baleman2
asked on
Citrix does not maintain remote connections
Outlying clients log on to server at main location. Clients maintain connectivity to server as long as the session is continued with activity by the remote user. However, if that client's end user leaves the computer for any period of time, upon their return they find they've been disconnected. This happens on several PC's at each of seven remote locations.
dphantom
How are clients connecting remotely? VPN, web interface? Are there timeouts associated with these connection settings?
ASKER
Web interface - no timeouts.
I would think it has to be a group policy. The session settings are in the Computer Config | Admin Templates | Windows Components | Terminal Services | Sessions.
It could also be the screen saver settings are on but that will usually just go back to a logon screen rather than a full disconnect.
It could also be the screen saver settings are on but that will usually just go back to a logon screen rather than a full disconnect.
ASKER
Group Policy settings on the Server?
Your Active Ditrectory. Any Group Policiies that may be affecting your users? There is a whole section on Terminal Services settings in Group Policy with Windows 2003 AD. Let us know if there are any as I agree with croberds that seems a good place to start.
Most admins put them in AD. What most including myself like to do is put your citrix servers inside their own OU and then set up a loopback policy.
If you inherited your situation the easiest way to track it down is to do a Resultant of Policy inside your AD for a user when they log in to the citrix server (Right click a user inside of AD, go to Tasks-->Resultant of Policy)
If you inherited your situation the easiest way to track it down is to do a Resultant of Policy inside your AD for a user when they log in to the citrix server (Right click a user inside of AD, go to Tasks-->Resultant of Policy)
ASKER
Fellows:
After much network troubleshooting, we think we've finally found the problem. Our ISP has their cable modem set to "100 Half" (their mistake) while our Fortigate router is set to "100 Full" - duplexing settings. We are going to get on the same page tonight and get results tomorrow.
After much network troubleshooting, we think we've finally found the problem. Our ISP has their cable modem set to "100 Half" (their mistake) while our Fortigate router is set to "100 Full" - duplexing settings. We are going to get on the same page tonight and get results tomorrow.
ASKER
Much ado about nothing concerning duplexing settings. Both sides of the Fortigate, "internal" and "wan1" interface were set to 100 full as well as the cable modem from our ISP. Still disconnecting; so, I will begin your troubleshooting suggestions.
ASKER
I have one more thing I'd like to try - if this is possible. Outlying clients access all programs via an internet connection and a Citrix client. Upon logon, a window with "published" software available for access is displayed. Outlying clients then must pass through ISP's cable modem and my Fortigate router and a D-Link 10/100.1000 switch to get to the Citrix server.
In the building where the Citrix server is physically located, there is a LAN. All clients on the LAN are members of the same domain managed by the Citrix server. They also connect to the server via the internet to access published software on the server.
It seems to me another test of the "disconnect" issue (whether it is "Citrix Server" caused or "Network Hardware" caused) would be to have the CLIENTS ON THE LAN connect and use the published software by going straight to that software via drive mapping instead of the internet; in effect, bypassing the ISP's cable modem and my router altogether. The only piece of hardware that would be utilized would be the D-Link switch.
If the CLIENTS ON THE LAN continue to experience disconnects, wouldn't we have proven that the problem has nothing to do with the hardware (cable modem and/or router) and then be able to concentrate our efforts on Citrix settings and configuration rather than hammering away at networking hardware issues.
Only problem I've got is I cannot find the path to the software that I want to access.
Please advise.
In the building where the Citrix server is physically located, there is a LAN. All clients on the LAN are members of the same domain managed by the Citrix server. They also connect to the server via the internet to access published software on the server.
It seems to me another test of the "disconnect" issue (whether it is "Citrix Server" caused or "Network Hardware" caused) would be to have the CLIENTS ON THE LAN connect and use the published software by going straight to that software via drive mapping instead of the internet; in effect, bypassing the ISP's cable modem and my router altogether. The only piece of hardware that would be utilized would be the D-Link switch.
If the CLIENTS ON THE LAN continue to experience disconnects, wouldn't we have proven that the problem has nothing to do with the hardware (cable modem and/or router) and then be able to concentrate our efforts on Citrix settings and configuration rather than hammering away at networking hardware issues.
Only problem I've got is I cannot find the path to the software that I want to access.
Please advise.
I doubt your local clients on the LAN where the Citrix server is located actually go out to the Internet and then come back in to access a published applicaiton. What is more likely is the clients on the LAN using Web Interface to access published apps.
There is no drive mapping to access Citrix published applicaitons. More than likely, you have a group policy issue somewhere or Citrix connection issue that is disconnecting your remote users. I do not think this is a hardware issue.
There is no drive mapping to access Citrix published applicaitons. More than likely, you have a group policy issue somewhere or Citrix connection issue that is disconnecting your remote users. I do not think this is a hardware issue.
ASKER
To croberds:
Start--> Settings-->Control Panel--> Administrative Tools--> Group Policy Management
From there, I have numerous line items that I can access. The one most obvious to me is "Remote Facilities" which shows the 5 remote businesses that logon to this server. Each of those businesses has a listing of the users who are located there. If I double click on a user name, I have a "Sessions" tab available to me at the top of the screen. There I find options to:
1) End a disconnected Session: Never
2) Active Session Limit: Never
3) Idle Session Limit: Never
It would seem to me that the users should never be disconnected unless there is a "Group Policy" that is overriding these individual user settings. However, I cannot find a "Group Policy" setting for Domain Users - which is the group that all these clients belong to.
Start--> Settings-->Control Panel--> Administrative Tools--> Group Policy Management
From there, I have numerous line items that I can access. The one most obvious to me is "Remote Facilities" which shows the 5 remote businesses that logon to this server. Each of those businesses has a listing of the users who are located there. If I double click on a user name, I have a "Sessions" tab available to me at the top of the screen. There I find options to:
1) End a disconnected Session: Never
2) Active Session Limit: Never
3) Idle Session Limit: Never
It would seem to me that the users should never be disconnected unless there is a "Group Policy" that is overriding these individual user settings. However, I cannot find a "Group Policy" setting for Domain Users - which is the group that all these clients belong to.
ASKER
Everyone - I've still got the same problem that began this thread: Remote users log on to a Citrix server. As long as they are "active" while connected, they're session never terminates. However, if they're "inactive" while connected to the Citrix server, their session is (at random - some users but not all) disconnected. I've followed all suggestions shown on this thread, but nothing has resolved the issue.
Anything else to suggest?
Anything else to suggest?
Hi baleman, sorry I have been on the road for 2 weeks with limited computer access.
To help me a little, what is your domain controller/active directory computer? Is it Windows 2000? 2003? What about your citrix server? And what version of citrix do you have?
I have been answering assuming you have Windows 2003 as your DC but I am not so sure...
Ideally what you should do is have your citrix users go through a loopback policy which ignores the other domain policies, this makes it so when your users log into a citrix/terminal server they all follow the same rules, but you deny these rules for the domain admins so you can still get in and make the changes you need. I think you may be getting multiple group policies for some users, or you may have a loopback policy setup already but cannot locate it.
Look here for info on how to set up a loopback policy: http://www.msterminalservi
If one of these is already set up It is in there (not from the Settings-->Control Panel-->Admin Tools-->Group Policy) that you need to find the Computer Config | Admin Templates | Windows Components | Terminal Services | Sessions.
To help me a little, what is your domain controller/active directory computer? Is it Windows 2000? 2003? What about your citrix server? And what version of citrix do you have?
I have been answering assuming you have Windows 2003 as your DC but I am not so sure...
Ideally what you should do is have your citrix users go through a loopback policy which ignores the other domain policies, this makes it so when your users log into a citrix/terminal server they all follow the same rules, but you deny these rules for the domain admins so you can still get in and make the changes you need. I think you may be getting multiple group policies for some users, or you may have a loopback policy setup already but cannot locate it.
Look here for info on how to set up a loopback policy: http://www.msterminalservi
If one of these is already set up It is in there (not from the Settings-->Control Panel-->Admin Tools-->Group Policy) that you need to find the Computer Config | Admin Templates | Windows Components | Terminal Services | Sessions.
ASKER
In an attempt to resolve the "disconnect" problem (if it is related to broadband width) I have moved both my "Citrix Server" (which we log on to) and "SqlServer" (which maintains our database) to a Fiber location. We now 300meg up and 300meg down as a connection. We're still getting disconnects after the outlying clients are inactive for 30 minutes or more. We've checked all session "disconnect" and "timeout" settings on both servers.
Are you using Citrix Access Gateway? If so check here: http://www.dabcc.com/article.aspx?id=5154
This on #5 caught my eye:
If the logon point session time-out, mouse and keyboard inactivity time-out, and network activity time-out are all set with a value of 1440, the Secure Access Client disconnects after 23 minutes.
This on #5 caught my eye:
If the logon point session time-out, mouse and keyboard inactivity time-out, and network activity time-out are all set with a value of 1440, the Secure Access Client disconnects after 23 minutes.
ASKER
I'm not using Citrix Access Gateway.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.