SCRIPT: Check ICA Listener response

Last week I was troubleshooting at a customer which was experiencing some “random” periods in which end users could not login at all. When looking at the Load Evaluator I noticed the least loaded server in those periods were the same. When trying to logon to the server through ICA, the server sits forever at connecting…

Instantly I opened a DOS prompt and did a telnet to the servers ICA port (1494).  The server responded and a connection was made, but when I was expecting to see the ICA heartbeat the telnet session stayed blank, this told me the ICA listener is corrupted. I rebooted the server and I came up perfectly. Problem solved you think, not quiet yet.

The infrastructure consisted of 100+ XenApp servers which are provisioned by Citrix Provisioning Services. So potentially more XenApp servers were having a corrupted ICA listener. But entering a telnet session for each server manually was not an option. and scripting a powershell script which launches an external (telnet) process did was not sufficient either. (because is does not report, the telnet output back to powershell). That’s why I searched the internet how to read a “telnet” sessions output. while searching I stumbled upon a blog that needed to do some telnet magic on Cisco devices. I decided to adapt the script for my own needs

After some alteration I ended up with a script that connects to the ICA port (1494) and reports it’s output. I’ve tested it and it work really fine, but you might have to change the TimeOut settings. When a server reports a potential issue you can test it against a manual telnet session.

  •  Test a Single Computer
  • Test-ICA -ComputerName <your computername here> -TimeOut <Time Out in ms>
  •  Test Multiple Computers
  •  101..190 |% {.\Test-ICA.ps1 -ComputerName CTX$_ -TimeOut <Time Out in ms>}

You can also filter output for your needs. Let me know if you appreciate the script.

Download Test-ICA (2301)



Send Message to User Limitations

Today I received a question from a customer who wanted to send “Large” message to all XenApp users in the farm. They asked me what the maximum number of characters was that you can send to a user. I honestly did not have a clue and answered to the client that I was not aware of any limitation but that I did not have any problems even with longer messages. The customer was happy with my answer and did send its “Large” message to their XenApp 6 sessions.

The question got stuck in my mind and I decided I had to find out if there were limitations. So I prepared a 1000 character sentence and send it with Citrix Delivery Console, result was the message popped up to the session as it supposed to. So I tried a 5000 character message and it did not pop-up.

  • 1000 characters,No problems both CDC as Send-XASessionMessage cmdlet
  • 2000 characters,No problems both CDC as Send-XASessionMessage cmdlet
  • 3000 characters,No problems both CDC as Send-XASessionMessage cmdlet
  • 4000 characters,No problems both CDC as Send-XASessionMessage cmdlet
  • 5000 characters, both CDC as Send-XASessionMessage cmdlet the message did not arrive.

After some narrowing down,  the maximum character in a message send with:

  • Citrix Delivery Console   = 4055
  • Send-XASessionMessage= 4094

I’m not sure why the limit is not the same, but that the conclusion I ended up with. So if you send a message to your user, Keep it short 😉




SCRIPT: Automatically Change Proxy Settings

When you’re in the consulting business, you travel a lot between companies. That what I consider the beautiful part of the job. Downside is that every company has it’s own policy for Internet usage. A lot of companies regulate their internet access through so called proxy servers. When you visit a lot of companies you have to change the internet settings multiple times a day to match the desired settings for that company. Therefore I wrote a powershell script that detects the DNS suffix of the company you’re at and matches the proxy settings according to the configured settings read from a XML file.

What does the script do:

  • Change Proxy Server settings for Internet Explorer and Chrome
  • Add Proxy Exceptions to bypass the proxy
  • When connected to multiple networks a known location takes presence
  • When a location is not known, the configuration defaults to “Direct Connection”
  •  Notifies you which settings are used.

What the script does NOT do:

  • Detect networks based on IP Address (Never will, too general way of checking)
  • Change Proxy settings for FireFox (#1 on my wishlist)
  • Detect network changes dynamically.


Copy the PS1 and XML to a convinient location (eg. C:\Windows). Configure the XML file for use with proxy servers. Each location must be in its own <Sites> node.

<Name>  The name for your location is must be in the Name node.
<DNSDomain> The DNS Domain that should be checked is in this node
<ProxyServer> In this node you enter the proxy server name
<ProxyPort> In this node you enter the proxy port that should be used
<ProxyOverRide> All exceptions that should bypass the proxy server are entered in this node, each exception should be separated with a semi column.

Example Configuration

 <Name>My Location</Name>

Each location should look like the above example, you can append multiple sites to the <Global> node. I’ve tested the script on Windows 7 (x64) but it should work on Windows XP as well. to hide the Powershell command-box you can start the powershell script with:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle “Hidden” C:\Windows\SetProxy.ps1

I’ve created a scheduled task that executes the script on login and unlock, that covers it for me. additionaly you can create a shortcut on your desktop to launch the script manually.

Please let me know what you think.

Download :  Set Proxy (3110)


XenServer cmdlet’s not available on Windows 2008 R2

After installing the XenServer powershell cmdlet’s, the cmdlet’s are by default only available in the 32-bit environment of powershell. When you want to use these cmdlet’s within the native 64-bit environment you have to launch a command after the installation of the XenServer Powershell SDK.

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe "c:\Program Files (x86)\Citrix\XenServerPSSnapIn\XenServerPSSnapIn.dll"

After the DLL is loaded succesfully you can start using the cmdlet’s by invoking

Add-PSSnapin XenServerPSSnapIn

Or use the “Citrix XenServer PowerShell SnapIn” StartMenu item

Happy Scripting!


SCRIPT: Check your WAN IP and get Notified on change

One of the first powershell scripts I wanted to share is a script that checks your WAN ip and notifies you by e-mail when it changes.


I’ve used to sign up with a dynamic DNS provider but my router stopped updating my ip address to that DynDNS provider. After a while I received an e-mail that my host was being deleted from the database if I did not take action. A few e-mail later I decided to say goodbye to that DynDNS provider because my IP-Address does not change that much at all (I still have the same address as a year ago). So I wrote a script that checks the IP address of your FQDN and uses the automation page of  WhatisMyIP.com  to read you current WAN ip address and sends you an e-mail when it has changed.

Code Break down:

This is where you put your router’s FQDN

$TargetDomain = "Your Host FQDN" #Enter your FQDN that is linked to your WAN ip address

This function takes care of sending the e-mail

Function SendMail {
$EmailFrom = "from@yourdomain.com" #Enter the e-mail address it should send the message from.
$EmailTo = "to@yourdomain.com" #Enter the e-mail address it should send the message to.
$Subject = "External IP Address Has Changed ($Current_WAN_IP)" #Enter your subject the e-mail message should contain.
$Body = "Please Update your DNS records to $Current_WAN_IP" #Enter the message that the e-mail should contain.
$SMTPServer = "SMTP SERVER FQDN" #Enter the FQDN of your SMTP server eg. smtp.gmail.com
$SMTPClient = New-Object Net.Mail.SmtpClient($SmtpServer, 587) #Enter your SMTP Port eg. 587
$SMTPClient.EnableSsl = $true # Change to $false if you don't want to use SSL
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential("your smtp username", "your smtpserver password") #Comment line with '#' if you don't need authentication
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $Body)

Here is where the magic happens, this code checks your WAN IP and executes the correct action

# Do not change anything below this line.
$DNS_WAN_IP = [System.Net.Dns]::GetHostAddresses("$TargetDomain") | select-object IPAddressToString -expandproperty IPAddressToString
Write-host "Resolved IP Address of $TargetDomain = $DNS_WAN_IP"
$Current_WAN_IP = (New-Object System.Net.WebClient).DownloadString("http://automation.whatismyip.com/n09230945.asp")
Write-host "Current WAN IP Address = $Current_WAN_IP"
if ($Current_WAN_IP -ne $DNS_WAN_IP) {
 if ((@([Byte[]][char[]]$Current_WAN_IP -eq 46).Count)-ne 3) {write-host "No Valid IP Address Retrieved";Exit}
 Write-Host "IP Address Has Changed, Sending e-mail"
 Else {write-host "No IP Address Change Detected";Exit}

This script is tested with Powershell V2 but should work in V1 as well. I’ll Hope you like the script full version can be downloaded here: CheckWANIP (1338)