VMware Cloud Community
saltnz
Contributor
Contributor
‎10-26-2011 06:42 PM

Citrix 4.5 Guest unable to logon if NIC connected

I know this sounds crazy, but I have an unusual problem that has landed on my desk.  With have a Citrix 4.5 Presentation server on Windows 2003 sp2. On a vSphere 4, 4 node cluster on ESXi 4 update 2 on HP BL495c (AMD SIX core, CPUs made by the devil).

Anyway this landed on my desk because someone was trying to log on via RDP and via the VMWare console.  They could Authenticate but you could never get to the desktop.  After fluffing around for a while trying various approaches I noticed that you could only get on if the NIC was not connected and you logged on locally.  However if the NIC was connected you could not get to the desktop it would just fereeze with the MS blue.  Thi sis true of all the NICs available in vmware not just the VMXNET3 one

There is absolutely nothing to suggest that there is anything wring in any logs it is as if it get to a point and just stops forever

I thought that maybe I could uninstall the TCP stack and re-install it, but turns out that is just not possible in 2003 so I tried the netsh int ip rsset and winsock, but still no dice.

Any ideas?

I am not sure whether this has ever worked properly, the guy who originally built it has left and I was not even aware this server existed until this problem arose

0 Kudos
5 Replies
VMmatty
Virtuoso
Virtuoso
‎10-27-2011 12:27 PM

Does it work if you login as local user with the NIC still connected?

This sounds like a problem with the VMs domain membership, policies being applied to the server, or something with the profile.  It doesn't seem like it would be related to anything in the virtualization stack (the hypervisor, networking, etc.).

Matt

http://www.thelowercasew.com

Matt | http://www.thelowercasew.com | @mattliebowitz
0 Kudos
saltnz
Contributor
Contributor
‎10-27-2011 08:15 PM

No it will not log on locally if NIC is connected. I have been focusing on logging on locally before looking at the domain (Chicken and egg).  HOWEVER I have narrowed the problem down.

If you clear the DNS servers from the TCP/IP properties you can log on, what the ......???????????????????.

No DNS servers or NIC you are not going to be able to log onto domain!

If you disable the DNS client and still have the DNS servers in the network configuartion you can still not log on.  I have logged a call with MS support, but they seem to be going down the wrong path trying to get me to change authenticating Kerberos over UDP.

We have a Novell client on this server because the citrix apps are doing  authentication through eDirectory and in order to do contexless  authentication it must use DNS when enetering username and password and  that certianly works.  It just freezes when preparing the desktop. The only error message to indicate there is a problem is this message

5719       NETLOGON         N/A        N/A        This computer was not able to  set up a secure session with a domain  controller in domain "OurDomain" due to  the following:   There are currently no logon servers available to service the  logon request.......

Well that is more of a sympton of not being able to find the DCs rather that nhot being able to contact them in my opinion

If you ask me there is something seriously wrong witht he TCP stack, but you can not seem to unistall it like you copuld in the good old days

Have found a number of MS Hot fixes regarding Networking problems, re-applied SP2, some jiggery pokery in the registry, but nothing getting closer.

Getting pretty desperate this has gone on far to long and really do not want to resort to rebuilding this.  Any out there suggestions welcome

0 Kudos
saltnz
Contributor
Contributor
‎10-27-2011 08:23 PM

PS

I do not think there is any problem with the Domain given the local logon issues.  We do not apply Group Polices, tried a blank local profile.....defintely nothing to do with AD or it's minions.

I am with you I think this is unlikely to be VMWare issue.  However it is either a OS issue or a HW issue and being a VM, hardware really is in the domain of of VMWare.  And I have been burnt many times with HW issues in VMware on linux espiecally when it comes to the quad/six core AMD chip (the CPU made by the devil).

This problem is just so out there I was hoping maybe somweone else has come across this themselves

0 Kudos
VMmatty
Virtuoso
Virtuoso
‎10-28-2011 05:13 AM

I agree with you that the problem is likely not anything to do with VMware.  That said, you can use the fact that it is running on VMware to your advantage.

If the TCP/IP stack is shot or there is some other major problem related to Windows then a Windows Repair isn't a bad idea.  You might not want to run that on the "good" copy of the server, so how about you clone the server to a brand new VM and then run the repair.  If it doesn't make any difference then you can just delete the clone and go back to the original.

You could also do this in a snapshot but I wouldn't recommend it since a Windows repair is almost a reinstall and you'll end up with a very large snapshot.

It definitely does sound like a domain authentication or networking issue to me.  If you could do the Windows Repair inside of a cloned VM I would try going down that route.

Matt

http://www.thelowercasew.com

Matt | http://www.thelowercasew.com | @mattliebowitz
0 Kudos
VMmatty
Virtuoso
Virtuoso
‎10-28-2011 05:16 AM

Also - I moved this to the Virtual Machine and Guest OS forum since it is more applicable here.

Matt

http://www.thelowercasew.com

Matt | http://www.thelowercasew.com | @mattliebowitz
0 Kudos