Citrix Xenserver: Poolmaster is down or Crashed!

It’s 3 O’Clock in the morning, do you know where your Xenserver Poolmaster is? Your client calls you frantic, and you start a GoToMeeting to see what’s wrong. If it’s down, this could have been the result of a few issues. Maybe there was a network glitch which resulted in the Citrix XenServer Poolmaster fencing itself from the rest of the farm. This can also result during a power outage, or other catastrophic failure. This is the normal defense mechanism built into Xenserver, and in the consulting world we see this type of scenario often. You can’t simply reboot the Poolmaster to bring it online. Restarting the toolstack will do you no good. There is a complex process that must be followed, so let’s discuss it -

How do I know if my Poolmaster is down?

If you’ve tried to connect to the pool from the Xencenter console, and it failed – your Poolmaster may be down. Verify this by dropping to a command prompt and issue a command like “Xe host-list” to see if you get a coherent response. If you get an error message like ““Cannot perform operation as the host is running in emergency mode” – then your Poolmaster is almost certainly down.

Posted in XenServer | Leave a comment

Should a Citrix Tech be a W2 Employee, or a 1099 Contractor?

I get asked this question by friends in the business often, and while I’m not a tax attorney – I’d be happy to give my thoughts on the topic.

Citrix Consultants are some of the most highly paid, sought after engineers in the industry right now.  Most companies are offering Citrix techs one of two options.  First – you can be a traditional W-2 employee, where the company will pay for a percentage of your benefits and pay half of your social security taxes. Alternatively, you can be a 1099 contractor – which means that you will be responsible for paying 100% of your social security taxes, along with for your benefits.

Advantages of the W-2 status:

Posted in Cloud Computing, General Citrix | 1 Comment

Case Study: Citrix SMA Service Failed To Start after Roll-up 7 install

I ran into an interesting case the other day with a client, so thought I would share it with the community.

Software: Presentation Server 4.5 (Roll up 5), Server 2003

Problem: Client complained of issue with installing roll-up pack 7 for presentation server.  He was upgrading from the roll-up 5 level.  After the install was completed for roll-up 7, his Citrix SMA service failed to start.  He got 2 different errors, one said to check the permissions on the account.  The other error said that the service started, but immediately stopped — possibly because it had nothing to do.

Posted in Xenapp | Leave a comment

Case Study: Microsoft Fax with App Published over Citrix Xenapp

How much should you be saving on Health Insurance?

Software: Citrix Xenapp 6, Microsoft Fax Server

Problem:  Client reported that he was trying to use the Microsoft fax application installed locally on the client PC when a user attempted to print to the fax driver via a Citrix published application.  The published application used for testing was Notepad.

The Microsoft fax application was kicked off appropriately when the client attempted to print through notepad and pointed to the fax driver associated.  Instead of retaining the settings and connection to the fax server like it did when launched locally, the fax application prompted for user to complete the setup wizard.

Posted in Xenapp | Leave a comment

Citrix Profile Design and Considerations…

How much should you be saving on Health Insurance?

Profile design for Citrix implementations has been a hotly contested debate for some time.  Citrix consultants usually find themselves walking into a customer environment that was set up years before, and having to troubleshoot the current environment.  Because we often have no control over what the current Citrix farm is using for profiles, I’ve devised a troubleshooting process that seems to work well for Citrix profiles, which I’ll include in a later blog, but for now I want to cover Citrix profile design.

According to Citrix, In a XenApp environment, Terminal Server profiles behave as follows:

Local Profiles Local profiles are stored on each farm server and are initially created based on the default user profile. A user accessing applications in a load-managed XenApp farm creates an independent profile on each server. Users can save changes to their local profile on each individual server, but changes are only available to future sessions on that server. Local profiles require no configuration; if a user logging onto a XenApp server does not have a profile path specified, a local profile is used.Although local profiles are the default, Citrix does not recommend using them because profiles are created for each user on every server to which they have connected, which leads to an inconsistent user experience.
Roaming Profiles Roaming profiles are stored in a central location for each user. The information in roaming profiles, such as a printer or a registry setting, is available to all XenApp servers in the environment. To configure a user for a roaming profile, you specify the user’s Terminal Server Profile Path to a particular location on a file server. The first time the user logs on to a XenApp server, the default user profile is used to create the user’s roaming profile. During logoff, the profile is copied to the specified location on a file server.
Mandatory Profiles Mandatory profiles are stored in a central location for each user. However, the user’s changes are not retained on logoff. To configure a user for a mandatory profile, you create a mandatory profile file (NTUSER.MAN) from an existing roaming or local profile, and assign the users’ Terminal Services profile path to the location where the file can be accessed.Citrix recommends, where feasible, using mandatory profiles if they address the defined requirements.
Multiple Profiles Multiple profiles combine two or more of the profile types (local, roaming, or mandatory) for the same user. Multiple profiles are useful in environments with load-managed groups or application silos. For example, in a XenApp farm with two load-managed groups serving SAP and Microsoft Office, you can configure users with a mandatory profile for the SAP servers and a roaming profile for the Microsoft Office servers. Multiple profiles are also useful for farms that span WAN connections, so that profiles can be accessed from local file servers.Multiple profiles are more complex to administer and maintain and are not widely used.


Posted in General Citrix, Xenapp, XenDesktop | Leave a comment

Citrix GoToMeeting – The best virtual meeting software!

As a Citrix consultant, I have worked with clients based all over the world.  In the modern age, it’s both unrealistic and unnecessarily expensive to require your Citrix support team to travel to your location in order to troubleshoot your Citrix farm.  Thankfully there are several remote access tools available to help you get the job done, and I’m convinced that GoToMeeting is the best for these reasons:

1). GoToMeeting is a Citrix Product.

If you’ve ever had a Citrix troubleshooting session turn into an uplifted call to Citrix Support – then you already know the benefit of using GoToMeeting.  Because it’s a Citrix product, you’ll have no problem getting Citrix support engineers to join your existing meeting.  Some other products like WebEx or Virtual Classroom may or may not work with Citrix Support, so GoToMeeting is the clear choice if there is ever the possibility that you’ll need to bring Citrix support onto one of your sessions.

Posted in Telecommuting | Leave a comment

Citrix Licensing Server: A Troubleshooting Process

How much should you be saving on Health Insurance?

Citrix licensing still isn’t perfect, but it’s gotten better with each revision.  Occasionally I still talk with Citrix Techs who run into licensing server issues with Citrix.  A Citrix license server may run fine for 5 years, and suddenly break down.  For this reason, I’ll provide a simple troubleshooting process I have established for dealing with these issues.

First, let’s take a look at the wide variety of Citrix licensing error codes you may encounter:

Error Code Description
-1 Cannot find license file.
-2 Invalid license file syntax.
-3 No server for this feature.
-4 Licensed number of users already reached.
-5 No such feature exists.
-6 No TCP/IP port number in license file and FLEXlm service does not exist. (pre-v6 only)
-7 No socket connection to license manager service.
-8 Invalid (inconsistent) license key or signature. The license key/signature and data for the feature do not match. This usually happens when a license file has been altered.
-9 Invalid host. The hostid of this system does not match the hostid specified in the license file.
-10 Feature has expired.
-11 Invalid date format in license file.
-12 Invalid returned data from license server.
-13 No SERVER lines in license file.
-14 Cannot find SERVER host name in network database. The lookup for the host name on the SERVER line in the license file failed. This often happens when NIS or DNS or the hosts file is incorrect. Workaround: Use IP address (e.g., 123.456.789.123) instead of host name.
-15 Cannot connect to license server. The server (lmgrd) has not been started yet, or the wrong port@host or license file is being used, or the TCP/IP port or host name in the license file has been changed.
-16 Cannot read data from license server.
-17 Cannot write data to license server.
-18 License server does not support this feature.
-19 Error in select system call.
-21 License file does not support this version.
-22 Feature checkin failure detected at license server.
-23 License server temporarily busy (new server connecting).
-24 Users are queued for this feature.
-25 License server does not support this version of this feature.
-26 Request for more licenses than this feature supports.
-29 Cannot find ethernet device.
-30 Cannot read license file.
-31 Feature start date is in the future.
-32 No such attribute.
-33 Bad encryption handshake with daemon.
-34 Clock difference too large between client and server.
-35 In the queue for this feature.
-36 Feature database corrupted in daemon.
-37 Duplicate selection mismatch for this feature. Obsolete with v8.0+ vendor daemon.
-38 User/host on EXCLUDE list for feature.
-39 User/host not on INCLUDE list for feature.
-40 Cannot locate dynamic memory.
-41 Feature was never checked out.
-42 Invalid parameter.
-47 Clock setting check not available in daemon.
-52 FLEXlm vendor daemon did not respond within timeout interval.
-53 Checkout request rejected by vendor-defined checkout filter.
-54 No FEATURESET line in license file.
-55 Incorrect FEATURESET line in license file.
-56 Cannot compute FEATURESET data from license file.
-57* socket() call failed.
-59 Message checksum failure.
-60 Server message checksum failure.
-61 Cannot read license file data from server.
-62 Network software (TCP/IP) not available.
-63 You are not a license administrator.
-64 lmremove request before the minimum lmremove interval.
-67 No licenses to borrow.
-68 License BORROW support not enabled.
-69 FLOAT_OK can’t run standalone on SERVER.
-71 Invalid TZ environment variable.
-73 Local checkout filter rejected request.
-74 Attempt to read beyond end of license file path.
-75* SYS$SETIMR call failed (VMS).
-76 Internal FLEXlm error—please report to Macrovision.
-77 Bad version number must be floating-point number with no letters.
-82 Invalid PACKAGE line in license file.
-83 FLEXlm version of client newer than server.
-84 USER_BASED license has no specified users – see server log.
-85 License server doesn’t support this request.
-87 Checkout exceeds MAX specified in options file.
-88 System clock has been set back.
-89 This platform not authorized by license.
-90 Future license file format or misspelling in license file. The file was issued for a later version of FLEXlm than this program understands.
-91 ENCRYPTION_SEEDS are non-unique.
-92 Feature removed during lmreread, or wrong SERVER line hostid.
-93 This feature is available in a different license pool. This is a warning condition. The server has pooled one or more INCREMENT lines into a single pool, and the request was made on an INCREMENT line that has been pooled.
-94 Attempt to generate license with incompatible attributes.
-95 Network connect to this_host failed. Change this_host on the SERVER line in the license file to the actual host name.
-96 Server machine is down or not responding. See the system administrator about starting the server, or make sure that you’re referring to the right host (see LM_LICENSE_FILE environment variable).
-97 The desired vendor daemon is down. 1) Check the lmgrd log file, or 2) Try lmreread.
-98 This FEATURE line can’t be converted to decimal format.
-99 The decimal format license is typed incorrectly.
-100 Cannot remove a linger license.
-101 All licenses are reserved for others. The system administrator has reserved all the licenses for others. Reservations are made in the options file. The server must be restarted for options file changes to take effect.
-102 A FLEXid borrow error occurred.
-103 Terminal Server remote client not allowed.
-104 Cannot borrow that long.
-106 License server out of network connections. The vendor daemon can’t handle any more users. See the debug log for further information.
-110 Dongle not attached, or can’t read dongle. Either the hardware dongle is unattached, or the necessary software driver for this dongle type is not installed.
-112 Missing dongle driver. In order to read the dongle hostid, the correct driver must be installed. These drivers are available at or from your software vendor.
-113 Two FLEXlock checkouts attempted. Only one checkout is allowed with FLEXlock-enabled applications.
-114 SIGN= keyword required, but missing from license. This is probably because the license is older than the application. You need to obtain a SIGN= version of this license from your vendor.
-115 Error in Public Key package.
-116 CRO not supported for this platform.
-117 BORROW failed.
-118 BORROW period has expired.
-119 lmdown and lmreread must be run on license server machine.
-120 Cannot lmdown the server when licenses are borrowed.
-121 FLOAT_OK license must have exactly one dongle hostid.
-122 Unable to delete local borrow info.
-123 Support for returning a borrowed license early is not enabled. The vendor must have enabled support for this feature in the vendor daemon. Contact the vendor for further details.
-124 An error occurred while returning a borrowed license to the server.
-125 Attempt to checkout just a PACKAGE. Need to also checkout a feature.
-126 Error initializing a composite hostid.
-127 A hostid needed for the composite hostid is missing or invalid.
-128 Error, borrowed license doesn’t match any known server license.


Posted in General Citrix | Leave a comment

Citrix Xenapp 6: Locked out of the Citrix Discovery Services Console!

How much should you be saving on Health Insurance?

If you’ve locked yourself out of the Citrix DSC, you’ve done the equivalent of locking your keys in the car while it’s running.  You may have done this inadvertently as a result of changing domains, or this could have happened because you had a single domain controller in your environment – and it crashed unrecoverable.  When you stood up the new domain controller, you were able to create all of the same accounts, but the SID’s are now different – so you’re not going to be able to get into the Citrix discovery services console.  You’re locked out and you need a back door – what do you do?

If you’ve simply forgotten what the user account is that was put into the console as a Citrix Administrator, you can query the datastore directly using DSVIEW by following the instructions in CTX112851.

If you are in much worse trouble as mentioned above, there is a process you can follow to insert the local administrator account from the server into the datastore as a valid Citrix administrator account.

Posted in Xenapp | Tagged | Leave a comment

Citrix Xenapp: Troubleshooting Printing Problems & Issues

For many years, printing has been the bane of the Citrix tech’s existence.  You work hard to put together a successful Citrix farm, carefully virtualizing applications and meeting user needs – but everything goes to pieces when the users try to print.  Citrix printing issues can usually be categorized into one of four categories:  Citrix issues, Print Driver Issues, Universal Print Driver Issues, or Application problems. Let’s take a look at a few common printer related trouble calls that a Citrix tech may receive:

How should printers be deployed in the environment?

In the old days, you would commonly deploy printers through a complex login script if you did anything at all.  Keep in mind that deploying printers with a login script can cause slow logins – See my other blog:

Posted in Xenapp | 4 Comments

Citrix Xenapp: Applications Won’t Launch!

When applications won’t launch in Citrix Xenapp or Presentation Server, you can get a multitude of error messages.  Most are guaranteed to tell you little to nothing about the actual cause of the issue.  Sometimes the app will appear to launch, and then nothing will happen.  Error codes can range from SSL Error codes 1-29, or more generic errors like “There is no Xenap server available”.   What can cause applications not to launch through the Citrix Web Interface?  Let’s take a look at a few possible causes…

Citrix Secure Gateway or Netscaler in the way? Maybe a firewall problem?

Does the problem exist only for external users coming in from the Internet, or does it also impact internal users?  You can usually test for this pretty well by installing the Citrix client directly on your web interface server.  If you can connect directly to the WI from itself and launch applications on itself, but you get errors when coming in from outside – chances are, you are dealing with a CSG or Netscaler issue.  Make sure that the CSG passes its internal diagnostic tests, and make sure the Netscaler has a valid route through to the Web Interface and each Xenapp server in the farm.  Make sure that the STA servers used on the Netscaler match exactly the STA servers specified on the Web Interface. Sometimes the network team can make a change to the inside facing firewall on the DMZ, and your users will suddenly experience the inability to launch applications via Citrix.  Remember that traffic must be able to pass on 1494 or 2598 (Depending on if you are using session reliability).

Posted in Xenapp | 1 Comment