Need a second Citrix license server

I want to have a backup license server in the event our two Citrix servers can't connect to our existing license server.  

How do I do this?

After a second server is ready, how would I point the servers to the new license server?

Can each Citrix point to a different license server?
J.R. SitmanIT DirectorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brian CTXSupportCitrix ConsultantCommented:
Is your license server on a VM?  You could clone it (or create a new VM with the same hostname) and have it as a cold standby (powered off).  The server doesn't need to be in the domain, only have the same hostname.  I like this option the best.

If you opt for a different server with a different hostname, you'd need to reallocate the licenses on and reissue them for the 2nd server and it's hostname.

If you had enough licenses, you could allocate half of your licenses to each, but that would be a waste since the farm can only talk to one of them.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Carl WebsterCitrix Technology Professional - FellowCommented:
you do not need to do that. you have 30 days to get your license server back running.
Brian CTXSupportCitrix ConsultantCommented:
Agreed.  I've never deployed a 2nd license server unless I had a customer insist.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Brian MurphyIT ArchitectCommented:
Have you explored other options?  What I mean is Citrix Licensing server is supported on 2008 R2 and up SQL Clustering.  You get to assign a Cluster Name and all that good stuff.

I'm not recommending what comes next but it would be possible to:

1. Bring up a license server with XYZ Name, return the licenses on My Citrix, reissue those licenses to another server. 

I only mention this as compliment to Carl's suggestion in that he already hit the nail on the head with the most obvious fact that Citrix did finally extrapolate out the Licensing component but then put it on another server using Apache\Tomcat\httpd "stuff" that has caused me some issues in FIPS compliance areas where I've had to replace their self-signed certificate with a Verisign 2048 Bit RSA 256 and then modify the httpd and ssl config files to disable SSL 2 and SSL 3 and force HIGH encryption cipher suites.

But I digress.

If clustering is not an option I would wonder why cloning is not an option.  Is it a physical server?

Now if we are talking about an active-active scenario then yes, I get it.  That would make sense although again you have 30 days but your secondary site would be pointing to the primary not another independent source.  All you need is FQDN.

You assign the FQDN name to the files you download.  Create a DNS record.  Make it a VIP if you want.  I always recommend new SSL Certificate and ALWAYS replace the self-signed certificate that Citrix places on the server along with the private key.  Not only is it 1024 but it is SHA1.

If that FQDN corresponds to a clusterIP, even better.  

If that FQDN corresponds to a LB VIP, good too.

Now I mention those last two because your only other option is DNS round-robin for two servers sharing the same FQDN unless you were to delegate that record to Netscaler and use GSLB or F5 LB  VIP or Netscaler LB VIP and each License Server added.

My issue with that primarily is I've always used SQL Cluster and why waste two more VM's when you already have a SQL Cluster that in my case is always Physical Hardware.

I simply won't sign off on a design without a Physical Cluster.

Depending on the size of the environment you can leverage that cluster for more than just SQL given the underlying Microsoft Clustering Options outside of SQL.

Then, combined with DFS Namespace?  I'm not even going to start on that one.
J.R. SitmanIT DirectorAuthor Commented:
Yes it is a VM.  I really like the idea of having it as a cold server waiting.  I've never cloned a VM.  How?

Also the other advantage of having the same server FQDN waiting is that this server is also our SQL server that contains very critical databases.  The SQL is backed up every night using Arcserve backup software.  

I didn't realize I had 30 days to move the licenses.  So that eliminates any panic.
Tony JohncockLead Technical ArchitectCommented:
Actually it is possible to do. Citrix consultancy posted an article here:

But why go to all the trouble. You have more than enough time to rebuild the thing from scratch if necessary.
Brian MurphyIT ArchitectCommented:
Well. That's good.  At least you know it is no longer as critical as with prior versions.

Cloning a VM is bit of a trick question without knowing your hypervisor.

On FQDN, take note - I want to be clear that I did not say same FQDN of the SQL Server.  Not what I said.  Or if I did convey that I did not mean to convey that.

SQL Clustering has nothing to do with Windows Clustering for Network Services, File Services, Licensing Server.  Nothing to do with SQL at all.

You can install Microsoft Clustering for 2-nodes and have a clustered file server.  SQL has the added option of running in a Cluster as well but you must install that option.  I've never needed more than 2 so I've always used the 2-Node Cluster and Quorum option.

I've yet to try SQL 2012 Active State option.

The FQDN is just a DNS entry that points to a new CLUSTER service that you manually create.

You would assign another Storage LUN, just like SQL but for Licensing only.

The service you create with the Server Console is just a service that is tied to that LUN.

Let's say that LUN is allocated to Server 1 and it is iSCSI or in your case Fiber most likely and allocated to an ESX host.  See, I stated physical hardware.

Microsoft does not support SQL Clustering on VMWare ESX although VMWare will state they do.

Does it work, far as I can tell - yea.

But someone concerned about the Microsoft vendor support will want physical full servers or blades.

Those blades will have two Fiber cards.  Why two?  What is the point of having a cluster if you have a single point of failure?

Two fiber cards plug into two different cores switches so that is 4 fiber cards in 2 blades or servers and 4 redundant connections active aggregate or active\passive.

Or, that could be iSCSI.

Point is, the hardware is fully HA.  Hot swap drives, processors, memory, power supplies, plugged in to separate PDU's and most cases those PDU's are on two different power grids.  Getting the picture?

That FQDN is license server specific.

My point was for Citrix I always use physical SQL clusters and only host the XenApp and XenDesktop databases and then License Server.  I stand up another SQL Server Virtual Machine for Logging.

I have dedicated Insight appliances per two Netscaler HA pair, two Director console servers behind a LB VIP and FQDN and SSL Certificate, that information goes to another Virtual Server SQL.

Your FQDN might be

But what if you have more than one farm?  More than one domain namespace?  

That is a long conversation.

For now, just know that the licensing FQDN is like a CNAME for both your license servers.  You are going to hopefully get a certificate issue that matches that FQDN and you would modify the HOSTS file on both servers to and swap out that crazy self signed certificate.  And a bunch of other stuff with the httpd and httpd_ssy files, but I digress.

You have three options from a DNS perspective now.
1. round robin
2. Load Balancing
3. Global Load Balancing - must delegate that record

You said two sites, if you want immediate recovery you delegate that FQDN to your GSLB appliance, like Netscaler, and by delegate I'm speaking to DNS.

So Netscaler because SOA for that DNS record.  Your internal DNS whether AD Integrated or INFOBLOX would have a delegation record configured.

If you License Server Primary goes down, Netscaler immediately sends the traffic to the other Netscaler HA pair (I hope you have) at the recovery site and that traffic is forwarded to that license server.

Now, if all you want is a cold spare, I would stick with the 30 day philosophy.

It is waste of storage, IMO other than DRE related items.

Hopefully your company has a disaster recovery plan and exercises.  I do these quarterly and at that time I take cloned images of all my infrastructure components and however many XenApp servers required to meet the DRE testers.

I have a recovery site where those are sent, activated on a separate network but without a change to the IP addressing.  No names change, no IP's change.  

Sounds like you have much to consider.
J.R. SitmanIT DirectorAuthor Commented:
Thanks very much for all the input.  I got what i needed.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.