Jump to content
Welcome to our new Citrix community!
  • 0

Potential DNS issue with Citrix Virtual desktop

prasant chettrri


Currently my Citrix virtual desktop authenticates to old Forest and domain space of 

aaa.org local dns namspace

bbb.gov on public workspace


netscaler link to access VDI is VDA.bbb.gov

Storefront shows 

Store URL - https://xd.bbb.gov/citrix/store

Xenapp services URL -  https://xd.bbb.gov/citrix/storePNAgent/config.xml

Token validation -    https://xd.bbb.gov/citrix/Authentication/auth/v1/token/validate

To resolve external name for bbb.gov I have internal zone for public name as AD integrated DNS name with few  A records for Ns, and XD.


My new forest has following domain name -

zzz.org for internal 

bbb.gov for external


Virtual desktop will continue for live in old forest until we decommission all on prem resources. I have full forest trust between two domains. If  I remove internal DNS zone for public name bbb.gov from domain controller for aaa.org and create AD integrated for same zone for on zzz.org. Would Virtual desktop would continue to work and resolve correct through resource trust? Or it is better to just implement during scheduled downtime and undo if anything breaks.


Hopefully, removing DNS zone from DC adding to DC in another forest, if there is any issue remove zone from new forest DC and adding back to old forest DC. I guess DNS change should be easy to undo in an hour time based on AD replication which could be force and clear cache on servers.


Link to comment

1 answer to this question

Recommended Posts

  • 0



To grant the DNS resolution, you can create the DNS zone bbb.gov into the new domain and create a new "Conditional Forwarder" into the old domain.

In this case, the DNS resolutions included in the bbb.gov domain will are resolved by the DNS servers and the old DNS servers can request the resolutions in forwarder mode.


You can verify the correct DNS resolutions and validate the configuration for excluding eventually issues.



Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...