Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4360
  • Last Modified:

The AD schema has not been updated to support synchronization with Citrix Password M anager

A new installation of Citrix Xen App on a windows 2008 X64 Server on a Windows 2000 Native Domain has trouble connecting Citrix Xen App to the network.  The little connection icon at the bottom right of the screen in the tool bar is crossed out and red.  When I try to connect to the current Xen App Server or to a domain controller it generates the message in the title above in the application log.  I am wondering it this is a domain level issue as I tried to run the prescribed update from a domain controller as specified form the Xen App cd, but it did not appear to update the domain.  Might I have to update the domain to 2003 first in order to take advantage of this option?
0
bonbon1
Asked:
bonbon1
  • 3
  • 3
2 Solutions
 
rpasseroCommented:
In the \Tools folder of the XenApp CD there is a CtxDomainPrep.exe and a CtxSchemaPrep.exe - have you run both of those?
0
 
rpasseroCommented:
I should note that both of those tools should be run from a Domain Controller with a user account that is a member of both the Domain Admin and Schema Admin groups.
0
 
bonbon1Author Commented:
Yes on all accounts as I mentioned although I didn't specify my procedure.  This did not work, which is why I am wondering if my domain is at an acceptable level for this to occur.  But this may be irrelevant too.

0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
bonbon1Author Commented:
I am going to try uninstalling and re-installing both the Password Manager and the Hot Fixes.
0
 
rpasseroCommented:
In Windows 2000 domains you have to manually enable schema updates.

From http://articles.techrepublic.com.com/5100-22_11-5108369.html :

"You must enable AD schema updates on the domain controller that holds the schema operations role. You can enable schema updates via the Schema Management Console.

Follow these steps:

   1. At the command prompt, type regsvr32 schmmgmt.dll. This should result in a dialog box that says DllRegisterServer In Schmmgmt.dll Succeeded.
   2. Open the management console by typing mmc at the command prompt.
   3. Go to Console | Add/Remove Snap-in.
   4. In the Add/Remove Snap-in dialog box, click the Add button.
   5. In the Add Standalone Snap-in dialog box, select Active Directory Schema, click Add, and click OK.
   6. From the console, right-click Active Directory Schema, and select Operations Master.
   7. In the Change Schema Master dialog box, select the Schema May Be Modified On This Domain Controller check box, and click OK.

You can now update the schema on the system that holds the schema operations master role. "

If you're not sure which DC holds the schema operations master role, you can find out by following steps 1-6 - it will be on that screen. Try following the above procedure and running the update again on the schema master.
0
 
bonbon1Author Commented:
This is good advice, and I did actually have to extend the permissions also.  However this was not the overall problem.  In fact I opened a ticket with Citrix and we did a Webex and they noticed that the Schema had in fact already been extended with our previous version of Presentation Server, so that was not the issue at all even though I was lead to believe that by the error messages I received.  The CentralStoreRoot folder which had been added to Active Directory was some how corrupted and was not allowing the Password Manager install to complete.  What he ended up doing was deleting the CentralStoreRoot folder from the Program Data\Citrix folder in Active Directory.  Then we re-ran the Schema update and the Domain update from the Installation CD on the Domain Controller which is the Schema Master and both finished and the CentralStoreRoot was recreated and the installation liked it this time and completed.  Then I was able to run a "Configure and Run Discovery" from the Citrix Access Management Console and everything was successful.  We do not know why the folder had become corrupt, maybe it was associated with the fact that we are now on XenApp and running it so many times perhaps mangled the attributes, but it is not clear and it was over all remedied which is all that really matters now.  

Thank you for your time on this.  There are many areas with the Schema updates that a person needs to check regarding permissions on the Schema Master and in fact 'allowing' Schema Updates as you had mentioned.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now