Citrix XenDesktop login process and ports used
1. The user submits the credentials to the Citrix Web Interface site (http/https – port 80/443).
2. Web Interface passes the user credentials to the Desktop Delivery Controller with XML service (port 80/443).
3. DDC verifies the user authorization with Microsoft Active Directory (LDAP and GC – port 389/636 and 3268/3269).
4. DDC queries the database for the user’s desktop groups and user’s profile information (ports 1433/1434). Now user sees the desktop groups, he has access to
5. When user clicks one of the desktop groups, DDC queries (port 80/443) the hypervisor (ESXi or Hyper-V) about the status of desktops within that group.
6. Controller provides the corresponding desktop to the Web Interface for this particular session (80/443).
7. Web Interface sends an ICA file (port 80/443) to the online plug-in in the client machine, which points to the virtual desktop identified by the hypervisor.
8. Citrix client establishes an ICA connection to the specific virtual desktop that was allocated by the controller for this session (port 1494/2598).
9. Virtual Desktop Agent (VDA) in the Virtual Desktop verifies the license file with the DDC (port 80).
10. DDC queries Citrix license server to verify that the end user has a valid ticket (port 27000).
11. DDC passes the session policies to the VDA, which then applies those policies to the virtual desktop (port 80).
12. Citrix client (port 1494/2598) opens the virtual desktop to the end user.
13. The user’s session information and the server’s status are being controlled and managed by the administrators from Desktop Director and Desktop Studio (Powershell/RDP- port 5985/3389) from the management server.