Module 5: Installing and Configuring the Web Interface
- Web Interface Communication Process
1) A user submit logon credentials through a web interface logon page.
2) Web interface server forwards the logon credentials to the XML broker service on the XenApp server.
3) The credentials are forwarded to a domain controller for authentication.
4) The XML broker service retrieves a list of resources from the IMA subsystem.
5) Web interface presents the resources in a web page on user device. The user clicks an application icon on the web page
6) Web interface contacts the XML broker to locate the least busy sever in the farm. The XML broker requests a secure ticket for the user from the least busy server.
7) The XML broker returns the address of the least busy server hosting the resources and the secure ticket for the user to the web interface. The web interface server dynamically generate an ICA file (launch.ica) and sends it to the web browser on the user device.
8) The user device initiates a connection with the server specified in the connection information of the ICA file.
- Web Interface Installation
– Site creation: XenApp Web site (for web plugin)/ XenApp Service site (for online plugin)
– The configuration information for a web site is stored in webinterface.conf file (\INetPub\WWWRoot\Citrix\XenApp\Conf\)
– Point of authentication (web interface, ADFS, access gateway, third party) can not be changed once set
– Published resources type: online/ offline/ dual mode (attempts to virtualize the application to the user device first)
– XenApp service site configuration information is stored in config.xml file (\INetPub\WWWRoot\Citrix\PNAgent\Conf\)
- Web Interface Site Modification
– A maximum of five backup URLs can be configured for each site
– Add /m or /mobile to the end of the web interface URL to access available mobile pages on the site
– Site appearance: Layout/ Appearance/ Content
– Session settings are not available for XenApp service sites
– Session options are not available fro XenApp web sites
– The workspace control feature allows users to disconnect and reconnect to sessions as they move between different user devices (XenApp must be installed and configured, Web interface must be installed, and at least one web interface site must be configured)
– Workspace control: Automatically reconnect to sessions/ Enable reconnect button/ Logoff/ Session lingering
- Citrix Plug-ins and Web Interface
– Citrix receiver and plug-ins update
1) uncomment the following lines
2) Rename CitrixOnlinePluginWeb.exe to CitrixReceiverWeb.exe
3) Restart IIS web services – iisreset
– Automatically Detecting Plug-ins
- Authentication Configuration
– Authentication options: Explicit/ Pass-through/ Pass-through with smart card/ Smart card/ Anonymous
– Two factors authentication: RSA SecureID/ SafeWord/ RADIUS
– Password setting configurations (Account Self-Service is not available for sites accessed using Access Gateway with Advanced Access Control)
– ICAClient.adm GPO template is the used for the pass-through authentication
– The pass-through, smart card, and pass-through with smart card authentication methods require trust relationships between the Web Interface server and the XenApp servers.
- Secure Access Configuration
– If Access Gateway is in use, one of the Access Methods should be used: Direct access/ Alternate access/ Translate access
– NAT access types: User device route translation/ gateway route translation/ user device and gateway route translation
- Client-side Proxy Settings
- Server Configuration
– Configure multi farms
– XML broker servers failover and load balancing
Module 6: Delivering Applications and Content
- Publishing Resources
– Basic/ Advanced
– Published Resource Types: Server Desktop/ Content
- VM Hosted Apps requires the components: Desktop Delivery Controller/ Management Console/ Virtual Desktop Agent
- Advanced Published Resources Settings
– Access Control
– Content Redirection (Client-to-Host, Host-to-Client)
– File Type Association
– Application Importance
– Session sharing (all application in a shared session must be published with the same settings, e.g. encryption or color depth). Load balancing takes precedence over session sharing.
- Published Resource Configuration
– Session pre-launch reduces application start time ctxprelaunch.exe
– Manage connections to resources (reset/ log off/ disconnect/ send message/ shadowing)
– Disable or hide a published resource