Troubleshoot
Introduction
Resource locations contain the machines that deliver desktops and apps. Those machines are created in catalogs, so the catalogs are considered part of the resource location. Each resource location also contains Cloud Connectors. Cloud Connectors enable Citrix Cloud to communicate with the resource location. Citrix installs and updates the Cloud Connectors.
Optionally, you can initiate several Cloud Connector and resource location actions. See:
Citrix DaaS for Azure has troubleshooting and supportability tools that can help resolve configuration and communication issues with the machines that deliver desktops and apps (the VDAs). For example, creating a catalog might fail, or users might be unable to start their desktop or apps.
This troubleshooting includes gaining access to your Citrix Managed Azure subscription through a bastion machine or direct RDP. After gaining access to the subscription, you can use Citrix supportability tools to locate and resolve issues. For details, see:
VDA troubleshooting using a bastion or direct RDP
The supportability features are for people who have experience with troubleshooting Citrix issues. This includes:
- Citrix Service Providers (CSPs) and others who have the technical knowledge and troubleshooting experience with Citrix DaaS products.
- Citrix Support personnel.
If you’re not familiar or comfortable with troubleshooting Citrix components, you can request help from Citrix Support. Citrix Support representatives might ask you to set up one of the access methods described in this section. However, the Citrix representatives do the actual troubleshooting, using Citrix tools and technologies.
Important:
These supportability features are valid only for domain-joined machines. If the machines in your catalogs are not domain joined, you’re guided to request troubleshooting help from Citrix Support.
Access methods
These access methods are valid only for the Citrix Managed Azure subscription. For more information, see Azure subscriptions.
Two supportability access methods are provided.
-
Access your resources through a bastion machine in the customer’s dedicated Citrix Managed Azure subscription. The bastion is a single point of entry that allows access to the machines in the subscription. It provides a secure connection to those resources by allowing remote traffic from IP addresses in a specified range.
The steps in this method include:
- Create the bastion machine
- Download an RDP agent
- RDP to the bastion machine
- Connect from the bastion machine to the other Citrix machines in your subscription
The bastion machine is intended for short-term use. This method is intended for issues involving the creation of catalogs or image machines.
-
Direct RDP access to the machines in the customer’s dedicated Citrix Managed Azure subscription. To permit RDP traffic, port 3389 must be defined in the Network Security Group.
This method is intended for catalog issues other than creation, such as users unable to start their desktops.
Remember: As an alternative to these two access methods, contact Citrix Support for help.
Bastion access
- From the Manage > Azure Quick Deploy dashboard in Citrix DaaS for Azure, expand Troubleshoot & Support on the right.
- Click View troubleshooting options.
- On the Troubleshoot page, select either of the first two issue types, and then click Use our troubleshooting machine.
-
On the Troubleshoot with Bastion Machine page, select the catalog.
- If the machines in the selected catalog are not domain joined, you’re instructed to contact Citrix Support.
- If a bastion machine has already been created with RDP access to the selected catalog’s network connection, skip to step 8.
- The RDP access range is displayed. If you want to restrict RDP access to a smaller range than allowed by the network connection, select the Restrict RDP access to only computers in IP address range check box and then enter the desired range.
-
Type a username and password that you’ll use to log in when you RDP to the bastion machine. Password requirements.
Do not use Unicode characters in the username.
-
Click Create Bastion Machine.
When the bastion machine is successfully created, the page title changes to Bastion – connection.
If the bastion machine creation fails (or if it fails during operation), click Delete at the bottom of the failure notification page. Try to create the bastion machine again.
You can change the RDP range restriction after the bastion machine is created. Click Edit. Enter the new value and then click the check mark to save the change. (Click X to cancel the change.)
- Click Download RDP File.
- RDP to the bastion, using the credentials you specified when creating the bastion. (The bastion machine’s address is embedded in the RDP file you downloaded.)
- Connect from the bastion machine to the other Citrix machines in the subscription. You can then collect logs and run diagnostics.
Bastion machines are powered on when they are created. To save costs, machines are powered off automatically if they remain idle after startup. The machines are deleted automatically after several hours.
You can power manage or delete a bastion machine, using the buttons at the bottom of the page. If you choose to delete a bastion machine, you must acknowledge that any active sessions on the machine will end automatically. Also, any data and files that were saved on the machine will be deleted.
Direct RDP access
- From the Manage > Azure Quick Deploy dashboard in Citrix DaaS for Azure, expand Troubleshoot & Support on the right.
- Click View troubleshooting options.
- On the Troubleshoot page, select Other catalog issue.
-
On the Troubleshoot with RDP Access page, select the catalog.
If RDP has already been enabled to the selected catalog’s network connection, skip to step 7.
- The RDP access range is displayed. If you want to restrict RDP access to a smaller range than permitted by the network connection, select the Restrict RDP access to only computers in IP address range check box and then enter the desired range.
-
Click Enable RDP Access.
When RDP access is successfully enabled, the page title changes to RDP Access – connection.
If RDP access is not successfully enabled, click Retry Enabling RDP at the bottom of the failure notification page.
- Connect to machines using your Active Directory administrator credentials. You can then collect logs and run diagnostics.
Get help
If you still have problems, open a ticket by following the instructions in How to Get Help and Support.