

with n

o user

Managed Computers with

ESD with

System Token

authentication for install or updates

sharing

users

User authentication required

to

External

Download Page via Packager

Remote

Users

complete installation

Remote Users on computers

External

Download Page via Packager

Anonymous Delivery with no user

identifiable by IP, Machine

and System Token

authentication for install or updates

Name or Domain Membership

User authentication required after

Unmanaged Computers with

Manually

by user

Merchandising Server added

tech savvy users


Changing the merchandising server address on windows client
Changing the Merchandising Server #CitrixSummitaddress on Windows Client


Installing the receiver for windows
Installing the Receiver for Windows #CitrixSummit

From Receiver for Web and Web Interface

Receiver for Web

  • Automatically determines if Receiver in installed

  • Receiver installation files are stored on the server with the default installation

  • Option to offer an upgrade for users with older clients

    Web Interface

  • WI installation prompts for media to store Receiver installation files on \Clients folder

  • Options for Client Detection and Deployment in Web Interface Console

  • Rename the CitrixReceiver.exe to CitrixOnlinePluginWeb.exe and place in directory

  • Modify WebInterface.conf file for ClientIcaWin32


Receiver for windows installation parameters
Receiver for Windows Installation Parameters #CitrixSummit

CitrixReceiver.exe [Options] and CitrixReceiverEnterprise.exe [Options]

/noreboot

/silent

/includeSSON

PROPERTY=Value

INSTALLDIR, CLIENT_NAME, ENABLE_DYNAMIC_CLIENT_NAME,

ADDLOCAL, ALLOWADDSTORE, ALLOWSAVEPWD, ENABLE_SSON,

ENABLE_KERBEROS, DEFAULT_NDSCONTEXT, LEGACYFTAICONS,

SERVER_LOCATION, STARTMENUDIR, STOREx


Citrix receiver packager for windows
Citrix Receiver Packager for Windows #CitrixSummit

  • Provides an installer with Receiver that optionally includes a Secure Access plug-in and a system token

  • Packager and instructions found on the Citrix KB at CTX121355

  • Three main components of the Packager:

    • Secure Access Plug-in

    • Citrix Receiver Updater

    • Self Extracting Package

      • ReceiverInstaller.exe by default

AGCRPackager.exe


Creating an external receiver download page
Creating an External Receiver Download Page #CitrixSummit

  • Create sample page from support files from Citrix.com

    • • animation.swf

    • • ieTransparency.css

    • • index.html

    • • main.css

    • • resources.js

    • • img (images folder)

  • Edit resources.js to define Merchandising Server, Server URL and installer file

  • Web Page with ReceiverInstaller.exe download link

  • Send URL to clients for remote access


Deploying access gateway connections
Deploying Access Gateway Connections #CitrixSummit

  • Secure Access Plug-in 9.x is for Access Gateway Enterprise (AGEE)

  • Secure Access Plug-in 4.6 for AG Standard and Advanced

  • Enhance Roaming Integration

  • The Access Gateway will continue to update the Secure Access plugins,

    NOT the Citrix Receiver

  • Users can select nearest location when traveling

  • Use Merchandising Server to choose fields to display to users


Upgrading the citrix receiver for windows
Upgrading the Citrix Receiver for Windows #CitrixSummit

  • Upgrades only supported from Citrix Online Plug-in 11.2 and later

  • Removed previous version of the Online Plug-in prior to upgrading

  • Uninstall Online Plug-in 11.0

    • From Add/Remove Programs

    • Installer package with Remove option only if installed using a Windows Installer package

  • Uninstall Citrix Receiver 13.x

    • Use the Citrix Receiver Updater

    • Use the /uninstall option with the Citrix Receiver executables

    • From Add/Remove Programs (only if Receiver Updater was not used to install)


Upgrading the citrix receiver for windows1
Upgrading the Citrix Receiver for Windows #CitrixSummit

Citrix Receiver Standard – CitrixReceiver.exe

Installed

Result

No previous Citrix Online Plug-in

Citrix Receiver Standard

With Web access only

Citrix Online Web Plug-in

Citrix Online Full Plug-in with PNA and SSO

No upgrade path

Citrix Receiver Enterprise


Upgrading the citrix receiver for windows2
Upgrading the Citrix Receiver for Windows #CitrixSummit

Citrix Receiver Enterprise – CitrixReceiverEnterprise.exe

Installed

Result

No previous Citrix Online Plug-in

Citrix Receiver Enterprise

with web access

Citrix Online Web Plug-in

Citrix Online Full Plug-in with PNA and SSO

Citrix Receiver Enterprise

configured for PNA and SSO

Citrix Receiver Enterprise


Step 4 delivering and maintaining citrix plugins
Step 4: Delivering and Maintaining Citrix Plugins #CitrixSummit

Merchandising Server

1011011010 SSL 1011011010 SSL 1011011

Data Center

1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101110 SSL 1011 101101110 SSL 1011 SSL 1011 101101110 101

1011011010 SSL 1011011010 SSL 1011011



Modifying plug in metadata
Modifying Plug-in Metadata #CitrixSummit

  • Metadata contains the properties and commands to ensure proper installation

  • It includes user connection information per Citrix Plug-in

  • Comes pre-configured but can be modified

  • Configure customize user connection information

  • Sample metadata files are provided on the Citrix Community Receiver Metadata Web page


Creating a targeted delivery
Creating a Targeted Delivery #CitrixSummit

  • Must have Delivery Rules created

  • At least one plugin downloaded to Merchandising Server

  • Provide Delivery name, description, and polling frequency

  • Select from available plugin and metadata

  • Configuration of the Citrix Receiver

  • Apply Delivery Rule

  • Schedule Delivery

1011011010 SSL 1011011010 SSL 1011011

1011011010 SSL 1011011010 SSL 1011011



System log appliance log
System Log (appliance.log)

  • Server log captures Merchandising Server and user-specific events

  • Enable System Logging for more details

  • Enable User Logging to add user messages to the server log

  • Located at:

    /usr/local/apache-tomcat-6.0.16/logs/appliance.log


Detailed active directory error messages
Detailed Active Directory Error Messages

  • From the Merchandising Server Administrators Console

    • Invalid AD credentials

    • Invalid value for Base DN

    • AD doesn't support simple authentication

    • Not permitted to logon at this time

    • Not permitted to logon from this workstation

    • User password expired

    • User account disabled

  • Enhanced Messaging in System log


Client logs receiver log and errorlog xml
Client Logs (Receiver_.log and ErrorLog.xml)

  • Detailed Client Log key for any client Receiver issue

  • To Enable Client Logging, add –verbose to the Target line, on the Receiver.exe

    “C:\Program Files (x86)\Citrix\Receiver\Receiver.exe”

  • Logs located in user profile at

    \Local Settings\Application Data\Citrix\Receiver\Receiver_.log

  • ErrorLog.xml can be gathered from MS Admin console and view within console


Cdf tracing still available for connection issues
CDF Tracing still available for connection issues

  • For connections issues with Receiver, CDF Traces still works

  • CDF Control can be found at CTX111961

  • Creates CDFLogFile.etl which requires Citrix symbols to be parsed into readable messages

  • Send to Citrix Technical Support for Detailed Analysis


Troubleshooting citrix receiver installation
Troubleshooting Citrix Receiver installation

ISSUE: Receiver installation is not proceeding

Verify .NET 2.0 Framework is installed

Verify that the user has administrative permissions

Ensure the user credentials are entered properly, i.e. DOMAIN\user

Check the supported browsers for the download page

  • IE7, IE8, Firefox 3, Safari


Troubleshooting citrix receiver updates
Troubleshooting Citrix Receiver updates

ISSUE: Receiver shows “Plug-in updates are disabled”

Occurs if the client has the Terminal Services role or a Microsoft Server Edition installed

Modify the Citrix Receiver shortcut or executable to run with:

  • -allowadminTSupdates

    Close and Reopen the Receiver

    More information at CTX129051


Troubleshooting receiver plug in updates
Troubleshooting Receiver Plug-in updates

ISSUE: User does not receive any Plug-ins

Check that the client is pointing to the correct Merchandising Server

From user’s Control Panel > System and Security

Verify that client OS is supported for the specific plug-in

Verify that the rule defining the recipients matches the client's parameters

Check the evaluation

order of the deliveries


Troubleshooting receiver plug in updates1
Troubleshooting Receiver Plug-in updates

ISSUE: User does not receive any Plug-ins

Delete the client's token in the local registry and restart the client

  • HKLM\Software\Citrix\Receiver\Delivery\Filter

  • Forces user to re-authenticate to the Merchandising Server

    Enable verbose logging from command line (CMD)

  • XP: “C:\Program Files\Citrix\Receiver\Receiver.exe” –verbose

  • Win7 64bit/Vista 64bit: “C:\Program Files(x86)\Citrix\Receiver\Receiver.exe” –verbose

    On the Receiver client, select “Check for Updates”

  • Makes an immediate connection to the Merchandising Server

    Collect Receiver_.log from client

  • %USERPROFILE%\Local Settings\Application Data\Citrix\Receiver\receiver_.log


Troubleshooting merchandising server installation
Troubleshooting Merchandising Server installation

ISSUE: Network Is Unreachable

There is a Diagnostics menu on the Merchandising Server Console

With duplicate IP addresses, a ping will show “Network is unreachable”

XenServer will show unknown IP address


Troubleshooting merchandising server web server
Troubleshooting Merchandising Server Web Server

ISSUE: HTTPD Service Failure when using a Space in Hostname

The httpd fails to start and admins cannot open the Console

The Apache web service cannot handle server hostname with a space

  • i.e. – “Merch Server1”

    Edit the hostname

    Restart the httpd Service:

    sudo /etc/init.d/httpd restart


Troubleshooting merchandising server
Troubleshooting Merchandising Server

ISSUE: User account are not enumerating in the Administrator Console

Merchandising Server downloads user/group list from Active Directory Server using LDAP port 389

  • For indexed database, port 3268 significantly speeds up AD queries

    Stored in local PostgreSQL database

  • Select “Save and Sync” for immediate updates, i.e. when new AD users are created

    Base DN lists the OU where user accounts are located

  • Multiple OUs are not supported

    Merchandising Server can only point to one AD Server at a time

    More information at CTX131998 and CTX121957


Troubleshooting merchandising server1
Troubleshooting Merchandising Server

ISSUE: "No results found“ when performing AD search

Verify the Base DN and ensure it is correctly formatted:OU=NewYork,OU=Americas,DC=company,DC=net

Ensure object can be enumerated from the Base DN

  • Note: Only the first/last name fields are searchable from within Merchandising Server (not username)

    Verify that the complete domain path is includedfor all regions


Troubleshooting merchandising server2
Troubleshooting Merchandising Server

ISSUE: The corporate AD information you have provided is invalid

Verify the Administrator has correct Domain permissions

From the VMWare ESX Console, ping the Merchandising Server

Verify the Bind DN

Run Wireshark from Domain Controller

  • Filter by the Merchandising Server, i.e. ipaddr==<MerchServerIP>

    Merchandising Server 1.2 had an issue with

    LDAP server signing requirements on secure connection in AD on Windows 2003 Server or Windows 2008 Server


Troubleshooting merchandising server3
Troubleshooting Merchandising Server

ISSUE: Merchandising Server takes four to six hours to reboot with VMWare

Ensure updated virtual machine tools

Upgrade hardware NICA drivers to VMXNet3

Reduce multiple Virtual CPUs to one

Ensure proper certificates on the Merchandising Server

Verify Merchandising Server is not a template or snapshot

More information at CTX128179


Troubleshooting merchandising server console
Troubleshooting Merchandising Server Console

ISSUE: Administrator and auditors cannot logon to Administrators Console

And when root is used to re-add permissions, a domain user search returns nothing

Ensure logon to console with domain\user format

Occurs when the time zone of the VM is changed from UTC

Return the time zone to UTC

OR

Remove the token from the client computer registry or by uninstalling and reinstalling the Citrix Receiver

More information at CTX127471


Troubleshooting downloading citrix plug ins
Troubleshooting Downloading Citrix Plug-ins

ISSUE: Get New page in the Administrator Console is blank

Verify that the Merchandising Server has Internet access and can access Citrix.com

Update Service URL is located in the appliance.propertiesfile on the Merchandising Server. It should not be changed

URL may be required to get aroundcustomer firewall rules


Troubleshooting deploying plug in updates
Troubleshooting Deploying Plug-in updates

ISSUE: Windows7 and Vista updates fail with “ERROR: Unable to check for updates”

Ensure the Merchandising Server is configured with FQDN in the Hostname settings of the Network Configuration

Versions of Merchandising Server prior to 2.2 did not have this requirement

More information at CTX131572


Troubleshooting single sign on with receiver
Troubleshooting Single Sign-on with Receiver

ISSUE: Domain pass-through for Citrix Receiver is not working

Verify Citrix Receiver Standard is installed with the /includeSSON parameter

Check single sign-on process SSONSvr.exe

Verify the Web Interface Web Page or StoreFront page are correctly configured

For upgrades from Online plugin 12.1, completely uninstall per CTX130813

With Online Plugin 12.x, check WI issue from CTX124871 and CTX113004



Citrix receiver for mac parity
Citrix Receiver for Mac Parity

  • Includes Online Plug-in and Self Service Plug-in

  • Includes Access Gateway / Secure Access Plug-in integration

  • No support for Enhanced Roaming with Beacons

  • For Lion users, add string MacOS10.7 to platform list of plug-in metadata file

  • No ESD installation, must be downloaded from Merchandising Server

  • Change the Merchandising Server by changing ServerAddressfield in

    Macintosh HD/Library/Application Support/Citrix/Receiver.cfg


Receiver updater packager for mac
Receiver Updater Packager for Mac

  • Creates a bundled installer of Receiver

  • Enables Receiver delivery to users inside and outside corporate firewall

  • Must have plugins installed and configured

  • Select and add System Token or

    choose prompt users for User Tokens

  • Select Packages

    • Receiver.dmg

    • Citrix_Access_Gateway.dmg

Citrix Receiver Packager.dmg


Citrix plugins for mac
Citrix Plugins for Mac

  • Secure Access

  • Online

  • Communications / Easy Call


References
References

  • Citrix eDocs

    • Receiver for Windows

      • http://support.citrix.com/proddocs/topic/receiver/rec-receiver-for-win.html

    • Merchandising Server

      • http://support.citrix.com/proddocs/topic/cloudgateway/receivers-merchandising-wrapper.html

    • Receiver for Mac

      • http://support.citrix.com/proddocs/topic/receiver/receivers-mac-wrapper.html

  • CitrixReceiver.com

  • Citrix Knowledge Center - http://support.citrix.com/

    CTX121355, CTX111961, CTX129051, CTX124971, CTX131998, CTX121957, CTX128179, CTX127471, CTX131572, CTX130813, CTX124871, CTX113004


Tools as a service

http://Taas.Citrix.com/Beta

Tools as a Service

1

2

3

Data Collection

Quickly collect and upload your data

Auto analysis health check

Recommendations tailored to YOU


Four steps to implement
Four Steps to Implement

Troubleshooting

Citrix Receiver for Windows

Merchandising Server

appliance.log

Receiver_.log

ErrorLog.xml

Data Center

1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 1011011010 SSL 101101110 SSL 1011 101101110 SSL 1011 SSL 1011 101101110 101

101 HTTP 10110 HTTP 10110 HTTP

1011011010 SSL 1011011010 SSL 101

External End User

Internal End User


ad