Operations Guide
COPYRIGHT NOTICE
Copyright © 2005, 2006 SUPERVALU, INC., All rights reserved.
Trademark information
SUPERVALU® is a registered trademark of the NEW SUPERVALU®.
Albertsons® is a registered trademark of New Albertsons, Inc. ® or its subsidiaries.
All other registered trademarks or trademarks belong to their respective companies.
ADN00061-02 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES
Revision History
Technical Writer Revision No. Description Date
Bruce Bacon Version 1.0 Initial Release. 5.15.06
Bruce Bacon Revision 2.0 Reformatted Guide using new 10.26.06
formatting standards.
ADN00061-02 ii 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Table of Contents
INTRODUCTION.................................................................................................................................................................. 1
INTENDED AUDIENCE ............................................................................................................................................................ 1
PREREQUISITES ..................................................................................................................................................................... 1
CITRIX CONCEPTS AND COMPONENTS – THE BASICS .......................................................................................... 2
CITRIX SERVER SOFTWARE ................................................................................................................................................... 2
CITRIX ICA CLIENTS............................................................................................................................................................. 2
ZONES AND FARMS ............................................................................................................................................................... 3
DATA COLLECTOR AND DATA STORE ................................................................................................................................... 4
Data Collector.................................................................................................................................................................. 4
Data Store ........................................................................................................................................................................ 4
Data Store Database ........................................................................................................................................................ 5
CITRIX SERVER FARM ........................................................................................................................................................... 5
Independent Management Architecture (IMA)................................................................................................................. 5
ICA Clients ....................................................................................................................................................................... 5
ICA Protocol .................................................................................................................................................................... 5
TERMINAL SERVER CLIENT ACCESS LICENSE (TSCAL) LICENSE SERVER ........................................................................... 6
CITRIX MANAGEMENT CONSOLE .......................................................................................................................................... 6
CITRIX WEB CONSOLE .......................................................................................................................................................... 6
CITRIX WEB INTERFACE ....................................................................................................................................................... 6
CITRIX SECURE GATEWAY .................................................................................................................................................... 7
FARM METRIC SERVER ......................................................................................................................................................... 7
SCENARIO ONE – DATA COLLECTOR INTERACTION WITH CLIENT AND CITRIX SERVER ....................................................... 8
SCENARIO TWO – DATA STORE INTERACTION WITH DATA COLLECTOR AND CITRIX SERVER .............................................. 9
SUPERVALU CITRIX FARM AND APPLICATIONS................................................................................................... 10
SUPERVALU CITRIX SECURE GATEWAY ................................................................................................................. 11
WHAT IS THE SECURE GATEWAY? ...................................................................................................................................... 11
WHAT ARE THE COMPONENTS?........................................................................................................................................... 11
Secure Gateway Servers ................................................................................................................................................. 11
Secure Ticket Authority (STA) Server............................................................................................................................. 11
Citrix XML Service......................................................................................................................................................... 11
Security Certificates ....................................................................................................................................................... 12
SUPERVALU Secure Gateway Flow Diagram .............................................................................................................. 12
CITRIX MANAGEMENT CONSOLE .............................................................................................................................. 13
LAUNCHING THE CITRIX MANAGEMENT CONSOLE ............................................................................................................. 14
DATA DISPLAYED IN THE CITRIX MANAGEMENT CONSOLE ................................................................................................ 15
Session Information Displayed in the Console............................................................................................................... 16
USING THE CITRIX MANAGEMENT CONSOLE ...................................................................................................................... 17
Determining Information about a Citrix Server ............................................................................................................. 17
Reviewing Applications Published on a Citrix Server.................................................................................................... 19
CONTROLLING LOGONS BY ICA CLIENTS ........................................................................................................................... 20
Enabling or Disabling Logons ....................................................................................................................................... 20
Allowing Group Access to a Published Application....................................................................................................... 22
Reviewing which Servers are Hosting Applications....................................................................................................... 23
VIEWING ICA SESSION INFORMATION ................................................................................................................................ 24
USING SESSION MANAGEMENT COMMANDS ....................................................................................................................... 25
Session Properties Tabs ................................................................................................................................................. 26
Disconnecting ICA Sessions ........................................................................................................................................... 27
Resetting a Connection................................................................................................................................................... 27
ADN00061-02 iv 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Connecting to Disconnected Sessions ............................................................................................................................ 28
Shadowing ICA Sessions ................................................................................................................................................ 28
Sending Messages to Users ............................................................................................................................................ 28
CITRIX FAQ ........................................................................................................................................................................ 30
WEB SERVER – THE METAFRAME SERVER FARM REPORTED AN UNSPECIFIED ERROR.............................. 30
WINDOWS ICA CLIENT CONFIGURATION ................................................................................................................ 31
HP PRINTER DRIVERS ......................................................................................................................................................... 35
WHAT ARE ROAMING FILES AND HOW DO THEY WORK? <NEEDS UPDATE-PLACEHOLDER> .................. 37
How It Works - Roaming Profiles................................................................................................................................... 38
OUTLOOK HAS TROUBLE OPENING HTML FILES ................................................................................................... 39
CITRIX TROUBLESHOOTING ....................................................................................................................................... 40
TROUBLESHOOTING BY TOPIC ............................................................................................................................................. 40
Printing .......................................................................................................................................................................... 40
Dropped Connections..................................................................................................................................................... 41
Windows User Problems ................................................................................................................................................ 41
APPENDIX A – CITRIX GLOSSARY OF TERMS......................................................................................................... 43
ADN00061-02 v 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
INTRODUCTION
Heterogeneous computing environments are a fact of life in the Albertsons enterprise.
Computing infrastructures are typically built around incompatible components, including an
installed base of various client devices (PCs, terminals, network computers, and
portables), different operating systems, multiple network protocols, and various types of
network connections.
Regardless of differences in computing environments, Albertsons departments need to
make applications available to their users. The Citrix client-server environment bridges
differences in computing platforms. Citrix server-based application delivery allows
organizations to keep their desktops of choice and provide the best application fit for users
and the enterprise.
Because the Citrix-proprietary Independent Computing Architecture (ICA) Client protocol
supports numerous types of hardware, operating platforms, network connections, and
network protocols, it lets Albertsons deliver a common set of applications to different types
of client devices and to users in separate locations, with better performance than
alternative technologies.
Citrix simplifies administration and unifies the enterprise computing environment because
it centralizes application installation and management.
This Operations Guide is designed to help you, the Albertsons Tier Two IT associate,
understand, maintain, and support the Citrix infrastructure. It uses excerpts of existing
documentation and new material, some from the public domain, in addition to screen shots
from the Albertsons, Inc. Citrix Server farm management utilities.
INTENDED AUDIENCE
The intended audiences for this Guide are Albertsons Tier Two IT Operations associates
who are tasked with handling tier two service calls for the Albertsons Citrix farm.
PREREQUISITES
This Guide assumes that the administrator has intermediate to advanced network
administration and configuration skills with the following environments:
• Microsoft 2000/2003 Server
• Active Directory
• Domain Controller
Prior to using this Guide, readers should familiarize themselves with the terms described in
Appendix A, Citrix Glossary of Terms.
ADN00061-02 1 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Citrix Server
ADN00061-02 2 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
In the Albertsons environment there is one farm (Albertsons) and one zone consisting of
Albertsons and Shaws application servers, located at the Westpark Data Center.
ADN00061-02 3 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
DATA COLLECTOR AND DATA STORE
In every Citrix farm, one server is dedicated to data collection and another server
dedicated to data storage; the Data Collector and the Data Store.
Data Collector
The Data Collector maintains all dynamic load and session information for all servers in a
single zone. Some examples of this dynamic Data Collector information are:
• Client logons and logoffs
• License acquisition and release
• Published application changes
• Server application and load usage
If no communication is received from a member server in its own zone within the
configured time interval, the zone Data Collector pings (IMA Ping) that server to verify that
it is online.
Data Store
The Data Store provides a database repository of information about the server farm for all
servers to reference. The Data Store retains information that does not change frequently,
including:
• Published application configurations
• Server configurations
• Citrix administrator accounts
• Trust relationships
• Licenses
• Printer configurations and drivers
CAUTION: If the Citrix Data Store database is lost, you must recreate the farm.
You cannot recreate the Data Store from an existing farm.
ADN00061-02 4 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Data Store Database
With the exception of indexes, all information in the Data Store is in binary format.
Meaningful queries cannot be executed directly against the Data Store. Neither Citrix
administrators nor users should attempt to directly query or change information in the
Data Store. Use only IMA-based tools, such as the Management Console for Citrix, to
access the information in the Data Store.
ICA Clients
ICA Clients are the components of Citrix that users run on their computers to access
applications running on Citrix servers. ICA Clients combine ease of deployment and use,
and offer quick, secure access to applications, content, and entire computer desktops
published on Citrix servers.
All users running the ICA Program Neighborhood Agent connect to a central configuration
file. Once launched, this client periodically downloads its configuration data from a
configuration file on a server running the Web Interface. You can modify the configuration
data at any time as a means to manage and control the client population throughout your
network from a single location and in real time. As a result, you can dynamically manage
and control your client population network-wide from a single location and in real time.
ICA Protocol
Users can access applications on a server through ICA connections and ICA sessions. ICA
connections are network protocol specific listener ports that are set up on a computer
running Citrix Server. When a client links to a server through an ICA connection, it
establishes an ICA session. The ICA session is an active link that runs on the server until
the user logs off and ends the session. The ICA protocol transports an application’s screens
ADN00061-02 5 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
from the server it is running on to the user’s client device, and returns the user’s input to
the application on the server. As an application runs on a server, MetaFrame Presentation
Server intercepts the application’s display data and uses the ICA protocol to send this data
to the client software running on the user’s client device.
Citrix Management Console and IMA allow management of Citrix servers and server farms
from any location. Authorized administrators can run the console on any connected
Windows NT or above workstation, in addition to Citrix server consoles. Refer to the
section titled Citrix Management Console for a more in-depth look at this tool.
ADN00061-02 6 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Web Interface uses Java object technology executed on a Web server to dynamically
create an HTML-based representation of the Citrix server farm. Every user sees a web
page customized with the applications available in the server farm for that user.
Web Interface includes an application programming interface and a simple wizard. The API
lets you create customized Web server scripts for your environment, while the wizard
creates scripts that you can use or modify according to the Web Interface API. Web
Interface provides complete control over application deployment. Using the Web Interface
API, you can configure all ICA session options without entering any settings at users’
desktops.
ADN00061-02 7 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 8 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
SCENARIO TWO – DATA STORE INTERACTION WITH DATA COLLECTOR AND CITRIX
SERVER
Refer to the following diagram to understand the high-level interaction between the ICA
Client, the Data Store, Data Collector, and the multiple Citrix servers hosting the
application.
Administrator removed the folder Third Party Accounting from SBOIPCTX05 (2). The Data
Collector passes the information to the Data Store (3) which updates the DBMS with the
current information (4).
ADN00061-02 9 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 10 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 11 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Security Certificates
Security Certificates provide Secure Socket Layer encryption between clients and Secure
Gateway services.
ADN00061-02 12 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 13 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 14 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 15 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Session Information Displayed in the Console
Highlight a server displayed in the Servers node to reveal session information for that
server in the right pane. On the tabs that display ICA session information, each row
represents one ICA session. You can click the column headings to sort the information.
When you click the active sort heading, you reverse the sort order. You can rearrange the
information in the table by dragging a column heading to a new position.
ADN00061-02 16 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
USING THE CITRIX MANAGEMENT CONSOLE
Citrix Management Console provides centralized monitoring and management of your
users’ ICA sessions and server information. You can use the console to:
• Monitor ICA sessions according to the published applications and Citrix servers to which
they are connected.
• Send messages to users in active ICA sessions.
• Reset or disconnect sessions and log off users.
• Use shadowing to monitor and remotely control selected sessions.
• Determine information about the Citrix server.
• Determine which applications are published on a server.
ADN00061-02 17 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
2. Review the summary information about the MetaFrame Presentation Server
installation, the server's operating system, and the network on which the server
resides.
ADN00061-02 18 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Reviewing Applications Published on a Citrix Server
1. Select Published Applications in the left pane of a server's Properties page to list all
applications published on the server. Rearrange the columns by clicking on a
column heading and dragging it to the required location.
ADN00061-02 19 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 20 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
2. Select MetaFrame Settings. To disable logons by ICA Client users, clear the
checkbox labeled Enable logons to this server in MetaFrame Settings Control
Options.
ADN00061-02 21 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Allowing Group Access to a Published Application
To allow group access to an application after it has been published, perform the following
steps:
1. Highlight the selected application in the node pane, then right-click your mouse.
Select Properties from the menu.
ADN00061-02 22 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Reviewing which Servers are Hosting Applications
To review which servers are hosting an application, select Servers in the left pane of an
application's Properties page.
Available Servers: The servers that belong to the farm. By default, all servers are
displayed.
Filter Servers By: Opens a dialog box in which you can limit your Available Servers list to
only those servers that support specific features or capabilities.
Configured Servers: This lists the servers that have been selected from the Available
Servers list. These are the servers on which users can run the application.
Edit Configuration: This button is enabled only after one or more servers are selected
from the Configured Servers list. Click this button to open a dialog box in which you can
change the command line and working directory for the application on the selected server.
Refresh Available Servers: Requests an update of configurable servers for the Available
Servers list.
ADN00061-02 23 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 24 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 25 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Session Properties Tabs
ADN00061-02 26 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Disconnecting ICA Sessions
To disconnect an ICA session, highlight the session, right-click your mouse, and choose
Disconnect. When you disconnect a session, you close the connection between the ICA
Client and the Citrix server. However, this does not log off the user, and programs that
were running in the session still run on the server. If the ICA Client user then connects to
the server (by selecting a published application or custom connection to the server), the
disconnected session is reconnected to the client.
Resetting a Connection
Resetting a connection with the Reset command terminates all processes that are running
in that session. You can use the Reset command to remove the remaining processes in the
case of a session error. However, resetting a connection can cause applications to close
without saving data.
ADN00061-02 27 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Connecting to Disconnected Sessions
When an ICA session is disconnected, the word Disconnected appears in the State column
on the tabs in Citrix Management Console where session information appears. You can
connect to a user’s disconnected session by choosing Connect. Your session must be
capable of supporting the video resolution of the disconnected session. From the system
console, you can connect only to sessions that were disconnected from the console.
ADN00061-02 28 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
When you finish typing the message, click OK to send the message to the selected
sessions.
ADN00061-02 29 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
CITRIX FAQ
Information in this FAQ was gleaned from Internet resources using the Citrix environment
in configurations potentially different from the Albertsons Citrix environment. This FAQ is
for informational purposes only and should not be considered a step-by-step instructional
guide for maintaining the Albertsons Citrix farm.
ADN00061-02 30 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
6. If you get a "Cannot connect to Citrix server: The Citrix Server you have selected
cannot be located" for local ICA clients, and a "The MetaFrame server farm reported
an unspecified error." for NFuse clients go to the server and open a command
prompt. Now, type query farm /app to see what the load is like on the server. If
you find that it's maxed out on one or more of the published apps/desktops then
that's the problem - either the server is overloaded OR the load evaluator you are
using on one/more of the apps/desktops is too low. I have recently found an issue
with XPFR2 where one of the settings in the Advanced load evaluator seems to
increment whether or not people are using the server - this ends up with the server
no longer responding to client requests until - eventually - the server decides
everything is OK again. This may take hours or days to do, and a reboot may not
clear the counters either. Then the server may be fine again for a week or month or
more until without warning it seems to die again but without any messages in the
error logs etc. The fix? Detach the evaluator from the server/app. Do the query
farm /app again and check it's OK. FYI I believe that the default load evaluator
does not have this problem.
Note: These files aren't removed after an uninstall so if you want to do a "fresh"
install you need to delete these files. Also, upgrading to a newer
version of the client does not necessarily update the files!
To find out what the various ini settings are, get yourself a copy of
Win32ClientINIFileRef.pdf (Citrix Doc ID CTX14753) and have a bit of a read and
experiment. You can also make changes via the gui client and then check out what
happens to the ini files! Of course as with most things, be careful what you change as you
may end up no longer being able to connect to the server, or perhaps having unreliable
connections or even increased utilization on the server itself - always test first before
distributing it out to all the users.....
To create a default client install that has all the changes you want already setup (eg single
sign on enabled), you need to modify the *.ini and *.src files in the original client
installation directory. Another way of doing this is to modify the files that are in the *.msi
distribution. To find out how to do this, get yourself a copy of Ready_Connect_Client.pdf
(Citrix Doc ID CTX4187) and just follow the instructions.
If you only want to make a few minor changes, then you may find you can do this by
simply adding some command line options when installing the client software (eg "msiexec
/i ica32.msi /qn+ server_location=http://servername enable_sson=yes allow_reboot=no"
). This is discussed in ica_win32_guide.pdf (Citrix Doc ID CTX101283)
Another way of handling things is to write a script that modifies these ini files - this is
useful if you want to update these after the client software has been installed. This is
almost indispensible if you have a large number of clients to manage. A program that a
number of people have been using for some time is "kix" - available from
http://www.kixtart.org . This is a very powerful scripting program that may be fairly
daunting at first, but is also very flexible. Using this you can have the login script check if
it's running on a server or workstation and act accordingly, create or modify the ini files
if/as required, map drives, map printers, etc. Definitely recommended checking out. If you
ADN00061-02 31 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
do a bit of a search (http://www.google.com), you may also be able to find some sample
scripts people have already written that you can modify.
To get you on the track, following is a sample kix script. Basically to use it setup a "clean"
workstation and configure the ICA client as you desire. Now grab the ini files from the
hidden data directory on the workstation - these files will be your standard ini files. The
script copies the default ini files from a shared directory (modify the $TOOLSDIR line to
point to where you store these files) every time a user logs on and then modifies them as
required (eg changes the username). This ensures the files are always correct even if a
user makes some changes to them (if someone has a problem you can then just ask them
to log off & log back on again and everything should be back to normal). It also checks if
it's being run on a server and, if so, exits.
; -----------------------------------------------------------------
; Kixtart Version: Kixtart 2001 V4.20
; -----------------------------------------------------------------
; Note - the following script has been tested on 6.x versions of the ICA
client. It may need to be modified to work properly with different
versions....
BREAK OFF
$VarSet = SetConsole("ALWAYSONTOP")
$Script_version="1.05"
;**********************************************************************
;*** Set proper date format if running on a Citrix server
;**********************************************************************
ADN00061-02 32 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
IF $OS = "CITRIX"
WRITEVALUE ("HKEY_CURRENT_USER\Control Panel\International", "sShortDate",
"dd/MM/yyyy", "REG_SZ")
EXIT
EndIf
;**********************************************************************
;*** Exit if run on a server
;**********************************************************************
;**********************************************************************
;*** Check/update Citrix PN.INI settings - allow for different program
locations
;*** depending on manual installs or OS versions
;**********************************************************************
If Exist("C:\program files\citrix\ica client\pn.ini")
$PNPath = "C:\program files\citrix\ica client"
$Result = UpdatePN($PNPath)
Endif
If Exist("D:\program files\citrix\ica client\pn.ini")
$PNPath = "D:\program files\citrix\ica client"
$Result = UpdatePN($PNPath)
Endif
If Exist($AppDir+"\ICAClient\pn.ini")
$PNPath = $AppDir+"\ICAClient"
$Result = UpdatePN($PNPath)
Endif
;**********************************************************************
;*** Update Citrix INI files with standard and update unique settings
;**********************************************************************
WRITEVALUE ("HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\ICA Client", "ClientName",
"@WKSTA", "REG_SZ")
Function UpdatePN($PNPath)
ADN00061-02 33 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
; Note - the above sets the client name but will not work on win9x
workstations that save the name in an ini file in the root directory of the
workstation.....
COPY $TOOLSDIR+"PN.INI" $PNPath
COPY $TOOLSDIR+"APPSRV.INI" $PNPath
COPY $TOOLSDIR+"WFCLIENT.INI" $PNPath
COPY $TOOLSDIR+"UISTATE.INI" $PNPath
$iniVal=READPROFILESTRING($PNPath+"\PN.INI","Program Neighborhood",
"Username")
$VarSet = writeprofilestring($PNPath+"\PN.INI","Program Neighborhood",
"Username", @userid)
$iniVal=READPROFILESTRING($PNPath+"\APPSRV.INI","WFClient", "LogFileWin16")
$VarSet = writeprofilestring($PNPath+"\APPSRV.INI","WFClient",
"LogFileWin16", $AppDir+"\ICAClient\wfcwin.log")
$iniVal=READPROFILESTRING($PNPath+"\APPSRV.INI","WFClient", "LogFileWin32")
$VarSet = writeprofilestring($PNPath+"\APPSRV.INI","WFClient",
"LogFileWin32", $AppDir+"\ICAClient\wfcwin32.log")
$iniVal=READPROFILESTRING($PNPath+"\APPSRV.INI","WFClient",
"PersistentCachePath")
$VarSet = writeprofilestring($PNPath+"\APPSRV.INI","WFClient",
"PersistentCachePath", $AppDir+"\ICAClient\cache")
$UpdatePN=0 ; nothing to return
EndFunction
;**********************************************************************
;*** OSVersion() - Determines platform runnings - NT4, W2K, XP -
Workstation, Server
;**********************************************************************
Function OSVersion()
$os=""
$os_dos=@dos
$os_product=ReadValue("HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions"
,"ProductType")
$os_productSuite=ReadValue("HKLM\SYSTEM\CurrentControlSet\Control\ProductOpt
ions","ProductSuite")
SELECT
CASE (INSTR(UCASE($os_productSuite), "TERMINAL")) ; - Windows 2K
Terminal Server
$os="CITRIX"
CASE ($os_product <> "WinNT") AND ($os_dos = "5.1") ; - Windows XP
Server
ADN00061-02 34 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
$os="SERVER"
CASE ($os_product = "WinNT") AND ($os_dos = "5.1") ; - Windows XP
Professional
$os="XP"
CASE ($os_product <> "WinNT") AND ($os_dos = "5.0") ; - Windows 2000 -
$os="SERVER"
CASE ($os_product = "WinNT") AND ($os_dos = "5.0") ; - Windows 2000
Professional -
$os="W2K"
CASE ($os_product = "LANMANNT") OR ($os_product = "ServerNT")
$os="SERVER"
CASE $os_product = "WinNT"
$os="NT"
ENDSELECT
$OSVersion=$OS
EndFunction
This is not a comprehensive list of what you can do - for example there are modified
versions of the pn.exe file that allow you to store the ini files in different locations - so for
example you may be able to share them between workstations by storing them in one
location. And let's not even start on what you may be able to do with Novell's Zenworks,
or Microsoft's AD and/or SMS.
HP PRINTER DRIVERS
Most Citrix Engineers have come across the inherent problems with many of the HP print
drivers used within a Terminal Server/Citrix environment (especially the PCL 6 drivers).
The question is how do you address the problem once the cat is out of the bag, and a
faulty print driver has been introduced into your Citrix environment? Or what happens if
your office has standardized on certain models of HP printers, and it is imperative that you
resolve the driver issue for your proposed Citrix solution to fly? There are several options
available, and depending on the size, complexity, and/or design of your environment, you
will need to apply the solution that best fits for your needs:
1. Redirect the new faulty driver to a known good driver
There is a solution that exists for Terminal Server 4.0 that involves driver redirection. In
this solution, if an attempt is made by an ICA client to map a driver that you are aware to
be problematic, the server can use an INF file to map an alternate, compatible driver
instead. The INF file that the server uses for this purpose is the WTSUPRN.INF file (You’ll
probably find this file as a text file within the server’s WTSRV\SYSTEM32 directory). Citrix
has published an article pertaining to this problem (Citrix document ID: CTX626451). I
contacted Citrix, and their official recommendation is to use solely the print drivers which
came included with Terminal Server. Any newly released printers added to a Terminal
Server environment, should have a redirection performed on the new print driver pointing
to an older, compatible driver. This does not mean that that every new print driver
developed will not work on Terminal Server, just that Citrix cannot guarantee it. If you
ADN00061-02 35 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
need to use a new print driver in your environment, follow Citrix Engineer's advice, load it
on a test environment before releasing it into your production environment. Microsoft also
has an article # Q221509 discussing this issue. The article can be accessed through the
following link:
http://support.microsoft.com/support/kb/articles/Q221/5/09.ASP?LN=EN-
US&;SD=gn&FR=0&qry=Q221509&rnk=1&src=DHCS_MSPSS_gn_SRCH&SPR=NTS
2. Remove the driver all together.
This option does involve Registry tinkering, so approach this solution with caution.
Windows NT Terminal Server lists its loaded print drivers within the
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\ENVIRONMENTS\ WINDOWS NT
x86\DRIVERS\VERSION-2 Key (W2K3: Version-3 Key). Within this key, you can perform
the following:
• Document the files associated with the driver that are listed within the registry key
(printscreen usually works nicely)
• Delete the associated key
• Stop the spooler service and set startup to manual
• Reboot the machine
• Delete the files associated with the driver within the
system32\spool\drivers\w32x86\2, or 3 folder
• Map to TSE drivers found in Citrix Document CTX626451
3. Prevent Terminal Server from installing print drivers from print servers.
There may be times that a client’s default printer is a network printer created on a
dedicated print server. In this event, when the client connects to a Citrix server, server will
attempt to download this driver from the Print Server directly. At times, this is not
desirable as the driver may function fine for direct prints from Windows 95 stations, but is
problematic off of Terminal Server environments. In this case, you can add a registry key
onto Terminal Server to instruct it to solely install print drivers located within a trusted
share that is specified. The Microsoft article # Q239536 discussing this issue can be found
on the following link:
http://support.microsoft.com/support/kb/articles/Q239/5/36.ASP?LN=EN-
US&;SD=gn&FR=0&qry=Q239536&rnk=1&src=DHCS_MSPSS_gn_SRCH&SPR=NTS
In Windows NT you can install printer drivers from a trusted share, rather than from the
remote print server to which your print service is connected.
MORE INFORMATION
WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to
reinstall your operating system. Microsoft cannot guarantee that problems resulting from the
incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
For information about how to edit the registry, view the "Changing Keys and Values" Help topic in
Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit
Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you
edit it. If you are running Windows NT or Windows 2000, you should also update your Emergency
Repair Disk (ERD).
ADN00061-02 36 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
WHAT ARE ROAMING FILES AND HOW DO THEY WORK? <NEEDS
UPDATE-PLACEHOLDER>
I'm going to assume Windows NT4 TSE with MetaFrame 1.8 for this document, since, at
the time of writing, it is the most common platform. The principles are the same for
WinFrame, Windows 2000 or XP and MetaFrame XP, but the tools used and some file
locations are different.
The most effective form of profile for most businesses is the roaming profile. These can be
easily implemented, and allow for a wide range of administrator control over user activity
when combined with system policies. The added advantage is that roaming profiles can be
made mandatory, thus allowing for even tighter control. This is of obvious benefit to
educational establishments or public access kiosks.
In the ideal setup, the server holding the users' profiles will be separate to the MetaFrame
server. This central profile store is not to be confused with the locally cached profiles to be
found in %systemroot%\profiles (%systemroot%\Documents and Settings on Windows
2000). It is simply set up by sharing a folder (eg called "profiles") from a file server. For
preference, this folder should be in the root.
To utilize this share, go to Server Manager on the File Server (located in Administrative
Tools\Common), and, under the Computer menu, select Shared Directories. Create a New
share to the folder you have created, and set the Permissions to allow your MetaFrame
users Read and Write access.
Next, log in as the Domain Administrator on one of your MetaFrame servers. In User
Manager for Domains, click on the Profile button for the users you wish to assign roaming
profiles. In the Terminal Server Profile Path (if you are not on a Terminal Server you will
not see this box!), enter the path to your share, including the %username% variable eg
\\myserver\profiles\%username%.
When the user first logs onto a Terminal Server, he/she will get a copy profile from the
Default User profile on that Terminal Server. If this profile is wrong, then the administrator
must amend it in one of two ways.
1. The Default Users' ntuser.dat can be loaded into the Registry and edited directly.
This is not my favorite option, since all manner of things could go wrong - and it's
time-consuming.
2. Create a new user with administrator rights, log in *(see note below) and modify
the profile until it is as generic as it can be (ie don't set an Outlook profile, or all
users will get that Outlook profile!) and then log out. Copy ntuser.dat from that
user to the Default User, and all users will get identical settings the first time they
log in. ++(see How It Works below)
Here are several tips to consider before you log in as the new default user:
1. Stop Internet Explorer from going through its initial routines by editing the
following registry key; HKCU\Software\Microsoft\Active Setup\Installed
Components - delete everything below this subkey (ie leave the Installed
Components key intact).
2. Stop My Briefcase from appearing by adding HKCU\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\RunSyncApp REG_DWORD 0, and rename the file
%systemroot%\System32\syncapp.exe to syncapp.old
3. Use System Policies to lock down access to "dangerous" applications, and to remap
user file paths to other shares on the File Server. Files stored inside roaming
ADN00061-02 37 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
profiles can cause "profile bloat", which leads to excessive login times and other
user problems. Give the user appropriate permissions, and test your new roaming
profile by logging on as that user from a variety of clients at different locations.
To make the profile mandatory, simply rename the ntuser.dat of that user in the central
profile store to ntuser.man. If it will be mandatory that the user reads the profile from the
server, and if logon will be denied unless this is the case, add the extension .man to the
User Profile path; for example:\\myserver\myshare\mydomainuser.man (From Microsoft's
whitepaper, part 2. http://support.microsoft.com/support/kb/articles/Q185/5/87.ASP.
ADN00061-02 38 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
OUTLOOK HAS TROUBLE OPENING HTML FILES
1. Open Regedit.
2. Navigate to the ddeexec registry subkey under the following registry
key:
HKEY_CLASSES_ROOT\htmlfile\shell\opennew
3. Click the ddeexec registry subkey and then delete it.
4. Navigate to the command registry subkey under the following registry
key:
HKEY_CLASSES_ROOT\htmlfile\shell\opennew
5. Double click the Default value in the right hand pane.
6. Make sure the string looks exactly like the following, including the quotation
marks, and assuming that is where IE is installed:
"C:\Program Files\Internet Explorer\iexplore.exe" %1
7. Click OK.
8. Close the Registry Editor.
9. Restart Outlook and the attachment file opens correctly.
ADN00061-02 39 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
CITRIX TROUBLESHOOTING
TROUBLESHOOTING BY TOPIC
Printing
QUESTION
How can I resolve printer problems, particularly auto-created, which may also be causing
spontaneous server reboots?
ANSWER
Your situation is almost universal in the WIN NT 4.0 sp 6 METAFRAME 1.8 environment.
There are a few issues here:
Printing generally and auto-created printers specifically just simply do not work as they
should. To get it to work as well as possible:
1. Never use any printer driver that is not on the WINDOWS NT TSE
INSTALLATION CD.
2. Whenever possible configure network printers rather than allowing
autocreation of printers.
3. It is vitally important to follow these rules. Otherwise you will have
occurrences of: printing failure necessitating restart of the spooler;
occasional server crashes (sometimes when an autocreated printer with
an improper driver auto-purges) and occasional profound server
slowdowns.
QUESTION
Where can I find good documentation on printing for Citrix?
ANSWER
http://www.thethin.net/helps.cfm#print
http://www.metaframebook.com - chapter 6 is all about printing.
http://knowledgebase.citrix.com/cgi-bin/webcgi.exe?New,KB=CitrixKB
http://www.its.esker.fr/Documents/990701003W.htm
Citrix Knowledge Base Document Numbers:
CTX681954
CTX631387
CTX366945
CTX668903
CTX871608
CTX626451
CTX458114
http://www.printingsupport.com - site dedicated to Citrix printing.
http://www.dabcc.com/pc/
ADN00061-02 40 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
PROBLEM
Desktop printer does not appear within Citrix.
POSSIBLE CAUSE
Printer is not recognized by the application server.
SOLUTION
Log a job to _____________________ to have the printer driver installed on the
application server. Specify the printer driver name precisely as it is on the desktop.
Dropped Connections
QUESTION
We have an external client for whom we provide reporting via an Access DB. This is setup
as a Citrix app, which is then accessed through our secure web site using the Citrix ICA
Client (version 7).
This client has been accessing these reports without problems for sometime now.
However, now when they try to launch the database they get the Citrix "Connecting to..."
dialog for a few seconds, then it disappears and the Citrix icon disappears from the system
tray.
I know that having a large amount of temporary internet files sometimes causes strange
problems, so I got them to delete these, but no change.
ANSWER
Connection wasn't completing, and app was therefore not loading. No error was returned.
Removing and re-installing client software fixed problem.
ADN00061-02 42 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ADN00061-02 43 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Client Printer Mapping The feature that enables applications running on the Citrix
server to send output to printers configured on the client device.
Client Update Database The database Citrix servers use to automatically update ICA
Clients. It contains copies of the clients themselves and configuration information about
how to perform the updates.
Connection Control The feature that allows you to set a limit on the number of
connections that each user can have simultaneously in the server farm. You can also limit
the number of concurrent connections to specified published applications, and you can
prevent users from launching more than one instance of the same published application.
Connection License A license that enables ICA connections between a client device and
a Citrix server farm. Connection license counts can be assigned to specific servers; they
are automatically pooled among all servers in the farm.
Content Publishing This feature allows you to publish document files, media files, Web
URLs, and any other type of file from any network location. Icons for published content
appear in Program Neighborhood, on the desktop, and on the user’s Web Interface logon
page. Users can double-click published content icons to access content in the same way
they access published applications.
Content Redirection This feature allows administrators to specify whether ICA Clients
open published content, applications, browsers, and media players locally or remotely.
There are two types of content redirection: from server to client and from client to server.
CPU Prioritization The feature that allows you to assign each published application in
the server farm a priority level for CPU access. This feature can be used to ensure that
CPU-intensive applications in the server farm do not degrade the performance of other
applications.
Data Store An ODBC-compliant database used by a Citrix server farm. The data store
centralizes configuration information about published applications, users, printers, and
servers. Each Citrix server farm has a single data store.
Disconnected Session An ICA session in which the ICA Client is no longer connected to
the Citrix server, but the user’s applications are still running. A user can reconnect to a
disconnected session. If the user does not do so within a specified time-out period, the
Citrix server automatically terminates the session.
Display Name A name you specify when you publish an application. The display name
appears in the newer Program Neighborhood client and in Application folders in the
Management Console for Citrix. You can also choose to use the display name in the Web
Interface for Citrix.
Dynamic Store A data store that contains frequently updated configuration data such as
application load and license usage information. A server farm replicates dynamic store
information across multiple servers.
ICA Independent Computing Architecture The architecture that Citrix uses to
separate an application’s logic from its user interface. With ICA, only the keystrokes,
mouse clicks, and screen updates pass between the client and server on the network,
while 100% of the application’s logic executes on the server.
ICA Protocol The protocol that ICA Clients use to format user input (keystrokes, mouse
clicks, and so forth) and address it to Citrix servers for processing. Citrix servers use it to
format application output (display, audio, and so forth) and return it to the client device.
ADN00061-02 44 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
ICA Client Creator The Citrix server utility you use to create disks from which you can
install ICA Clients and the ICA File Editor on a wide range of client devices.
ICA Connection The logical port used by an ICA Client to connect to, and start a session
on, a Citrix server. 1. An ICA connection is associated with a network connection (such as
TCP/IP, IPX, SPX, or NetBIOS) or a serial connection (modems or direct cables). 2. The
active link established between an ICA Client and a Citrix server.
Independent Management Architecture (IMA) Citrix’s server-to-server infrastructure
that provides robust, secure, and scalable tools for managing any size server farm. Among
other features, IMA enables centralized platform-independent management, an ODBC-
compliant data store, and a suite of management products that plug in to the Management
Console.
License Pooling A feature of Citrix servers that enables you to combine license counts of
product and connection licenses into a common license pool for a server farm. All license
counts are pooled by default. Assigning a license count to a server removes it from the
pool.
Load Management A feature of Citrix that enables management of application loads.
When a user launches a published application that is configured for load management, that
user’s ICA session is established on the most lightly loaded server in the farm, based on
criteria you can configure.
Pass-Through Authentication When you enable pass-through authentication for the
Management Console for Citrix, the console uses your local user credentials from the
server on which the console is running. You can log on without re-entering credentials.
Users can also enable Pass-Through Authentication in ICA Clients that support this feature.
Pass-through Client An ICA Client installed on a Citrix server so that users of every ICA
Client platform can access published applications by connecting to them through Program
Neighborhood as a published application.
Policies Policies are used to apply Citrix settings, for client device mapping, for example,
to specific users or user groups. They override similar Citrix settings configured farm-wide,
at the server level, or on the ICA Client.
Product Code A nine-character string that identifies a Citrix server product.
Program Neighborhood The user interface for the ICA Win32 Program Neighborhood
Client, which lets users view the published applications they are authorized to use in the
server farm. Program Neighborhood allows access to application sets and custom ICA
connections.
Published Application An application installed on a Citrix server or server farm that is
configured for multi-user access from ICA Clients. With Load Manager, you can manage
the load for published applications among servers in the server farm. With Program
Neighborhood and the Web Interface for Citrix, you can push a published application to
your users’ client desktops.
Relay Listening Port The TCP port on the Citrix server that the Citrix SSL Relay
monitors for data from a Web server.
Session Tickets The Secure Ticket Authority servers are responsible for issuing session
tickets in response to connection requests for published resources. These session tickets
form the basis of authentication and authorization for access to published resources in the
Citrix server farm.
ADN00061-02 45 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Remote Node A client device that can connect to a LAN or WAN with a modem and
additional software, such as Microsoft’s Dial-Up Networking. When connected, the device
has access to the same network resources as any other node in the network, but is still
subject to bandwidth limitations and modem performance.
Seamless Window One of the settings you can specify for the Window Size property of a
published application. If a published application runs in a seamless window, the user can
take advantage of all the client platform’s window management features, such as resizing,
minimizing, and so forth.
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) A standards-based
architecture for encryption, authentication, and message integrity. It is used to secure the
communications between two computers across a public network, authenticate the two
computers to each other based on a separate trusted authority, and ensure that the
communications are not tampered with.
Serial Number An alphanumeric string that you enter in the Management Console to
receive a license number for the software installed on a server.
Server Farm A group of Citrix servers managed as a single entity, with some form of
physical connection between servers and a database used for the farm’s data store.
Server-based Computing Citrix’s model for computing where applications are published
on centralized servers, or server farms, and users access and run those applications from
remote client devices. Server-based computing differs from traditional client-server
computing in that all the application logic executes on the host, consuming less network
bandwidth and requiring far fewer client resources.
Session ID A unique identifier for a specific ICA session on a specific Citrix server.
Shadow Taskbar The taskbar on a Citrix server desktop that you can use to shadow
multiple users and to quickly switch between shadowed sessions.
Shadowing A feature of Citrix servers that enables an authorized user to remotely join or
take control of another user’s ICA session for diagnosis, training, or technical support.
SOCKS SOCKS is a protocol for secured TCP communications through a proxy server.
SpeedScreen Browser Acceleration The feature that provides substantial performance
enhancements for users running HTML-capable applications, such as Internet Explorer,
published on Citrix servers. SpeedScreen Browser Acceleration requires less bandwidth
and allows users running ported applications to interact with the browser while graphically-
rich pages or largeimages are being downloaded.
SpeedScreen Latency Reduction A combination of technologies implemented in ICA
that decreases bandwidth consumption and total packets transmitted, resulting in reduced
latency and consistent performance regardless of network connection.
Universal Printing When you use Citrix Universal Printing you do not need to install and
duplicate a potentially large set of native printer drivers in your server farm. The universal
printer drivers can replace multiple native printer drivers that would otherwise be needed
in diverse printing environments. Later ICA clients can work with universal drivers
depending on the client device’s version and platform.
User-to-User Shadowing The feature that allows users to shadow other users without
requiring administrator rights. Multiple users from different locations can view
presentations and training sessions, allowing one-to-many, many-to-one, and many-to-
many online collaboration.
ADN00061-02 46 10/26/2006
Confidential and Proprietary to Albertsons, Inc.
MIDDLEWARE SERVICES CITRIX OPERATIONS GUIDE
Web-based ICA Client Installation A Web-based method for deploying ICA Client
software to users. You construct an ICA Client download Web site that users access to
download the ICA Client for their client devices.
Windows-Based Terminal (WBT) A fixed-function thin-client device that can run
applications only by connecting to a Citrix application server. WBTs cannot run applications
locally.
Zone A logical grouping of Citrix servers, typically related to the underlying network
subnets. All Citrix servers in a zone communicate with the Citrix server designated as the
data collector for the zone.
Zone Data Collector A Citrix server that stores dynamic data for one zone in a Citrix
server farm.
ADN00061-02 47 10/26/2006
Confidential and Proprietary to Albertsons, Inc.