This article outlines the plan to migrate License Servers and do a cutover.

Grace period should protect the environments during the transition to a new license server. On the new server customer should disable the network adapter initially, so the system isn’t reachable then firewall the licensing ports (defaults 27000 &7279) while the system is being configured, and having licenses installed. If any Citrix products contact the LS while it’s unlicensed it could lead to an unlicensed state. Once the license server has been re-installed on the new OS, installed, licenses and has proper domain association/DNS replication then disable the firewall rules. As products come out of grace you should see licenses being checked back out on the new server.

Instructions

a) To minimize service interruption during the Citrix Licensing Server cutover, it is possible to build a new system, with upgraded OS, to host the Citrix licenses server with the same license files (Note: as per EULA only 1 active licensing server with license file is allowed to be used). License files are to be bound to the HOSTNAME of the existing license server. If any license files are bound to the MAC address of the existing license server, these license files will have to be re-hosted to the MAC address of the new license server. Also, the ports used by the license server must be configured the same as the OLD license server. Any admin rights and users’ settings need to be replicated from the OLD to the NEW license server. These steps are crucial to avoid unplanned downtime after the switchover. A manifest of Citrix servers connected to the license server is available using the LMSTAT command ( https://docs.citrix.com/en-us/licensing/current-release/license-administration-commands.html ). Prior to shutting down the old license server, the LMSTAT report’s section for the “CITRIX” license should be saved on a network share for comparison purposes after the switchover to the new license server.

b) The hostname (aka computer name) of the new system must EVENTUALLY match the hostname of the old system; however, the initial setup of the new system will likely need to be performed under a different computer name to allow it to initially join the Windows domain. When the switch over is ready to be completed, the old system will need to be taken down (it MUST NOT BE AVAILABLE FOR CONNECTIONS via stale DNS/ARP entries), including removal from the Windows domain, so that the new computer can have its name changed to the name of the former license server. After the switchover, there will be DNS and ARP table entries across the customer network that will be stale. Meaning – connections to the new license server will fail for however long as the DNS and ARP entries with the OLD Hostname to IP, and IP to MAC address mapping entries persist. The ARP and DNS entries for the old license server will eventually timeout. The timeouts are established by the OS and any of customer network devices that cache them. There are defaults, but these timeouts are a configuration option, so determining the longest ARP/DNS timeout will establish the shortest time to expect a Citrix server to be able to successfully connect to the new license server. When the old license server is disconnected, all connected Citrix systems (CVAD, CVA, CVD, PVS, Hypervisor) will enter the “license server down” Grace period (see: Grace Period on this page https://docs.citrix.com/en-us/licensing/current-release/license-server/licensing-technical-overview.html ) and continue to operate for 30 days. During this time the CVAD servers will begin to report errors in their event logs.

These systems will periodically attempt to reconnect to the license server using their configured computer name setting. The stale DNS and ARP entries will direct new connection attempts to the old server. The DNS and ARP will eventually expire, and a subsequent Citrix-server connection attempt will succeed, and normal server-to-license-server operation will resume. Any Citrix server that has not been online in the past 30-days, and is booted around the time of the switchover, will be outside the 30-day Grace Period window. Servers in this state will need to connect to the license server to allow any connections, and will be “down” while the stale DNS and ARP interfere with their connection to the new license server. If any Citrix servers can be dormant for 30 days or more, it may be worthwhile to determine if there is a timeframe where launching dormant servers is reduced, and schedule the switchover during one of these periods. The other possibility is to consider forcing a “reboot” of these dormant servers such that none are more than a few days dormant when the switchover occurs; hence, “scheduling” them to be within the 30-day Grace Period window. The LMSTAT command on the new license server to can be used to monitor the reconnection status of the expected (using the LMSTAT manifest from the old license server) CVAD servers.

If servers fail to re-establish connection on their own, even after the DNS/ARP entries timeout and the reconnection attempt delay of the Grace Period recovery logic, manual steps can be proactively pursued to establish connection with the new license server before the expiration of the Grace Period. Performing this will require careful planning leading up to the switch over, and vigilant monitoring to ensure that the Citrix deployment has resumed normal operation.

Summary of steps

1. To continue to use the existing certs backup the following paths from the current license server; ("c:\Program Files (x86)\Citrix\Licensing\LS\conf ") and ("c:\Program Files (x86)\Citrix\Licensing\WebServicesForLicensing\Apache\conf")

2. Backup (c:\program files (x86)\Citrix\Licensing\MyFiles)

3. Power down current license server.

4. Delete the AD Computer object.

5. Deploy then new Licensing Server with the same name and IP address on a newer OS (if required)

6. On the new server disable the network adapter and/or block the firewall licensing ports (defaults 27000 and 7279).

7. Once the license server has been re-installed on the new OS and has proper domain association/ DNS replication.

8. Restore the following paths to the new licensing server ("c:\Program Files (x86)\Citrix\Licensing\LS\conf ") and ("c:\Program Files (x86)\Citrix\Licensing\WebServicesForLicensing\Apache\conf")

9. Create a folder on the new licensing server named ("c:\program files (x86)\Citrix\Licensing\MyFiles folder")

10. Move existing licenses into this folder

11. Restart the "Citrix Licensing" service after all of the licenses are copied to the new license server.

12. Verify licenses are installed in the Citrix Licensing dashboard

13. Re-enable the network adapter and/or unblock the firewall ports (default 27000 and 7279)

14. Validate that VDA's are returning from the grace period and are checking out licenses.