One of Windows domain controllers is down. When user logon Linux VDA, gray screen takes about 1 minutes, then ICA session disappears.

1. Modify reachable LDAP server in VDA via below command:

   sudo /opt/Citrix/VDA/bin/ctxreg create -k "HKLM\Software\Citrix\VirtualDesktopAgent" -t "REG_SZ" -v "ListOfLDAPServers" -d "ad01.xxx.xxx:389 ad02.xxx.xxx:389" --force

2. Restart ctxjproxy and ctxvda service:

   sudo systemctl restart ctxjproxy
   sudo systemctl restart ctxvda

Problem Cause

1. Launching ICA session requires the group policy evaluation. If the evaluation fails, the session will not start. Once DDC policy deployed to OU, user or group, then VDA will do LDAP query to filter policy. For 2203 VDA, LDAP query timeout is 10s for every LDAP server. Total policy timeout is 30s.

2. Broker Agent will attempt to use DNS to locate the LDAP servers in the domain via the DNS service record, then record them in ListOfLDAPServersForPolicy registry key. If set LDAP server manually, then VDA will do not query DNS SRV record. So, if LDAP server is not reachable or down, then manually set reachable LDAP server.