PMGIT
asked on
"CITRIX SERVICE ACCOUNTS DELETED IN AD"
Hi,
I'm hoping there is a Citrix guru out there who can help with this.
There was a "Service Accounts" OU within AD, which held various domain service accounts, and groups. Most were not used, and there were only about 5 accounts in total. Last week the OU was inadvertantly deleted by a tech - and that's where this story begins...
After about eight straight hours of troubleshooting, diagnosing, & re-configuration, I am finally at the point where the apps are working thru the WI Portal. The biggest challenge was identifying and ultimately creating a "citrix" user in AD, then giving it "db owner" rights on the SQL DB <different server>, then running a "DSMAINT CONFIG" on all ten Citrix Presentation Servers to re-asign each server's .dsn to the newly created account. This is where I am now - Most apps are working, but I can no longer get into CMC (Presentation Server Console). I am getting the error "Failed to log onto Farm", which I absolutely know has something to do with not having the right citrix user account assigned the correct permissions somewhere (be it in AD, on the local servers, or within the IMA, or DS SQL DB's). I know I am missing something, I'm just not sure what exacly; I've even attempted doing a "CHFARM" on one of the servers, and re-adding it to the Farm, but I don't think it's right because it's not showing any apps - maybe I'm connecting to the wrong Farm? In the Access Suite Console there are two Farms, but one has nothing in it (this was setup and configured by a consultant last year, before I was here), and the other has all the apps. When doing a CHFARM, the Farm Name is greyed out and I can't choose so I'm not sure how to connect to the correct Farm, or if this is even my problem.
Sorry for the many details, and crazy explanation; I just want to make sure I include all of the important details. PLEASE HELP :-(
THANKS!
I'm hoping there is a Citrix guru out there who can help with this.
There was a "Service Accounts" OU within AD, which held various domain service accounts, and groups. Most were not used, and there were only about 5 accounts in total. Last week the OU was inadvertantly deleted by a tech - and that's where this story begins...
After about eight straight hours of troubleshooting, diagnosing, & re-configuration, I am finally at the point where the apps are working thru the WI Portal. The biggest challenge was identifying and ultimately creating a "citrix" user in AD, then giving it "db owner" rights on the SQL DB <different server>, then running a "DSMAINT CONFIG" on all ten Citrix Presentation Servers to re-asign each server's .dsn to the newly created account. This is where I am now - Most apps are working, but I can no longer get into CMC (Presentation Server Console). I am getting the error "Failed to log onto Farm", which I absolutely know has something to do with not having the right citrix user account assigned the correct permissions somewhere (be it in AD, on the local servers, or within the IMA, or DS SQL DB's). I know I am missing something, I'm just not sure what exacly; I've even attempted doing a "CHFARM" on one of the servers, and re-adding it to the Farm, but I don't think it's right because it's not showing any apps - maybe I'm connecting to the wrong Farm? In the Access Suite Console there are two Farms, but one has nothing in it (this was setup and configured by a consultant last year, before I was here), and the other has all the apps. When doing a CHFARM, the Farm Name is greyed out and I can't choose so I'm not sure how to connect to the correct Farm, or if this is even my problem.
Sorry for the many details, and crazy explanation; I just want to make sure I include all of the important details. PLEASE HELP :-(
THANKS!
BLipman
After you did the DSMAINT CONFIG, did you bounce the IMA service? This must be done (or a reboot) or else your datastore connection will be hosed still.
ASKER
Actually, yes. I then did another chfarm, and that seemed to properly re-associate everything. I think the chfarm didn't work the first time because I was trying to use a DNS name, instead of the IP for the license server (which not in the domain; it's in Workgroup for security purposes). As soon as I did a chfarm on all 10 servers using the newly created citrix id and the ip address rather than the netbios name everything worked! I'm just hoping there are no other accounts or db associations I need to worry about now...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No doubt, I think I like that idea.
Thanks for replying; I'm not sure if it was a difficult question, bad timing, or just poorly asked, but it would appear that no one was interested in the pts so...
Thanks for replying; I'm not sure if it was a difficult question, bad timing, or just poorly asked, but it would appear that no one was interested in the pts so...
ASKER
No doubt, I think I like that idea.
Thanks again!
Thanks again!