Wednesday 10 November 2010

Fixing session reconnect in XenApp 6

Something I had noticed on a XenApp 6 farm I have running with a small number of servers recently was that the sessions were not reconnecting properly, especially when they had been created from different workstations.  This is an issue for us as our users tend to move about, and the ability to migrate sessions is important.  Disconnected sessions also needlessly take up memory on servers.

At first I thought this was just an occasional issue, then I found I could reproduce it by opening an application using the Online Plug-in (the Agent!), then selecting “Disconnect Online Sessions”, then “Reconnect Online Sessions”.  This should obviously give me my sessions back, instead I got the message “There are no sessions available for reconnection”.

image

This may have been made worse by our using Passthrough Authentication.  Anyway, I checked the web interface cluster and it had lots of this error for all the servers:

Event ID: 30105

Event Description:

Site path: C:\inetpub\wwwroot\Citrix\PNAgent.

The Citrix servers do not trust the server. This message was reported from the XML Service at address http://xensvr02:80 [com.citrix.xml.NFuseProtocol.RequestReconnectSessionData]. 

This is something I remember fixing in Citrix Presentation Server v4.0, only of course the setting in XenApp 6 has moved.

In the Delivery Services Console, I selected Policies, the Computer tab, and the Unfiltered policy, which in my case is still the only policy.  I selected this policy, clicked edit and Next.

First, I checked that Auto Client Reconnect was set to “Allowed”, though since this is the default setting I doubt that made any difference.  Just to be sure I set it to Allowed and clicked OK.

image 

The important setting though is the XML service.  Scroll down the list on the left to XML Service and select the policy “Trust XML Requests”.  Click Add and set the policy to Enabled.

image

The other policy setting – XML Service Port – does not need configuring get this functionality working.

I then ran gpupdate on the servers with disconnected sessions and attempted to reconnect – this worked immediately.

I’m not sure why the default configuration for XenApp 6 appears to be for session reconnection to be essentially broken, at least for users with the Online Plug-in and Passthrough Authentication.  I also have not made any attempt to make sure that “only trusted services communicate with the Citrix XML Service”.  I am assuming here that this would involve making sure only our Web Interface servers could communicate with the XML Service using firewall rules, so that might be something to consider next time we review our firewall policies.

This page does appear to confirm that this is the correct fix for a system with Passthrough Authentication clients who want session roaming…

http://support.citrix.com/proddocs/index.jsp?topic=/xenapp6-w2k8-admin/ps-sf-citrix-xml-service-port-set-v2.html

1 comments:

Anonymous said...

Thanks for the hint - you made my day :D.

Regards, Melanie

Post a Comment