Why Citrix IMA service is connecting to Domain Controller?

bubaibhatta
bubaibhatta used Ask the Experts™
on
Hi Experts,

I see in every Citrix servers that Citrix IMA service is connecting to Domain Cotroller.
IMA to DC
Why does it contact to Domain Cotroller?
I see that this activity is happening to at every few second.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Is or was Citrix ever installed on the domain controller?  Double check that it is not installed and that if it was, that all remnants have been cleanly removed.

Also, verify that Citrix data store connectivity is not configured on that domain controller.

It sounds like the domain controller may have been used for some Citrix-related functionality at some point and that perhaps it was not cleanly uninstalled.

Author

Commented:
No it never installed on DC. And this is happening on all the XenApp Server (we have both 5.0 and 6.5).
TunerMLSystems Engineer

Commented:
The way I unerstand it,
Citrix IMA service contacts Active Directory for authentication purposes.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
I think you are right. But wonder why that would do so? I just checked that this service is run by "Network Service".
TunerMLSystems Engineer
Commented:
When a user attempts to access a resource XenApp has to ensure that that user has proper authorization first. So when the user logs in IMA checks with active directory if those credentials are correct then displays a list of resources configured for that particular user or group in which the user is in.
Or do you not user active directory users and groups when publishing applications?
try with local service to run ima and check
It would be the server during the application enumeration phase of the logon. It will enumerating user and group SIDS to deliver applications to the user. Port 1025 is the low range dynamic port used by server 2003 (1025-5000). Server 2008 uses 49152-65535. Citrix doesn't know what the user should have until it gets a list of group SIDS which it can compare with its host cache and then deliver the right apps.

Author

Commented:
Thanks for the wonderful explanation!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial