We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Unable to connect to Citrix

High Priority
197 Views
Last Modified: 2019-10-10
Hello Gents.  I have an issue with a Citrix user attempting to login to an application called Time Clock.   When he attempts to login, he gets the following message The task you are trying to do can't be completed because Remote Desktop Services is currently busy. Please try again in a few minutes. Other users should still be able to log on.  He is currently running Windows 7 Pro on his machine and the servers he is authenticating to is 2008 R2.  I did some searching and found old outdated disconnected articles.   Can someone tell me how to get this fixed?  He needs to do his time card and is unable to.   He has tried on various internet connections as well as on and off his vpn tunnel.   Hes rebooted his machine several times and I have restarted all 3 of the companies xenapp servers in hopes it would fix it with no success.  

He needs to get his timecard submitted asap.
Comment
Watch Question

AlexA lack of information provides a lack of a decent solution.
CERTIFIED EXPERT

Commented:
Remove the profile created on the server and try again, also clear out his hive from the registry.

Regards
Alex
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Alex where do I do  this?  Just for troubleshooting purposes I just restarted the entire Citrix server since its early and no one is logged in.  Do you think that may have cleared it up?
A lack of information provides a lack of a decent solution.
CERTIFIED EXPERT
Commented:
Yeah almost certainly, that would clear the hive and allow for another logon for him.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Ok I will hope the reboot fixes it if not I will try your suggestion.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Darn rebooting it didnt work.. Same thing.  I am clearing profiles in the citrix server.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
There is 1 citrix server and 3 xenapp servers where should I clear the profile out of?
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
If you are not using roaming profiles, on each server go to Control Panel / System / System Properties / Advanced / User Profiles and delete the user profile from this menu. It's the best way to do it. It will remove the profile on the disk and in the registry.

Screenshot:

Screenshot-from-2018-05-17-16-23-53.png
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
I can get into the citrix session which is the xenapp server with my login.   I cant find the 2 users who are stuck.   Their profiles do not exist.
AlexA lack of information provides a lack of a decent solution.
CERTIFIED EXPERT

Commented:
Does the user have a roaming profile?

Go to active directory and check terminal services profile, if there is a location there, go there and rename the profile.

DO NOT DELETE IT!

Regards
Alex
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Alex let me go and check.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Alex the RDSUP blank.  There is no profile path.
AlexA lack of information provides a lack of a decent solution.
CERTIFIED EXPERT

Commented:
OK,

So when the user tries to connect, what citrix box are they connecting to? Have you gone into connection manager on the desktop to check?

Thanks
Alex
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Theres a few.  They have a Sage box, Timeclock, a citrix desktop.   All 3 connect to the XENAPP2 servers.   My login allows me to access the desktop.  I am currently letting the user run sage from my login since she has serious reports that need to get done.   I am just trying to find out where her login is hung.  All the applications run off that server it seems even though there are 3 xenapp servers.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
What if I build her a new AD profile copy her original login and have her use that to login to the citrix environment?
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
So the new AD profile threw another new error.   Cannot reach server.   Check your network connection or contact your help desk to assistance. They are currently running on 7.0 I am being told by Citrix this is outdated and they need to get up to 7.15.  Which I am not even sure this will correct the problem.   Thoughts?  Perhaps I should let her use the accounts that work until they get off Citrix all together?
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
Can post a screen capture of the error messages?
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Here ya go.
newcitrixerror.JPG
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
It seems that a configuration file or registry is missing for the application.
It doesn't know what server to contact.
Do you know how the applicatin is configured? Is it a user configuration or a system configuration?
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Olivier that is a really good question unfortunately I do not.  Currently the only reason they are using Citrix is to access Sage and a Time clock application.   The actual citrix server and citrix web along with the xenapp servers are running on 2003 and 2008 R2.   They are only using 7.0 so they are out of support scope.   I did look in the AD account however could not find anything under RDSUP tab and it was blank so to try and figure that part out I would have no clue where to look.   It just seems weird 2 accounts can connect 2 can not.  I know they currently have 60 licenses and are only utilizing 5.   Their XENAPP 1 server which runs Citrix Studio is  the host.  Looked at some of the application errors in event viewer and here is what I see.

The connection between the Citrix Broker Service and the database has been lost.
 
Error details:
Exception 'Connection Timeout Expired.  The timeout period elapsed while attempting to consume the pre-login handshake acknowledgement.  This could be because the pre-login handshake failed or the server was unable to respond back in time.  The duration spent while attempting to connect to this server was - [Pre-Login] initialization=21310; handshake=5; ' of type 'System.Data.SqlClient.SqlException'.
 
Ensure that the database is correctly configured and accessible.

The Citrix Broker Service cannot contact the license server '10.1.1.24'.
 
Please ensure that the license server is functioning correctly and that the details identifying the license server are correct in the XenDesktop configuration.

The Citrix Broker Service failed to read some configuration settings from the database. Check that the database is configured correctly.
 
Error details:
Exception 'Cannot connect to database server' of type 'Citrix.Fma.Sdk.Dal.DALConnectionFailedException'.

The Citrix Broker Service experienced an internal error while enforcing a power policy. The service failed in its interaction with the XenDesktop database and was unable to determine the policy actions needed.
 
There might be a configuration problem in the XenDesktop database. Check that the database schema is correct.
 
Error details:
Exception 'Database not found or not accessible' of type 'Citrix.Fma.Sdk.Dal.DALDatabaseNotFoundException'.

Could not communicate with privileged service. Error was System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.pipe://localhost/Citrix/PrivilegedAdminService that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. ---> System.IO.PipeException: The pipe endpoint 'net.pipe://localhost/Citrix/PrivilegedAdminService' could not be found on your local machine.
   --- End of inner exception stack trace ---

Server stack trace:
   at System.ServiceModel.Channels.PipeConnectionInitiator.GetPipeName(Uri uri, IPipeTransportFactorySettings transportFactorySettings)
   at System.ServiceModel.Channels.NamedPipeConnectionPoolRegistry.NamedPipeConnectionPool.GetPoolKey(EndpointAddress address, Uri via)
   at System.ServiceModel.Channels.ConnectionPoolHelper.TakeConnection(TimeSpan timeout)
   at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
   at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
   at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Citrix.PrivilegedService.Contract.IPrivilegedAdminService.GetStatus()
   at Citrix.PrivilegedService.ClientProxy.PrivilegedAdminServiceClientProxyWrapper.GetStatus()
   at Citrix.Storefront.PrivilegedServiceProxy.GetStatus().


Could not communicate with privileged service. Error was System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.pipe://localhost/Citrix/PrivilegedAdminService that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. ---> System.IO.PipeException: The pipe endpoint 'net.pipe://localhost/Citrix/PrivilegedAdminService' could not be found on your local machine.
   --- End of inner exception stack trace ---

Server stack trace:
   at System.ServiceModel.Channels.PipeConnectionInitiator.GetPipeName(Uri uri, IPipeTransportFactorySettings transportFactorySettings)
   at System.ServiceModel.Channels.NamedPipeConnectionPoolRegistry.NamedPipeConnectionPool.GetPoolKey(EndpointAddress address, Uri via)
   at System.ServiceModel.Channels.ConnectionPoolHelper.TakeConnection(TimeSpan timeout)
   at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
   at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
   at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Citrix.PrivilegedService.Contract.IPrivilegedAdminService.GetStatus()
   at Citrix.PrivilegedService.ClientProxy.PrivilegedAdminServiceClientProxyWrapper.GetStatus()
   at Citrix.Storefront.PrivilegedServiceProxy.GetStatus().

.NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "MiguiControls, Version=1.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

I will post logs next from XENAPP2 which is where  they are authenticating to.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Here are some logs from the XENAPP2 server they use that they are unable to login to.

Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-72051607-705191716-48716514-5845.bak).  hr = 0x80070539, The security ID structure is invalid.
.

Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {c4233687-a8b0-4bfe-9fd1-1cbb7933ecbb}


The Citrix Desktop Service failed to obtain a list of delivery controllers with which to register.
 
Please ensure that the Active Directory configuration for the farm is correct, that this machine is in the appropriate Active Directory domain and that one or more delivery controllers have been fully initialized.
 
Refer to Citrix Knowledge Base article CTX117248 for further information.
 
Error details:
Exception 'The request channel timed out while waiting for a reply after 00:00:02. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.' of type 'System.TimeoutException'

The Citrix Desktop Service failed to obtain a list of delivery controllers with which to register.
 
Please ensure that the Active Directory configuration for the farm is correct, that this machine is in the appropriate Active Directory domain and that one or more delivery controllers have been fully initialized.
 
Refer to Citrix Knowledge Base article CTX117248 for further information.
 
Error details:
Exception 'The request channel timed out while waiting for a reply after 00:00:02. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.' of type 'System.TimeoutException'

(User Profile Service)
Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.

Faulting application name: A4WCONTAINERXP.EXE, version: 6.2.0.0, time stamp: 0x52b2a0bb
Faulting module name: msxml6.dll, version: 6.30.7601.24498, time stamp: 0x5d2997b5
Exception code: 0xc0000005
Fault offset: 0x00001fc8
Faulting process id: 0x2e7c
Faulting application start time: 0x01d57d319d92ebf9
Faulting application path: C:\Program Files (x86)\Sage\Sage Accpac\runtime\A4WCONTAINERXP.EXE
Faulting module path: C:\Windows\System32\msxml6.dll
Report Id: 0a479ce2-e925-11e9-b97a-005056b34498

Faulting application name: A4WCONTAINERXP.EXE, version: 6.2.0.0, time stamp: 0x52b2a0bb
Faulting module name: msxml6.dll, version: 6.30.7601.24498, time stamp: 0x5d2997b5
Exception code: 0xc0000005
Fault offset: 0x00001fc8
Faulting process id: 0x2e7c
Faulting application start time: 0x01d57d319d92ebf9
Faulting application path: C:\Program Files (x86)\Sage\Sage Accpac\runtime\A4WCONTAINERXP.EXE
Faulting module path: C:\Windows\System32\msxml6.dll
Report Id: 0a479ce2-e925-11e9-b97a-005056b34498

File access may be denied. User '(username)' experienced a long delay while file 'C:\Users\UN\ntuser.ini' was fetched from the user store.  Cause: The user tried to access the file but Profile management detected such a significant delay in this operation that access may be denied. The user received an error message. This may be due to antivirus software preventing access to the file in the user store.  Action: Consult the Profile management documentation for troubleshooting and configuration advice on enterprise antivirus products.

File access may be denied. User 'UN' experienced a long delay while file 'C:\Users\UN\ntuser.ini' was fetched from the user store.  Cause: The user tried to access the file but Profile management detected such a significant delay in this operation that access may be denied. The user received an error message. This may be due to antivirus software preventing access to the file in the user store.  Action: Consult the Profile management documentation for troubleshooting and configuration advice on enterprise antivirus products.

File access may be denied. User 'UN' experienced a long delay while file 'C:\Users\UN\ntuser.ini' was fetched from the user store.  Cause: The user tried to access the file but Profile management detected such a significant delay in this operation that access may be denied. The user received an error message. This may be due to antivirus software preventing access to the file in the user store.  Action: Consult the Profile management documentation for troubleshooting and configuration advice on enterprise antivirus products.

^^^ I think these may be the cause but not sure.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Here is the log files from the server in csv
application-log.csv
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
Andrew, these logs are showing highly critical dysfonctionment of the Citrix farm.

Are you able to open Citrix Studio and perform any task?
Like viewing the properties or creating a Delivery Group?
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
Olivier I haven't tried.  I can see the license information within the Studio and such it lets me navigate.  I havent tried to create anything.  Keep in mind this infrastructure is ancient.  I am just trying to bandaid paperclip and rubberband it to keep it somewhat alive.
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
Do you know if they have deployed Citrix Director by any chance?
It will show you the current state of the servers and farm components.

I understand that you publish applications, but no desktops?
Sometimes it's easier to troubleshoot the desktop environment.
You could edit the Delivery Group, and add a desktop, and restrict the desktop use for this specific user (and your user also). If the user accepts to give you his/her password then try logging to the publish desktop.
See if the environment is working fine, File Explorer, basic apps. And the clock/sage application.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
There is a citrix desktop that you can login from the boxes.  When she tries to login she is getting the same RDS is busy error but my login and another login works to that same Citrix Desktop box.
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
On the server, in the Task Manager (show processes for all users) / Users tab, is she already logged in on that server before trying to login to the Desktop?
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
No it only shows my login.  She did have a profile under the advanced profiles tab which I deleted.
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
Have you rebooted the server recently? Any recent Windows update?
If not it could be interesting to reboot and check the Windows Update status.

I wonder if the RDS licence server is still valid. Also, it can be a GPO creating the issue.
If you create a new test user in AD, in the same OU as the user having the issue, and login to the Citrix desktop, is it working?
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
I can assure the server has been restarted several times.  I am unsure where to check the RDS license server.   2 users are able to get in 2 arent my assumption is RDS is somewhat working.   What GPO do you think would cause 2 users to work and 2 not to?    I did mimic the users account in the same OU and the new error I listed popped up.
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
If there is a problem with the RDS licence server then you can only have 2 users at the same time on the Windows server.
Can you connect more than 2 users at the same time on the server?

If you added a test account in the same OU and get the error, what happens if you move the user object to another OU?
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
I havent tried to move the users AD profile to a different OU as of yet.  I can try and locate the OU my account is listed in and move it there and see what happens.   Do you think this will fix it?
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
Yes it's important to test in a different OU. The problem could be coming from a bad GPO.
(I'm assuming that the Loopback Policy hasn't been setup in the server OU)
Also, try to login more than 2 users at the same time. If you can't login three or four users and get the error, it's probably an RDS Licence server problem.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
I dont know all the users that use citrix there are only a couple so there may not be more than 4 lol.    I will move her test account I setup to a different OU and see what happens.
Andrew N. KowtaloSupport Center Engineer

Author

Commented:
I moved her account to the administrators OU which is full rights and still showing the RDS server as busy.
Olivier MARCHETTACitrix Support and Infrastructure Engineer
CERTIFIED EXPERT

Commented:
It's important to know if there is a RDS licence issue.
I like testing with a real logon test instead of just checking the RDS licence server.
I suggest you to create 4 test account, UserA, UserB, UserC, USerD, and log them on the same server.
Or you could check if the licence server has been configured on the RDS server.
Go to Start -> All Programs -> Remote Desktop Services -> Remote Desktop Session Host Configuration menu option. Within this tool, double click on the Remote Desktop licensing mode entry located in the Edit settings box listed under Licensing and check the RDS licence server in the list.

Another thing, the profile could be corrupted in the registry.
Open the Registry Editor, regedit, and navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Open in new window

For each key (with the SID value), look for the value "ProfileImagePath" and check if one correspond to the user account name.
If yes, then delete the SID key or, safer, rename it to .OLD.

And make sure to delete the profile on the local disk in C:\users.
(or rename it to .old)
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.