Here are three useful powershell commands for helping to diagnose disconnection issues. Insert the computer name after "-ComputerName". Run each section separate.
The trace file will grow to 1GB and then repeat until stopped.
Once you have stopped the trace, copy the ETL file to a share and open the file with Microsoft Message Analyser. Save and export the file in to .cap format and open with Wireshark.
I have been working on a script that allows you to add the computer names to a text file and will create a trace of each of those computers. It also allows you to add a username and have the script query a Delivery controller for the associated Citrix machine name and then run a trace. I'll post that version when complete.
#START THE TRACE
function Disable-ExecutionPolicy {($ctx = $executioncontext.gettype().getfield("_context","nonpublic,instance").getvalue( $executioncontext)).gettype().getfield("_authorizationManager","nonpublic,instance").setvalue($ctx, (new-object System.Management.Automation.AuthorizationManager "Microsoft.PowerShell"))} Disable-ExecutionPolicy .runme.ps1
Invoke-Command -ComputerName {
powershell -command{
$test=test-path C:\NetworkTrace
if ($test=test-path C:\NetworkTrace) {
Remove-Item C:\NetworkTrace -Recurse -Force -EA SilentlyContinue -Verbose
new-item c:\NetworkTrace -itemtype directory
netsh trace start persistent=yes capture=yes report=yes maxSize=1024 fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}
else {
new-item c:\NetworkTrace -itemtype directory
netsh trace start persistent=yes capture=yes report=yes maxSize=1024 fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}
}
}
#STOP THE TRACE
Invoke-Command -ComputerName {
powershell -command{
$test=test-path C:\NetworkTrace
if ($test=test-path C:\NetworkTrace) {
netsh trace stop
#new-item c:\NetworkTrace -itemtype directory
#netsh trace start persistent=yes capture=yes report=yes persistent=Yes maxSize=1024 MB fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}}}
#REMOVE THE TRACE
Invoke-Command -ComputerName {
powershell -command{
$test=test-path C:\NetworkTrace
if ($test=test-path C:\NetworkTrace) {
Remove-Item C:\NetworkTrace -Recurse -Force -EA SilentlyContinue -Verbose
#new-item c:\NetworkTrace -itemtype directory
#netsh trace start persistent=yes capture=yes report=yes persistent=Yes maxSize=1024 MB fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}}}
The trace file will grow to 1GB and then repeat until stopped.
Once you have stopped the trace, copy the ETL file to a share and open the file with Microsoft Message Analyser. Save and export the file in to .cap format and open with Wireshark.
I have been working on a script that allows you to add the computer names to a text file and will create a trace of each of those computers. It also allows you to add a username and have the script query a Delivery controller for the associated Citrix machine name and then run a trace. I'll post that version when complete.
#START THE TRACE
function Disable-ExecutionPolicy {($ctx = $executioncontext.gettype().getfield("_context","nonpublic,instance").getvalue( $executioncontext)).gettype().getfield("_authorizationManager","nonpublic,instance").setvalue($ctx, (new-object System.Management.Automation.AuthorizationManager "Microsoft.PowerShell"))} Disable-ExecutionPolicy .runme.ps1
Invoke-Command -ComputerName {
powershell -command{
$test=test-path C:\NetworkTrace
if ($test=test-path C:\NetworkTrace) {
Remove-Item C:\NetworkTrace -Recurse -Force -EA SilentlyContinue -Verbose
new-item c:\NetworkTrace -itemtype directory
netsh trace start persistent=yes capture=yes report=yes maxSize=1024 fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}
else {
new-item c:\NetworkTrace -itemtype directory
netsh trace start persistent=yes capture=yes report=yes maxSize=1024 fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}
}
}
#STOP THE TRACE
Invoke-Command -ComputerName {
powershell -command{
$test=test-path C:\NetworkTrace
if ($test=test-path C:\NetworkTrace) {
netsh trace stop
#new-item c:\NetworkTrace -itemtype directory
#netsh trace start persistent=yes capture=yes report=yes persistent=Yes maxSize=1024 MB fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}}}
#REMOVE THE TRACE
Invoke-Command -ComputerName {
powershell -command{
$test=test-path C:\NetworkTrace
if ($test=test-path C:\NetworkTrace) {
Remove-Item C:\NetworkTrace -Recurse -Force -EA SilentlyContinue -Verbose
#new-item c:\NetworkTrace -itemtype directory
#netsh trace start persistent=yes capture=yes report=yes persistent=Yes maxSize=1024 MB fileMode=circular overwrite=yes tracefile=c:\NetworkTrace\nettrace-boot.etl
}}}
