Citrix Interview Questions

Ques 1. Resource Enumeration Process

Ans1.

Internal Users Enumeration

1. User gets authenticated by Ad through STF server.
2. STF(Storefront) connects with Delivery Controller and then SQL to display list of icons.
3. Delivery controller checks the least loaded server (for eg VDA 2) and send the ica file to user.
4. The direct connection is established with VDA 2 after checking for Licensing through DC

External Users Enumeration

1. User gets authenticated by AD through NetScaler server.

2. STF connects with DC and then SQL to display list of icons.
3. DC checks the least loaded server (for eg VDA 2) and send the ica file to user.
4. The direct connection is established with VDA 2 after checking for Licensing through DC

Ques2. Basic Ports in Citrix

Ans 2.
Ques.3 Session reliability, Auto client reconnect and Keep Alive time

Ans 3.

Session Reliability: Ensures continuous user sessions despite network interruptions.

Benefits: Prevents session disconnects, reduces user frustration, and enhances productivity by
ensuring uninterrupted access to applications and desktops.
Auto Client Reconnect: Automatically restores disconnected sessions without user
intervention.
Benefits: Minimizes downtime for users, improves productivity, and reduces support overhead
by swiftly restoring access to applications and desktops after a disconnect.
Keep-Alive Time: It is an Interval for exchanging heartbeat messages to maintain connection
activity. These heartbeat messages confirm the connection's status, preventing it from being
terminated due to inactivity.
Ques.4 What is the difference between FMA and IMA?

FMA IMA
Modern Architecture: FMA is the Legacy Architecture: IMA was the
architecture introduced in later versions of architecture used in earlier versions of Citrix
Citrix XenApp and XenDesktop. XenApp (formerly known as Citrix
Presentation Server).
Distributed Architecture: FMA employs a Centralized Management: In IMA, all
distributed architecture where each configuration information and management
component serves a specific role. It includes tasks are handled by the Data Collector,
Delivery Controllers, StoreFront servers, Virtual which is a central component in the XenApp
Delivery Agents (VDAs), and Citrix Director. farm.
Scalability and Flexibility: FMA is designed Hierarchical Design: IMA employs a
to be more scalable and flexible than IMA. It hierarchical design with zones, data
allows for easier scaling out by adding more collectors, and worker servers. Data
Delivery Controllers or StoreFront servers as collectors maintain farm-wide data, including
needed. server load, session information, and
published resources.
 Enhanced Features: FMA Drawbacks: IMA had certain limitations,
introduces features such as Machine such as scalability issues in large
Creation Services (MCS) and deployments, complexity in managing
Provisioning Services (PVS) for multiple zones, and dependencies on the
Data Collector, which could become a single
desktop and application provisioning,
point of failure.
HDX protocol enhancements, and
improved user experience.
 High Availability: FMA offers
improved high availability compared
to IMA, with built-in redundancy and
failover capabilities at various levels
of the infrastructure.
 XenApp 6.5 XenApp/Xendesktop 7.x
Added in version

Architecture IMA – Mesh FMA – Brokers + Workers n/a

Centralised
Datastore Site Database n/a
configuration

Local Host
DB resilience Connection leasing – LHC LHC added in 7.12
Cache (LHC)

Load balancing Load evaluators Load balancing policies n/a

7.7, zone
Scaling Zones Zones and zone preference
preference: 7.11

Managing Delivery Groups, Application 7.9 (AG’s) – 7.12

Worker Groups
workers groups and Tags (tags)

Scheduled
Restarting
server reboot Restart schedules Improved in 7.12
workers
policy

Application Improved App-V support and Improvements in

Offline apps
streaming integration 7.8 and 7.11

App and Desktop Default Reintroduced in 7.17 as

7.17
Session Sharing behaviour default behavior

Web interface:
Storefront: per store auth
Authentication per site auth SF 3.5
config
config

Provisioning
Provisioning PVS, MCS, App Layering n/a
services (PVS)

Monitoring EdgeSight Director n/a

Architecture

The Independent Management Architecture (IMA) used by XenApp 6.5 and earlier versions
is a mesh architecture. The Flexcast Management Architecture (FMA) used by XA/XD 7.x
on the other hand consolidates all brokering functionalities to the Desktop Delivery
Controller (DDC). Applications and desktops are hosted on separate machines, the workers,
where the Virtual Delivery Agent (VDA) is installed.

Ques 4. What is Connection Leasing and LHC?

New LHC

During normal operations:

 The principal broker (Citrix Broker Service) on a Controller accepts connection requests
from StoreFront and communicates with the Site database to connect users with VDAs
that are registered with the Controller.
 A check is made every two minutes to determine whether changes have been made to
the principal broker’s configuration. Those changes could have been initiated by
PowerShell/Studio actions (such as changing a Delivery Group property) or system
actions (such as machine assignments).
 If a change has been made since the last check, the principal broker uses the Citrix
Config Synchronizer Service (CSS) to synchronize (copy) information to a secondary
broker (Citrix High Availability Service) on the Controller. All broker configuration data is
copied, not just items that have changed since the previous check. The secondary broker
imports the data into a Microsoft SQL Server Express LocalDB database on the Controller.
The CSS ensures that the information in the secondary broker’s LocalDB database
matches the information in the Site database. The LocalDB database is re-created each
time synchronization occurs.
 If no changes have occurred since the last check, no data is copied.

The following graphic illustrates the changes in communications paths if the principal broker
loses contact with the Site database (an outage begins):
When an outage begins:

 The principal broker can no longer communicate with the Site database, and stops
listening for StoreFront and VDA information (marked X in the graphic). The principal
broker then instructs the secondary broker (High Availability Service) to start listening for
and processing connection requests (marked with a red dashed line in the graphic).
 When the outage begins, the secondary broker has no current VDA registration data, but
as soon as a VDA communicates with it, a re-registration process is triggered. During
that process, the secondary broker also gets current session information about that VDA.
 While the secondary broker is handling connections, the principal broker continues to
monitor the connection to the Site database. When the connection is restored, the
principal broker instructs the secondary broker to stop listening for connection
information, and the principal broker resumes brokering operations. The next time a VDA
communicates with the principal broker, a re-registration process is triggered. The
secondary broker removes any remaining VDA registrations from the previous outage,
and resumes updating the LocalDB database with configuration changes received from
the CSS.

In the unlikely event that an outage begins during a synchronization, the current import is
discarded and the last known configuration is used.

The event log provides information about synchronizations and outages. See the “Monitor”
section below for details.

You can also intentionally trigger an outage; see the “Force an outage” section below for
details about why and how to do this.

Ques. 5 What is the difference between Citrix UPM profile and Roaming profile?

Ans 5. UPM profiles offer more customization and optimization for virtual environments, whereas
Roaming profiles may face performance challenges, especially in larger deployments.
Ques 6. What is PVS boot process
UPM profiles offer more customization and optimization for virtual environments, whereas
Roaming profiles may face performance challenges, especially in larger deployments.
Ans 6.

1. IP Acquisition

2.1 Getting BootStrap File

 DHCP

PXE

BDM -Static IP
 BDM -Static IP

2.2 Downloading BootStrap File

3 PVS LOGON Process
4 Single Read Mode

5 BNISTACK/IMO
Ques 7 How to troubleshoot PVS TD bootup error 'BNIStack failed, network stack
could not be initialized.
Ans

1.The hidden redundant network adapter

Once you have chance to access vDisk OS successfully (no matter use private mode vDisk or
directly check the master image which convert the vDisk), open the device manager -> network
adapter, make sure view -> show hidden devices is checked, then pay attention to the hidden
redundant network adapter
Uninstall the abnormal redundant network adapter and boot again
2.Does not meet system requirement

The top 2 most common mistakes we have ever meet:

I. Use E1000 network type on VMs in VMware environment
II. No necessary Microsoft patch applied within vDisk in VMware environment

3.Activate master image OS by 3rd party windows crack software before image
We do not support 3rd party windows crack software, PVS only support KMS and MAK windows
activation.

Ques 8. How to fetch historical license in Citrix

Ans.

Ques 9 How to revoke user license.

Ans. The udadmin displays the licensed users and devices and releases licenses for specified
users and devices.

Ques 10 Types of ports in Citrix License

Ans.
 NetScaler

1. What is SNIP, NSIP, MIP and VIP ?

NSIP
NetScaler IP address, which is the IP address used to access the NetScaler for management.
SNIP
Subnet IP address, which is used for server-side connections and routing traffic to the VIP.
MIP
Mapped IP address, which is used when a SNIP address is not available.
VIP
Virtual IP address, which is the address of a virtual server to which end users connect and are
authenticated.
2. Port Number of NS HA Pair

1. Management Interface (NSIP):

 Port 22 (SSH): Used for Secure Shell (SSH) access to the NetScaler
management interface for configuration and management purposes.
2. Heartbeat Communication:
 Port 3003 (Heartbeat): Used for the HA heartbeat communication between
the primary and secondary NetScaler appliances. This port ensures that the
appliances are alive and able to communicate with each other.
3. Synchronization:
 Port 3008 (Sync): Used for synchronization of configuration and session
information between the primary and secondary NetScaler appliances. This
ensures that both appliances have identical configuration and session data.
4. Propagation:
 Port 3009 (Propagate): Used for propagating configuration changes from
the primary NetScaler appliance to the secondary appliance.
5. Cluster IP (CLIP):
  Port 3008 (CLIP): Used for communication with the Cluster IP (CLIP)
address, which is the virtual IP address shared between the primary and
secondary NetScaler appliances in a High Availability pair. This port handles
client traffic destined for the CLIP address

3. Back end front end IP NetScaler

In summary, the frontend IP addresses are the public-facing IP addresses that clients connect to
when accessing services, while the backend IP addresses are the private IP addresses of the
servers hosting the backend services. The NetScaler acts as an intermediary or proxy between
the frontend and backend, handling client requests and directing them to the appropriate
backend servers based on configured policies.
4. Integrate NS with XenDesktop
5. How to create store in SF and gateway in NS
Step 1. Got to SF, click 'Create Store’, Enter store name and click ‘Next’

Step 2. Add the Delivery Controller address.

Step 3. Do not check ‘Enable Remote Access’ as of now, as we have not yet created gateway in
netscaler, we shall configure it later.Click ‘Next and proceed with default.
Step 1 Go to NS and click ‘Create New Gateway’.
Step 2. Enter Gateway URL which you want user to access for APAC region, Enter Gateway IP
address

Step 3. Either use Existing Certificates or Install a new Certificate already created. Choose cert
file its key and enter its pwd. Click ‘Continue’
Step 4. Enter the existing SotreFront URL, click on retrieve store, you’ll see the Store created in
last exercise. Select for the APAC one. Enter AD domain and Delivery controller (STA). Click
‘Continue.
Step 5 Use existing LDAP or add a new one. Click ‘continue.’ Click ‘Done’

Step 6 Integrate above created gateways to Storefront.

Select the APAC Store, Click on ‘Configure Remote Access’ . Check the box, ‘Enable Remote
Access’. Click on ‘Add’

Add Netscaler gateway UR0L created in earlier exercise for APAC region.Click ‘Next’
Add STA (Deliver controller), Check ‘Session Reliability’. Click ‘Next’

Choose default and click ‘Next’. Click ‘Create. Continue click ‘Next’, your Store and NS gateway
is integrated now. Similarly, we can create it for US region. This is done to avoid slowness if all
connects the same Citrix URL.
6. Configure LDAP Authentication on NS.
 7. How to upgrade Firmware of HA pair NS
1.41 Primary
1.40 Secondary

1. Wnscp>Go to /var/nsinstall/ create folder 'firwarename'

copy the firware from local PC to this path on both NS.
2. Go to Primary (1.41)> Take the FULL Backup and download to a safe place
3. Go to Secondary (1.40)>Take the FULL Backup and download to the safe place
-Upgrade the secondary NS
5. System>HA Node> select SECONDARY NS>STAY SECoONDARY>uncheck HA Sync and HA
Propgation
6. System>HA Node> select PRIMARY NS>STAY PRIMARY>uncheck HA Sync and HA Propgation
7. Save the configuration
8. Open the putty> Connect to Secondary NS>username/pwd>
9. Run Show HA node
10.Shell
11. Go the directory cd /var/nsinstall/firwarename
12. Extract the file by running the command 'tar /var/nsinstall/firwarename.tgz
13. Run the command ./installns
13. Do not delete old signature and kernel images
14. Reboot Yes
15. the secondary NS has been upgraded ( HA Sync and HA Propagation will remain greyed out
due to version mismatch)
16. Go to System>HA Node>select primary NS> HA status - ENABLED(Actively Participate in HA
as we'll do the failover) and uncheck HA Sync and HA Propagation.
17. Go to System>HA Node> Select Action 'Force Failover'
18. Now (1.40) will become Primary and we shall test the connection by launching the Citrix
apps and Desktops
19. Go to putty > login to 1.41 NS> show HA node> you'll see 1.41 has now become secondary
20. Follow the step from 10 to 14
21. Go to 1.40 ( currently primary) HA node> Action > Force Failover
22. Now 1.41 will become Primary and 1.40 will become secondary ( make sure to change 1.40
HA status to ENABLED(Actively Participate in HA)
23. Check the connection by launching Citrix apps and Desktops
24. Change the HA status to ENABLED(Actively Participate in HA) of both the NS as it was
starting and enabled the sync and propagation status
25. The NS is upgraded successfully
8. Load Balancer SF through NS
Open Netscaler>Traffic management> Add Storefront servers> Create Service group> bind to
a VIP>Open VIP and select Method as either least connection or round robin.