ThinList Blog

Thursday, December 4, 2008

[THIN] Re: Communication problem?

Thanks for this you were total correct.

Regards,
Doug Stratton, Shared Service BC
Service Desk Email: 77000@gov.bc.ca
Service Desk Tel: (250)387-7000

-----Original Message-----
From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On
Behalf Of Pat Coughlin
Sent: December 3, 2008 2:23 PM
To: thin@freelists.org
Subject: [THIN] Re: Communication problem?

Are all your servers at the same citrix hotfix level? I have seen this
issue when the server hosting the cps console was at a higher hotfix
level than the box I was looking at.

Pat Coughlin

- Original message -
We are attempting to setup a couple of citrix PS 4.5...

On 12/3/08, Stratton, Doug ISMC:EX <Doug.M.Stratton@gov.bc.ca> wrote:
> We are attempting to setup a couple of citrix PS 4.5 servers (w2k3) in

> an existing test farm.
>
> We have added the servers and everything seems to work (published
> apps,
> logon...) except for the following:
>
> Servers are reporting down when we look in the CPS Console.
> Odd thing is that in the Access Suite console I can view the
Resource
> manager logs and it is reporting Resource Manager Metrics in there.
> When we look at the Resource Manager tab for the "folder they are in"
> they go from Loading... to Down to OK but if we double click on one of

> them it goes to the Resource Manager Tab for the server and reports
> Server down.
> If I rightclick on the server and select Resource Manager Server Log I

> get this error: An error occurred while retrieving the server log from

> the server XXXXXX. This may be due to network error.... Error code
> c0160ae3 (reviewing this http://support.citrix.com/article/CTX101581
> but not applicable to this version, and this
> http://support.citrix.com/article/CTX104005)
>
> Other servers in the farm are reporting fine.
>
> I tried disabling firewall. (did not do a reboot but restarted IMA)
> did not seem to make and difference.
> Checked some rights which are set via GP. Made some changes, based on

> document on Citrix site which identifies local accounts and rights,
> but did not seem to make a dif and another server in another 4.5 farm
> has the same rights and no issue.
>
> Any Idea what could be going on?
> Regards,
> Doug Stratton, Shared Service BC
> Service Desk Email: 77000@gov.bc.ca
> Service Desk Tel: (250)387-7000
>
>
>

--
Sent from Gmail for mobile | mobile.google.com
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation
mode use the below link:
http://www.freelists.org/list/thin
Follow ThinList on Twitter
http://twitter.com/thinlist
Thin List discussion is now available in blog format at:
http://thinmaillist.blogspot.com
Thinlist MOBILE Feed
http://thinlist.net/mobile
************************************************
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://www.freelists.org/list/thin
Follow ThinList on Twitter
http://twitter.com/thinlist
Thin List discussion is now available in blog format at:
http://thinmaillist.blogspot.com
Thinlist MOBILE Feed
http://thinlist.net/mobile
************************************************

[THIN] Re: Best AntiVirus for Citrix

Thank you for that info. I had a whitepaper on eTrust 6.x that talked about this and I had used for 7.x.

How has the new 8.x licensing server worked for you? I have a few executives that have company owned desktop computers but are not part of the network. I’m at a loss as to how these computers would make use of a licensing server.

Thank you who responded to this topic.

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

This e-mail, and any attachments thereto, contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended only for the use of the addressee(s) named herein. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me at 954-558-0198 and permanently delete the original, including any attachments thereto, and any copy or printout thereof.

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of George Wasgatt
Sent: Thursday, December 04, 2008 10:35 AM
To: thin@freelists.org
Subject: [THIN] Re: Best AntiVirus for Citrix

We upgraded to eTrust 8.x and were told by CA to exclude certain directories/files on the Citrix servers from scanning to avoid impacting performance. I do not know if they recommended the same exceptions for 7.1. Those exceptions are:

x:\Pagefile.sys

X:\program files\citrix

X:\windows\system32\spool

Since the upgrade we have not encountered any Citrix specific issues with the product.

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Matthew Shrewsbury
Sent: Thursday, December 04, 2008 10:00 AM
To: thin@freelists.org
Subject: [THIN] Best AntiVirus for Citrix

I’m just about to purchase a new AntiVirus product. I am running CA eTrust AV 7.1 which is now end of life. I’m running older 2003 servers so I need an AV product that won’t slow the Citrix servers down and is easy to deploy. Could go with the new 8.x version of eTrust but is there anything better? Any suggestions?

Thanks,

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

[THIN] Re: OT: VMWare backups

That sounds really smart but for a non-linux guy like myself I don’t think I could make it work. Veeam gives me a GUI that I know how to use and am able to easily monitor.

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Stefan Timmermans
Sent: Thursday, December 04, 2008 12:30 PM
To: thin@freelists.org
Subject: [THIN] Re: OT: VMWare backups

I use the cron and snapshot & Quiesce the VM, make an TSM (but you may choose any other certified backup solution) backup of the frozen VMDK, then the script executes its commit and the incremental changes are reappied to the vmdk. it works 100% of times . It worked for ESX 2.5.x but occasionally missed a backup, on VI3 it works 100% of times (for about 1.5 years). The only drawback is that my TSM client (backupclient) does not

allow to have more then one session on my host. My backups are sequential and have a certain hit on my host (as would any backup of a large file), I have not a clue about other soutions, This one works fine and is out-of-the-box

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Matthew Shrewsbury
Sent: donderdag 4 december 2008 15:50
To: thin@freelists.org
Subject: [THIN] Re: OT: VMWare backups

I don’t know if this is a dead topic (just now had a chance to read the list) and I actually just went through this. I looked very carefully at vRanger and Veeam. I ran both products and found Veeam to be much more reliable (vRanger kept failing) and the Veeam product was cheaper, more capable (much faster file level restores) and much easier to use interface.

ESX 3.5 update 2 supports VSS with their VMware agent tools and can be executed from vRanger or Veeam. Another key difference between vRanger and Veeam is I schedule a shutdown of a VM and then backup it up for older databases that don’t support VSS. vRanger wouldn’t snap the VM so that it could then be started right back up. When using vRanger it locked the files and the VM would fail to start unless the backup was finished. Veeam created a snapshot and always backed up the snapshot if the VM was running or not. I did hear from vRanger (who had very good technical support) that version 4 is going to be released in Q1 ’08 will address most of the issues I had with their product.

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Steve Snyder
Sent: Tuesday, October 07, 2008 11:39 PM
To: thin@freelists.org
Subject: [THIN] OT: VMWare backups

so how are ya'll backing up your virtuals?

Right now we're backing up each virtual at their OS level, looking a vRanger to do a back-end snapshot backup. Of course BUE 12.5 was just released which is supposed to support vmware (and hyper-v) too.

[THIN] Re: Best AntiVirus for Citrix

We use f-secure for citrix – haven’t had a problem with it tbh

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Matthew Shrewsbury
Sent: 04 December 2008 15:00
To: thin@freelists.org
Subject: [THIN] Best AntiVirus for Citrix

Thanks,

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

[THIN] Re: OT: VMWare backups

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

so how are ya'll backing up your virtuals?

[THIN] Re: Shadow taskbar encryption errors

That has been set to 128 bit also. (2nd, see updates in original)

We checked our templates and from what I can tell they are from w2k3. Not sure which one it was but if it was system.adm (think that was it) it was dated 2007-02-17.

So we tried checking these settings from a vista box with the latest GPMC on it. There were way more choices for other things but this area still looked the same. We set it with this anyways and same problem.

I do have another related question also.

We have tried disabling any GP/Citrix Policy... That we can find but still can't get the TSCC ICA-TCP Encryiption level to UN-grey so we can try to change it there. I have looked at a few servers and they all are the same way. Is this normal?

Regards,
Doug Stratton, Shared Service BC
Service Desk Email: 77000@gov.bc.ca
Service Desk Tel: (250)387-7000

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Joe Shonk
Sent: December 4, 2008 6:16 AM
To: thin@freelists.org
Subject: [THIN] Re: Shadow taskbar encryption errors

Check the encryption level set at the published application level.

Joe

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Stratton, Doug ISMC:EX
Sent: Wednesday, December 03, 2008 3:59 PM
To: thin@freelists.org
Subject: [THIN] Shadow taskbar encryption errors

I am having a problem with using Shadow Taskbar on a test CPS 4.5 farm (w2k3 ) we have.

We have a group policy Set client connection encryption level set to Client compatible.

This results in getting an error "you do not have the proper encryption level to access this session". Also get another popup same time, " To log on to this computer, you must have terminal server User access Permissions……

So I have been working on this and this is all the stuff I have tried (what works what does not)

1st - Turned off all encryption stuff and it worked
        - registry hklm\system\currentcontrolset\control\terminal server\Winstations\ica-tcp\MinEncryptionLevel 1
        - Published application no level specified as requirement
        - Citrix ICA encryption Policy, disabled
        - gp removed setting for encryption Computer\Windows components\Terminal Server\Encryption and Security\Set client connection Encryption level

2nd - Turned on Citrix Published Desktop encryption 128bit min required - WORKED with shadow bar
2.2 - Set Wiindows gp (Set Client Connection encryption level to Client compatible) - FAILED (just encryption note)
        REBOOTED - failed
        Turn off Policy and Gpupdate /force works again
3rd - Enabled Citrix encryption policy - FAILED
        Get encryption error AND Not in TS group so no access.???
        Turn off policy works again
4th - Set registry hklm\system\currentcontrolset\control\terminal server\Winstations\ica-tcp\MinEncryptionLevel 28 - WORKED (no gp or citrix policy)

5th - Turned on Citrix Encryption policy now - WORKS, guess needs above
6th - turned gp encryption back on to client compatible - FAILED
Set to high - FAILED

7th - tried setting with latest GPMC on vista box - FAILED (it did set the RDP connections but the Citrix connection still said None and is greyed out and shadow still not working.)

So at this point I can't get the Windows GP setting to work. We currently have it in production and I know Security is going to baulk at wanting to remove it when we upgrade.

Any suggestions? And thanks again

Regards,
Doug Stratton, Shared Service BC
Service Desk Email: 77000@gov.bc.ca
Service Desk Tel: (250)387-7000

[THIN] Re: Best AntiVirus for Citrix

I have had both McAffee and Symantec on Citrix server with little issue.

If your environment is setup tight enough, you can push the envelope and run no antivirus. Just make sure you have every possible entry point locked up and all other servers, storage etc installed with good AV.

On Thu, Dec 4, 2008 at 9:34 AM, George Wasgatt <gwasgatt@gmail.com> wrote:

We upgraded to eTrust 8.x and were told by CA to exclude certain directories/files on the Citrix servers from scanning to avoid impacting performance. I do not know if they recommended the same exceptions for 7.1. Those exceptions are:

x:\Pagefile.sys

X:\program files\citrix

X:\windows\system32\spool

Since the upgrade we have not encountered any Citrix specific issues with the product.

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Matthew Shrewsbury
Sent: Thursday, December 04, 2008 10:00 AM
To: thin@freelists.org
Subject: [THIN] Best AntiVirus for Citrix

I'm just about to purchase a new AntiVirus product. I am running CA eTrust AV 7.1 which is now end of life. I'm running older 2003 servers so I need an AV product that won't slow the Citrix servers down and is easy to deploy. Could go with the new 8.x version of eTrust but is there anything better? Any suggestions?

Thanks,

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

This e-mail, and any attachments thereto, contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended only for the use of the addressee(s) named herein. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me at 954-558-0198 and permanently delete the original, including any attachments thereto, and any copy or printout thereof.

[THIN] Re: Windows 2003 Service Pack 3

I don't see that Microsoft has announced end of support for Windows 2003, so whatever the latest service pack for 2k3 is will be supported as long as 2k3 is, which is an unannounced date at this time. I am reasonably certain 2k3 will still be on full support at the end of 2009. How long did Windows 2000 stay on mainstream support after 2k3 was issued?

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Andrew Wood
Sent: Thursday, December 04, 2008 3:36 AM
To: thin@freelists.org
Subject: [THIN] Windows 2003 Service Pack 3

Does anyone know if this is in the pipeline – and if so if there is an expected release date?

According to this - http://www.microsoft.com/windows/lifecycle/servicepacks.mspx no further updates are planned - which according to this http://support.microsoft.com/lifecycle/?p1=3198 would put W2k3 going heading out of support in 2009 – am I right in thinking that?

tia

Andrew

Gilwood CS Ltd

Registered Office : 3 Cedars Crescent, Sunderland, UK, SR2 7SY. No. 6099397 England

This message and any attachments may be a confidential attorney-client communication or otherwise be privileged and confidential. If you are not the intended recipient, any review, distribution or copying of this transmittal is prohibited. If you have received this transmittal in error, please reply by e-mail and delete this message and all attachments

[THIN] Re: Best AntiVirus for Citrix

x:\Pagefile.sys

X:\program files\citrix

X:\windows\system32\spool

Since the upgrade we have not encountered any Citrix specific issues with the product.

Thanks,

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

[THIN] Best AntiVirus for Citrix

Thanks,

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

[THIN] Re: OT: VMWare backups

Matthew Shrewsbury

Director of Information Technology

Coscan Homes, LLC

5555 Anglers Avenue, Suite 1

Fort Lauderdale, FL 33312

mshrewsbury@coscanhomes.com

www.coscanhomes.com

Phone: 954-558-0198

Fax: (954)-620-1001

so how are ya'll backing up your virtuals?

[THIN] Citrix Delivery Center Live

I'm hanging out in the geekspeak lounge at CDCL

Jim Kenzig
Blog: http://www.techblink.com

[THIN] Re: Dual ZDCs?

Do these servers have multi-nics connected to different networks? If so, that is probably where your problem lies… While it is possible to use multiple NICS (not bonded), it is highly NOT recommended and definitely not a best practice.

Each zone had a 1 Data Collector (DC) that is elected. So if you have two zones, you will have two DCs (or we like to call them ZDCs).

Any server that has direct access to the database can function as a DC so in order to dedicate a server/vm to this role you must set the election preference (Most Preferred). Some organizations like to have a backup ZDC. Technically, there is no such thing. It’s simply a server that has been dedicated to serve as the ZDC in the event the real ZDC become unavailable. Again, this is accomplished by setting election preference so the machine is next in line. This prevents an application server from becoming the DC in the event of a failure.

Now having a “backup” ZDC is nice because you can also use that server to host additional infrastructure services or act as a backup. So in the event of a failure of an infrastructure server you’re not impacting your application servers. Examples of additional infrastructure services. DC Role, XML, STA, Metric Server. Smaller farm could also host Web Interface and the Licensing server (CTX and/or MS) while large orgs will want to split WI and Licensing onto separate servers.

Also, the imalhc.mdb is the local host cache, not the Data Store. Do you know if your data store is Access, SQL Express or SQL?

Joe

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Stephanie Atkinson
Sent: Thursday, December 04, 2008 5:49 AM
To: thin@freelists.org
Subject: [THIN] Re: Dual ZDCs?

Hi Jeremy,

Thanks for your suggestions. I checked out a few things yesterday after speaking with a more senior Admin who has been on vacation. In some ways he confused me even more trying to tell me that when you build the farm you designate the zone masters (2 in our case supposedly, when to me it just seems like a primary of most preferred and a backup of preferred) and that that info is stored in the imalhc.mdb (copy of persistent, not non-persistent data) on each server telling it to only communicate with the ZM in that database. He also explained how the member server communicates with the ZM via the MGT NIC then the ZM sends the info back on the client-side NIC thus it's only able to send back to the same member server. I find flaws with both of these explanations but I think you're right that the answer to my question lies in our configuration. One thing I did find is that we don't have ports 2512, 2513 or 1494 open between non ZM servers, only from member server to ZM. That would seem to account more for the lack of available info in the CMs.

I started questioning this b/c I am studying for my CCA. The more you learn the more you can question. Anyhow, I will just keep digging into this. Thanks for your clarifications.

Best Regards,

Stephanie

Jeremy Saunders <Jeremy.Saunders@datacom.com.au> wrote:

Hi Stephanie,

Have a look at the way the Presentation Server Administrators have been set up in the Access Management Console, and perhaps also the DCOM permissions on the servers, ensuring that the COM Plus network access Windows component has been added to all servers. As far as I’m concerned, this stuff should configured the same across all servers. Maybe you need to quiz that Engineer a bit further???

Cheers,

Jeremy.

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Stephanie Atkinson
Sent: Wednesday, December 03, 2008 8:23 PM
To: thin@freelists.org
Subject: [THIN] Re: Dual ZDCs?

I'd forgotten the qfarm identifies the ZM as well. I ran that and it confirmed just 1 ZM is in affect. So then here is where I guess I am confused. You stated,

By the way, it is not a requirement to run the Access Management Console or Presentation Server Console (AKA CMC) from the Data Collector. Any farm server will do, and if your zone is working correctly, the information returned will be consistent no matter which server you connect to.

and when I read that ports 2512 and 2513 are used for server to server and server to MC respectively, I took that to mean that all MCs from all servers in a given farm provide results for all servers in the farm. In our case, it is only the dedicated primary and backup ZMs that have this bird's eye view for Servers. The MCs from any other server DO provide Pub App and Policies data for example but NOT Servers. So you can't see what users are logged on, try to shadow or directly connect to any other server than the one you are logged on to.

Regards,

Stephanie

Jeremy Saunders <Jeremy.Saunders@datacom.com.au> wrote:

Hi Stephanie,

What you are seeing is correct, it obviously just hasn’t been explained to you correctly. The Engineer should have whiteboarded this for you.

Each zone can only have ONE Data Collector at any one time. You have a “Primary”, which will always be the server set to “Most Preferred”, and you have a Backup, which is set to “Preferred”. The backup will take over when the Primary fails, is taken off-line, etc. I personally always set the remainder of farm member servers to “Not Preferred” to ensure they never take part in any zone elections. Others will leave them set to “Default”, just in case.

If you go to the command line on any server, type “qfarm”. This will list all servers in the farm. The ones with the D after their IP Address will be the active Data Collectors for those zones. So in your case you will see two.

By the way, it is not a requirement to run the Access Management Console or Presentation Server Console (AKA CMC) from the Data Collector. Any farm server will do, and if your zone is working correctly, the information returned will be consistent no matter which server you connect to.

I hope that explains it.

Cheers,

Jeremy.

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Stephanie Atkinson
Sent: Wednesday, December 03, 2008 9:58 AM
To: thin@freelists.org
Subject: [THIN] Dual ZDCs?

How is it that a Zone can have 2 operating Data Collectors? Of everything I have read, each zone can only have one so maybe I misunderstand what is going on. The Citrix Engineer who setup this environment advised we have data collection on 2 servers because 1 is set to Most Preferred and the other Preferred. All other servers are left to default. We have 2 dedicated servers for each zone intended to be data collectors and by all accounts that is how they are working. All the information from every server in the zone is available from both servers in the CMC; all other servers only provide their local information.

Can anyone clarify or explain this?

Thanks,

Stephanie Atkinson

Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information contained in the pages is confidential and contains legally privileged information. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply email. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you.

[THIN] Re: Shadow taskbar encryption errors

Check the encryption level set at the published application level.

Joe

I am having a problem with using Shadow Taskbar on a test CPS 4.5 farm (w2ke) we have.

We have a group policy Set client connection encryption level set to Client compatible.

So I have been working on this and this is all the stuff I have tried (what works what does not)

2nd - Turned on Citrix application encryption 128bit min required - WORKED with shadow bar
2.2 - Set Wiindows gp (Set Client Connection encryption level to Client compatible) - FAILED (just encryption note)
        REBOOTED - failed
        Turn off Policy and Gpupdate /force works again
3rd - Enabled Citrix encryption policy - FAILED
        Get encryption error AND Not in TS group so no access.???
        Turn off policy works again
4th - Set registry hklm\system\currentcontrolset\control\terminal server\Winstations\ica-tcp\MinEncryptionLevel 28 - WORKED (no gp or citrix policy)

5th - Turned on Citrix Encryption policy now - WORKS, guess needs above
6th - turned gp encryption back on to client compatible - FAILED
Set to high - FAILED

So at this point I can't get the Windows GP setting to work. We currently have it in production and I know Security is going to baulk at wanting to remove it when we upgrade.

Any suggestions? And thanks again

Regards,
Doug Stratton, Shared Service BC
Service Desk Email: 77000@gov.bc.ca
Service Desk Tel: (250)387-7000

[THIN] Reminder Citrix Delivery Center Live Today.

Going on now for other parts of the world.. Starting at 12 pm for Americas. SIgn up and check it out! There will be a Virtual Geek Speak event with Rick D and Doug and more.
http://events.unisfair.com/index.jsp?eid=339&seid=28

Check my blog posting for more info..
http://kenzig.blogspot.com/2008/11/coming-dec-4th-turbocharge-your-data.html

Jim Kenzig
Blog: http://www.techblink.com

[THIN] Re: Dual ZDCs?

Hi Stephanie,

Have a look at the way the Presentation Server Administrators have been set up in the Access Management Console, and perhaps also the DCOM permissions on the servers, ensuring that the COM Plus network access Windows component has been added to all servers. As far as I'm concerned, this stuff should configured the same across all servers. Maybe you need to quiz that Engineer a bit further???

Cheers,

Jeremy.

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Stephanie Atkinson
Sent: Wednesday, December 03, 2008 8:23 PM
To: thin@freelists.org
Subject: [THIN] Re: Dual ZDCs?

I'd forgotten the qfarm identifies the ZM as well. I ran that and it confirmed just 1 ZM is in affect. So then here is where I guess I am confused. You stated,

By the way, it is not a requirement to run the Access Management Console or Presentation Server Console (AKA CMC) from the Data Collector. Any farm server will do, and if your zone is working correctly, the information returned will be consistent no matter which server you connect to.

and when I read that ports 2512 and 2513 are used for server to server and server to MC respectively, I took that to mean that all MCs from all servers in a given farm provide results for all servers in the farm. In our case, it is only the dedicated primary and backup ZMs that have this bird's eye view for Servers. The MCs from any other server DO provide Pub App and Policies data for example but NOT Servers. So you can't see what users are logged on, try to shadow or directly connect to any other server than the one you are logged on to.

Regards,

Stephanie

Jeremy Saunders <Jeremy.Saunders@datacom.com.au> wrote:

Hi Stephanie,

What you are seeing is correct, it obviously just hasn't been explained to you correctly. The Engineer should have whiteboarded this for you.

Each zone can only have ONE Data Collector at any one time. You have a "Primary", which will always be the server set to "Most Preferred", and you have a Backup, which is set to "Preferred". The backup will take over when the Primary fails, is taken off-line, etc. I personally always set the remainder of farm member servers to "Not Preferred" to ensure they never take part in any zone elections. Others will leave them set to "Default", just in case.

If you go to the command line on any server, type "qfarm". This will list all servers in the farm. The ones with the D after their IP Address will be the active Data Collectors for those zones. So in your case you will see two.

By the way, it is not a requirement to run the Access Management Console or Presentation Server Console (AKA CMC) from the Data Collector. Any farm server will do, and if your zone is working correctly, the information returned will be consistent no matter which server you connect to.

I hope that explains it.

Cheers,

Jeremy.

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Stephanie Atkinson
Sent: Wednesday, December 03, 2008 9:58 AM
To: thin@freelists.org
Subject: [THIN] Dual ZDCs?

How is it that a Zone can have 2 operating Data Collectors? Of everything I have read, each zone can only have one so maybe I misunderstand what is going on. The Citrix Engineer who setup this environment advised we have data collection on 2 servers because 1 is set to Most Preferred and the other Preferred. All other servers are left to default. We have 2 dedicated servers for each zone intended to be data collectors and by all accounts that is how they are working. All the information from every server in the zone is available from both servers in the CMC; all other servers only provide their local information.

Can anyone clarify or explain this?

Thanks,

Stephanie Atkinson

Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information contained in the pages is confidential and contains legally privileged information. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply email. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you.

Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information contained in the pages is confidential and contains legally privileged information. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply email. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you.

ThinList Blog

Thursday, December 4, 2008

[THIN] Re: Communication problem?

[THIN] Re: Best AntiVirus for Citrix

[THIN] Re: OT: VMWare backups

[THIN] Re: Best AntiVirus for Citrix

[THIN] Re: OT: VMWare backups

[THIN] Re: Shadow taskbar encryption errors

[THIN] Re: Best AntiVirus for Citrix

[THIN] Re: Windows 2003 Service Pack 3

[THIN] Re: Best AntiVirus for Citrix

[THIN] Best AntiVirus for Citrix

[THIN] Re: OT: VMWare backups

[THIN] Citrix Delivery Center Live

[THIN] Re: Dual ZDCs?

[THIN] Re: Shadow taskbar encryption errors

[THIN] Reminder Citrix Delivery Center Live Today.

[THIN] Re: Dual ZDCs?

About Me

Blog Archive