XenApp 5/6: Dot Net Authenticode signature revocation list checking for MMC is currently enabled.

Citrix Microsoft Management Console (MMC) based administrative consoles (Access Management Console, Delivery Services Console) take an extended time to launch. Once running, the consoles operate normally.

If you face the following issue at the time of opening XenApp 5 or XenApp 6 Citrix Delivery Services Console/Access Management Console, go through the following steps to resolve this.

Cause

Citrix MMC based administrative consoles feature components that are written using the Microsoft .NET Framework. Citrix signs these .NET based components with an authenticode signature as an added security mechanism.

In situations where a Citrix MMC based administrative console is run from a computer without internet access, Windows is unable to verify the authenticode signature, and as a result this causes a delay during the startup of the console.

Steps to resolve this issue

To resolve this issue, you can either provide the computer with internet access so it can verify the authenticode signature, or disable the authenticode signature checking feature for Microsoft Management Console (see below).

Note: To implement the resolution detailed below, you must have one of the following Microsoft .NET Framework versions installed:

• Microsoft .NET Framework 2.0 with KB936707 Hotfix
• Microsoft .NET Framework 2.0, Service Pack 1 or later
• Microsoft .NET Framework 3.0 or later
• Microsoft .NET Framework 3.5 or later

Steps

1. Create a file called mmc.exe.config in C:\Windows\SysWOW64 folder.
   
    
2. Open the mmc.exe.config file in Notepad and paste the folloiwng codes. Save the Notepad.
   
   For 64 Bit 
   
   <?xml version="1.0" encoding="utf-8"?>
   <configuration>
   <runtime> 
   <generatePublisherEvidence enabled="false" />
   </runtime>
   </configuration>
   
   
   
   For 32 Bit
    <?xml version="1.0" encoding="utf-8"?>
   <configuration>
   <runtime>
   <generatePublisherEvidence enabled="false" />
   </runtime>
   </configuration> 
    
3. Launch the Delivery Services Console/Access Management Console again. This should be much faster because the system does not attempt to verify the Authenticode signature.
   

   
   

Configuring XML to Use a Different Port in XenApp 6

Following step-by-step procedures decribe how to configure Citrix XML Service port to use a different port in XenApp 6. Here I will change the XML service port to 8080, which is recommended by Citrix to be used as XML port.

Steps

1. Stop the Citrix XML Service. To do so, you can manually stop the service or go to Command Prompt and execute the following command:
   
   net stop CTXHTTP
    
2. Now you have to unregister the XML service. To do so, execute the following command:
   
   ctxxmlss /u
   
    
3. To confirm this go to Services console and you will not be able to view the service called Citrix XML Service.
   
    
4. Now execute the following command to register the XML service to port 8080.
   
    
5. To confirm the change, open Services console and there you will see the service called Citrix XML Service. The service will be in Stopped state.
   
    
6. To start the Citrix XML Service execute the following command:
   
   net start CTXHTTP
    
7. Restart IIS by the following command:
   
   iisreset
    
    
8. Open Citrix Delivery Services Console, and expand the Farm that contains the server. Select Policies node, and click the Computer tab. Select the policy named Unfiltered and then click on Edit button.
   
    
9. Click on Next.
   
    
10. Select XML Service and then click on Add button of XML Service Port.
    
     
11. Enter the port 8080 in the Value text box and click OK.
    
     
12. Click on Save.
    
     
13. Execute the following command to update the policy.
    
    gpupdate
    
     
14. Open Citrix --> Management Consoles --> Citrix Web Interface Management.
     
15. Select XenApp Web Sites and then right click on the Site URL. Select Server Farms.
    
     
16. Click on Edit.
    
     
17. Change the XML Service port to 8080 and then click OK.
    
     
18. Perform the same steps for XenApp Services Sites and change to port of the URL to 8080.
    
     
19. Execute the command iisreset to restart the IIS service.
    

Installing XenApp 6

Some technical changes of XenApp 6

1. All XenApp 6 prerequisites are automatically installed during the installation process. As such, only the base Windows Server 2008 R2 operating system must be installed on the server. Automatic reboots will occur during the XenApp installation process.
    
2. Data Store database can only be based on SQL Server 2005/2008, SQL Server Express 2008 or Oracle .
    
3. Citrix policies and farm settings are configured and applied universally as Group Policy Objects (GPOs) that have precedence over other local machine policies.

Installing XenApp 6 server

[Note:

• I am using Windows 2008 R2 with SP1 Operating System. Host name is Xen1.
• Domain is kolkata.com.
• I have already installed XenApp License Server having host name of Citrix.
• I am running MS SQL Server 2005 as datastore. The database name is XenApp]

1. On the autorun click on Install XenApp Server.
   
2. Click on Yes to install the .Net 3.5 SP1 Framework.
   
3. Click on Add server roles.
   
4. Select the Edition you want to install.
   
5. Accept the License Agreement and click Next.
   
6. Select the components you want to install. Since I have License Server already installed, I seletec XenApp and Web Interface components. Click on Next.
   
7. I don't want to enable XenApp to share ports with IIS. Click on Next.
   
8. Click Next.
   
9. Click Install.
   
   
   
10. Click Finish.
    
11. Click on Reboot link to reboot the server.
    
12. Click Yes to confirm the reboot.
    
13. After restart, click on Resume.
    
14. Click Install.
    
    
    
15. Click Finish.
    
16. Click on Configure under XenApp section.
    
17. Click on Create a new server farm.
    
18. Enter the new server farm name and Citrix administrator account. Click Next.
    
19. Enter the license server name and then click Next.
    
20. I am using SQL 2005 server as Datastore and there is an existing database called XenApp. The following window will ask you to create a new database or using the existing database. Here I will select Existing Microsoft SQL Server database. Click on Next.
    
    
21. Select the Database server name (here is Citrix), Database name (here is XenApp) and SQL Server authentication mode (here is Integrated Windows Authentication). Click Next.
    
22. Enter the domain credentials.
    
23. Click on Test Connection button. On clicking on the button it should show Test Completed Successfully. Click OK to close the message and then click Next.
    
    
    
24. Select Allow shadowing of user session on this server and then click Next.
    
25. Here you can enter the custom Zone name or keep it as default. Select your choice and then click Next.
    
26. Review the farm informatin and click Apply.
    
27. Click Finish.
    
28. On the Citrix XenApp Server Role Manager window click on Reboot. Click Yes to restart the server.
    
29. After reboot click on Configure on the Citrix XenApp Server Role Manager window.
    
30. Select XenApp Web Sites and then click on Create Site on the Actions section.
    
31. Click Next.
    
32. Select At Web Interface and then click on Next.
    
33. Click Next.
    
34. Ensure the Configure this site now is selected and then click Next.
    
35. Enter the farm name and the sever name. Click Next.
    
36. Select the Authentication Mode and click Next. Here I have selected Explicit.
    
37. If you want to restrict users to login from a specific domain only then select Restrict domains to the following and click on Add to add the domain name. Else you can choose Allow any domains radio button.
    
38. Select Full and click Next.
    
39. Select the option Online and then click Next.
    
40. Click on Finish.
    
41. The newly created site will be shown in the Citrix Web Interface Management console as below.
    
42. Now select XenApp Services Sites and then click on Create Site on the Actions section.
    
43. Click Next.
    
44. Click Next.
    
45. Ensure that Configure this site now is checked in. Click Next.
    
46. Enter the farm name and click on the Add button to enter the server name. Click Next.
    
47. Select Online and click Next.
    
48. Click Finish.
    
49. The newly created site will be shown in the Citrix Web Interface Management console as below.
    
       
50. Try to access the URL http://Xen1.kolkata.com/Citrix/XenApp. If the site does not open, and you get the error log (Event ID: 1004, Source: IIS-W3SVC), then you have to change the XML port. Please click HERE to view setp-by-step information about how to change XML port.
    
    Log Name:      System
    Source      :       Microsoft-Windows-IIS-W3SVC
    Date          :    
    Event ID   :      1004Task Category: None
    Level        :       Error
    Keywords :       Classic
    User          :       N/A
    Computer  :      Xen1.kolkata.com
    
    Description:
    The World Wide Web Publishing Service (WWW Service) did not register the URL prefix http://*:80/Citrix/XenApp for site 1. The site has been disabled. The data field contains the error number.
    
     
51. If you face Dot Net Authenticode signature issue at the time of opening Citrix Delivery Services Console, click HERE to see the resolution.
     
52. Install the HOTFIX (XA600W2K8R2X64001) to prevent published application launching issue. If you don't install the hotfix, once clicking on the published application the welcome screen get stuck (see the screenshot below).
    
    Please download and install the hotfix from HERE to resolve this issue.
    
     
53. Servers running XenApp 6 can become unresponsive while shutting down. The issue occurs when when the picadm.sys driver encounters certain error conditions that prevent it from shutting down gracefully.
    
    
    To resolve this issue download and install the first HOTFIX (XA600W2K8R2X64002) from HERE.
    
    After installation of the first HOTFIX (XA600W2K8R2X64002) download and install the second HOTFIX (XAE600W2K8R2X64018) from HERE.