Share this post

XenDesktop 5 logon process and communication flow is presented on Figure 1 below

communication flow

Figure 1



  1. The user device submits credentials to the Web Interface site.
  1. Web Interface passes the user credentials to the controller.
  1. Controller verifies user authorization by performing a Microsoft Active Directory query with the end user’s credentials.
  1. Controller queries the site database for the end user’s assigned desktop groups; named instance uses ports 1434 and 1433. These groups are presented to the user (enumeration).
  1. User clicks on one of the Desktop Groups to start a XenDesktop session. Using the desktop group obtained from the database, controller queries the hypervisor about the status of desktops within that group.
  1. Controller identifies to Web Interface the desktop it assigned for this particular session.
  1. Web Interface sends an ICA file to the online plug-in, which points to the virtual desktop identified by the hypervisor.
  1. Online plug-in establishes an ICA connection to the specific virtual desktop that was allocated by the controller for this session.
  1. Virtual Desktop Agent verifies the license file with the controller.
  1. Controller queries Citrix license server to verify that the end user has a valid ticket.
  1. Controller passes session policies to the Virtual Desktop Agent (VDA), which then applies those policies to the virtual desktop.
  1. Online plug-in displays the virtual desktop to the end user.
  1. Administrator and helpdesk personnel use Desktop Director and Desktop Studio tools to manage the desktops from the management server

Reference: CTX128909

Important note:  The user logon workflow (logon process) in StoreFront is different to Web Interface. For more information see post: Web Interface vs StoreFront logon process