Friday, January 28, 2011

MS: Terminal Server issue - Error 4105

Error:

Log Name: System
Source: Microsoft-Windows-TerminalServices-Licensing
Event ID: 4105
Level: Warning
Description:

The Remote Desktop license server cannot update the license attributes for user "user" in the Active Directory Domain "domain.com". Ensure that the computer account for the license server is a member of Terminal Server License Servers group in Active Directory domain "domain.com".If the license server is installed on a domain controller, the Network Service account also needs to be a member of the Terminal Server License Servers group.If the license server is installed on a domain controller, after you have added the appropriate accounts to the Terminal Server License Servers group, you must restart the Remote Desktop Licensing service to track or report the usage of RDS Per User CALs.Win32 error code: 0x80070005




This issue is caused by missing Terminal server attributes on Windows 2008 R2 Active Directory Domains. This issue can cause issues on Citrix logins.

Solution:

Run the following powershell script. The script MUST run on PowerShell 2.0 and with administrator permissions (right click on the powershell icon and select Run as Administrator. Modify the domain name in the script.

$URL = ldap://DC=mydomain,DC=com/;


cls
$root = New-Object DirectoryServices.DirectoryEntry
$URL$ds = New-Object DirectoryServices.DirectorySearcher
$ds.SearchRoot = $root
$ds.filter = "objectCategory=Person"
$src = $ds.findall()
write-host "Found" $src.count "user objects.`n"
$src %{
$de = $_.getdirectoryentry()
$accessrules = $de.get_objectsecurity().getaccessrules($true, $false,[System.Security.Principal.SecurityIdentifier]) ?{$_.ObjectType -eq "5805bc62-bdc9-4428-a5e2-856a0f4c185e"}
if ((measure-object -inputobject $accessrules).count -eq 0)
{
$ar = new-object System.DirectoryServices.ActiveDirectoryAccessRule([System.Security.Principal.SecurityIdentifier]"S-1-5-32-561", 48, "Allow", [guid]"5805bc62-bdc9-4428-a5e2-856a0f4c185e")
$de.get_objectsecurity().addaccessrule($ar)
$de.commitchanges()
write-host -f yellow ("Added:`t" + $de.properties["sAMAccountName"])
start-sleep -m 200
}
else
{
write-host -f green ("OK:`t" + $de.properties["sAMAccountName"])
}
}

Friday, January 21, 2011

CTX: Windows 7 and Office 2010 running XenDesktop 5 @iPad

I'm working on a XenDesktop 5 PoC (Proof of concept).

This is a iPad running Windows 7 and Office 2o1o! How amazing is this!


Right-Click and Audio are two issues I found on the pilot.

CTX: Exchange is unavailable error on Citrix or Terminal Server

When a user opens Outlook on Citrix XenApp (or Terminal Server) running on Windows 2008, he received an error: “Exchange is unavailable”.

They are several reasons for this issue:

1) Network issues:

Check network connection. Check if network gateway is ok. Reset the network connection.

2) Cached Profiles:
  • Check the date of cached profile folder for the user on the C:\Users folder. If the date is from previous days, ask user to log off and delete the cached profile. Also delete any temp folder, they are corrupted profiles.
  • Check Profile List and delete key with .bak at the end in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. Compare users in task manager and delete profiles from not connected users too.

Note: you can enable a GPO to delete profiles when users log off from a session.

Open Group Policies Management console. Expand Computer Configuration, expand Administrative Templates, expand System, and then expand User Profiles.
Double-click Delete cached copies of roaming profiles, click Enabled

This GPO not always is working properly. A process lock the profile and some pieces of the profile still on folder. You can enable a GPO to delete profiles older than XX days when server is rebooted, to delete these profiles.

Open Group Policies Management console. Expand Computer Configuration, expand Administrative Templates, expand System, and then expand User Profiles. Double-click Delete user profiles older than a specified number of days on system restart and type amount of days.