Solved

Regain admin access to a XenApp 6 farm after domain rename

Posted on 2014-03-27
4
556 Views
Last Modified: 2014-04-04
Hello Citrix Experts
I had had a Citrix XenApp 6 HRP2 farm with farm Administrators set as DOMAIN\Domain Admins in the XenApp Delivery Console.
After DOMAIN was renamed to CONTOSO, I logged on as CONTOSO\Administrator and now XenApp Discovery is failing with a message "Errors occurred when using SERVERNAME in the discovery process." Nothing visible under "XenApp" node in DSC, even though the farm itself is functional. But it is not manageable.
I have tried using SERVERNAME\Administrator to same result.

Where do I go from there, barring a reinstall?
Is there a way to regain administrative access?
0
Comment
Question by:CubeOver
  • 3
4 Comments
 
LVL 25

Expert Comment

by:Sekar Chinnakannu
ID: 39960828
will you able to login to server? will you able to login with old domain name? if not try to enable trust and enable the trust between two domain. After enabling same try to add new domain admin to console then change the farm membership http://support.citrix.com/article/CTX102371
0
 
LVL 2

Author Comment

by:CubeOver
ID: 39961008
Yes I can logon as CONTOSO user or admin. Old DOMAIN does not exist anymore since it was a rename.
0
 
LVL 2

Accepted Solution

by:
CubeOver earned 0 total points
ID: 39965796
OK here's how I fixed the issue.

Since it was a domain rename, SIDs stayed the same, so my admin rights still were there through "Domain Admins" group membership, even though the domain name was wrong.

IMA stores SIDs inside ACLs in the data store.
All hosts cached the database for times when IMA is not available.
IMA was in fact available, just could not provide updates because it had trouble logging into the data store after the domain rename.
There was no error dialogs raised, just NETWORK SERVIVE logon errors in the Application log of the data store server, and a phrase about missing trusts between domains DOMAIN and CONTOSO.

I have run
DSMAINT CONFIG /USER:CONTOSO\name /PWD:password /DSN:"C:\Program Files (x86)\Citrix\Independent Management Architecture\mf20.dsn"
to restore IMA access to SQL data store.

Restarted IMA and I could logon as CONTOSO\user.

Discovery worked due to same Domain Admins group SID, and I saw CONTOSO\Domain Admins there in Administrators! This looked like a folder icon and not the real object.
It must be backwards-resolving the name!

I immediately added Local Administrators into XenApp Administrators, will never make the same mistake again.

Backed up using DSMAINT BACKUP C:\temp\

Logged off and logged back as SERVERNAME\Administrator to check if newly added permissions worked - they did.

Then I deleted all old DOMAIN\* groups and only left Local Administrators - this will not need to be updated ever, all SERVERNAME Administrators will be able to manage the farm which is OK for me.

Now off to update all users in application permissions... recreated LHC and all good.
0
 
LVL 2

Author Closing Comment

by:CubeOver
ID: 39977625
I did not receive useful advice, and I resolved the issue myself.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

After several days of searching and hunting for limited documentation, I wanted to share this guide to hopefully save someone the hassle of trying to figure this out on their own. I have tested this on Xendesktop 7.1 and PS 4.5 running simultaneous…
If your vDisk VHD file gets deleted from the image store accidentally or on purpose, you won't be able to remove the vDisk from the PVS console. There is a known workaround that is solid.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question