Combining in-depth Citrix data and Windows OS logging data, the Logon tab breaks down the user’s login from start to finish, providing the administrator with actionable metrics to reduce troubleshooting times.
The Logon tab is comprised of four main sections displaying a wide variety of data to assist in diagnosing slow logon times. Each of the logon stages is presented with easy to identify graphs to quickly see where the majority of time is spent in the process, saving you time in getting to the root cause of potential problems.
Figure 1 - Session dialog - the Logon tab at a glance
From the top of the dialog, the first section presents general session information. This information will differ if you're reviewing a Published app or desktop session versus a Virtual Desktop. The example in Figure 2, below, displays a Virtual Desktop session, which includes the Delivery Group name, the endpoints IP address, the Citrix broker responsible for the connection and the version of Citrix Receiver\Workspace the endpoint has installed.
Figure 1.a - Virtual Desktop session information
The next area is a Logon summary where you can find actual logon duration time as well as session start, duration, and end time if applicable.
Figure 1.b - Logon summary
Logon Duration Brokering Stages
The middle section of the Logon tab displays the logon duration brokering stage data for both the delivery controller and the Citrix Receiver startup stages.
Delivery Controller Stages
Figure 1.c - Delivery Controller Stages
- Credentials Authentication:
- The time spent on the server authenticating the user credentials against Active Directory.
How to Troubleshoot: A slow authentication stage may indicate an improper site configuration. An example would be if your user is logging into a data center in one location and is being authenticated by a domain controller in another physical location. Another point to consider would be a site DNS issue. |
- Credentials Obtention:
- The time taken for credentials to be passed through to the server. This is only likely to be a significant amount of time if a manual logon is used and the server side credentials dialog is displayed (or if a legal notice is displayed before the logon commences.)
- Credentials Obtention Network Server:
- Network credential retrieval for pass-through authentication.
- Drive Mapping:
- Client pass-through drives, port and device mapping.
How to Troubleshoot: Create policies to disable unnecessary ports, drives and devices. |
- Login Script Execution:
- Time spent executing user login scripts.
How to Troubleshoot: Find scripts executed by the user and manually run them to observe how long they take to execute and observe failures in execution that may cause delays. |
- Printer Creation:
- The time spent mapping the user’s client printers.
- Profile Load:
- The time spent loading the user’s profile.
How to Troubleshoot: Check the size of the user’s roaming profile. Find large folders and work on creating policies to reduce the number of folders and files included in the profile. |
- Program Neighborhood Cred Obtention:
- The time needed for the server to cause the Program Neighborhood instance running on the client to obtain the user credentials.
- Session Creation:
- The time the server spends creating the session.
- Session Startup:
- This is the high-level server-side connection start-up metric that encompasses the time XenDesktop takes to perform the entire start-up operation. When an application starts in a shared session, this metric is normally much smaller than when starting a new session, which involves potentially high cost tasks such as profile loading and login script execution.
Citrix Receiver Startup Stages
Figure 1.c - Citrix Receiver Startup Stages
- Application Enumeration Client:
- Application enumeration is one of the issues slowing down session start times.
- Backup URL Client Count:
- If this metric has a value higher than 1, it indicates the Web Interface server is unavailable and the Citrix Receiver is attempting to connect to back-up Web Interface servers to launch the application.
- Configuration Obtention Client Duration:
- The time it takes to get the configuration file from the XML server
- Credentials Obtention Client:
- The time it takes to obtain user credentials when the user credentials are manually entered by the user.
- ICA File Download:
- The time it takes for the client to download the ICA file from the server.
- Launch Page Web Server Duration:
- Review the information for IFDCD. The LPWD metric is only used when Web Interface is the application launch mechanism.
- Name Resolution Client:
- This metric is collected when a client device directly queries the XML Broker to retrieve published application information stored in IMA (for example, when using Program Neighborhood or a Custom ICA Connection). NRCD is only gathered for new sessions since session sharing occurs during startup if a session already exists.
How to Troubleshoot: When the Name Resolution Client metric is high, it indicates the XML Broker is taking a lot of time to resolve the name of a published application to an IP address. Possible causes include a problem on the client, issues with the XML Broker, such as the XML Broker being overloaded, a problem with the network link between the two, or a problem in IMA. Begin by evaluating traffic on the network and the XML Broker. |
- Name Resolution Web Server:
- When this metric is high, there could be an issue with the Web Interface server or the XenApp plugin site (formerly known as the Neighborhood Agent site), the XML Service, the network link between the two, or a problem in IMA.
How to Troubleshoot: Like Name Resolution Client, this metric indicates how long it takes the XML service to resolve the name of a published application to a XenApp IP address. However, this metric is collected when a Web Interface site is performing this process on behalf of a launch request it has received from either the XenApp plugin (previously known as Program Neighborhood Agent) or from a user clicking a Web Interface page icon. This metric applies to all sessions launched through the Web Interface or the Citrix Online Plugin (formerly, the Program Neighborhood Agent). |
- Reconnect Enum Client:
- The time spent for the user’s client to get a list of reconnectable sessions.
- Reconnect Enum Web Server:
- The time it takes the Web Interface to get the list of reconnections for this user from the XML service.
- Session Creation Client:
- The time it takes to create a new session, from the moment wfica32.exe is launched to when the connection is established.
- Session Lookup Client:
- The time it takes to query every session to host the requested published application.
- Ticket Response Web Server:
- The time it takes to get a ticket from the STA server or XML service.
How to Troubleshoot: This can indicate that the Secure Ticket Authority server is overloaded. |
Logon Stage Details
The Logon Stage Details section of the Logon tab is unique to Goliath Performance Monitor. It presents a granular breakdown of the login process by combining all of the above metrics with information included in the Goliath logs. This approach saves time and testing efforts by highlighting specific details during the login process that an administrator would normally have to dig through logs and other areas to obtain.
Figure 5: Logon Stage Details
As seen in the image above, some of the stages of the logon process can be expanded to drill in to specifics about the individual logon stage process.
The Authentication section is key to determining which domain controller processed the login as well as the time it took to read group policy objects. One of the key metrics here are is the domain controller’s location. An improper site configuration could have a client authenticating through a domain controller not local to the client. Another key metric would be the client’s ability to read the Group Policy file and how long that read takes.
The GPO section displays the amount of time to process each group policy. Long GPO processing could indicate invalid printer mapping and network drive mapping.
In summary, Goliath Performance Monitor's Logon tab provides administrators with a unique view into the login process by combining data from Citrix as well as Windows log information to assist in troubleshooting slow logons and getting to root cause much faster.
Example Troubleshooting Scenario
Figure 6, depicts a real-world example of how the GPO section identifies the root cause for slowness issues during a user’s logon. This section breaks out each policy name, the time each one takes and a Gantt chart showing the duration of each police. Here you see that a VDI drive map adding 180 seconds with is indicative of a 3 minute timeout which means that the drive in this case may not be available.
Figure 6: GPO Section of Logon Stage Details