Citrix receiver

Receiver et plug-ins

Table des matières

1. Présentation de Receiver 2. Receiver pour Windows 2.1. Receiver for Windows 1.1 2.1.1. Readme for Citrix Receiver for Windows 1.1 2.1.2. System Requirements and Compatibility 2.1.3. New Features in this Release 2.1.4. Installing Receiver for Windows 2.1.4.1. Pushing Citrix Receiver 2.1.4.2. Installing Receiver on Private and Shared XenDesktop Images 2.1.4.3. Deploying Receiver on XenApp Published Desktops 2.1.5. Software Development Kit 3. Merchandising Server 3.1. Merchandising Server 1.1 3.1.1. New Features in this Release 3.1.2. Readme for Citrix Merchandising Server 1.1 3.1.3. Administrator's Quick Start 3.1.4. Installation 3.1.4.1. System Requirements 3.1.4.2. Importing the Virtual Appliance 3.1.5. Administration 3.1.5.1. Overview 3.1.5.1.1. About Merchandising Server 3.1.5.1.2. Components 3.1.5.1.2.1. Citrix Merchandising Server 3.1.5.1.2.1.1. Administrator Console 3.1.5.1.2.2. Receiver Client 3.1.5.1.2.3. Citrix Update Service 3.1.5.1.2.4. Software Development Kit 3.1.5.1.3. Security 3.1.5.1.3.1. User Authentication 3.1.5.1.3.2. Data Transfer 3.1.5.2. Configuring the Merchandising Server 3.1.5.2.1. Configuring your Administrator Account 3.1.5.2.1.1. Logging on as Root 3.1.5.2.1.2. Resetting Root Password 3.1.5.2.1.3. Connecting to Active Directory 3.1.5.2.1.4. Granting Administrator and Auditor Permissions 3.1.5.2.2. Logging on as Administrator 3.1.5.2.3. Configuring Server Options 3.1.5.2.3.1. Configuring Support Contact Information 3.1.5.2.3.2. Configuring Default Domain Name 3.1.5.2.3.3. Disabling HTTPS Redirection 3.1.5.2.3.4. Defining Update Service Polling Frequency 3.1.5.2.3.5. Defining Token Expiration Frequency 3.1.5.2.4. Installing SSL Certificates 3.1.5.2.4.1. Generating a Self-signed SSL Certificate 3.1.5.2.4.2. Creating a Certificate Signing Request 3.1.5.2.4.3. Importing Certificates 3.1.5.2.4.4. Creating Signing Request for Microsoft Certificate Services 3.1.5.2.4.5. Installing Local or Customized Certificates on Client Devices 3.1.5.2.5. Configuring the Proxy Server 3.1.5.3. Creating Deliveries 3.1.5.3.1. Preparing Updates 3.1.5.3.1.1. Downloading Plug-ins to the Merchandising Server 3.1.5.3.2. Creating Delivery Recipient Rules 3.1.5.3.2.1. Rules: Use Case Scenario for Creating Targeted Deliveries 3.1.5.3.3. Creating Deliveries 3.1.5.3.3.1. Defining General and Installation Delivery Information 3.1.5.3.3.2. Adding Plug-ins to a Delivery 3.1.5.3.3.3. Configuring Plug-in Parameters 3.1.5.3.3.4. Adding Rules to the Delivery 3.1.5.3.3.5. Scheduling Deliveries 3.1.5.3.4. Getting Delivery Status 3.1.5.3.5. Deploying Other Citrix Products and Features 3.1.5.3.5.1. Deploying Access Gateway 3.1.5.3.5.2. Using other VPNs with the Receiver 3.1.5.3.5.3. Deploying Easy Call with the Receiver 3.1.5.3.5.4. Deploying Branch Repeater Acceleration 3.1.5.3.5.5. Deploying EdgeSight Monitoring 3.1.5.3.5.6. Deploying Profile Management 3.1.5.4. Managing Plug-ins and Deliveries 3.1.5.4.1. Updating Plug-ins 3.1.5.4.2. Redelivering Plug-ins 3.1.5.4.3. Removing Plug-in Files from the Merchandising Server 3.1.5.4.4. Removing the Receiver and its Plug-ins 3.1.5.5. Maintaining the Merchandising Server 3.1.5.5.1. Upgrading the Merchandising Server Software 3.1.5.5.2. Changing the Server Network Settings 3.1.5.5.3. Ensuring Merchandising Server High Availability 3.1.5.5.4. Ensuring Merchandising Server Fault Tolerance 3.1.5.5.5. Backing Up the Merchandising Server 3.1.5.5.6. Starting and Stopping the Server 3.1.5.6. Auditing Administrative Actions 3.1.5.6.1. Logging on as Auditor 3.1.5.6.2. Viewing the Audit Trail 3.1.5.7. Troubleshooting 3.1.5.7.1. Enabling System Debug Logging 3.1.5.7.2. Enable User Debug Logging 3.1.5.7.3. Triggering the Collection of Client Log Files 3.1.5.7.4. Viewing Client Log Files 3.1.5.7.5. Downloading the Debug Log Files 3.1.5.7.6. Changing the Merchandising Server Location 3.1.5.8. Metadata Reference 3.1.5.8.1. Metadata Schema 3.1.5.8.1.1. Attribute and Element Descriptions 3.1.5.8.2. Sample Metadata File 4. Client pour Java 4.1. Client 9.7 pour Java 4.1.1. Readme for Citrix XenApp Client for Java 9.7 4.1.2. Client for Java Feature Overview 4.1.2.1. Seamless Support 4.1.3. Client for Java Requirements 4.1.3.1. Java Environments 4.1.4. Deploying the Client for Java 4.1.4.1. To unpack the Client for Java package 4.1.4.2. Getting Started with the Sample HTML Files

Page 1 of 86Receiver et plug-ins

13/03/2010http://support.citrix.com/proddocs/advanced/print.jsp?topic=/receiver/rec-receiver-and...

4.1.4.2.1. Customizing the desktop.html File 4.1.4.2.1.1. To customize and use desktop.html 4.1.4.2.1.2. To change the warning message displayed when a user tries to close an active ICA session 4.1.4.2.2. Customizing the seamless1.html File 4.1.4.2.2.1. To customize and use seamless1.html 4.1.4.3. Using Signed Java Applets 4.1.4.4. Example: To make a desktop for a server available to users 4.1.5. Configuring the Client for Java 4.1.5.1. To set the client language 4.1.5.2. To change the network protocol for the Client for Java 4.1.5.3. Configuring Server Browsing 4.1.5.4. To specify a business recovery server group 4.1.5.5. To change the client name 4.1.5.6. Passing Parameters to Applications 4.1.5.6.1. To pass a parameter to an application 4.1.5.7. To set the size and number of colors used for the ICA session window 4.1.5.8. Showing and Hiding the Status Bar and Settings Button 4.1.5.9. To enable Session Reliability 4.1.5.10. Controlling Auto-Reconnect and Session Termination 4.1.5.11. Specifying Keyboard and Mouse Preferences 4.1.5.11.1. Specifying Japanese IME Preferences 4.1.5.11.2. Specifying Hotkey Functions 4.1.5.11.2.1. To change the hotkey sequence from the default 4.1.5.12. Client Device Mapping 4.1.5.12.1. Mapping Client Printers 4.1.5.12.2. To configure printers manually 4.1.5.12.3. Examples of Configuring Printers Manually 4.1.5.12.4. To enable client audio mapping 4.1.5.13. Connecting Through a Proxy Server 4.1.5.13.1. To enable proxy auto detection 4.1.5.13.2. To obtain the proxy server settings from a PAC file 4.1.5.13.3. To specify the proxy server details manually 4.1.5.14. Integrating the Client with the Secure Gateway or SSL Relay 4.1.5.14.1. To enable SSL and TLS 4.1.5.14.2. Configuring the Client for Use with Your Security Solution 4.1.5.14.3. Importing Root Certificates 4.1.5.14.4. Certificate Revocation List Checking 4.1.5.14.5. Certificate Chains 4.1.5.14.6. Connecting to a Server Across a Firewall 4.1.5.15. To specify ICA encryption 4.1.5.16. Configuring Kerberos Authentication 4.1.5.16.1. To configure the client for Kerberos logon 4.1.5.16.2. Configuring UNIX Kerberos Authentication 4.1.5.17. Locating Client Configuration and Device Files 4.1.6. Improving Performance of the Client for Java 4.1.6.1. Improving Performance over a Low-Bandwidth Connection 4.1.7. Limitations of the Client for Java 4.1.7.1. Linux and Solaris 4.1.7.2. Mac OS X 4.1.7.3. Windows Internet Explorer 4.1.7.4. Using the Client for Java on Japanese Operation Systems 4.1.7.4.1. Using Client-side IME Input Mode on Mac OS X 4.1.8. Parameters for the Client for Java 4.1.8.1. Security Integration Parameters 4.1.8.2. User Interface Parameters 4.1.8.3. Client Audio Mapping Parameters 4.1.8.4. Client Printer Mapping Parameters 4.1.8.5. Client Drive Mapping Parameters 4.1.8.6. Performance Tuning Parameters 4.1.9. ICAPrinterDrivers.txt File 4.1.10. Supported Keyboard Layouts 5. Appareils mobiles 5.1. Citrix Receiver pour Android 5.1.1. Citrix Receiver for Android Technical Preview 5.1.1.1. Requirements for Citrix Receiver 5.1.1.2. Providing Access Information to End Users 5.1.1.3. Troubleshooting Citrix Receiver 5.2. Citrix Receiver pour iPhone 5.2.1. Receiver for iPhone 1.0 5.2.1.1. Requirements for Citrix Receiver for iPhone 5.2.1.2. Configuring Access Gateway and Secure Gateway for Citrix Receiver for iPhone 5.2.1.2.1. To configure the Secure Gateway for Citrix Receiver for iPhone 5.2.1.2.2. To configure Access Gateway Standard Edition for Citrix Receiver for iPhone 5.2.1.2.3. To configure Access Gateway Advanced Edition for Citrix Receiver for iPhone 5.2.1.2.4. To configure Access Gateway Enterprise Edition for Citrix Receiver for iPhone 5.2.1.3. Providing Access Information to End Users 5.2.1.4. Troubleshooting Citrix Receiver for iPhone 5.2.1.5. Known Issues for Citrix Receiver for iPhone 5.2.2. Receiver pour iPhone 2.1 5.2.2.1. Conditions requises par Citrix Receiver pour iPhone 5.2.2.2. Configuration d'Access Gateway et de Secure Gateway pour Citrix Receiver pour iPhone 5.2.2.2.1. Pour configurer Secure Gateway pour Citrix Receiver for iPhone 5.2.2.2.2. Pour configurer Access Gateway édition Standard pour Citrix Receiver for iPhone 5.2.2.2.3. Pour configurer Access Gateway édition Advanced pour Citrix Receiver pour iPhone 5.2.2.2.4. Pour configurer Access Gateway édition Enterprise pour Citrix Receiver pour iPhone 5.2.2.3. Pour configurer Citrix Receiver pour iPhone à l'aide de Citrix Mobile Receiver Setup 5.2.2.4. Enregistrement de mots de passe 5.2.2.5. Dépannage de Citrix Receiver for iPhone 5.2.2.6. Problèmes connus avec Citrix Receiver pour iPhone 5.3. Citrix Doc Finder 5.3.1. Citrix Doc Finder 1.0 5.3.1.1. Configuration requise pour Doc Finder 5.3.1.2. Déploiement de Doc Finder 5.3.1.3. Lancement d'applications à partir de Doc Finder 6. Offline Plug-in 7. Online Plug-in 7.1. Online Plug-in 11.1 for Macintosh 7.1.1. Readme for Citrix Online Plug-in for Macintosh 11.1 7.1.2. About the Plug-in for Macintosh 7.1.2.1. New Features in This Release 7.1.2.2. Custom Connection Files and the ICA Client Editor 7.1.3. Deploying the Plug-in for Macintosh 7.1.3.1. System Requirements 7.1.3.2. Overview of Plug-in Installation Packages 7.1.3.3. Using the Merchandising Server and Citrix Receiver to Deploy the Plug-in 7.1.3.4. Installing the Plug-in 7.1.3.5. Upgrading the Plug-in 7.1.3.6. Uninstalling the Plug-in 7.1.4. Using Dazzle 7.1.4.1. Choosing Your Applications and Desktops



7.1.4.2. Adding an Alias for an Application or Desktop to the Dock 7.1.4.3. Launching Applications and Desktops 7.1.4.4. Removing Applications and Desktops 7.1.4.5. Working with Dazzle Stores 7.1.5. Configuring the Plug-in for Macintosh 7.1.5.1. Configuring Window Properties 7.1.5.2. Showing and Hiding the Menu Bar and Dock 7.1.5.3. Mapping Client Devices 7.1.5.4. Printing 7.1.6. Optimizing the Plug-in Environment 7.1.6.1. Improving Performance 7.1.6.2. Changing the Way You Use the Plug-in 7.1.6.3. Improving the User Experience 7.1.6.3.1. ClearType Font Smoothing in ICA Sessions 7.1.6.3.2. Making Keystrokes with Macintosh Keyboards 7.1.6.3.3. Substituting Windows Special Keys 7.1.6.3.4. Using a Mouse 7.1.7. Securing Plug-in Communication 7.1.7.1. Connecting Through a Proxy Server 7.1.7.2. Connecting with the Secure Gateway or Citrix Secure Sockets Layer Relay 7.1.7.2.1. Connecting with the Secure Gateway 7.1.7.2.2. Connecting with Citrix SSL Relay 7.1.7.3. Connecting Through a Firewall 7.2. Online Plug-in 11.2 pour Windows 7.2.1. Fichier lisez-moi pour Citrix Online Plug-in 11.2 pour Windows 7.2.2. Configuration et compatibilité système pour Citrix Online Plug-in 7.2.3. Choix du plug-in 7.2.4. Citrix Online Plug-in - Présentation 7.2.5. Présentation du Web Plug-in 7.2.6. Program Neighborhood - Présentation 7.2.7. Centre de connexion Citrix - Présentation 7.2.8. Mise à disposition du plug-in auprès de vos utilisateurs 7.2.8.1. Création du pack de logiciel plug-in 7.2.8.2. Utilisation d'un pack MSI pour configurer les fichiers d'installation 7.2.8.2.1. Pour configurer un pack dans le Conditionneur de clients 7.2.8.2.2. Pour configurer les plug-ins à l'aide de paramètres de ligne de commande 7.2.8.2.3. Pour configurer un pack MSI à l'aide de fichiers de transformation 7.2.8.3. Mise à disposition des plug-ins via un point de partage réseau 7.2.8.4. Mise à disposition de XenApp Web Plug-in à partir d'une page Web 7.2.8.5. Différences d'installation en fonction du système d'exploitation, du type d'utilisateur et du pack d'installation 7.2.8.6. Options d'installation disponibles avec l'assistant d'installation 7.2.8.6.1. Sélection de la langue de l'interface utilisateur 7.2.8.6.2. Options affichées lors de l'installation du plug-in Citrix XenApp 7.2.8.6.2.1. Spécification d'adresses de serveur de sauvegarde 7.2.8.6.3. Installation de Citrix XenApp Web Plug-in 7.2.8.6.4. Installation de Program Neighborhood 7.2.8.7. Désinstallation du plug-in 7.2.9. Configuration du plug-in 7.2.9.1. Configuration de Online Plug-in 7.2.9.1.1. Utilisation du modèle Éditeur d'objet de stratégie de groupe pour personnaliser Citrix XenApp 7.2.9.1.2. Pour personnaliser les préférences utilisateur de Online Plug-in 7.2.9.2. Configuration de Program Neighborhood 7.2.9.2.1. Utilisation d'une série d'applications ou d'une connexion ICA personnalisée pour se connecter à des ressources publiées 7.2.9.2.2. Exploration ICA 7.2.9.2.2.1. Exploration ICA avec le protocole réseau TCP/IP+HTTP 7.2.9.2.2.2. Utilisation de l'exploration ICA avec le protocole réseau SSL/TLS+HTTPS 7.2.9.2.2.3. Exploration ICA avec le protocole réseau TCP/IP+HTTP 7.2.9.3. Pour configurer les paramètres de plusieurs utilisateurs et machines 7.2.10. Optimisation de l'environnement du plug-in 7.2.10.1. Sécurisation des connexions 7.2.10.1.1. Pour activer la vérification de liste de révocation de certificats pour améliorer la sécurité 7.2.10.1.2. Prise en charge des cartes à puces pour une sécurité accrue 7.2.10.1.2.1. Pour sélectionner le mode d'ouverture de session avec carte à puce (Program Neighborhood) 7.2.10.1.3. Utilisation de l'interface SSPI/authentification unique Kerberos pour renforcer la sécurité 7.2.10.1.3.1. Pour configurer Kerberos sans authentification unique 7.2.10.1.3.2. Pour configurer Kerberos avec authentification unique 7.2.10.2. Amélioration des performances de Online Plug-in 7.2.10.2.1. Pour augmenter la vitesse de téléchargement des images en activant l'Accélération de navigation HDX 3D 7.2.10.2.2. Reconnexion automatique des utilisateurs 7.2.10.2.3. Mise à disposition de la fiabilité de session HDX Broadcast 7.2.10.2.4. Activation de la barre Lancement rapide Program Neighborhood 7.2.10.3. Amélioration des performances pour les connexions à faible bande passante 7.2.10.4. Connexion des machines clientes aux ressources publiées 7.2.10.4.1. Configuration des paramètres de contrôle de l'espace de travail afin d'offrir une continuité aux utilisateurs itinérants 7.2.10.4.2. Synchronisation des ordinateurs de poche connectés via un port USB 7.2.10.4.3. Facilitation de la lecture transparente pour les utilisateurs 7.2.10.4.4. Mappage des machines clientes 7.2.10.4.4.1. Mappage des lecteurs clients sur des lettres de lecteur du serveur XenApp 7.2.10.4.4.2. Mappage des imprimantes clientes pour une efficacité optimisée 7.2.10.4.4.2.1. Pour afficher les imprimantes clients mappées 7.2.10.4.4.3. Pour mapper des ports COM clients à un port COM serveur 7.2.10.4.4.4. Mappage audio du client pour la lecture de son sur la machine cliente 7.2.10.4.5. Association de types de fichier d'une machine utilisateur aux applications publiées 7.2.10.4.5.1. Sélection du fichier exécutable du plug-in 7.2.10.4.5.2. Utilisation de la syntaxe de ligne commande correcte pour identifier les applications publiées 7.2.10.4.5.3. Ajout d'arguments de passage de paramètres dans la ligne de commande 7.2.10.4.5.4. Ajout du passage de paramètres dans le Registre Windows 7.2.10.5. Amélioration de l'expérience d'utilisation des plug-ins 7.2.10.5.1. Lissage des polices ClearType dans les sessions 7.2.10.5.2. Entrée microphone côté client pour la dictée vocale numérique 7.2.10.5.3. Configuration de la prise en charge de moniteurs multiples HDX Plug-n-Play 7.2.10.5.4. Optimisation des performances d'impression 7.2.10.5.5. Combinaisons de touches Windows prises en charge dans les sessions distantes 7.2.10.5.6. Prise en charge des plug-ins pour icônes de couleurs 32 bits 7.2.10.6. Prise en charge des utilisateurs NDS 7.2.10.6.1. Spécification des informations d'identification Windows avec le client Novell et l'authentification unique 7.2.10.7. Utilisation du gestionnaire de fenêtres lors de la connexion à Citrix XenApp pour UNIX 7.2.10.7.1. Utilisation des menus du gestionnaire de fenêtres Citrix 7.2.10.8. Utilisation de ctxgrab et ctxcapture pour couper et coller des graphiques lorsque vous êtes connecté à Citrix XenApp pour UNIX 7.2.10.8.1. Utilisation de l'utilitaire ctxgrab pour couper et coller des graphiques 7.2.10.8.2. Utilisation de l'utilitaire ctxcapture pour couper et coller des graphiques 7.2.10.9. Noms de clients et de machines identiques 7.2.10.10. Résolution de nom DNS 7.2.11. Sécurisation des communications de Online Plug-in 7.2.11.1. Prise en charge des modèles de sécurité Microsoft 7.2.11.2. Connexion à Citrix Online Plug-in via un serveur proxy 7.2.11.3. Connexion avec Secure Gateway ou le Relais SSL Citrix 7.2.11.3.1. Connexion avec la passerelle Secure Gateway 7.2.11.3.2. Connexion avec le Relais SSL Citrix 7.2.11.3.2.1. Configuration requise par la machine utilisateur



7.2.11.3.2.2. Pour définir un numéro de port d'écoute différent pour toutes les connexions 7.2.11.3.2.3. Pour définir un numéro de port d'écoute différent pour certaines connexions 7.2.11.4. Configuration et activation des plug-ins pour SSL et TLS 7.2.11.4.1. Installation de certificats racine sur des machines clientes 7.2.11.4.2. Pour configurer Online Plug-in pour utiliser SSL/TLS 7.2.11.4.3. Pour configurer la prise en charge TLS 7.2.11.4.4. Pour utiliser le modèle Stratégie de groupe de manière à répondre aux exigences de sécurité FIPS 140 7.2.11.4.5. Pour configurer l'Interface Web dans le but d'utiliser SSL/TLS dans le cadre des communications avec le plug-in 7.2.11.4.6. Pour configurer Citrix XenApp dans le but d'utiliser SSL/TLS dans le cadre des communications avec Online Plug-in 7.2.11.4.7. Pour configurer Online Plug-in pour utiliser SSL/TLS dans le cadre de communications avec le serveur exécutant l'Interface Web 7.2.11.5. Configuration de Program Neighborhood 7.2.11.5.1. Pour activer la détection automatique du serveur proxy pour le plug-in 7.2.11.5.2. Pour activer les paramètres automatiques du proxy 7.2.11.5.3. Pour spécifier manuellement les informations relatives à votre serveur proxy 7.2.11.5.4. Pour créer un paramètre s'appliquant à une ou plusieurs connexions ICA personnalisées existantes 7.2.11.5.5. Pour créer un réglage par défaut s'appliquant à toutes les connexions ICA personnalisées futures 7.2.11.5.6. Pour se connecter à un serveur via un pare-feu 7.2.11.5.7. Pour configurer Program Neighborhood pour Secure Gateway 7.2.11.5.8. Pour configurer Program Neighborhood en vue de l'utilisation de SSL/TLS 7.2.11.6. Activation de l'ouverture de session avec carte à puce 7.2.11.7. Application des relations d'approbation 7.2.11.7.1. Pour activer une configuration de serveur de confiance 7.2.12. Utilisation du plug-in avec les connexions XenDesktop 7.2.12.1. Accès aux bureaux virtuels 7.2.12.2. Affichage de bureaux virtuels en mode Fenêtre 7.2.12.2.1. Modification de l'apparence des bureaux virtuels 7.2.12.2.1.1. Pour ajuster la résolution d'un bureau virtuel à celle d'une fenêtre 7.2.12.2.1.2. Pour ajuster la taille d'un bureau virtuel à celle d'une fenêtre 7.2.12.2.1.3. Pour afficher un bureau virtuel à sa taille actuelle sur l'ordinateur distant 7.2.12.2.2. Utilisation de la fenêtre Desktop Viewer 7.2.12.2.2.1. Pour modifier la position de la barre d'outils ou mini-barre sur l'écran 7.2.12.2.2.2. Pour contrôler la méthode d'accès aux fichiers locaux 7.2.12.2.2.3. Pour accéder à des périphériques USB 7.2.12.2.2.4. Pour définir un micro 7.2.12.2.2.5. Pour activer et désactiver HDX MediaStream for Flash dans Desktop Viewer 7.2.12.2.3. Passer d'un bureau virtuel à un autre 7.2.12.2.3.1. Pour basculer vers un autre bureau 7.2.12.2.4. Fermeture de session et déconnexion de bureaux virtuels 7.2.12.2.4.1. Pour fermer la session d'un bureau virtuel, arrêtez-le ou verrouillez son écran 7.2.12.2.4.2. Pour vous déconnecter d'un bureau virtuel 7.2.12.2.5. Redémarrage des bureaux virtuels 7.2.12.2.5.1. Pour redémarrer un bureau virtuel au démarrage 7.2.12.2.5.2. Pour redémarrer un bureau virtuel au cours d'une session 7.2.12.2.6. Personnalisation des préférences USB 7.2.12.2.6.1. Pour personnaliser les préférences USB 7.2.12.3. Utilisation de bureaux virtuels en mode plein écran 7.2.12.3.1. Redémarrage des bureaux virtuels 7.2.12.3.1.1. Pour redémarrer un bureau en mode plein écran au démarrage 7.2.12.3.1.2. Pour redémarrer un bureau en mode plein écran au cours d'une session 7.2.12.4. Autres facteurs qui affectent l'expérience utilisateur 7.2.12.4.1. Connexions, sessions et machines 7.2.12.4.2. Saisie clavier 7.2.12.4.3. Impression 7.3. Plug-in pour applications hébergées 11.0 pour Window 7.3.1. Fichier lisez-moi pour Citrix Online Plug-in 11.0 pour Windows 7.3.2. Choix du plug-in 7.3.3. Plug-in Citrix XenApp - Présentation 7.3.4. Citrix XenApp Web Plug-in - Présentation 7.3.5. Program Neighborhood - Présentation 7.3.6. Centre de connexion Citrix - Présentation 7.3.7. Mise à disposition du plug-in auprès de vos utilisateurs 7.3.7.1. Création du pack de plug-in 7.3.7.2. Utilisation d'un pack MSI pour configurer les fichiers d'installation 7.3.7.2.1. Pour configurer un pack dans le Conditionneur de clients 7.3.7.2.2. Pour configurer les plug-ins à l'aide de paramètres de ligne de commande 7.3.7.2.3. Pour configurer un pack MSI à l'aide de fichiers de transformation 7.3.7.3. Mise à disposition des plug-ins via un point de partage réseau 7.3.7.4. Mise à disposition de XenApp Web Plug-in à partir d'une page Web 7.3.7.5. Différences d'installation en fonction du système d'exploitation, du type d'utilisateur et du pack d'installation 7.3.7.6. Options d'installation disponibles avec l'assistant d'installation 7.3.7.6.1. Sélection de la langue de l'interface utilisateur 7.3.7.6.2. Options affichées lors de l'installation du plug-in Citrix XenApp 7.3.7.6.2.1. Spécification d'adresses de serveur de sauvegarde 7.3.7.6.3. Installation de Citrix XenApp Web Plug-in 7.3.7.6.4. Installation de Program Neighborhood 7.3.7.7. Désinstallation du plug-in 7.3.8. Configuration du plug-in 7.3.8.1. Configuration de Online Plug-in 7.3.8.1.1. Utilisation du modèle Éditeur d'objet de stratégie de groupe pour personnaliser Citrix XenApp 7.3.8.1.2. Pour personnaliser les préférences utilisateur de Online Plug-in 7.3.8.2. Configuration de Program Neighborhood 7.3.8.2.1. Utilisation d'une série d'applications ou d'une connexion ICA personnalisée pour se connecter à des ressources publiées 7.3.8.2.2. Exploration ICA 7.3.8.2.2.1. Exploration ICA avec le protocole réseau TCP/IP+HTTP 7.3.8.2.2.2. Utilisation de l'exploration ICA avec le protocole réseau SSL/TLS+HTTPS 7.3.8.2.2.3. Exploration ICA avec le protocole réseau TCP/IP+HTTP 7.3.8.3. Pour configurer les paramètres de plusieurs utilisateurs et machines 7.3.9. Optimisation de l'environnement du plug-in 7.3.9.1. Sécurisation des connexions 7.3.9.1.1. Pour activer la vérification de liste de révocation de certificats pour améliorer la sécurité 7.3.9.1.2. Prise en charge des cartes à puces pour une sécurité accrue 7.3.9.1.2.1. Pour sélectionner le mode d'ouverture de session avec carte à puce (Program Neighborhood) 7.3.9.1.3. Utilisation de l'interface SSPI/authentification unique Kerberos pour renforcer la sécurité 7.3.9.1.3.1. Pour configurer Kerberos sans authentification unique 7.3.9.1.3.2. Pour configurer Kerberos avec authentification unique 7.3.9.2. Amélioration des performances du plug-in 7.3.9.2.1. Pour augmenter la vitesse de téléchargement des images en activant l'Accélération de navigation SpeedScreen 7.3.9.2.2. Reconnexion automatique des utilisateurs 7.3.9.2.3. Mise à disposition de la fiabilité de session 7.3.9.2.4. Activation de la barre Lancement rapide Program Neighborhood 7.3.9.3. Amélioration des performances pour les connexions à faible bande passante 7.3.9.4. Connexion des machines clientes aux ressources publiées 7.3.9.4.1. Configuration des paramètres de contrôle de l'espace de travail afin d'offrir une continuité aux utilisateurs itinérants 7.3.9.4.2. Synchronisation des ordinateurs de poche connectés via un port USB 7.3.9.4.3. Facilitation de la lecture transparente pour les utilisateurs 7.3.9.4.4. Mappage des machines clientes 7.3.9.4.4.1. Mappage des lecteurs clients sur des lettres de lecteur du serveur XenApp 7.3.9.4.4.2. Mappage des imprimantes clientes pour une efficacité optimisée 7.3.9.4.4.2.1. Pour afficher les imprimantes clients mappées 7.3.9.4.4.3. Pour mapper des ports COM clients à un port COM serveur



7.3.9.4.4.4. Mappage audio du client pour la lecture de son sur la machine cliente 7.3.9.4.5. Association de types de fichier d'une machine cliente aux applications publiées 7.3.9.4.5.1. Sélection du fichier exécutable du plug-in 7.3.9.4.5.2. Utilisation de la syntaxe de ligne commande correcte pour identifier les applications publiées 7.3.9.4.5.3. Ajout d'arguments de passage de paramètres dans la ligne de commande 7.3.9.4.5.4. Ajout du passage de paramètres dans le Registre Windows 7.3.9.5. Amélioration de l'expérience d'utilisation des plug-ins 7.3.9.5.1. Lissage des polices ClearType dans les sessions 7.3.9.5.2. Entrée microphone côté client pour la dictée vocale numérique 7.3.9.5.3. Configurations multi-écran 7.3.9.5.4. Optimisation des performances d'impression 7.3.9.5.5. Combinaisons de touches Windows prises en charge dans les sessions distantes 7.3.9.5.6. Prise en charge des plug-ins pour icônes de couleurs 32 bits 7.3.9.6. Prise en charge des utilisateurs NDS 7.3.9.6.1. Utilisation des informations d'identification Windows NT avec le client Novell et l'authentification simplifiée 7.3.9.7. Utilisation du gestionnaire de fenêtres lors de la connexion à Citrix XenApp pour UNIX 7.3.9.7.1. Utilisation des menus du gestionnaire de fenêtres Citrix 7.3.9.8. Utilisation de ctxgrab et ctxcapture pour couper et coller des graphiques lorsque vous êtes connecté à XenApp pour UNIX 7.3.9.8.1. Utilisation de l'utilitaire ctxgrab pour couper et coller des graphiques 7.3.9.8.2. Utilisation de l'utilitaire ctxcapture pour couper et coller des graphiques 7.3.9.9. Noms de clients et de machines identiques 7.3.9.10. Résolution de nom DNS 7.3.10. Sécurisation des communications de Online Plug-in 7.3.10.1. Prise en charge des modèles de sécurité Microsoft 7.3.10.2. Connexion de Citrix XenApp et de XenApp Web Plug-in via un serveur proxy 7.3.10.3. Connexion avec Secure Gateway ou le Relais SSL Citrix 7.3.10.3.1. Connexion avec la passerelle Secure Gateway 7.3.10.3.2. Connexion avec le Relais SSL Citrix 7.3.10.3.2.1. Configurations de la machine cliente requises 7.3.10.3.2.2. Pour définir un numéro de port d'écoute différent pour toutes les connexions 7.3.10.3.2.3. Pour définir un numéro de port d'écoute différent pour certaines connexions 7.3.10.4. Configuration et activation des plug-ins pour SSL et TLS 7.3.10.4.1. Installation de certificats racine sur des machines clientes 7.3.10.4.2. Pour configurer Citrix XenApp en vue de l'utilisation de SSL/TLS 7.3.10.4.3. Pour configurer la prise en charge TLS 7.3.10.4.4. Pour utiliser le modèle Stratégie de groupe de manière à répondre aux exigences de sécurité FIPS 140 7.3.10.4.5. Pour configurer l'Interface Web dans le but d'utiliser SSL/TLS dans le cadre des communications avec le plug-in 7.3.10.4.6. Pour configurer Citrix XenApp dans le but d'utiliser SSL/TLS dans le cadre des communications avec le plug-in 7.3.10.4.7. Pour configurer Citrix XenApp pour utiliser SSL/TLS dans le cadre de communications avec le serveur exécutant l'Interface Web 7.3.10.5. Configuration de Program Neighborhood 7.3.10.5.1. Pour activer la détection automatique du serveur proxy pour le plug-in 7.3.10.5.2. Pour activer les paramètres automatiques du proxy 7.3.10.5.3. Pour spécifier manuellement les informations relatives à votre serveur proxy 7.3.10.5.4. Pour créer un paramètre s'appliquant à une ou plusieurs connexions ICA personnalisées existantes 7.3.10.5.5. Pour créer un réglage par défaut s'appliquant à toutes les connexions ICA personnalisées futures 7.3.10.5.6. Pour se connecter à un serveur via un pare-feu 7.3.10.5.7. Pour configurer Program Neighborhood pour Secure Gateway 7.3.10.5.8. Pour configurer Program Neighborhood en vue de l'utilisation de SSL/TLS 7.3.10.6. Activation de l'ouverture de session avec carte à puce 7.3.10.7. Application des relations d'approbation 7.3.10.7.1. Pour activer une configuration de serveur de confiance 8. Communications Plug-in 8.1. Communications Plug-in 3.0.1 for Mac 8.1.1. ReadMe for Communications Plug-in 3.0.1 for Mac 8.1.2. Communications Plug-in for Mac Overview 8.1.3. System Requirements and Compatibility 8.1.4. New Features in this Release 8.1.5. Communications Plug-in Delivery and Upgrades 8.2. Communications Plug-in 3.0 for Windows 8.2.1. Readme for Communications Plug-in 3.0 for Windows 8.2.2. Communications Plug-in for Windows Overview 8.2.3. System Requirements and Compatibility 8.2.4. New Features in this Release 8.2.5. Communications Plug-in Delivery and Upgrades 9. Dazzle 9.1. Dazzle 1.1 for Windows 9.1.1. Readme for Citrix Dazzle 1.1 for Windows 9.1.2. Readme for Citrix Dazzle 1.1.1 for Windows 9.1.3. Dazzle Administration 9.1.3.1. Introducing Dazzle 9.1.3.1.1. How Dazzle Works 9.1.3.1.2. Features of Dazzle 1.1 9.1.3.2. System Requirements for Dazzle 9.1.3.2.1. Server Farm Requirements 9.1.3.2.2. Client Device Requirements 9.1.3.3. Deploying Dazzle 9.1.3.3.1. To deploy Dazzle with Merchandising Server 9.1.3.3.2. To deploy Dazzle manually 9.1.3.3.3. Removing Dazzle 9.1.3.3.3.1. To remove Dazzle with Merchandising Server 9.1.3.3.3.2. To remove Dazzle manually 9.1.3.4. Configuring XenApp for the Optimum Dazzle User Experience 9.1.3.5. Securing Dazzle

Receiver et plug-ins Receiver pour Windows

Access Gateway Plug-in

Client pour Java

Communications Plug-in

Dazzle

Merchandising Server

Appareils mobiles

Offline Plug-in

Online Plug-in

Profile Management

Liens rapides

Fichier lisez-moi pour Citrix Receiver 1.1 pour Windows

Fichier lisez-moi pour Citrix Merchandising Server 1.1

Fichier lisez-moi pour Citrix Offline Plug-in 5.2 pour Windows

Fichier lisez-moi pour Citrix Online Plug-in 11.x pour Macintosh

Fichier lisez-moi pour Citrix Online Plug-in 11.2 pour Windows

Fichier lisez-moi pour Citrix XenApp Client 9.7 pour Java

Fichier lisez-moi pour Citrix Communications Plug-in 3.0 pour Mac

Fichier lisez-moi pour Citrix Communications Plug-in 3.0 pour Windows



Intégration d'Access Gateway Plug-in avec Citrix Receiver

eDocs Home © 2010 Citrix Systems, Inc. All rights reserved. Terms of Use | Trademarks | Privacy Statement

1. Présentation de Receiver

Citrix Receiver est un nouveau client logiciel qui rend l'accès aux applications et bureaux virtuels à partir de n'importe quel périphérique aussi simple que d'allumer sa télévision.

À l'instar d'un décodeur TV câble ou satellite, Citrix Receiver permet à l’entreprise de délivrer des bureaux et applications sous la forme d’un service à la demande, sur n’importe quel périphérique, en tout endroit et avec une expérience « haute définition » d’une très grande richesse.

Dès lors que l'utilisateur dispose de Citrix Receiver, l’entreprise n’a plus à se soucier de savoir si celui-ci utilise un PC à son bureau, un Mac à son domicile ou un iPhone en déplacement. Cette approche simplifie radicalement la gestion des postes de travail et offre aux utilisateurs une souplesse et une indépendance bien plus grandes.

Citrix Receiver permet à votre entreprise de profiter pleinement des avantages de Citrix Delivery Center :

En simplifiant l’informatique pour les utilisateurs : il devient facile de travailler partout, avec la même expérience cohérente et de qualité, que ce soit au bureau, chez soi ou en déplacement. Il suffit de se connecter.

En optimisant l’administration informatique pour délivrer simplement et rapidement de nouveaux logiciels clients ou de nouvelles mises à jour sans subir la complexité des solutions ESD traditionnelles, tout en réduisant les coûts de gestion des postes de travail.

En accélérant l’adoption de nouveaux modèles économiques de type BYOC (Bring Your Own Computer) ou DaaS (Desktop as a Service) grâce à une architecture centralisée de gestion des clients permettant de configurer simplement les fonctionnalités des utilisateurs tout en contrôlant leur accès aux ressources. Un simple client en libre-service garantit aux utilisateurs une expérience « haute définition ».

En savoir plus sur Receiver

Receiver pour Windows

Merchandising Server

Receiver pour iPhone

Receiver pour Macintosh - des informations supplémentaires seront bientôt disponibles !


2. Receiver pour Windows

Mise à jour : 2009-10-16

Citrix Receiver est un nouveau client logiciel qui rend l'accès aux applications et bureaux virtuels à partir de n'importe quel périphérique aussi simple que d'allumer sa télévision.

À l'instar d'un décodeur TV câble ou satellite, Citrix Receiver permet à l’entreprise de délivrer des bureaux et applications sous la forme d’un service à la demande, sur n’importe quel périphérique, en tout endroit et avec une expérience « haute définition » d’une très grande richesse.

Dès lors que l'utilisateur dispose de Citrix Receiver, l’entreprise n’a plus à se soucier de savoir si celui-ci utilise un PC à son bureau, un Mac à son domicile ou un iPhone en déplacement. Cette approche simplifie radicalement la gestion des postes de travail et offre aux utilisateurs une souplesse et une indépendance bien plus grandes.

Vous trouverez, sous ce nœud, les ressources suivantes pour Receiver :


2.1. Receiver for Windows 1.1

Updated: 2010-02-03

Citrix Receiver is a new lightweight software client that makes accessing virtual applications and desktops on any device as easy as turning on your TV.

Much like a satellite or cable TV receiver in a broadcast media service, Citrix Receiver allows IT organizations to deliver desktops and applications as an on-demand service to any device in any location with a rich "high definition" experience.

As long as employees have Citrix Receiver installed, IT no longer has to worry about whether they are delivering to a PC in the office or an iPhone on the road. This approach radically simplifies desktop management for IT and gives end users far more flexibility and independence in how and where they work.

Under this node, you will find the following resources for Receiver:

Nouvelles fonctionnalités dans cette version Dresse la liste des nouvelles fonctionnalités disponibles dans cette version.

Fichier lisez-moi pour Receiver pour Windows 1.1 Dresse la liste des problèmes connus et des problèmes résolus dans cette version.

Configuration système requise et compatibilité Contient la configuration serveur requise, la configuration système requise ainsi que des informations de compatibilité.

Installation de Citrix Receiver pour Windows Contient un aperçu des différentes méthodes permettant d'installer Receiver. Développez une rubrique pour afficher les tâches et procédures.

Mise à disposition de Receiver Contient les options permettant de déployer Receiver sur des bureaux.

Installation à partir de la page de téléchargement Contient les instructions permettant d'installer Receiver à partir de la page de téléchargement.

Activation de l'installation à distance Contient les instructions permettant de créer un fichier de téléchargement externe ou de créer la page Web externe.

Installation de Receiver sur des images XenDesktop partagées et privées

Contient les instructions permettant d'installer Receiver sur des images XenDesktop partagées et privées

Déploiement de Receiver sur des bureaux publiés XenApp Contient les instructions permettant de déployer Receiver sur des bureaux XenApp publiés.

New Features in this Release Contains a listing of new features released in this version.




2.1.1. Readme for Citrix Receiver for Windows 1.1

Updated: 2010-02-03

Download File Name: Receiver.exe (from the Merchandising Server download page) or Receiver.msi (from the citrix.com download page or the Update Service).

Contents

Finding Documentation

Getting Support

Known Issues

Issues Fixed in this Release


To access complete and up-to-date product information, go to Citrix eDocs located at http://support.citrix.com/proddocs/index.jsp and expand Receiver and Plug-ins > Receiver for Windows.

To view Receiver online help, right-click the Receiver icon in the notification tray and click Help.

Supported Citrix Components

To access complete and up-to-date product information, go to Citrix eDocs located at http://support.citrix.com/proddocs/index.jsp and expand the topics for your product. The readme files for the supported components are available through the Plug-ins > Get New page in the Merchandising Server Administrator Console.

Getting Support

Citrix provides an online user forum for technical support. This forum can be accessed at http://forums.citrix.com/category.jspa?categoryID=169. The Web site includes links to downloads, the Citrix Knowledge Center, Citrix Consulting Services, and other useful support pages.

Citrix provides technical support primarily through Citrix Solutions Advisor. Contact your supplier for first-line support or use Citrix Online Technical Support to find the nearest Citrix Solutions Advisor.

Citrix offers online technical support services on the Citrix Support Web site. The Support page includes links to downloads, the Citrix Knowledge Center, Citrix Consulting Services, and other useful support pages.

Known Issues

Security warning during installation [470]

During installation, a Security Warning for "Unknown Publisher" appears although the publisher is Citrix Systems, Inc. When you see that warning, click Run to proceed.

Receiver icon does not appear in notification area [1056]

Sometimes the Receiver icon will not appear in the notification area when Receiver is started although the Windows Task Manager indicates that Receiver.exe is running. This issue results from application compatibility settings, a known Microsoft problem. To resolve this issue, you must edit the Registry, as described in http://support.citrix.com/article/CTX122987.

Add or Remove Programs list needs a refresh after Receiver is uninstalled [1596]

On Windows XP Professional and Windows Server 2003: After you uninstall Receiver using the Add or Remove Programs list, the Receiver and plug-in icons remain until you refresh the list.

On Windows Vista, Windows 7, and Windows Server 2008: After you uninstall Receiver using the Add or Remove Programs list, the plug-in icons remain until you refresh the list.

Internet Explorer 7 security option prevents download of Receiver [1733]

You cannot download Receiver using Internet Explorer 7 if the "Do not save encrypted pages to disk" option is enabled. To disable that option, open Internet Explorer 7, navigate to Tools > Internet Options > Advanced > Security, and clear the checkbox for "Do not save encrypted pages to disk." Close the Internet Explorer window, open a new one, and download Receiver.

Globalization features are not supported for this release [1858]

Although some of the Receiver interface is localized for certain languages in this release, the localized interfaces are not yet supported. Full globalization support is planned for Release 1.2.


The following issues were fixed since the last release.

Unable to launch Citrix offline applications [662]

Citrix secure access plug-in does not create a secure access connection after getting manually disconnected by the user [1049]

Performing a Repair/Change operation through Windows 7 Control Panel Add/Remove Programs displays fatal error during installation message [1388]

Access Gateway integration errors on Windows 7 32-bit operating system [1392]

If the connection to delivery services is manually disconnected by the user, the user is not able to reconnect to delivery services [1497]

If the user select the preference to manually request a secure connection in the Receiver Preferences panel, the delivery status will not be sent to the Merchandising Server [1567]

Receiver may crash when launching a streamed application [1608]

http://www.citrix.com

Copyright © 2009 Citrix Systems, Inc.


2.1.2. System Requirements and Compatibility

Updated: 2010-01-11

You must have the following to install Citrix Receiver for Windows:

.NET Framework version 2.0 or later

Administrator privileges on the user's computer

Users must have administrator privileges on their client devices to install Receiver for Windows software from the Download page. The administrator must either grant

Readme for Receiver for Windows 1.1 Contains known issues and issues fixed in this release.

System Requirements and Compatibility Contains server requirements, system requirements and compatibility information.

Installing Receiver for Windows Contains an overview of the different ways you can install Receiver. The tasks and procedures can be viewed by expanding topic.

Pushing Receiver Contains options for pushing Receiver to desktops.

Installing from the Download Page Contains instructions for installing Receiver from the Download page.

Enabling Remote Installation Contains instructions for creating an external download file, or creating the external Web page.

Installing Receiver on Shared and Private XenDesktop Images Contains instructions for installing Receiver on shared and private XenDesktop images.

Deploying Receiver on XenApp Published Desktops Contains instructions for deploying Receiver on published XenApp desktops.



the users administrator privileges to perform the initial installation or push the Citrix Receiver for Windows installation to their users' client devices. Administrator privileges on the users' client devices are not required after installation is completed.

One of the following browser versions is required to use Receiver:

Internet Explorer 7.x

Firefox version 2.x and later

The following operating systems and versions are supported by Citrix Receiver for Windows 1.1:

Windows XP Professional 32- and 64-bit SP3

Vista 32- and 64-bit SP2

Windows 7 32- and 64-bit

Windows Server 2003 32- and 64-bit SP2

Windows Server 2008 32- and 64-bit SP2

Citrix Receiver 1.1 is compatible with the following plug-ins:

Online plug-in 11.2

Offline plug-in 5.2

Service Monitoring plug-in 5.1

Secure Access plug-in 4.6.1

Dazzle Tech Preview

Communications plug-in 3.0

Profile Management plug-in 2.0


2.1.3. New Features in this Release

Updated: 2010-01-27


2.1.4. Installing Receiver for Windows

Updated: 2010-02-25

There are several methods for installing Receiver for Windows.

If your users do not have administrative rights on their computers, follow the process documented in Pushing Receiver for Windows to push the Receiver for Windows installation down to client devices.

If your users have administrator rights and have access to your company's internal network, they can install Receiver for Windows through the Download page on the Merchandising Server, see Installing Receiver for Windows from the Download Page.

If you have deployed Citrix Access Gateway and your users have administrator rights but do not have access to your company’s internal network, you can deploy the supplied download web page template on to an external site for your users to download the Receiver and the Access Gateway plug-ins. For more information on deploying the external download page to your remote users, see Enabling Remote Installation.

You can configure the Access Gateway to publish a Web page that allows users to download Receiver. For more information, see Deploying Access Gateway.

If you use electronic software delivery (ESD) solutions to manage deployment of software (including Citrix plug-ins and Receiver), it is possible to deploy Citrix Receiver in a standalone mode without using a Merchandising Server. While the plug-ins will not be automatically updated, the user will still receive the improved end user experience that Receiver offers by housing multiple Citrix plug-ins within the same interface. For more information, see Deploying Receiver without Merchandising Server.

You can also deploy Receiver on XenDesktop images (see Installing Receiver on Private and Shared XenDesktop Images) and XenApp published desktops (see Deploying Receiver on XenApp Published Desktops).


2.1.4.1. Pushing Citrix Receiver

Updated: 2010-02-03

Use the following installation options if you wish to push the Receiver installation to your users:

AUTOUPDATE

— Determines whether Receiver checks the Merchandising Server for updates automatically or not. Set to "true" or "false". VERBOSE

— Affects the level of debug information produced by Citrix Receiver. Set to "true" or "false". SERVER_LOCATION

— The location of the Merchandising Server. This can be just the server address, with or without an http prefix. If the full address is given (for example. "https://10.30.1.1/appliance/services/applianceService"), be aware that this is case sensitive.

An example of installer command for unattended installs and installation log file is:

msiexec /l*v install.log /I CitrixReceiver.msi /qn SERVER_LOCATION=https://merchandising_server_address/appliance/services/applianceS


2.1.4.2. Installing Receiver on Private and Shared XenDesktop Images

Updated: 2010-02-23

Features Description

Improved usability Downloading and installing Receiver are easier.

You can now select the plug-ins you want during installation.

You can exit or uninstall Receiver and its plug-ins in one-step: Exiting Receiver also exits its plug-ins; uninstalling Receiver uninstalls its plug-ins.

You can reconfigure previously installed plug-ins at any time from the Merchandising Server Administrator Console.

Improved management of preferences The Receiver Preferences panel now provides easier access to the Connection Center and enables you to select an Access Gateway and enter proxy settings.

Expanded plug-in support See System Requirements and Compatibility.



Where you publish XenDesktop images and want to use other Citrix plug-ins, Receiver can improve the overall user experience and help keep desktops up-to-date as it does on physical desktops.

Citrix Receiver for Windows can be deployed on private or shared desktop images. For private desktops, the desktop configuration and updates persist between sessions. In this scenario it is a remote desktop and Receiver performs the same services as on a normal local desktop. In a shared (or pooled) desktop image, the desktop image is reloaded each time the user logs on, essentially discarding any changes made by Receiver and returning the desktop back to its original state.

For additional information about XenDesktop, see xd-library-wrapper.dita#xd-library-wrapper

Private XenDesktop Images

With a private desktop image, updates to Receiver are triggered in the same manner as they are with other client devices.

To install and setup Receiver on a private XenDesktop image

1. Log on to the master shared image with administrator permissions.

2. Download Citrix Receiver for Windows from the Receiver Download page hosted on the Merchandising Server following the process described in your Citrix Merchandising Server Administrator’s Guide. The URL is: https://[merchandisingServer], where [merchandisingServer] is the hostname or IP address of your Merchandising Server.

3. Wait for Receiver to install the updates. When the private user accesses XenDesktop, Receiver will startup and provide the applications as configured. Updates are performed automatically or as requested by the user.

Shared XenDesktop Images

On shared desktops (where the whole desktop image is fresh each time), you can use Receiver as an image preparation tool. Initially, Receiver is installed on the base image and it sets up the plug-ins. After you disable the update mode, the base image post plug-in install is used. When new plug-ins are deployed, enable the update mode in the base image so Receiver can install the updates; then you disable the update mode and create a new image.

To manually install and setup Citrix Receiver for Windows on a shared XenDesktop image

1. Create Windows base image.

2. Install online plug-in by running CitrixOnlinePluginFull.exe.

3. Install offline plug-in by running CitrixOfflinePlugin.exe.

4. Pre-cache and pre-extract all offline applications using the radedeploy utility (see http://support.citrix.com/article/ctx115137).

5. Install Receiver using the following: msiexec.exe /I Receiver.msi ALLUSERS=1

6. Install Dazzle using the following: msiexec.exe /I Dazzle.msi STORE1="Storename;https://XMLServerURL/Citrix/PNAgent/config.xml;ON;Store Description" ALLOWADDSTORE=A ALLOWSAVEPWD=A ALLUSERS=1

To use Merchandising Server to install and setup Citrix Receiver for Windows on a shared XenDesktop image

The procedure below disables automatic updates.

1. Log on to the master shared image with administrator permissions.

2. Download the Citrix Receiver for windows from the Receiver Download page hosted on Merchandising Server. The URL is: https://[merchandisingServer], where [merchandising Server] is the hostname or IP address of your Merchandising Server.

3. Wait for Receiver to install updates.

4. When updates are completed, add the -nopluginupdates option to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CitrixReceiver registry:

a. Go to Start > Run, enter regedit, and click OK.

b. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runand click CitrixReceiver in the name column. The Edit String popup displays a Value data entry that is similar to "C:\Program Files\Citrix\Receiver\Receiver.exe" -autoupdate -BCType:http.

c. Add -nopluginupdates at the end of the entry in the Value data field.

d. Click OK to apply the changes.

e. Exit the registry.

For more information on unattended installations and the metadata file attributes, review the Citrix Merchandising Server Administrator's Guide at http://support.citrix.com/article/CTX120407.

The next time a user logs onto the shared desktop all applications and plug-ins will be available and the users will not be annoyed by repeated updates.


2.1.4.3. Deploying Receiver on XenApp Published Desktops

Updated: 2009-10-01

When publishing XenApp desktops, you can install Citrix Receiver and plug-ins to improve the overall user experience. Since updates to XenApp published desktops may not be available to users, you can manually trigger updates.

To install Citrix Receiver on a XenApp Published Desktop

1. To publish the server desktop, see the XenApp product documentation at http://edocs.citrix.com.

2. Log on to the XenApp published desktop with administrator permissions.

3. Download Citrix Receiver for Windows from the Receiver Download page hosted on the Merchandising Server. See To Install Receiver for Windows.

Receiver installs but is not yet configured to retrieve updates from the Merchandising Server.

1. To trigger an update, right-click the Citrix Receiver icon in the notification area and select Exit.

2. Open a command prompt window and start Citrix Receiver in the updating mode by typing the following command:

C:\Program Files\Citrix\Receiver\Receiver.exe -autoupdate -allowadminTSupdates

3. Once the updates have been installed, exit Receiver by right-clicking the Receiver icon in the notification area and selecting Exit.

The updates are now available for your XenApp published desktop users.


2.1.5. Software Development Kit

Updated: 2009-10-14

The Software Development Kit used to develop software components that Receiver for Windows can deploy is available through the Citrix Developer Network at http://community.citrix.com/display/xa/Citrix+Receiver+for+Windows


3. Merchandising Server

Mise à jour : 2010-02-09

Les composants Citrix Receiver pour Windows, Receiver pour Mac et Merchandising Server font partie intégrante de la solution Citrix Delivery Center. La distribution des rôles est répartie de la sorte : Citrix Delivery Center fournit l'infrastructure de mise à disposition d'applications à l'administrateur tandis que Citrix Merchandising Server et Citrix Receiver pour Windows se chargent de simplifier l'installation et la gestion de la mise à disposition d'applications sur les bureaux utilisateur. Merchandising Server fournit l'interface administrative destinée à la configuration, la mise à disposition et la mise à niveau de plug-ins sur les ordinateurs de vos utilisateurs.

Vous trouverez, sous ce nœud, les ressources suivantes pour Merchandising Server :




3.1. Merchandising Server 1.1

Updated: 2010-02-26

Citrix Receiver for Windows, Receiver for Mac, and Merchandising Server are components of the Citrix Delivery Center solution. While Citrix Delivery Center provides the application delivery infrastructure to the IT administrator, Citrix Merchandising Server and Citrix Receiver for Windows work together to streamline the installation and management of application delivery to the user desktops. Merchandising Server provides the administrative interface for configuring, delivering, and upgrading plug-ins for your users' computers.

Under this node, you will find the following resources for the Merchandising Server:


3.1.1. New Features in this Release

Updated: 2009-10-16


3.1.2. Readme for Citrix Merchandising Server 1.1

Updated: 2009-10-26

Version: Release 1.1

Download File Name: citrix-merchandising-server-1.1.0-1063.xva

Contents


Getting Support

Upgrading the Merchandising Server and Plug-ins

Known Issues


Nouvelles fonctionnalités Dresse la liste des nouvelles fonctionnalités disponibles dans cette version.

Fichier lisez-moi pour Merchandising Server 1.1 Dresse la liste des problèmes connus et des problèmes résolus dans cette version.

Installation Contient la configuration serveur requise, la configuration système requise ainsi que des informations sur la compatibilité, la capacité à monter en charge et les composants et plug-ins pris en charge. La procédure d'installation de Merchandising Server est également incluse.

Administration Contient les tâches administratives et informations suivantes :

Vue d'ensemble Contient une vue d'ensemble des composants avec lesquels Merchandising Server interagit.

Configuration de Merchandising Server Dresse la liste des actions impliquées dans la configuration du serveur. Développez chaque rubrique pour afficher les tâches et procédures.

Mises à disposition d'applications Dresse la liste des tâches et procédures impliquées dans la mise à disposition d'applications. Cela comprend la préparation de mises à jour, la création de règles de destinataires, la collecte de l'état de mise à disposition et le déploiement d'autres plug-ins de produits Citrix.

Gestion des plug-ins et des mises à disposition d'applications Dresse la liste des tâches et procédures permettant de supprimer des plug-ins d'un Merchandising Server ou de l'ordinateur d'un utilisateur, d'obtenir des mises à jour de plug-in, de délivrer à nouveau, de suspendre et de restaurer des mises à disposition d'applications.

Gestion de Merchandising Server Dresse la liste des tâches et procédures permettant de mettre à niveau le logiciel Merchandising Server, de modifier les paramètres du serveur, de garantir un niveau de tolérance aux pannes et de disponibilité élevé, de sauvegarder Merchandising Server et de le démarrer ou l'arrêter.

Audit des actions administratives Dresse la liste des tâches et procédures permettant de réaliser un audit des actions entreprises par un administrateur dans la console Administrateur.

Résolution des problèmes Dresse la liste des tâches et procédures permettant de dépanner Merchandising Server via l'affichage de différents fichiers journaux.

Références de métadonnées Contient le schéma et les descriptions des fichiers de métadonnées utilisés pour définir les propriétés de chacune des applications présentes dans le fichier d'installation. Un exemple de fichier est inclus.

New Features Contains a listing of new features released in this version.

Readme for Merchandising Server 1.1 Contains known issues and issues fixed in this release.

Installation Contains server requirements, system requirements and compatibility, scalability, and supported plug-ins and components. The procedure for installing Merchandising Server is also included.

Administration Contains the following administrative tasks and information:

Overview Contains an overview of the components with which the Merchandising Server interacts.

Configuring the Merchandising Server Contains an overview task list of the actions involved in configuring the server. The tasks and procedures can be viewed by expanding each topic.

Creating Deliveries Contains tasks and procedures involved in creating deliveries. This includes preparing updates, creating recipient rules, getting the delivery status, and deploying other Citrix product plug-ins.

Managing Plug-ins and Deliveries Contains tasks and procedures for removing plug-ins from a Merchandising Server or user's computer, getting plug-in updates, redelivering, suspending, and restoring deliveries.

Maintaining the Merchandising Server Contains tasks and procedures for upgrading the Merchandising Server software, changing server settings, ensuring high availability and fault tolerance, backing up the Merchandising Server, and starting and stopping it.

Auditing Administrative Actions Contains tasks and procedures for auditing the actions an administrator performs in the Administrator Console.

Troubleshooting Contains tasks and procedures for troubleshooting the Merchandising Server through viewing different log files.

Metadata Reference Contains the schema and descriptions of the metadata files used to define the properties for each of the applications present in the installer file. A sample file is included.

Features Description

Targeted deliveries Enables you to create rules-based deliveries (for contexts such as machine name, IP range, domain membership, operating system identity) to deliver IT Services to individually managed and unmanaged computers

Windows 7 Receiver and many of its components now fully support Windows 7

Reconfiguration Plug-ins can now be reconfigured from the Merchandising Server

Reporting and auditing Delivery reporting and a fulll audit trail has been added

Easier user experience We have simplified the end user download and install experience

Smaller footprint Only 1 processor and 1 GB of RAM needed for testing and small deployments

Proxy server support You can now enter settings to allow the Merchandising Server to use a proxy server

Expanded certificate support

You can now use your own certificates, including wildcard and chain certificates, with the Merchandising Server




To access complete and up-to-date product information, go to Citrix eDocs located at http://support.citrix.com/proddocs/index.jsp and expand Receiver and Plug-ins > Merchandising Server.

To access HTML-based help for the Merchandising Server, click the Help link at the top of every Administrator Console page.

To open Receiver for Windows help, right-click the Receiver icon in the notification tray and select Help.

Getting Support

Citrix provides an online user forum for technical support. This forum can be accessed at http://forums.citrix.com/category.jspa?categoryID=169 The Web site includes links to downloads, the Citrix Knowledge Center, Citrix Consulting Services, and other useful support pages.



Upgrading the Merchandising Server and Plug-ins

To upgrade the Merchandising Server, Receiver for Windows, and plug-ins, follow these general guidelines:

Merchandising Server: To upgrade the Merchandising Server, download the upgrade file and use the Configuration > Upgrade Server page in the Administrator Console. Upgrade steps are included in this topic.

Receiver for Windows: The upgraded Merchandising Server automatically handles the Receiver for Windows upgrade. The first time that Receiver for Windows synchronizes with an upgraded Merchandising Server, Receiver either prompts the user to upgrade or upgrades automatically, depending on a user's upgrade settings. When you upgrade the Merchandising Server, the upgraded Receiver for Windows client is automatically added to the download page.

Plug-ins: To upgrade plug-ins or to add new plug-ins to Merchandising Server, download the plug-in and metadata files to the Merchandising Server from the Plug-ins > Get New page, then create and schedule a delivery. You can also use that page to obtain plug-ins that run in standalone mode. Although the 1.0 version plug-ins are compatible with Merchandising Server 1.1, it is recommended that you upgrade to benefit from new functionality.

To upgrade your installation of Merchandising Server 1.1:

1. Download the Merchandising Server 1.1 RPM file. Upgrade files are available at Citrix.com.

2. In the Administrator Console, select Configuration > Upgrade Server.

3. Click Browse to locate the downloaded file and then click Upgrade.

4. Click Yes in the confirmation popup to start the software upload.

5. When the progress bar closes, wait a few minutes for the installation to complete before you refresh the page and log on.

After you upgrade the Merchandising Server, perform the following tasks.

Required: Review the information about new SSL certificate functionality in this release and then consult your security department about certificate requirements. For more information, search for the topic “Installing SSL Certificates” in eDocs.

Recommended: Use the XenCenter console to set the Appliance Terminal password.

Known Issues

Cannot update Xen Tools from the Merchandising Server [1356]

You currently cannot update the Xen Tools from the Merchandising Server.

"#" ignored in group sorting [1762]

On the Rule Create/Edit page, a "#" in a group name is ignored when groups are sorted. To locate a group name that includes a "#", look for the characters following the symbol.

Evaluation order numbers are incorrect after creation of a 1.0 to 1.1 upgrade delivery [1863]

On the Deliveries page, the delivery for the 1.0 release is labeled "PRODUCTION" and it has an evaluation order of 2. After you create and schedule your first delivery after the 1.1 upgrade, the delivery list shows the new delivery with an evaluation order of 2 and the "PRODUCTION" delivery has an evaluation order of 3. Be sure to change the evaluation order as needed for your deliveries.

Spaces in some search strings result in a row of ellipses [1870]

In some of the Reporting and Logging pages, a search string that includes a space results in a row containing only an ellipsis in each cell. Unless otherwise indicated, this issue applies to search strings with a space in any position: Leading (" name"), trailing ("name "), space only (" "), between names ("name1 name2").

From the Delivery Reporting page, searches by delivery name, user name, or machine name.

From the Enable / Disable Logging page, searches by user name if the space is between names. (Leading and trailing spaces, as well as searches by a space only, are handled correctly.)

From the View Log Files page, searches by user name if the space is between names. (Leading and trailing spaces, as well as searches by a space only, are handled correctly.)

Cannot search by domain on some pages [1871]

On the Reporting and Logging > Enable/Disable Logging page and the Reporting and Logging > Delivery Reporting page, a search string containing a full or partial domain name results in an empty table. A search string that is left empty returns results for one domain.

Some events are omitted from the audit log [1892]

The audit log generated from the Reporting and Logging > View Audit Trail page does not contain the following events:

Active Directory synchronizations

Administrator Console user logins

Citrix Update Service update checks

Enable/disable user logging and system logging changes

Trigger Client Log Collection button clicks

HTML code appears on Receiver Plug-in status page when server restart is needed [1908]

The Receiver Preferences > Advanced > Plug-in status page will contain HTML code if Receiver is unable to check for updates. To re-enable updates, restart the Merchandising Server.

Issue with creating a delivery rule for domains [1944]

If you define a delivery rule that includes the "Is Not" operator with Machine Domain Membership, the resulting delivery might not work. Until this issue is resolved, use the "Is" operator for rules based on Machine Domain Membership.

Also, the "Creating Delivery Recipient Rules" topic available from the Administrator Console Help and from eDocs should include the following information:

Rules can be defined by User Name, User Group, User Domain, Machine Domain Membership, Machine Name, IP Address or Range, or Operating System.

Spaces not permitted in delivery rules based on IP address range [1956]

When defining a delivery rule based on an IP address range, do not include spaces in the range. For example, an error occurs if the IP address range string is "10.10.10.10 - 10.20.10.10" but not if the string is "10.10.10.10-10.20.10.10".

Upload of certificate file sometimes fails [1961]

After an initial installation (not an upgrade) of the Merchandising Server, the upload of a certificate file will occasionally fail and result in an error message about an invalid SSL certificate. If this occurs, wait a few minutes and try again.



Spaces not permitted in delivery rules containing a comma-separated list [1981]

When defining a delivery rule containing a comma-separated list of user domains, machine domain membership, or machine names, do not include spaces in the list. For example, an error occurs if the list is "name1, name2" but not if the list is "name1,name2".


The following issues were fixed since the last release.

Merchandising Server does not support plug-in installer file name changes [1031]

User searches with non-English characters do not return correct results with Internet Explorer 7 [1362]

Suspended Default deliveries do not get delivered after being resumed [1526]

Cannot save edits to rule based on user or group name if more than one rule exists on Internet Explorer 7 [1529]

Unable to change a delivery that is scheduled for delivery in the future to "deliver now" [1594]

OS Rules will not work in a delivery [1612]


Copyright © 2009 Citrix Systems, Inc.


3.1.3. Administrator's Quick Start

Updated: 2010-02-11

This quick start is intended to provide tips to returning users. For complete instructions, refer to the appropriate topics under Receiver and Plug-ins > Merchandising Server > Administration.

Installing Merchandising Server Software

The Merchandising Server software is delivered as a virtual appliance image that contains all of the software necessary for running the Merchandising Server.

Getting the Merchandising Server Software

1. The Merchandising Server virtual appliance (.xva) image is available for download from the Citrix support site. The image name is similar to: citrix-merchandising-server-[releaseNumber].bz2.

Where releaseNumber is a numeric value representing the release version

2. Unpack the zip file using bz2, winzip, or other archive utility.

Importing the VM into XenCenter

Verify that you have a minimum of 8 GB of available hard disk space before proceeding.

1. Start Citrix XenCenter.

2. Select File > Import VM.

3. Click Browse, navigate to the .xva file, and click Open.

4. Select Exported VM as the Import Type and then click Next.

5. In the Home server screen of the wizard, select the XenServer instance where this VM should be imported and then click Next.

6. In the Storage screen, select the XenServer where the storage repository resides and then click Import.

The import begins and the Network screen opens.

7. In the Network screen, select the appropriate network designation. If you only have one network, select Network 0 and click Next.

8. In the Finish screen, clear the checkbox for Start VM after Import and then click Finish.

9. After the import process completes, right-click the VM and choose Properties.

10. Click the Memory and VCPUs tab, choose the amount of memory for the VM, and choose the number of VCPUs. We recommend allocating at least 4GB of memory and configuring 2 VCPUs.

11. Click OK.

12. Select the VM and click the Network tab.

13. Click the Properties button, select Auto-generate, and click OK.

14. Right-click the VM and choose Start.

15. Open the Console tab, configure network settings, enter a root password, and then save the settings.

Configuring Your Administrator Users

1. Open a browser window and enter the Administrator Console URL. The URL is similar to https://[server_address]/appliance, where server_address is your Merchandising Server host name or IP address.

2. Enter root for username, C1trix321 for the password, and click Log on.

3. Select Configuration > Configure AD.

a. Provide the Active Directory server information.

b. Click Save Changes and Sync to load your users into the Merchandising Server database.

4. Select Configuration > Permissions.

a. Enter your first or last name in the Search text box and click Search.

b. Select your name in the search results list and click Edit.

c. Select Administrator permissions and click Save.

d. Repeat the process for each of the users who will need Administrator and Auditor permissions.

5. Log out of the Administrator Console.

Configuring the Administrator Console

1. Log in to the Administrator Console with the administrator user administration credentials you just configured (above).

2. Optionally, select Configuration > SSL Certificate Management.

a. Select Export certificate signing request to produce the request.

b. Enter your company information and click Export and send this to your preferred signing authority.

c. Upon receipt of the certificate from your system administrator, select Import certificate from certificate authority from the dropdown list.

d. Click Browse to locate the certificate.cer file and click Submit.

3. Select Configuration > Options.

a. Enter support information for your users.

b. Enter your Active Directory domain name.

c. Enter the polling frequency to the Citrix Update Service.

d. Enter the user authentication token expiration date.

4. Optionally, select Configuration > Network Settings.

If you are using a proxy server, enter the configuration and authentication settings here.

Preparing Your System



Before creating a delivery, download your plug-ins and create delivery rules.

To download plug-ins

1. In the Administrator Console, select Plug-ins > Get New.

2. Select the plug-in from the list and click Download to Server or click Download All to Server.

3. Click Close in the Success pop-up.

4. Continue this process until you have downloaded all the plug-ins you want to deliver.

To create recipient rules

1. In the Administrator Console, select Deliveries > Rules.

2. Click Create at the bottom of the page.

3. Enter the rule name and description.

4. Select the rule type from the menu in the Type field. Possible values are Machine Name, User Domain Membership, Machine Domain Membership, Operating System, IP Address Range, LDAP User, and LDAP Group.

If you select LDAP User or Groups for the type, the screen shows the Search functionality.

If you select User Domain membership, Machine Domain Membership, Operating System, or IP Address Range for the type, select Is or Is Not for the Operator field and enter the appropriate value.

If you select Machine Name for the type, select either Begins With, Is Exactly, or Contains and enter the appropriate value.

5. Click Save to save your rule.

Creating Deliveries

To create a delivery

1. In the Administrator Console, select Deliveries > Deliveries.


3. In the General tab, enter the general information for the delivery.

4. In the Plug-ins tab, click Add and select the checkboxes for the plug-ins to deliver; click Add again.

5. Click the Config tab and enter the plug-in specific values.

6. Click the Rules tab.

a. With Basic link enabled, select the operator type (ADD or OR) and click Add.

b. Select the checkbox for the rules to add and click Add. The selected items are added to the delivery.

7. Click the Schedule tab. Define the delivery schedule time and date or click Now.

Click Schedule to complete the process.

Your system is now ready for your users to download Citrix Receiver at your internal site address. Once they have download the Receiver, it will automatically fetch your scheduled delivery and install the plug-ins.


3.1.4. Installation

Updated: 2009-10-16

The Merchandising Server software is packaged as a virtual appliance image. The virtual appliance image when imported onto XenServer, creates a fully functional virtual server.

System Requirements

Importing the Virtual Appliance


3.1.4.1. System Requirements

Updated: 2009-10-27

Before you install the Merchandising Server virtual image, verify that the following requirements are met:

Contents

Server Requirements

System Requirements and Compatibility

Scalability

Supported Plug-ins and Components

Server Requirements

XenServer 5.x — The instructions in this section describe the installation process using XenCenter on a XenServer 5.x server. To download a free version of XenServer Express, go to http://www.citrix.com and select Products & Solutions > Products > XenServer.

Active Directory — Your corporate directory must be accessible through Active Directory.

System Requirements and Compatibility

Citrix XenServerTM 5.x with 8 GB of available disk space and 1 GB available RAM. You can download the XenServer free of cost from http://www.citrix.com.

One of the following browser versions is required to use the Citrix Merchandising Server Administrator Console:

Internet Explorer version 7.x.

Firefox version 2.x and later

Scalability

The Merchandising Server capacity depends on the amount of RAM and number of CPUs configured for the virtual appliance. The frequency of plug-in updates is the primary driver of the Merchandising Server performance and bandwidth requirements. Based on simulated user traffic load, concurrent users requests, the number of plug-in installations in the busy hour, and recommended maximum number of Receivers are shown below for three sample configurations. Contact Citrix if you require a higher capacity.

Merchandising Server Configuration

Maximum Simultaneous Concurrent User Requests*

Maximum Number of Plug-ins Delivered Per Hour

Recommended Maximum Number of Receiver Users

Maximum Busy Hour Bandwidth Consumption (Mbps)

4 GB/2 CPU 600 30000 15000 125

2 GB/1 CPU 100 20000 10000 83

1 GB/1 CPU 8 6500 500 27



*Based on a test where each request involved downloading four plug-ins.

Supported Citrix Plug-ins

The following table lists the plug-ins that are compatible with Merchandising Server Release 1.1, as well as the operating systems supported by those plug-ins:

Documentation for the Citrix components supported by Citrix Merchandising Server is available at http://support.citrix.com/proddocs/index.jsp and through the Plug-ins > Get New page in the Merchandising Server Administrator Console.


3.1.4.2. Importing the Virtual Appliance

Updated: 2009-09-30

You install the Merchandising Server virtual appliance using Citrix XenCenter for XenServer 5.0 (Express, Standard, Enterprise, or Platinum Edition). For information on upgrading the Merchandising Server software, see Upgrading the Merchandising Server.

1. The Merchandising Server virtual appliance (.xva) image is available for download from the Citrix download site. The image name is similar to citrix-merchandising-server-[releaseNumber].bz2. Where [releaseNumber] is a numerical value representing the release.

2. Unpack the zip file using Bz2 or another archive utility.


Important: Verify that you have a minimum of 20 gigabytes of available hard disk space before proceeding.

4. In XenCenter, choose File > Import VM.

5. Click Browse, navigate to the .xva file, and click Open.

6. Select Exported VM as the Import Type and then click Next.

7. In the Home server screen of the wizard, select the XenServer instance where this VM should be imported and then click Next.

8. In the Storage screen, select the XenServer where the storage repository resides and then click Import. The import begins and the Network screen opens.

9. In the Network screen, select the appropriate network designation. If you only have one network, select Network 0.

10. Click Next.

11. In the Finish screen, clear the checkbox for Start VM after Import and then click Finish.

The import progress is displayed in the status bar at the bottom of the XenCenter window and also on the Logs tab. The import process may take some time, depending on the size of the VM and the speed and bandwidth of the network connection between XenCenter and the server where you are installing the new VM. Under optimum conditions this could take as little as 5 minutes.

After the import process completes, you can specify the amount of memory to be allocated to this VM before starting the VM.

12. Right-click the VM in the XenCenter window and choose Properties to allocate memory and number of VCPUs for the VM.

a. Click the Memory tab and VCPUs tab and choose the amount of memory for the VM.

Note: We recommend that you allocate at least 4Gb of memory.

b. Click the VCPUs tab and choose the number of VCPUs.

Note: We recommend that you allocate at least 2 VCPUs.

13. Configure the VM for an auto-generated MAC address. (The VM does not function properly without a unique MAC address.)

a. In the XenCenter window, select the VM and click the Network tab.

b. Click the Properties button and select Auto-generate.

c. Click OK.

14. In the XenCenter window, right-click the VM and select Start. The VM starts and the Network Configuration Utility opens.

15. Enter the numerical values as directed on the screen to establish the IP address, netmask, default gateway, and a DNS server for this server.

Note: The Merchandising Server does not support DHCP.

Note: An asterisk is displayed by each setting that you have changed but not saved.

16. Enter 9 to save your settings as directed on the screen.

Note: There is one more option available in this utility that is not displayed on the screen. Entering an uppercase 'R' resets all the values, including the root password, to the factory defaults. Use caution when using this feature.

You have completed the installation and configuration of the virtual machine.

Want More Information?

Changing Server Network Setting

Configuring the Administrator Console


3.1.5. Administration

Updated: 2009-10-16

The Merchandising Server is administered through the Administrator Console.

Overview

Configuring the Merchandising Server

Creating Deliveries

Managing Plug-ins and Deliveries

Maintaining the Merchandising Server

Auditing the Administrative Actions

Plug-in Compatible Operating Systems

Acceleration plug-in 5.5.0.128 Windows XP Professional, Vista (32-bit)

EasyCall 2.2.1.872 Windows XP Professional, Vista, Windows Server 2000 and 2003

EasyCall 3.0.0.0950 Windows 7, XP Professional, Vista, Windows Server 2003 and 2008 (32- and 64-bit)

Online plug-in 11.2.0.31560 Windows 7, XP Professional, Vista, Windows Server 2003 and 2008 (32- and 64-bit)

Offline plug-in 5.2.0.1227 Windows 7, XP Professional, Vista, Windows Server 2003 and 2008 (32- and 64-bit)

Profile Management plug-in 2.0.1.48 Windows XP Professional, Vista, Windows Server 2003 and 2008 (32- and 64-bit)

Secure access plug-in 4.6.1.27 Windows 7 and Vista (32- and 64-bit), XP Professional (32-bit)

Secure access plug-in 9.1.96.4 Windows XP Professional, Vista (32-bit)

Service monitoring plug-in 5.2.3012.0 Windows 7, XP Professional, Vista (32- and 64-bit)



Troubleshooting

Metadata Reference


3.1.5.1. Overview

Updated: 2009-10-16

Merchandising Server is the head-end infrastructure component – used in conjunction with Receiver – that allows you to create, deliver and manage a high quality end user experience on laptops, desktops, and smart phones.

With Merchandising Server, you can easily “merchandise” your IT services in a convenient, simple way that seamlessly connects users to virtual applications, desktops, and other services – in the same way retail merchandising managers create a compelling shopping experience for their customers.

About Merchandising Server

Components

Security


3.1.5.1.1. About Merchandising Server

Updated: 2009-09-30

Easily “Merchandise” Virtual Apps and Desktops

With centralized management, the Merchandising Server allows you to “merchandise” virtual applications and desktops across the entire organization. The Merchandising Server sits in front of the XenApp and XenDesktop infrastructure and facilitates not only the delivery of virtual apps and desktops but more importantly also allows you to provide a simple and intuitive end user experience.

Simplifies Setup and Distribution

The Merchandising Server provides easy management, setup, and distribution to your end users of the Citrix Receiver, plug-in software, and updates. For users, Receiver’s one-time setup is simple, fast, and easy. Users simply point any browser to the setup site included with Merchandising Server. Two clicks and the setup process starts. From a fresh PC or laptop to fully provisioned with the broad range of IT services – from applications to virtual desktops - anywhere in the world in less than 15 minutes (depending upon network connection).

Citrix Merchandising Server comes packaged as a virtual appliance that:

Manages the setup of Citrix Receiver

Enables “plug-ins” to support multiple types of delivery services

Centralizes management of all updates

Enables access to web-based user support services

Offers robust management reporting features

Receiver supports 32-/64-bit of Windows XP, Vista, Server 2003, and Server 2008.

It is strongly recommended that Citrix Receiver for Windows be used with the Citrix Merchandising Server. For specialized applications, Receiver for Windows may be installed with compatible plug-ins independent of the Merchandising Server.

Once installed, the Receiver fetches the delivery information from the Merchandising Srever and installs the plug-ins.

After installation is complete, the Receiver starts its plug-ins in the correct order ensuring that connectivity services are available for plug-ins that require it.

Use the Merchandising Server and Receiver for Windows in combination to simplify desktop and application delivery. The Receiver infrastructure provides:

Seamless installation

Your users install Receiver for Windows on their devices. If a download is interrupted, the Receiver silently resumes the action when the connection is restored. When installation is complete, the Receiver immediately installs the scheduled plug-ins without requiring the user to enter any information. The Receiver can even be installed from outside of the company firewall. Upgrades are pushed down and run automatically.

Managed connections to delivery services

The Receiver uses the Citrix secure access plug-in to supply secure connectivity, enabling users access to business-related applications from anywhere.

Simplified administration

Use the Merchandising Server to deliver plug-ins in one action. The Merchandising Server retrieves plug-in updates from the Citrix Update Service and presents the update list to you through the Administrator Console.

Simplified installation and upgrade

Import the Merchandising Server virtual appliance through Citrix XenServer. Upgrades to the Merchandising Server are imported directly through the Administrator Console.


3.1.5.1.2. Components

Updated: 2009-09-30

The Citrix Receiver end-to-end infrastructure consists of four components: Citrix Merchandising Server

Citrix Receiver Client

Citrix Update Service

Software Development Kit


3.1.5.1.2.1. Citrix Merchandising Server

Updated: 2009-09-30

The Merchandising Server resides in your data center and requires the connectivity shown in the following diagram. The Merchandising Server is managed using the administrator console and is delivered as a virtual appliance ready to import into your XenServer environment.



Configure the Merchandising Server to connect to:

Microsoft Active Directory server

The Merchandising Server acquires user and group information from your Active Directory.

The Merchandising Server uses the imported user and group information to:

Display the list of users you can grant Administrator and Auditor permissions — See Granting Administrator and Auditor Permissions.

Display the list of user and group names that you use to create the distribution list for plug-in deliveries — See Creating Deliveries.

Receiver for Windows

The Receiver for Windows software, installed on end user devices, connects to the Merchandising Server through HTTPS.

The Merchandising Server uses Secure Sockets Layer (SSL) on port 443 to communicate with the Receiver.

Citrix Update Service

Citrix posts new and updated plug-ins to the Citrix Update Service. For more information, see Preparing Updates.


3.1.5.1.2.1.1. Administrator Console

Updated: 2009-09-30

Use the Administrator Console to configure and update the Merchandising Server, synchronize with Active Directory, and create and manage plug-in deliveries.

Use the console to configure and manage the following components:

Plug-ins — Prepare and process plug-ins for creating a delivery. See Preparing Updates.

Deliveries — Create and maintain deliveries and recipient rules. See Scheduling Deliveries. Rules — Create rules to define the recipients list for the delivery. The recipients can be defined by machine name, IP address, and domain names.

Deliveries — Deliveries contain plug-ins, configurations, rules, and a schedule.

Reporting and Logging — Check the status of your deliveries. See Getting Delivery Status and Triggering Client Log Collection.

Configure the following features: Grant user permissions — Granting Administrator and Auditor Permissions.

Configure and Sync Active Directory — Connecting to Active Directory.

Install SSL Certificates — Installing SSL Certificates.

Update Service Polling Frequency — Citrix Update Service.

Token Expiration Frequency — User Authentication.

Default domain name — Configuring Default Domain Name.

HTTPs redirection — Disabling HTTPS Redirection.

Support Contact Information — Configuring Support Contact Information.

Proxy Server — Configuring the Proxy Server

Upgrade Merchandising Server — Upgrading the Merchandising Server Software.


3.1.5.1.2.2. Receiver Client

Updated: 2009-10-12

The Receiver installation can be pushed using your standard ESD process, or installed by your users through the Citrix Receiver Download page deployed either inside or outside of your company’s firewall.

Once installed, Receiver downloads, updates, and starts its managed plug-ins without user interaction.

For more information about Receiver, see Receiver Overview.


3.1.5.1.2.3. Citrix Update Service

Updated: 2009-09-30

The Citrix Update Service web site contains all the latest updates to the Citrix plug-ins.


3.1.5.1.2.4. Software Development Kit

Citrix Receiver has an extensive set of APIs which provide the functionality required to integrate applications with the Citrix Receiver. For a complete list of the APIs, their descriptions, and other useful information such as integration tips and the metadata required to install your applications, contact [email protected].


3.1.5.1.3. Security



Updated: 2009-09-30

Security is ensured through:

User Authentication

Secure Data Transfer


3.1.5.1.3.1. User Authentication

Updated: 2009-09-30

To ensure that only registered users can access the Merchandising Server for updates, users are authenticated each time they access the Merchandising Server.

When users install the Receiver, they are prompted to log on to the Merchandising Server. The Merchandising Server verifies the credentials against Active Directory accounts. If the user is authenticated, the Merchandising Server creates a client token for future user authentication. The token is downloaded and installed on the client device. When the Receiver subsequently communicates with the Merchandising Server, it uses the token for authentication.

Configure token expiry in the administrator console.


3.1.5.1.3.2. Data Transfer

Updated: 2009-09-30

All data transfers are handled using HTTPS protocol to ensure secure data transfer.


3.1.5.2. Configuring the Merchandising Server

Updated: 2009-10-16

Use the administrator console to configure the Merchandising Server.

To configure the Merchandising Server, you must:

1. Log on to the Administrator Console with root permissions.

2. Synchronize the Merchandising Server with Active Directory.

3. Grant your user name Administrator permissions.

4. Log off the Administrator Console and log back on with your user name.

5. Optionally, install SSL certificates.

6. Configure server options.

7. Optionally, configure proxy server.

When you have completed these configurations, you are ready to create deliveries.

This section contains the following topics.

Configuring your Administrator Account

Logging on as Administrator

Configuring Server Options

Installing SSL Certificates

Configuring the Proxy Server


3.1.5.2.1. Configuring your Administrator Account

Updated: 2009-09-24

To set up your administrator account you need to:

Log on to the Administrator Console with root — Logging on as Root.

Configure your corporate Active Directory — Connecting to Active Directory.

Grant Administrator administrator permission to your Active Directory user account — Granting Administrator and Auditor Permissions.


3.1.5.2.1.1. Logging on as Root

Updated: 2009-09-30

Log on using the root user credentials. Once you are successfully logged on you can grant administrator permissions to user accounts, including your own.

To log on to the Administrator Console with root username

1. In a web browser, enter the URL for the Administrator Console. It is similar to https://[serverAddress]/appliance. Where the serverAddress is either the IP address or the host name of the Merchandising Server.

2. Enter the 'root' user name and password and then click Log on. The root user log on credentials are: User name: root

Password: C1trix321

Note: User login credentials are case-sensitive.

The Administrator Console opens to the Set Up page.

The Configurations > Permissions, Configure AD, and Change Root Password nodes are displayed with root logon to the Administrator Console.

Next Steps?

Resetting the Root Password

Connecting to your Active Directory Server

Granting Administrator and Auditor Permissions


3.1.5.2.1.2. Resetting Root Password



Updated: 2009-09-30

We recommend that you reset the root user password immediately.

1. In the Administrator Console, click Change Root Password.

2. Enter the current password in the Old Password field and enter the new password in both the New Password and Confirm Password fields. The new password must be at least 8 characters, include both alphabetic and numeric characters, and contain at least one upper case character.

3. Click Change Password.


Connecting to Active Directory



3.1.5.2.1.3. Connecting to Active Directory

Updated: 2009-09-28

The Merchandising Server connects to your Active Directory (AD) server to retrieve user and group information. In the Administrator Console, you use this information to assign user permissions, and define the recipients list for your deliveries.

By default, the Merchandising Server imports information from the configured directory source daily. You can change the frequency as described below. You can also force a synchronization to occur immediately. When you first configure the system, you must force a synchronization to complete the configuration tasks by using the Save Changes and Sync button.

If you change the AD server configuration, the Merchandising Server automatically deletes, updates, and adds the user information from the new server.

1. Log on to the Administrator Console with root credentials and select Configure AD.

2. Enter the settings as described in the following table:

3. Enter the frequency for your AD synchronization. Available options are Daily, Weekly, Monthly, or Quarterly.

4. Click Save Changes and Sync to have the directory synchronized with the Merchandising Server immediately. The Administrator Console informs you when the synchronization is complete in the status bar.

Next Steps?


Logging on as the Administrator


3.1.5.2.1.4. Granting Administrator and Auditor Permissions

Updated: 2009-09-28

You must first grant administrator permissions to your Active Directory user account before you can complete the Administrator Console configuration tasks. Only users logged in with administrators permissions or logged in as root can grant administrative permissions.

There are three levels of permissions in the Administrator Console as shown in the following table:

To grant Administrator permissions to your user account

1. Log on to the Administrator Console with root credentials and select Configurations > Permissions. When you first access this page, the user list is blank, you must locate your user name and give yourself (and others) Administrator or Auditor permissions before this page contains data.

2. Enter the first few characters of your user’s first or last name in the search text field and click Search. The list of all user names that match your search string is displayed.

3. Select the checkbox for your user name and click Edit.

4. Select the appropriate permission level in the Edit User Permissions popup and click Save. You can set the permissions to give all of your administrator access to the Administrator Console now or come back and do this later. You have completed the process for setting up your user account. Repeat the process to give Auditor permission to at least one user. If you do not do this now, you will have to log on to the Administrator Console with root credentials again to grant Auditor permissions. After you have finished this, log out of the root user session.

5. Close the search popup by clicking the top-right corner.

6. Click Log off in the top-right of the Administrator Console to log out. The remaining configuration tasks are completed when you log back in with your administrator user account.

Next Steps?





Setting Description

Source Name A descriptive name for the directory source.

Server Address

Server Port

The IP address or host name for the AD server to be used to import directory information.

The AD Server Port for some AD directories is typically 389. If you are using an indexed database, changing the AD Server Port to 3268 significantly speeds up AD queries.

If your directory is not indexed, we recommend that you use an administrative connection, rather than an anonymous connection, from the Merchandising Server to the database. Download performance improves when you use an administrative connection.

Bind DN

Bind Password

The Administrator Bind DN and password for queries to your AD directory.

Example syntax for Bind DN:

"[email protected]"

Base DN The Base DN used as a starting point for directory searches.

Example syntax for Base DN:

"cn=Users,dc=ace,dc=com")

Permission Access Grantee

Administrator All Admin Console functionality except the Audit Trail Reports Other Administrators and root

Auditor Audit Trail Reports and Permissions Other Auditors and root

root Permissions and Active Directory Synchronization. N/A



3.1.5.2.2. Logging on as Administrator

Updated: 2009-09-30

Once you have configured the permissions for your administrator account, you can log on to the Administrator Console with your administrator account credentials to complete the configuration items:




To log on as an administrator

1. In a web browser, enter the URL for the Administrator Console. It is similar to https://[serverAddress]/appliance. Where serverAddress is the Merchandising Server IP address or the host name.

2. Enter the your user name and password and then click Log on. Your user name is the Active Directory user account with domain name that you configured in Granting Administrator and Auditor Permissions.

User name: Enter the user name in the form of domain\username.

Password: Your Active Directory user name password.

Note: The credentials are case sensitive.

The Administrator Console opens.

You can now complete the configuration process.

Next Steps?





3.1.5.2.3. Configuring Server Options

Updated: 2009-09-24

The Configurations > Options page in the Administrator Console contains the following Merchandising Server and Receiver for Windows configuration parameters:

Support Contact information — The support contact information presented to the user through the Receiver Preference panel, see Configuring Support Contact Information.

Default Domain Name — The default domain name for user credentials, see Configuring Default Domain Name for more information.

HTTP Redirection — Enable or disable automatically redirected to HTTPS, see Disabling HTTPS Redirection for more information.

Citrix Update Service Polling Frequency — The frequency for poling the Update Service for plug-in updates, see Defining Update Service Polling Frequency.

Token Expiration Frequency — The expiration interval for the unique token used to authenticate users, see Defining Token Expiration Frequency.


3.1.5.2.3.1. Configuring Support Contact Information

Updated: 2009-09-28

The Configurations > Options page contains the features for configuring the support contact information that populates the Preference panel Help and Support tab in the Receiver. You can define the support email address, web site, phone number, and if you have GoToAssist, you can define the server location for your users.

To define support contact information

1. Log on to the Administrator Console as administrator and select Configurations > Options. The first four fields are used to populate the Receiver Preference panel Help and Support page.

2. Enter the support contact information as shown in the following table.

Field names for which you have not entered values in the Options page are not displayed in the Receiver.

3. Click Save Changes.


Defining Token Expiration Frequency

Disabling HTTPS Redirection



3.1.5.2.3.2. Configuring Default Domain Name

Updated: 2009-09-28

You can make the user experience a little easier by including your Active Directory domain name in the Default Domain field on the Configurations > Options page. If you configure this option, when your users log on the Merchandising Server or the Administrator Console, they only need to enter their Active Directory user name.

To define the default domain name

1. Log on to the Administrator Console as administrator and select Configurations > Options.

2. Enter your Active Directory server domain name in the Default Domain field.




Defining the Citrix Update Service Polling Frequency



Field Description

Support email address The email address for your end users to contact support. The value in this field must be in a valid email address form such as [email protected].

Support website If you have a support web site for your end users to access, enter the http or https address here. The value should be in the form of http(s)://support.acme.com.

Support phone number The value for this field is not validated, you can enter an extension or include international dialing numbers.

GoToAssist server This is the fully qualified address for you GoToAssist server in the form of http(s)://www.gotoassist.acme.com.




3.1.5.2.3.3. Disabling HTTPS Redirection

Updated: 2009-09-28

By default, any attempt to access the Merchandising Server through http protocol is automatically redirected to https. If you are deploying several Merchandising Servers behind one address and deploying a commercial SSL certificate, you may want to disable this feature. The disable feature is designed for a system deployment that includes multiple server machines in different geographical areas. As each Merchandising Server uses a different SSL private key, it's not possible to purchase a single commercial SSL certificate that can be installed on all those machines. Instead, you can use NetScaler in 'Transparent SSL' or 'SSL Offload' mode.

In this configuration, Receiver for Windows appears to communicate in SSL to the https address of the Merchandising Server, but this is actually the NetScaler box. The Netscaler sends geo-load balance commands using HTTP protocol to the appropriate server.


2. For the Https Redirection field, click Disabled to stop the automatic redirection.


The Merchandising Server restarts to reset this property. You can log back on to the Administrator Console in a few minutes.




Configuring Default Domain Name



3.1.5.2.3.4. Defining Update Service Polling Frequency

Updated: 2009-09-28

The Polling Frequency settings in Configurations > Options allows you to specify how often the Merchandising Server requests update information from the Citrix Update Service. The Citrix Update Service contains the latest plug-in updates and is used to populate the list of new plug-ins ready for download at Plug-ins > Get New.


2. Select a value from the Polling Frequency dropdown menu to define how often the Merchandising Server checks for plugin updates. The possible options are Week, 2 Weeks, and 4 Weeks. By default, the Merchandising Server checks the Citrix Update Service for updates daily at 12:01am.







3.1.5.2.3.5. Defining Token Expiration Frequency

Updated: 2009-09-28

The first time Receiver for Windows requests a delivery from the Merchandising Server, the user enters their user credentials for access. As soon as the user is authenticated, a unique token is generated and installed on the user's computer. Subsequent requests from the Receiver to the Merchandising Server are validated with this token, eliminating the need for repeated logons.

The Token Expiration field in the Configurations > Options page allows you to specify the expiration interval. When the token expires, the user will be required to to re-enter his credentials before the Receiver can access the Merchandising Server for delivery updates. Once the credentials have been authenticated again by the Merchandising Server, a new token is generated and affective for the interval you specify here.


2. Select a value from the Token Expiration dropdown menu to define the interval for token expiration. The default value for token expiration is 6 months.







3.1.5.2.4. Installing SSL Certificates

Updated: 2009-10-05

Important: All communications between the Merchandising Server and the Receiver client are encrypted with SSL. The Merchandising Server contains a temporary 30-day certificate. You are required to replace or renew this certificate within 30 days to ensure uninterrupted communication.

You can replace the temporary SSL certificate on the Merchandising Server with the following certificate types:

An existing SSL certificate, such as a wildcard certificate. Your existing certificate has a private key file that was generated by a server other than the Merchandising Server. The private key file for the certificate must have an associated password (also known as a pass phrase). When you import an existing certificate, you must also import the private key file.

An SSL certificate that you obtain by generating a certificate signing request from the Merchandising Server. You provide the certificate signing request to an internal or public certificate authority. Consult your security department to find out the CA required by your company and the procedure for obtaining server certificates.

If your company generates custom certificates using Microsoft Certificate Services, you may wish to use that process to obtain a signed certificate. See Creating a Certificate Signing Request for instructions on how to generate the certificate signing request. Once the certificate is issued, you download the signed certificate with Base 64 encoding method and use the instructions to import the certificate to your Merchandising Server, see Importing Certificates and Creating Signing Request for Microsoft Certificate Services for instructions on obtaining a certificate using Microsoft Certificate Services.


Generating a Self-signed SSL Certificate

Importing Certificates

Creating Signing Request for Microsoft Certificate Services

Installing Local Or Customized SSL Root Certificates on Client Devices




3.1.5.2.4.1. Generating a Self-signed SSL Certificate

Updated: 2009-10-05

A self-signed certificate is already installed on the Merchandising Server. A self-signed certificate is only valid for 30 days and requires that users accept a security exception for a certificate that was not issued by a trusted certificate authority. If you choose to use the self-signed certificate, you must renew it every 30 days by generating it again, as follows.

1. Log on to the Administrator Console as administrator and select Configurations > SSL Certificate Management.

2. Select Generate a self-signed certificate from the Select an action dropdown.

3. In Common Name, enter the host name or IP address for the Merchandising Server. The value you enter in Common Name must be the same value you use to access the Merchandising Server.

4. Complete the rest of the fields. Use the on-screen hints to guide your input. If you have questions about completing these fields, contact your company’s certificate expert.

5. Click Submit to generate a self-signed certificate for this Merchandising Server.

The certificate fingerprint appears in the Certificate Status area and the Merchandising Server restarts.


Creating a Certificate Signing Request

Importing the Root Certificate

Creating a Signing Request for Microsoft Certificate Services



3.1.5.2.4.2. Creating a Certificate Signing Request

Updated: 2009-10-14

To obtain an SSL certificate from a certificate authority, you can use the Administrator Console to generate a Certificate Signing Request (CSR) required by the CA. You can then purchase a certificate from the CA by providing the completed CSR. The Merchandising Server also supports certificates whose CSR was generated by other servers.


2. Select Export certificate signing request from the Select an action dropdown to create the certificate signing request.

3. In Common Name, enter the host name or IP address for the Merchandising Server and complete the rest of the fields. Use the on-screen hints to guide your input. If you have questions about completing these fields, contact your company’s certificate expert.

4. Click the Export button to download the server.csr file that you provide to the CA to obtain a certificate.

5. Follow your company’s procedure for contacting the appropriate CA to obtain a certificate. Have the following information available: The CSR that you exported in the previous step.

Server platform information: The server platform is Apache and the certificate usage is Web Server. Not all CAs require this information.

The CA provides an SSL server certificate as well as the root certificate.


Generating a Self-signed SSL Certificate


Importing Root Certificate




3.1.5.2.4.3. Importing Certificates

Updated: 2009-10-14

To replace the temporary certificate, you must import a server certificate into the Merchandising Server. The following procedure explains how to import server, intermediate, and chain certificates as well as private key files.


2. Select Import certificate from a certificate authority from the Select an action dropdown.

3. Specify the files to be imported, based on the type of certificates you are using, as follows. To import certificates generated from the Merchandising Server

a. Across from Public cert file, click Browse to locate the certificate file on your local computer.

b. If you have an intermediate certificate file, click Browse to locate the intermediate file. The Merchandising Server already has the private key file needed for the certificate requests that it generates. Do not upload a private key file for this type of certificate.

c. Click Submit to upload the certificate(s).

The Certificate Status text box displays information about the certificate upon successful completion.

To import certificates generated from other servers

a. Across from Public cert file, click Browse to locate the certificate file on your local computer.

b. If you have an intermediate certificate file, click Browse to locate the intermediate file.

c. Across from Private key file, click Browse to locate the private key file for the certificate.

d. Enter the Private key password (also referred to as the pass phrase) for the private key file.

e. Click Submit to upload the certificate(s) and private key file.


To import chain certificates

a. Prepare the chain certificate file for import. First use a text editor to separate the server certificate into a separate file. The resulting intermediate certificate file will then contain the remaining certificates, with the root certificate at the end and the next intermediate certificate authority certificate above it, as follows.

----BEGIN CERTIFICATE---- [intermediate certificate B goes here] ----END CERTIFICATE---- ----BEGIN CERTIFICATE---- [intermediate certificate A goes here] ----END CERTIFICATE---- ----BEGIN CERTIFICATE---- [root certificate goes here] ----END CERTIFICATE----

In rare cases, you will need to assemble the intermediate certificate file from several files. If so, just make sure that its order is as shown above. Use a text editor to make changes to certificate files.

b. Across from Public cert file, click Browse to locate the certificate file on your local computer.

c. Across from Intermediate certificate file, click Browse to locate the intermediate file.



d. If the request for the chain certificate was not generated by the Merchandising Server, click Browse to locate the private key file for the certificate.

e. If you specified a private key file, enter the Private key password (also referred to as the pass phrase) for the private key file.

f. Click Submit to upload the certificates and, if applicable, private key file.


The Merchandising Server restarts.






3.1.5.2.4.4. Creating Signing Request for Microsoft Certificate Services

Updated: 2009-09-30

The following describes a generic process for requesting and downloading signed certificate from your internal signing authority.

1. Open a browser and enter your company’s certificate services URL.

2. Select the link to request a certificate.

3. Select the link to submit a request using a base 64 encoded CMC or PKS #10 file or a renewal request by using a base-64 encoded PKSCS #7 file.

4. Paste the contents of your signed certificate request into the Saved Request field, see Creating a Certificate Signing Request.

5. Select Web Server in the certificate template field.

6. Click Submit.

7. When the certificate is issued, select the Base 64 encoding method and download the signed certificate.

Follow the instructions at Importing the Root Certificate to import the certificate to your Merchandising Server.



Importing the Root Certificate



3.1.5.2.4.5. Installing Local or Customized Certificates on Client Devices

Updated: 2009-09-30

Communications between the Receiver and the Merchandising Server are SSL encrypted. As a result of this, you need a root certificate on the client device that can verify the signature of the Certificate Authority on the Merchandising Server certificate.

If you are using SSL certificates from a local or custom Certificate Authority, you must distribute the root certificates so that they are available for all users in the centralized local computer certificate store, not just the main desktop user. If the root certificates are not available in the centralized local computer certificate store, Receiver for Windows cannot receive updates from the Merchandising Server.

The plug-ins installed on your users' computers support the Certificate Authorities that are supported by the Windows, Windows 7, or Vista operating system. The root certificates for these Certificate Authorities are installed with Windows and managed using Windows utilities. They are the same root certificates that are used by Microsoft Internet Explorer.


3.1.5.2.5. Configuring the Proxy Server

Updated: 2009-09-28

Note: If you are not using a proxy server, skip this configuration step. You are now ready to start creating deliveries, see Creating Deliveries.

If you are using a proxy server for external internet access, your proxy server configuration parameters are needed by the Merchandising Server to access the Update Service for plug-in updates. If you are using a proxy server and have not provided your configuration parameters, plug-in updates will not be available.

1. Log on to the Administrator Console as administrator and select Configurations > Network Settings.

2. Select the Enable Proxy Server checkbox. The Server Address and Server Port fields are displayed.

3. Enter your proxy server IP address or domain name and port number.

4. If user authentication is required, select the Enable Authentication checkbox. (Note: If user authentication is required, users need https access only.) The User Name and Password fields display.

5. Enter the user name and password for proxy server authentication.







3.1.5.3. Creating Deliveries

Updated: 2009-10-16

Before creating a delivery you must upload the plug-in installation and metadata files to the Merchandising Server and create delivery recipient rules. Plug-ins available for delivery are posted to the Citrix Update Service and are viewed and downloaded from the Plug-ins > Get New in the Administrator Console. The readme and Eula files for each of the plug-ins can also be viewed from this location and from Plug-ins > Uploaded Plug-ins.

This section contains the following topics.

Preparing Updates

Creating Delivery Recipient Rules

Creating Deliveries

Getting Delivery Status

Deploying other Citrix Products and Features


3.1.5.3.1. Preparing Updates



Updated: 2009-10-01

The Merchandising Server uses metadata files to ensure that plug-in deliveries to your users are silent and seamless. Metadata files are XML files that are paired with the plug-in install files to define the requirements for install, upgrade, and uninstall on your end users' computers.

You can upload the plug-in files directly from Plug-ins > Get New to the Merchandising Server.

The Plug-ins > Uploaded Plug-ins page contains the list of the plug-ins that you have uploaded to the Merchandising Server. You can remove plug-ins from the Merchandising Server and view plug-in readme and licensing files from this area.


Downloading Plug-ins to the Merchandising Server


3.1.5.3.1.1. Downloading Plug-ins to the Merchandising Server

Updated: 2009-10-06

To download plug-in files to the Merchandising Server

1. In the Administrator Console, select Plug-ins > Get-New.

2. Select the plug-in from the listing and click Download to Server.

3. When the download is complete, click Close in the status popup. The plug-in is now available to include in a delivery.

The list of plug-ins ready for delivery is always available through Plug-ins > Uploaded Plug-ins.


Scheduling Deliveries


3.1.5.3.2. Creating Delivery Recipient Rules

Updated: 2009-09-30

Delivery recipients are defined based on the rules you create. Rules can be defined by User Name, User Group, User Domain, Machine Name, IP Address, or Operating System. You can create as many rules as you need and use them individually or in combination to define a set of delivery recipients.

Note: One delivery can be defined as the default delivery. The default delivery cannot contain rules. For more information on the default delivery, see Defining General and Installation Delivery Information.

To create a recipient rule

1. In the Administrator Console, click Deliveries > Rules.


3. Enter the rule name and description.

4. Select the rule type from the dropdown menu and complete the steps as described in the following table.

5. Click Save to save your rule. You can now use this rule when creating new deliveries.


Adding Rules to Deliveries

Creating Deliveries


3.1.5.3.2.1. Rules: Use Case Scenario for Creating Targeted Deliveries

Updated: 2009-10-01

Targeted deliveries allow different types of users and computers to have specific plug-in deliveries and configurations. Targeted deliveries use a rules-based system. The first step is to create rules based on the items below; the second step is to apply the rules, along with other parameters, to a delivery.

The following scenario provides an example of how a university IT department might use rule types to serve the specific needs of staff, faculty, students, offices, labs, home computers, and more.

If you select ... Do the following ...

LDAP User Namea. Enter the user name in the Search field.

b. Select user name checkbox from search results.

c. Click Add.

User Domain membershipa. Select the Operator from the dropdown list. The possible options are Is and Is Not

b. Enter the domain membership name in the Value field.

LDAP Group Namea. Enter the group name in the Search field.

b. Select group name checkbox from search results.

c. Click Add.

Operating Systema. Select the Operator from the dropdown list. The possible options are Is and Is Not

b. Select operating system value from the dropdown menu.

IP Address Rangea. Select the Operator from the dropdown list. The possible options are Is and Is Not

b. Enter the IP address in the Value field.

Machine Namea. Select the Operator from the dropdown list. The possible options are Begins With, Contains, and Is Exactly

b. Enter the machine name in the Value field.

Machine Domain membershipa. Select the Operator from the dropdown list. The possible options are Is and Is Not

b. Enter the domain membership name in the Value field.

Rule Type Used For...

User Domain Delivering plug-ins and/or configurations based upon user-domain membership. For example, a university could use this type of rule to deliver certain services and applications to students, others to staff, and still different services to faculty where each group belonged to a different domain.

Computer Domain Delivering plug-ins and/or configurations based upon a machine-domain membership. For example, a university could use this type of rule to deliver specific services and applications to office, lab, personal, and student computers that below to different machine domains.




3.1.5.3.3. Creating Deliveries

Updated: 2009-09-30

Note: You must create recipient rules before creating a delivery, see Creating Delivery Recipient Rules. Additionally, you must load at least one plug-in onto your server before you can create a delivery. See Downloading Plug-ins to the Merchandising Server.

When you create a delivery, you define the following information:

General — Define delivery name, description, server polling frequency for delivery updates. See Defining Installation Parameters.

Plug-ins — Select plug-ins for delivery. You are actually selecting both the install and the metadata files for the given plug-in. The metadata files for each plug-in are preconfigured and don’t require modification. However, if you wish to edit the metadata files, the metadata schema and a sample metadata file are provided for you in Metadata Reference.

Configuration — Many of the plug-in configuration parameters are defined in its metadata file, but some parameters may change by delivery such as the location of its server. In this case, the server location is provided on this page, see Configuring Plug-in Parameters.

Rules — Create rules based on machine name, machine domain membership, IP address, operating system, user name, user domain membership, or user group name. Rules can be combined within a delivery to create a complex recipients list, see Creating Rules and Adding Rules to the Delivery.

Schedule — Define the date and time that the delivery is available for transmission to your users, see Scheduling a Delivery

Deliveries can also include the user support information defined in Configuration > Options in the Administrator Console, see Configuring Server Options. This information is the default data used to populate the Receiver for Windows Preference panel. If the delivery installation settings do not contain specific settings for these parameters.

You can copy an existing delivery and modify it accordingly or you can create a new delivery.

To create a new delivery

1. Select Deliveries > Current Deliveries in the Administrator Console. The list of current deliveries is displayed. If you have previously created one or more deliveries, the list of deliveries is displayed along with evaluation order, delivery status, and installation status. From this page you can create, copy, edit, delete, suspend, and resume deliveries.


Create a Delivery is displayed with the General page activated.

3. The process for defining delivery information is described in the following sections: Defining Installation and Installation Delivery Information

Adding Plug-ins to Deliveries

Configuring Plug-in Parameters



Next Steps?

Defining General and Installation Delivery Information


Configuring Plug-ins




3.1.5.3.3.1. Defining General and Installation Delivery Information

Updated: 2009-11-03

The delivery General tab contains delivery information and installation properties.

To add or edit general and installation delivery information

1. Click the General tab from within a delivery creation or editing process.

2. Enter the values for the fields defined in the following table:

Operating System Delivering plug-ins and/or configurations based upon operating system type. For example, a university could use this type of rule to deliver a plug-in that works on Windows XP and Windows Vista, but not on Windows 7, or only users of Windows XP and Windows Vista computers.

LDAP User Delivering plug-ins and/or configurations to specific users (no matter which computer they are on), and not to the computer itself. For example, a university could use this rule type to deliver specific capabilities to staff who user their personal computers in a BYOC program.

LDAP Group Delivering plug-ins and/or configurations to groups of users (no matter which computer they are on), and not to the computer itself. For example a university could create an LDAP group for all students taking a Computer Aided Drafting course hosted on a specific XenApp farm and allow only those students access to that farm.

Machine Name Delivering plug-ins and/or configurations where many people share the same machine and all need the same configuration to complete their tasks. For example, a university with different computer labs that cater to different educational programs, can use the machine name rule to deliver plug-ins to all machines that have a name that contains BLD200 so that all computers in the building 200 lab have the same capabilities.

IP Address Range Delivering plug-ins and/or configurations based upon a computer's IP address. For example, a university can configure this type of rule to deliver a specific configuration to students on a specific subnet and a different configuration to a faculty on a different subnet.

Default Delivery Delivering a default set of plug-ins and configurations where other more specific rules do not apply. For example, a university could deliver a limited set of services to any user of campus IT services who does not qualify for any extended or specialized services.

Field Description

Delivery Name This is a text field containing the delivery name.

Evaluation Order A single user may be a recipient of more than one delivery. If this is the case, the Evaluation Order determines which delivery the user receives. The delivery with the lowest evaluation number is delivered to the user. All other deliveries are ignored. Select a value from the drop-down list.

Default Delivery Selecting the Default Delivery checkbox designates the delivery as the default and as such, no rules can be defined. Users receiver the default delivery if they are not schedule to receiver any other delivery. Only one delivery can be designated as the default delivery.

Silent Install If this is enabled, the Receiver does not give the end user the opportunity to cancel or pause any part of the installaton.

User Help URL The URL to the user help system for the Receiver, which is accessed through the Receiver right-click menu or Preference panel. The default value, http://support.citrix.com/receiver/help/release/windows/en/User/Default.htm, is overwritten if a value is entered in this field.

Check for updates The numerical value in days. This value defines the Receiver interval for polling the Merchandising Server for delivery updates. A value in this field overrides the Polling Frequency value set in the Configurations > Options page.

Secure connectivity One of two options are available, always provide a secure connection or ask the user permission before providing a secure connection. This feature allows either the user to define connectivity through the Receiver Preferences or grays out the preference and makes it configured by the admin.

Completion text Enter the message you want displayed to the end user at installation completion for this delivery. The following table contains recommended text for the various access methods.

For user application and desktop access through: We recommend this text:

The Windows Start menu Your applications can be found on the Windows Start menu.

A custom folder name, [MyWorldco Apps], in the Windows Start menu Your applications can be found in the [MyWorldco Apps] Folder, on the Windows Start menu.



* URLs included in the Completion text for a delivery are not displayed to the user as hyperlinks.

3. Proceed to Adding Plug-ins to a Delivery.

Next Steps?


Configuring Plug-ins




3.1.5.3.3.2. Adding Plug-ins to a Delivery

Updated: 2009-09-30

The functionality for adding or removing plug-ins from a delivery is contained in the Plug-ins tab within the Create a Delivery or Edit a Delivery wizards, see Creating Deliveries.

To add plug-ins to a delivery

1. Click the Plug-ins tab In the Create a Delivery or Edit a Delivery page. The listing displays the name of the plugin, its version, the supported operating system and languages, and the plug-in action for this delivery.

2. Click Add at the bottom of the page.

3. Select the Action from the dropdown list at the top-right of the page. The possible options are Install and Uninstall

4. Select the checkbox for a each plugin you want added with this action.

5. Click Add at the top-left of the page (below the Action button).

Note: To include plug-ins with the alternate action, repeat steps 3 and 4 with the alternate action selected.

6. The Plug-ins listing now contains the added plug-ins. Proceed to Configuring Plug-in Parameters.

Next Steps?

Configuring Plug-in Parameters




3.1.5.3.3.3. Configuring Plug-in Parameters

Updated: 2009-09-30

The plug-in configuration information is different depending on the plug-ins that your have added to your delivery. For most plug-ins, the Config page contains fields to define each plug-in's server information.

To define the configuration parameters for your plug-ins

1. Click the Config tab.

a. If you are delivering the communications plug-in, enter the EasyCall Gateway IP address.

b. If you are delivering the online plug-in, enter the XenApp server IP address.

c. If you are delivering secure access plug-in, coordinate the values you enter here with your Access Gateway Appliance. Select either single or dual authentication by clicking Single or Dual and enter the field names to display in the log on page to your users.

Enter the Access Gateway Appliance host name and IP address. You can enter multiple host names here. The entries are added to the hosts file on your users' computers.

2. Proceed to Adding Rules to Deliveries.

Next Steps?




3.1.5.3.3.4. Adding Rules to the Delivery

Updated: 2009-09-30

Before adding rules to a new delivery, first create your rules as described in Creating Delivery Recipient Rules. You can add as many rules as you want to a delivery. Rules can be added using the Basic or Advanced functionality. In the Basic mode, rules can only be added using either the AND or OR operators, not both. With the Advanced mode, rules can be using both operators.

To add rules defining the recipients of a delivery

1. In the Create a Delivery (or Edit a Delivery) page, click the Rules tab.

2. To add rules in the basic mode:

a. Select Basic above and to the left of the rule listing.

b. Select the operator to use for combining your rules. The choices are AND or OR. In the basic mode, you can only select one type of operator.

c. Click Add at the bottom of the page. The Add Rule to Delivery page displays.

d. Select one or more of the rule checkboxes and click Add.

Note: You can also use the Search box to find your rules.

3. To add rules in the advanced mode:

a. Select the Advanced link. The advanced mode allows you to create blocks of rules. Rules within a block are AND'd and rule blocks are OR'd together, the combination of which defines the recipients for this delivery.

b. Click the link to add a rule. The Add Rule to Delivery page displays. Follow the same process as in the basic mode to add one or more rules to this rule block.

c. Click the link to add a new rule block. A new block in displayed in the Advanced page and the Add Rule to Delivery page again displays. Add the appropriate rule(s).

A XenApp icon on the user's desktop Your programs can be found by clicking the blue applications icon on your desktop.

A web interface * Your applications can be found by navigating to: [https:applications.worldco.com]

A URL (for XenDesktop virtual desktops) * To start your virtual desktop, navigate to: [https://XenDesktop.worldco.com].

Dazzle Use Dazzle to select your applications.



When you are done adding rules to your rule blocks, the Rules > Advanced page appears similar to this:In the graphic above, the result of an AND operation on the two rules in the first block are OR'd with the rule in the second block.

4. Proceed to the Schedule tab to complete the final step in delivery creation.

Next Steps?



3.1.5.3.3.5. Scheduling Deliveries

Updated: 2009-10-06

Scheduling the delivery is the last step in the delivery creation process. From the Schedule tab, you can define when the delivery is available to your end users.

To schedule a delivery

1. Click the Schedule tab from within a delivery creation or editing process.

2. In Schedule Delivery Start Time, select Now or Later. If you select Later, specify the Date and select the Time from the drop down list and specify AM or PM for the delivery. tab.

3. Click Schedule to complete the process.


Note: If you click Cancel on this page, none of your changes are saved. If you are in the process of editing an existing delivery, canceling will result in a roll back to the saved delivery configuration. If you are in the process of creating a new delivery, the new delivery is discarded and cannot be retrieved.

Removing Plug-in Files from the Merchandising Server

Updating Plug-ins

Redelivering Plug-ins

Removing Receiver for Windows and its Managed Plug-ins from your Client’s Device


3.1.5.3.4. Getting Delivery Status

Updated: 2009-09-30

The Reporting and Logging > Delivery Reporting page contains reporting information at three levels: delivery, plug-in, and user. The Delivery Reporting page shows a listing of all deliveries with their status, success statistics, the list of users who have installed the delivery, the user's computer information, installation status, and the list of the plug-ins included in the delivery.

The plug-in report contains an entry for each plug-in in the delivery and displays the plug-in version, action performed, platforms supported, configuration values, and a link to the plug-in's readme file.

The user report contains user name, delivery name, machine name, IP address, domain name, list of plug-ins installed and installation status. The user report also contains the functionality to redelivery the latest delivery or uninstall the Receiver and the plug-ins installed with this delivery. For more information on redelivery and uninstall, see Managing Plug-ins.

To view delivery report

1. Click on Reporting and Logging > Delivery Reporting in the Administrator Console to view the delivery report listing.

2. To view the summary delivery information, select the checkbox for a delivery and click View Delivery Report at the bottom of the page.

3. To view the plug-in report, click the View Full Details link in the delivery report title. The plug-in report contains delivery success statistics and detailed information on each plug-in.

4. To view the user report, in the delivery report listing:

a. Select Name from Search By dropdown list. The list of all users that have received a delivery is displayed.

b. Select the checkbox for the desired user.

c. Click View User Report at the bottom of the page.

The user name, delivery name, machine name, IP address, domain name, and plug-in installation status are displayed. This page also contains the functionality to redeliver and to uninstall the delivery, see Redelivering Plug-ins and Removing the Receiver and its Plug-ins.

Want more Information?


Removing the Receiver and its Plug-ins


3.1.5.3.5. Deploying Other Citrix Products and Features

Updated: 2009-10-16

You can deploy the following Citrix products and features with Receiver by scheduling the associated plug-in in a Merchandising Server delivery: Access Gateway

Other VPNs

EasyCall

Branch Repeater Acceleration

EdgeSight Monitoring

Profile Management


3.1.5.3.5.1. Deploying Access Gateway

Updated: 2009-10-07

The Access Gateway Enterprise Edition beginning with version 9.0 build 68.6 is closely integrated with Citrix Receiver. This is the same for the Access Gateway Standard and Advanced Edition client software beginning with version 4.6.1. When Citrix Receiver is deployed with the Access Gateway Secure Access Plug-in, Receiver automatically launches the logon page and prompts the user for credentials when it detects the need for secure communications.

To allow users to log on through Citrix Receiver, deploy Receiver and the Secure Access Plug-in by scheduling a delivery in the Merchandising Server Administrator Console or use the packager utility to create a bundled installer and place the installer on an external download page.

Note: Due to Access Gateway and plug-in compatibility requirements, after the Secure Access Plug-in is installed by Receiver, it continues to be automatically updated from the Access Gateway (not Receiver).

Tip: Beginning with the Access Gateway Standard and Enterprise Editions 4.6, users who do not have Receiver installed, can access the following link (after authenticating) to download the bundled Receiver and plug-ins: http://ec2-75-101-182-218.compute-1.amazonaws.com/index.html



If multiple appliances are deployed in multiple locations, Receiver allows users who are traveling to select the nearest location. To define more than one location for an Access Gateway Plug-in, add it to a delivery in the Merchandising Server, and on the Configuration tab of the delivery wizard (click Add a New Location). The new locations appear in the Citrix Receiver for Windows client under Advanced/Network Settings.

Also, you can use the Merchandising Server to choose which fields to display to your users when they need to create a secure connection to delivery services. You can choose either single or double-source authentication and specify labels for the associated logon fields.


3.1.5.3.5.2. Using other VPNs with the Receiver

Updated: 2009-09-30

Citrix Receiver is fully integrated with the Access Gateway Enterprise Edition and will automatically detect when a remote user needs a secure connection to access a company's internal network. If your remote users employ another VPN product, they need to obtain a secure connection with their alternate VPN product before utilizing the full functionality of Citrix Receiver.


3.1.5.3.5.3. Deploying Easy Call with the Receiver

Updated: 2009-09-30

Once EasyCall Gateway is configured, there are several ways to deliver EasyCall services to end users. The EasyCall client software, now called the Citrix communications plug-in, may be downloaded and installed by the user, streamed to the user's desktop as an offline application through XenApp, published to users as an online application again through XenApp (refer to EasyCall documentation for limitations), and deployed through the Merchandising Server as a Citrix Receiver compatible plug-in.

To deploy Citrix communications plug-in using Citrix Receiver, schedule the Citrix communication plug-in in a delivery and configure it to point to the EasyCall Gateway you configured with your telephone system.

Note: The EasyCall communication plug-in is large and may take several minutes to install.


3.1.5.3.5.4. Deploying Branch Repeater Acceleration

Updated: 2009-09-30

Citrix Acceleration Plug-in works in conjunction with one or more Repeater appliances located in data centers. To deploy the Citrix Acceleration Plug-in using Citrix Receiver, schedule the Citrix Acceleration Plug-in in a Merchandising Server delivery and configure it to point to the appropriate Repeater appliances. After it is installed by Citrix Receiver, the Acceleration Plug-in offers transparent and always-on functionality – end-users do not need to enable or disable the Acceleration Plug-in as they will not even know it is there.


3.1.5.3.5.5. Deploying EdgeSight Monitoring

Updated: 2009-09-30

To deploy the Service monitoring plug-in using Citrix Receiver schedule the Service monitoring plug-in in a Merchandising Server delivery and configure it to point to the appropriate EdgeSight server.


3.1.5.3.5.6. Deploying Profile Management

Updated: 2009-09-30

Profiles are a critical component to a seamless and positive user experience. It is important to select, design and implement any profile solution while ensuring a proper match with the business and user needs. Citrix recommends consulting your Citrix Partner to properly plan for and implement any Profile management solution.

Recommendations: Leveraging mandatory or roaming profiles first (including the use of Folder Redirection

If mandatory or roaming profiles do not fulfill your needs, evaluate and leverage Citrix Profile management

If mandatory, roaming or Profile management do not meet your needs, evaluate third-party solutions such as AppSense and RES

For best practice guidelines, see the following articles in the Citrix Knowledge Center: Best Practices (ctx119036)

User Profile Best Practices (XA5) (ctx120285)

User Profile Best Practices (CPS 4.5 and prior) (

To deploy the Citrix Profile Management plug-in using Citrix Receiver schedule the Citrix Profile Management plug-in in a delivery.


3.1.5.4. Managing Plug-ins and Deliveries

Updated: 2009-09-30

The management tasks for plug-ins include: Removing plug-ins from the Merchandising Server.

Removing a delivered plug-ins from your user's computer.

Getting plug-ins updates.

Redelivering, suspending, and restoring deliveries.


3.1.5.4.1. Updating Plug-ins

Updated: 2009-10-13

You download Citrix plug-in updates to the Merchandising Server from the Plug-ins > Get New page in the Administrator Console. Once the plug-in updates are loaded onto the Merchandising Server, they are available for inclusion in a delivery.

Note: If users are inside a firewall, the Merchandising Server updates the secure access plug-in. Remote users are updated the first time they encounter the Access Gateway directly from the Access Gateway.

To add an updated plug-in to a delivery:

1. Follow the process to download the latest updates from the Citrix Update Service, see Downloading Plug-ins to the Merchandising Server.

2. To add the plug-in update to an existing delivery:



a. Select the delivery checkbox in the delivery listing at Deliveries > Deliveries.

b. Click on the Plug-ins tab.

c. Select the obsolete plug-in checkbox in the plug-in listing.

d. Click Delete. Click Add and follow the process described in Adding Plug-ins to a Delivery to add the updated plug-in.

3. To create a new delivery with the updated plug-in, follow the process described in Creating Deliveries.






3.1.5.4.2. Redelivering Plug-ins

Updated: 2009-10-13

Redelivery is intended to fix any installation problems that may have occurred with the original delivery. The redelivery process first removes and then re-installs the plug-ins on the recipient's computer.

To redeliver the latest installation on a user's computer:

1. In the Administrator Console, select Reporting and Logging > Delivery Reporting.

2. Select Name in the Search By dropdown list. The list of user names is displayed. You can also search by Machine Name. Domain name, or IP Address.

3. Select the checkbox for the desired user name in the user listing and click View User Report.

Note: You only need to enter the first few letters of the criteria in the Search text box to retrieve viable results.

4. Click Redeliver. The originally delivered plug-ins are removed and re-installed on this user's device.





3.1.5.4.3. Removing Plug-in Files from the Merchandising Server

Updated: 2009-09-30

You remove plug-ins from the Merchandising Server through Plug-ins > Uploaded Plug-ins in the Administrator Console.

You cannot remove a plug-in that is part of an active delivery. If you attempt to delete a plug-in that is part of an active delivery, you receive a message stating that this plug-in cannot be removed because it is part of an active delivery and listing the active deliveries that contain this plug-in. See Creating Deliveries for more information on active deliveries.

To remove plug-in files from the Merchandising Server

1. In the Administrator Console, click Plug-ins > Uploaded Plug-ins.

2. Select the button for the plug-in you want to remove from the Merchandising Server.

3. Click Delete.


Updating Plug-ins




3.1.5.4.4. Removing the Receiver and its Plug-ins

Updated: 2009-10-14

You can completely remove an installation of Receiver and all of its managed plug-ins from a user's computer through the User Delivery Reports in Reporting and Logging > Delivery Reporting.

Important: The user will no longer have access to any plug-ins that were previously installed as they are uninstalled during this process.

1. In the Administrator Console, click Reporting and Logging > Delivery Reporting.

2. Select User from the Search By dropdown list.

3. Select the checkbox for the user’s name and click View User Report.

4. Click Uninstall.




Updating Plug-ins


3.1.5.5. Maintaining the Merchandising Server

Updated: 2009-09-30

Use the XenCenter console in XenServer to perform maintenance tasks on Merchandising Server.

To upgrade Merchandising Server, selectConfigurations > Upgrade on the administrator console.


3.1.5.5.1. Upgrading the Merchandising Server Software

Updated: 2009-10-06

Upgrade Merchandising Server through Configurations > Upgrade Server in the Administrator Console.



To upgrade your Merchandising Server

1. Download the Merchandising Server upgrade file from http://mycitrix.com to your local computer.

2. Log onto the Administrator Console with administrator permissions and select Configuration > Upgrade Server.

3. Click Browse to locate the upgrade file on your local computer and click Upgrade.

4. Click Yes in the confirmation popup to continue with the upgrade. While the upgrade file is copied to the server, the Administrator Console Upgrade Server page will display a spinning icon and the page will be grayed out.

5. Once the file is copied to the server, the upgrade process begins. The status window contains a message stating that the server is upgrading and to return later.

The upgrade process takes between 5 and 10 minutes to complete depending on your server configuration. The Merchandising Server is restarted when the upgrade is completed and you can log back into the Administrator Console.


3.1.5.5.2. Changing the Server Network Settings

Updated: 2009-09-30

XenCenter contains the functionality for changing your Merchandising Server IP address, the host name, netmask, gateway, and domain name system settings. It also contains the diagnostic capabilities to ping a server, traceroute, turn SSH on, and set the root password. If you are not familiar with using the XenCenter, refer to Importing the Virtual Appliance.

Note: The Merchandising Server does not support DHCP.


2. In the XenCenter navigation frame, click your Merchandising Server VM.

3. Click the Console tab. The Network Configuration Utility opens.

4. Enter the numerical values as directed on the screen to establish the IP address, netmask, default gateway, and a DNS server for this server.

a. Enter 1 to change the host name.

b. Enter 2 to change the IP address.

c. Enter 3 to change the netmask.

d. Enter 4 to change the gateway.

e. Enter 5 to change the domain name.

f. Enter 9 to save your changes.

Note: An asterisk is displayed by each setting that you have changed but not saved.

The system reboots after saving the changes.

5. Enter 8 to troubleshoot the server with this utility. If you have not saved your changes, the changes will be discarded when you enter the diagnostic level. Enter 'y' to continue to the diagnostic menu.

a. Enter 1 to ping an IP address.

b. Enter 2 to perform a traceroute.

c. Enter 3 to turn ssh on.

d. Enter 4 to set the root password.

e. Enter 8 to update XenTools - selecting this options will cause the system to reboot.

f. Enter 0 to return to the main menu.

6. Enter uppercase 'R' to reset all of the settings to the original factory settings.

Important: Once you reset to the original settings, you have to reconfigure all of the network settings to access the Merchandising Server.


Importing the Virtual Appliance



3.1.5.5.3. Ensuring Merchandising Server High Availability

Updated: 2009-09-30

The Merchandising Server may be deployed as a single server. If the Merchandizing Server becomes unavailable or is removed from service temporarily, users will be largely unaffected. However new users will not be able to download Receiver and have their computers configured and will not receive scheduled updates until the Merchandising Server is restored.

If your require higher availability, the simplest and easiest method is to use the capabilities provided by XenServer. XenServer can be configured with automated high-availability protection allowing virtual machines on a failed host to automatically restart on another physical server according to priority. Citrix Essentials for XenServer provides a range of high-availability capabilities, from automatic restart of hosts and virtual machines after a hardware failure to full fault tolerance of hardware and applications. A key advantage to this approach is that only a single Merchandizing Server needs to be configured. See How to Configure High Availability in XenServer 5.0 (CTX118545) in the Citrix Knowledge Center for more details.


3.1.5.5.4. Ensuring Merchandising Server Fault Tolerance

Updated: 2009-09-30

If you are deploying regional Merchandising Servers to streamline Receiver installations and deliveries, you may want to use Global Server Load Balancing (GSLB) for disaster recovery and protection against failures in the Merchandising Server.

GSLB directs client requests to the closest data center, or to surviving data centers in case of an outage, and balances the load across the remaining data centers.

To use GSLB with the Merchandising Server, you must ensure that each Merchandising Server is identically configured and you need to be aware that under failure conditions users are prompted for their credentials to receive updates each time they are routed to a different Merchandising Server. There is currently no way to automatically synch all the Merchandising Servers in a GSLB environment. This must be done manually.

See the Citrix NetScaler Traffic Management Guide (CTX119200) in the Citrix Knowledge Center for instructions about setting up GSLB.

To use GSLB with multiple Merchandising Servers:

1. Disable HTTPS Redirection on the Merchandising Servers. See Configuring the Merchandising Server for this procedure in the Citrix Merchandising Server Administrator's Guide.

2. Set up Global Server Load Balancing (GSLB) See Global Server Load Balancing in the Citrix NetScaler Traffic Management Guide (http://support.citrix.com/article/ctx119200 for this procedure. When setting up your GSLB servers:

a. Use the SSL protocol for the GSLB virtual server(s) you create on each of the NetScaler appliances. This allows the NetScaler appliances to host the SSL server certificate used to access the Merchandising Server Download and appliance pages. For example: merchserver.acme.com.

b. Use HTTP service type when creating the GSLB services on the NetScaler appliances.




3.1.5.5.5. Backing Up the Merchandising Server

Updated: 2009-09-30

Use the functionality provided with your XenServer and XenCenter to create a backup of your Merchandising Server. Follow the documentation provided with these products.


3.1.5.5.6. Starting and Stopping the Server

Updated: 2009-09-30

Use the functionality provided with your XenServer and XenCenter to perform server shutdowns and restarts. Follow the documentation provided with these products.


3.1.5.6. Auditing Administrative Actions

Updated: 2009-10-12

The user with auditor permissions can view Audit Trail reports and grant Auditor permissions to other users. The Audit Trail report logs the actions that every administrators performs in the Administrator Console. The Audit Trail report file is a .csv file that can be downloaded or viewed from the Administrator Console. The .csv file contains Date, User name, Action type, Area affected, and Item affected columns.

For instructions on granting permissions, see Granting Administrator and Auditor Permissions.


3.1.5.6.1. Logging on as Auditor

Updated: 2009-10-16

Auditor permissions allow access two features within the Administrator Console: viewing audit trail and granting auditor permissions. Only a user logged in with Auditor or root permissions can grant Auditor permissions.

To log on as an auditor:

1. In a web browser, enter the URL for the Administrator Console. It is similar to http://[serverAddress]/appliance. Where serverAddress is the Merchandising Server IP address or the host name.

2. Enter the your user name and password and then click Log on. User name: Your Active Directory user account name. Enter the user name in the form of domain\username.

Password: Your Active Directory login password.

Note: Your credentials are case sensitive.

The Administrator Console opens. With the Audit Trail selection criteria active.

You can now view the audit trail and grant users auditor permissions.

Next Steps?

Viewing the Audit Trail



3.1.5.6.2. Viewing the Audit Trail

Updated: 2009-10-13

The audit log captures all events that every administrator performs. This includes:

All actions performed in the Plug-in node.

All actions performed in the Deliveries node.

All actions performed in the Configurations node.

All changes to the root passwords.

All logons to the Administrator Console.

1. Log in to the Administrator Console with auditor permissions.

2. Select Reporting and Logging > View Audit Trail.

3. Enter the dates that define the range of time you wish to view.

4. Click Export to .csv.

5. The Opening Audit Trail popup gives you the options to view the file or save it to your desktop. Select the appropriate option and click OK.

Next Steps?

Logging on as Auditor

Granting Auditor Permissions


3.1.5.7. Troubleshooting

Updated: 2009-09-30

There are six mechanisms within the Administrator Console to assist your troubleshooting efforts:

Triggering the retrieval of client log files - Triggering Retrieval of Client Log.

Enabling system debug logging - Enabling System Debug Logging.

Enabling user debug logging - Enabling End User Debug Logging.

Viewing debug log files - Viewing Debug Logs.

View client log files - Viewing Client Logs.

Changing the location of the Merchandising Server on the user client device - Changing Merchandising Server Location.


3.1.5.7.1. Enabling System Debug Logging

Updated: 2009-09-30



You can turn-on system level debugging, which logs all system background activities through Reporting and Logging > Enable /Disable Logging in the Administrator Console. Once you have enable system level debugging, you can view the debug log file through Reporting and Logging > View Log Files. The system activities are posted to the log file until you disable debugging.

To enable system debugging:

1. Select Reporting and Logging > Enable / Disable Logging in the Administrator Console.

2. Click Enable System Logging at the bottom of the page.

3. Click Confirm in the configuration popup to process the request.

4. Click Close in the operation completion popup to complete the process.

All system activities will be posted to the log file on the server until you disable system debugging. To view the debug log file, see Viewing Debug Files.


Changing Merchandising Server Location

Triggering Collection of Client Log File

Viewing Debug Files


3.1.5.7.2. Enable User Debug Logging

Updated: 2009-09-30

You can enable system debug logging at the user level through Reporting and Logging > Enable / Disable in the Administrator Console. If you enable this feature, all actions taken by the Receiver for the specified user are captured and logged. You can view the debug log files through Reporting and Logging > View Log Files, see Viewing Debug Log Files.

1. Select Reporting and Logging > Enable / Disable Logging in the Administrator Console.

2. Select the checkbox for the users for which you want to enable debug logging.

3. Click Enable User Logging at the bottom of the page.

4. Click Confirm in the configuration popup to process the request.


All activities on behave of the specified end user are continually posted to the appliance.log file on the server until you disable end user debugging.



Triggering Collection of Client Log File

Viewing Debug Log File


3.1.5.7.3. Triggering the Collection of Client Log Files

Updated: 2009-09-30

You can trigger the retrieval of a client’s log file through Reporting and Logging > Enable / Disable Logging. Once you have triggered collection, the log file from the specified client device is retrieved the next time Receiver for Windows gets an update. This is a one time only action, meaning the log file that is on the user’s client device at the time of the retrieval request is sent to the server; log files are not continuously sent.

To trigger the retrieval of log files from an client’s device:

1. In the Administrator Console, select Reporting and Logging > Enable / Disable Logging.

2. Select the checkbox by the user’s name. Alternatively, you can search for the user by name:

a. Enter the first few characters of the user’s first or last name in the Search field.

b. Click Search.

c. Select checkbox for user name.

3. Click Trigger Client Log Collection.

4. Click Confirm in the confirmation popup to process the request.


The log files are retrieved the next time the user’s Receiver for Windows gets an update from the Merchandising Server.


Viewing Client Log Files


Enabling of System Debug Logging

Viewing Debug Files


3.1.5.7.4. Viewing Client Log Files

Updated: 2009-09-30

Once you have triggered the retrieval of log files from a client’s device, you can access the log files through Reporting and Logging > View Log Files.

To view the log files retrieved from a client’s device

1. In the Administrator Console, click Reporting and Logging > View Log Files.

2. Select the checkbox for the user and click Download Client Log.

3. The Open file popup requests you to select whether you want to open the file or save it to your desktop. To view the ErrorLog.xml file, choose Open and select the application to open it. The ErrorLog.xml opens and look similar to the following image:



Enabling System Debug Logging

Viewing Debug Files


3.1.5.7.5. Downloading the Debug Log Files

Updated: 2009-09-30

Once you have enabled debugging at either the user or system level, you can download the log files through Reporting and Logging > View Log Files.



To download the server log files

1. In the Administrator Console, click Reporting and Logging > View Log Files.

2. Click Download Server Logs at the bottom of the page.

3. Select the checkboxes for files you want to download from the Download Server Logs popup.

4. Click Download Logs.

5. Click Save File, provide file save location, and click Save. The compressed zip file is saved to the location you entered. Decompress the file for viewing.


Viewing Client Log Files


Enabling System Debug Logging

Triggering Collection of Client Log Files


3.1.5.7.6. Changing the Merchandising Server Location

Updated: 2009-09-30

Important: Changes to the server location can interrupt the delivery of plug-ins to your clients.

Receiver for Windows fetches updates from the Merchandising Server whose location is defined in the Receiver.cfg file located in the Receiver for Windows installation directory on the client’s device. For a standard installation this is located at C:\Program Files\Citrix\Receiver\Receiver.cfg.

The Receiver.cfg contains only one line of text which is the Merchandising Server address, as an example:

https://[ServerAddress]/appliance/services/applianceService/

Where: ServerAddress is either the Merchandising Server domain name or IP address.


3.1.5.8. Metadata Reference

Updated: 2009-09-30

The metadata files are the means by which deliveries are made to your users without requiring user interaction. Each plug-in install file is paired with a metadata file that contains all of the properties and commands required to ensure proper installation while minimizing or eliminating user involvement.

When you select a plug-in for delivery, you are actually selecting both the install and the metadata files for the given plug-in. The metadata files for each plug-in come preconfigured for you and don't require modification. However, if you wish to edit the metadata files, the metadata schema and a sample metadata file are provided in this section.


3.1.5.8.1. Metadata Schema

Updated: 2009-09-30

The metadata file for an installer is an xml file that defines the properties for each of the applications present in the installer file.

Note: We recommended that if you edit a metadata file, you should validate it against the schema shown here using one of many available XML Schema verification tools. The schema is available for download from the Citrix support web site.

The metadata file has the following schema:

<xs:schema xmlns="http://www.citrix.com/AppReceiver" elementFormDefault="qualified" targetNamespace="http://www.citrix.com/AppReceiver" id="metadata" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="metadata"> <xs:complexType> <xs:sequence> <xs:element minOccurs="1" maxOccurs="100" name="plugin" type="pluginListType" /> </xs:sequence>  <xs:attribute default="1.0" name="versions" type="xs:token" user="optional" /> </xs:complexType> </xs:element> <xs:complexType name="pluginListType"> <xs:all>  <xs:element name="platforms" type="platformTypeList" minOccurs="1" />  <xs:element name="version" type="versionType" />  <xs:element name="EULAlocation" type="xs:anyURI" minOccurs="0" />  <xs:element name="autoInstall" type="arUpdatingInstallType" />  <xs:element name="autoUninstall" type="arInstallType" minOccurs="0" />   <xs:element name="autoUpgrade" type="arUpdatingInstallType" minOccurs="0" />  <xs:element name="adminOptions" type="installationAdminPrivsType" default="none" />  <xs:element name="installOnce" type="xs:boolean" default="false" minOccurs="0" />



 <xs:element name="installerFilename" type="xs:string" />  <xs:element name="installerOptGUI" type="commonInstallerOptGUIListType" minOccurs="0" />  <xs:element name="pluginDescriptions" type="pluginDescriptionListType" />  <xs:element name="pluginLanguages" type="languageTypeList" minOccurs="1" />  <xs:element name="detectCurrentVersionRulesList" type="detectCurrentVersionType" minOccurs="0" />  <xs:element name="functionalDependencies" type="dependencyList" minOccurs="0" />  <xs:element name="installationDependencies" type="dependencyList" minOccurs="0" />   <xs:element name="fullPlugin" type="xs:boolean" default="true" minOccurs="0" />  <xs:element name="configuration" type="configType" minOccurs="0" />  <xs:element name="READMElocation" type="xs:anyURI" minOccurs="0" />  <xs:element name="localisedProductNames" minOccurs="0"> <xs:complexType> <xs:sequence> <xs:element minOccurs="1" maxOccurs="50" name="productName" type="localisedStringType" /> </xs:sequence> </xs:complexType> </xs:element>  <xs:element name="installerTrueExitCodePath" type="xs:string" minOccurs="0" />  <xs:element name="installerDetailExitMessagePath" type="xs:string" minOccurs="0" />  <xs:element name="pluginSupportsAdvancedMenuOptions" type="xs:boolean" default="false" minOccurs="0" />  <xs:element name="deinstallPredecessor" minOccurs="0"> <xs:complexType> <xs:sequence> <xs:element name="range" minOccurs="1" maxOccurs="100" /> <xs:complexType> <xs:attribute name="min" type="xs:string" use="optional" /> <xs:attribute name="max" type="xs:string" use="optional" /> </xs:complexType> </xs:element </xs:sequence> </xs:complexType> </xs:element>  <xs:element name="runningAllTheTime" type="xs:boolean" minOccurs="0" />  <xs:element name="incompatiblePlugin" minOccurs="0"> <xs:complexType> <xs:sequence> <xs:element name="plugin" type="guid" minOccurs="1" maxOccurs="50" /> </xs:sequence> </xs:complexType> </xs:element> </xs:all> <xs:attribute name="product" use="required" type="guid" /> <xs:attribute name="productName" use="required" type="xs:string" />  <xs:attribute name="appReceiverComponent" type="xs:boolean" default="false" use="optional" /> </xs:complexType>  <xs:simpleType name="guid">



<xs:restriction base="xs:string" >  <xs:pattern value="[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}" />  <xs:pattern value="[0-9a-fA-F]{32}" /> </xs:restriction> </xs:simpleType>  <xs:simpleType name="installationAdminPrivsType"> <xs:restriction base="xs:normalizedString">  <xs:enumeration value="demand" />  <xs:enumeration value="prefer" />  <xs:enumeration value="none" /> </xs:restriction> </xs:simpleType>  <xs:simpleType name="platformTypeList" > <xs:list> <xs:simpleType> <xs:restriction base="xs:string"> <xs:enumeration value="XP"/> <xs:enumeration value="XP64"/> <xs:enumeration value="Vista"/> <xs:enumeration value="Vista64"/> <xs:enumeration value="WS08"/> <xs:enumeration value="WS08_64"/> <xs:enumeration value="2K3"/ <xs:enumeration value="2K364"/> <xs:enumeration value="Win7"/> <xs:enumeration value="Win764"/> <xs:enumeration value="WS08R2"/> <xs:enumeration value="WS08R2_64"/> <xs:enumeration value="Tiger"/> <xs:enumeration value="Leopard"/> <xs:enumeration value="SnowLeopard"/> </xs:restriction> </xs:simpleType> </xs:list> </xs:simpleType>  <xs:simpleType name="languageTypeList" > <xs:list itemType="xs:language" /> </xs:simpleType>  <xs:complexType name="arInstallType" > <xs:sequence minOccurs="1" maxOccurs="1"> <xs:sequence>  <xs:element minOccurs="1" maxOccurs="50" name="command" type="localisedStringType" /> </xs:sequence> <xs:sequence>  <xs:element minOccurs="0" maxOccurs="50" name="commandParameters" type="localisedStringType" /> </xs:sequence> <xs:sequence>  <xs:element name="silentSwitch" type="xs:string" minOccurs="1" maxOccurs="1"/> </xs:sequence> </xs:sequence> <xs:attribute name="reboot" type="xs:boolean" use="optional"/> </xs:complexType>  <xs:complexType name="arUpdatingInstallType" > <xs:complexContent > <xs:extension base="arInstallType" > <xs:sequence>  <xs:element name="startAfterInstall" type="xs:boolean" minOccurs="0" />  <xs:sequence minOccurs="0" maxOccurs="50"> <xs:element name="autoStart" type="autoStartType" /> </xs:sequence>  <xs:element name="lessSilentSwitch" type="xs:string" minOccurs="0" /> </xs:sequence>  <xs:attribute name="deinstallPredecessors" type="xs:boolean" default="false" use="optional"/>  <xs:attribute name="canUpgradeWhilePluginRunning" type="xs:boolean" default="false"/> </xs:extension> </xs:complexContent> </xs:complexType>  



 <xs:complexType name="autoStartType" > <xs:sequence> <xs:choice minOccurs="1" maxOccurs="50" > <xs:element name="startupMenu" type="xs:string" /> <xs:element name="startupRunKey" type="xs:string" /> </xs:choice> </xs:sequence> </xs:complexType>     <xs:complexType name="commonInstallerOptGUIListType" > <xs:sequence> <xs:element name="config" type="commonInstallerOptGUIConfigEntry" minOccurs="1" maxOccurs="100" /> </xs:sequence> </xs:complexType> <xs:complexType name="commonInstallerOptGUIConfigEntry" > <xs:sequence> <xs:element name="InstallerOpt" type="commonInstallerOptGUIType" minOccurs="1" maxOccurs="100" /> </xs:sequence> <xs:attribute name="varname" type="xs:string" use="required"/> </xs:complexType> <xs:complexType name="commonInstallerOptGUIType" > <xs:sequence> <xs:element name="description" type="xs:string"/> </xs:sequence> <xs:attribute name="language" type="xs:language" /> </xs:complexType>   <xs:complexType name="pluginDescriptionListType" > <xs:sequence> <xs:element name="descriptions" type="pluginDescriptionType" minOccurs="1" maxOccurs="100" /> </xs:sequence> </xs:complexType>  <xs:complexType name="pluginDescriptionType" > <xs:sequence> <xs:element name="description" type="xs:string"/> <xs:element name="shortdescription" type="xs:string"/> </xs:sequence> <xs:attribute name="language" type="xs:language" use="required"/> </xs:complexType>  <xs:complexType name="dependencyList" > <xs:sequence> <xs:element name="dependency" type="dependencyType" minOccurs="1" maxOccurs="100" /> </xs:sequence> </xs:complexType> <xs:complexType name="dependencyType"> <xs:attribute name="id" type="guid" use="required" /> </xs:complexType>  <xs:complexType name="detectCurrentVersionType" > <xs:sequence> <xs:element minOccurs="1" maxOccurs="100" name="detectRule"> <xs:complexType> <xs:simpleContent> <xs:extension base="xs:string"> <xs:attribute name="ignoreAfterVer" type="xs:string" use="optional" /> </xs:extension> </xs:simpleContent> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType>   <xs:complexType name="localisedStringType"> <xs:simpleContent> <xs:extension base="xs:string"> <xs:attribute default="en" name="lang" type="xs:language" use="optional" /> </xs:extension> </xs:simpleContent> </xs:complexType>  <xs:complexType name="configType"> <xs:sequence> <xs:element minOccurs="1" maxOccurs="100" name="value" type="configElementType" /> <xs:element name="introText" minOccurs="0"> <xs:complexType> <xs:sequence> <xs:element minOccurs="1" maxOccurs="50" name="intro" type="localisedStringType" /> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType>  <xs:complexType name="configElementType"> <xs:choice minOccurs="1" maxOccurs="1"> <xs:element name="string" type="valueStringType" /> <xs:element name="bool" type="valueBoolType" /> <xs:element name="list" type="valueListType" />



<xs:element name="upload" type="valueFileUploadType" /> </xs:choice> <xs:attribute name="name" type="xs:string" use="required" /> </xs:complexType>  <xs:simpleType name="enforceTypesSet"> <xs:list> <xs:simpleType> <xs:restriction base="xs:string"> <xs:enumeration value="http" /> <xs:enumeration value="https" /> </xs:restriction> </xs:simpleType> </xs:list> </xs:simpleType>  <xs:complexType name="valueStringType"> <xs:sequence> <xs:element minOccurs="1" maxOccurs="50" name="prompt" type="localisedStringType" /> </xs:sequence> <xs:attribute name="required" type="xs:boolean" use="optional" default="false" /> <xs:attribute name="enforceType" type="enforceTypesSet" use="optional" /> <xs:attribute name="passwordField" type="xs:boolean" use="optional" /> <xs:attribute name="defaultValue" type="xs:string" use="optional" /> <xs:attribute name="example" type="xs:string" use="optional" /> </xs:complexType>  <xs:complexType name="valueBoolType"> <xs:sequence> <xs:element minOccurs="1" maxOccurs="50" name="prompt" type="localisedStringType" /> </xs:sequence> <xs:attribute name="initialValue" type="xs:boolean" use="optional" /> </xs:complexType>  <xs:complexType name="valueListType"> <xs:sequence> <xs:element minOccurs="1" maxOccurs="50" name="prompt" type="localisedStringType" /> </xs:sequence> <xs:attribute name="required" type="xs:boolean" use="optional" default="false" /> <xs:attribute name="enforceType" type="enforceTypesSet" use="optional" /> <xs:attribute name="example" type="xs:string" use="optional" /> </xs:complexType>  <xs:complexType name="valueFileUploadType"> <xs:sequence> <xs:element minOccurs="1" maxOccurs="50" name="prompt" type="localisedStringType" /> </xs:sequence> <xs:attribute name="required" type="xs:boolean" use="optional" default="false" /> </xs:complexType> </xs:schema>


3.1.5.8.1.1. Attribute and Element Descriptions

Updated: 2010-02-23

New Elements in Release 1.1

The following elements are introduced in release 1.1. version - The main plug-in element has a new string attribute version. This is declared as optional for backward compatibility, however to ensure correct operation if you depend upon 1.1 features, you should declare this and set it to "1.1".

configuration - A major Receiver 1.1 feature is the support of configuration updates that can be specified in the Administrator Console and passed down to the plug-in via an SDK entry callback. The config to be supported can be simple and specifiable as explicit entries to be shown in the admin console, or 'advanced' implying that a file will be uploadable to the admin console. The configuration section describes the UI entries that are required. It describes one or more elements, to be shown in the order specified in the metadata file and consisting of either strings, bools, lists or uploads. For each of these config values, they have a name to distinguish entries once passed to the client and an admin facing prompt description which can be repeated in localised forms as appropriate (distinguished by lang attributes).

string entries - Simple string entry. Takes the following attributes.

required - If true then data must be entered in this field. Default:false.

enforceType - Currently the valid enforcement types are http or https which will enforce the appropriate URL forms.

passwordField - Don't echo output.

defaultValue - A string used to pre-populate the config GUI. If the admin leaves it untouched (or even if they clear the field for some reason), this value will be used. If the admin changes the value to a new one, the new value will be used.

example - The example text will be shown alongside the entry box.

bool entries - Simple bool entry. Takes the following attribute. initialValue - Default state of the bool.

list entries - A repeated set of strings. Has the required, enforceType and example attributes as defined above.

upload entries - A file upload box for advanced settings. Takes the required attribute. As well as the values, you can also include a introText element that contains text that describes the configuration section helping the admin understand how to fill out the fields.

An example configuration section follows:

<configuration> <value name="SampleBool"> <bool initialValue="false"> <prompt lang="en">True or false</prompt> <prompt lang="fr">Vrai ou faux</prompt>



</bool> </value> <value name="SampleString"> <string enforce="true" enforceType="http" example="http://showcasesample.citrite.net" > <prompt lang="ja">Please enter http URL</prompt> </string> </value> <value name="secondBool"> <bool initialValue="true"> <prompt lang="de">Damen oder Herren?</prompt> <prompt lang="zh-chs">Do you know this language?</prompt> </bool> </value> <value name="AdvancedSettingsFileUpload"> <upload required="true"> <prompt lang="en">Enter File Location</prompt> <prompt lang="it">Entri nella posizione della lima</prompt> </upload> </value> <value name="SampleList"> <list enforce="true" blankIsValid="true" enforceType="https"> <prompt lang="en">Enter a set of https URLs</prompt> <prompt lang="fr">Entrez ensemble URL de https</prompt> </list> </value> <introText> <intro>Some config values for you to configure with useful configurations of your local configuration values</intro> <intro lang="fr">ce figuier est une fraude</intro> </introText> </configuration>

Note that at the client end, this would result in data being passed to the client callback in the following form:

<configuration> <bool name="SampleBool">true</bool> <string name="SampleString">the string entry</string> <bool name="secondBool">true</bool> <upload name="AdvancedSettingsFileUpload">base 64 encoded file contents</upload> <list name="SampleList"> <entry>list entry 1</entry> <entry>list entry 2</entry> <entry>list entry 3</entry> <list> </configuration>

READMElocation - Is a URL to a plug-in release README file (if available). The intention is that, if set, this will be made available as a link in the admin console.

installerTrueExitCodePath - Installer Alternative Exit Code location. If set Receiver will lookat a reg DWORD value of this path for the true exit code of the installer. Copes with MetaInstaller wrappers that throw away exit codes. HKLM paths only supported. In V1.0 we looked at a hardwired location for this information (to support streaming installer). Flagging it in Metadata adds more control to this operation.

deinstallPredecessorRange - DeInstallPredecessor ranges: to meet the conditions like the Desktop Receiver upgrade failure case. If the version of the currently installed plug-in is in this range then upgrade is invalid and the plug-in will be reinstalled (uninstall / install).

installerDetailExitMessagePath - Installer Alternative Exit Message location. If set, Receiver will look at a reg string value of this path for any extra detail on the cause of an installer exiting with the opaque 'Fatal Installer Error' code. HKLM paths only supported. Examples here might be the Online App plugin bailing on detecting a prior Desktop Receiver installer or Streaming not installing on a FAT filesystem.

Example Metadata. Note that if min is ommitted then the range is defined as ver 0 to the max value. If max is omitted then the range is defined as all versions greater than that min value.

<deinstallPredecessor> <range min="10.9" max="11.0"></range> <range max="6.3"></range> </deinstallPredecessor>

runningAllTheTime - Running all the time: is it normal that a plug-in is active & able to report status (as say online / offline normally are) or is it OK that it may not be active all the time (eg Dazzle).

incompatiblePlugin - Incompatible Plugin: To cope with the case where multiple plugins perform the same role (eg PNA and Anthem). Would stop them being deployed together in same Delivery, or at least generate a warning. This is a list of guid entries.

Localisation Additions

localisedProductNames - In the (rare!) event of the plug-in product names being localised add a list of the localised names here.

localisedInstall - In the event that a localised install implies a different command line, command line parameter set or start menu shortcut name, you can now add these overrides under their default (en) entries.

Example:

<autoInstall reboot="false"> <command>msiexec /I $INSTALLERFILENAME $SILENTSWITCH $PARAMETERS</command> <command lang="fr">msiexec /I $INSTALLERFILENAME /leplumedematant</command> <commandParameters>ENABLE_SSON=Yes ALLOW_REBOOT=No SERVER_LOCATION=$ServerLoc REBOOT=ReallySuppress</commandParameters> <commandParameters lang="de">MeineHoseIstAbgereist=TRUE ALLOW_REBOOT=NO</commandParameters> <silentSwitch>/qn</silentSwitch> <startAfterInstall>false</startAfterInstall> <autoStart> <startupMenu>Citrix XenApp.lnk</startupMenu> <startupMenu lang="fr">Citrix XenFrappe.lnk</startupMenu> </autoStart> <lessSilentSwitch>/qb</lessSilentSwitch> </autoInstall>

Elements in Release 1.0

The follow describes the metadata schema for release 1.0.

productName attribute — Name (friendly name).

version element — Version (major / minor / build / custom). Between 1 and 4 numeric entries, separated by dots.

Type attribute — this is the GUID that identifies the particular plug-in. The metadata author should generate a GUID and then stick with it for future releases.

platforms element — List of platforms that the plug-in supports (XP, XP64, Vista, Vista64, MacOS).

pluginLanguages element — List of languages that the plug-in supports (standard locale encodings).



pluginDescriptions element — User Informed Consent Information (potentially in several languages). description of what the plug-in is used for and any relevant disclosure information (eg. Installs kernel components).

An abbreviated shortdescription used for summary display

command lines for Install, Upgrade & Uninstall — The basic command line sets out the structure of installer command, parameters and switches to turn off (or down) the UI. To help Citrix Receiver select the relevant portions required for different install contexts the structure should include the following tokens:

$INSTALLERFILENAME — will be replaced by the installer name once downloaded to the client.

$SILENTSWITCH — placeholder to be replaced by a switch to suppress installer UI. All variants of the command line can take a silentswitch element (eg /qn for msiexec). Upgrade can also take a lessSilentswitch element which is used in case an upgrade needs to prompt the user to close down running apps (and/or the plug-in itself). If the fully silent form returns a failure, Citrix Receiver will then run the ëless silentí form of the upgrade.

$PARAMETERS — used to specify local environment specific parameters to the install.

Where a parameter needs filling for the environment with a piece of configuration information (eg Server URL for PNAgent), Citrix Receiver can generate GUI within the admin tool to prompt for that information. The installerOptGUI element of the metadata should support this by specifying:

The Information Prompt (eg Server URL) and a "variable" key which corresponds to part of the unattended install line. As an example, the unattended install line may contain SERVERURL=$ServerLoc.

There is then the related description section (supporting multiple languages) for that variable

As an example:

<installerOptGUI varname="ServerLoc"> <InstallerOpt language="en"> <description>Address of the WI server hosting XenApp PNA site </description>

Example of command line

msiexec /I $INSTALLERFILENAME $SILENTSWITCH $PARAMETERS

canUpgradeWhilePluginRunning - Should the Upgrade not be suitable for running whilst a plug-in is active then set the canUpgradeWhilePluginRunning attribute on the upgrade section. If this is set, Citrix Receiver will defer the upgrade until the next login or boot.

deinstallPredecessors - If this installer is not backwardly compatible with previous version for upgrades, set the deinstallPredecessors attribute. This will cause any previous instance of the plug-in to be uninstalled before the upgrade is applied rather than an upgrade run on the install.

reboot - If the installer is likely to require a reboot after install then set the reboot attribute and suppress the reboot using whatever command flag is required (Citrix Receiver will coordinate all required reboots from installers).

InstallerFilename - The InstallerFilename element should be set to the original filename envisioned when preparing the command line.

adminOptions - The adminOptions element is set to one of demand, prefer or none depending on the level of Admin privilege required to install correctly. Demand implies the installer always requires admin privilege.

Prefer that it has value without admin privilege, but perhaps with reduced functionality.

None that it is independent.

autoStartup - The autoStartup element key (Registry or Start Menu relative). The autoStartup element is made available so that Citrix Receiver can (if required) take the details of the start mechanism and take control over the timing of this startup instead of allowing the normal explorer startup. This aids coordination with updates and any secure connection establishment. This element will contain either the name of the startup menu shortcut (.lnk) file or the valuename of the relevant registry 'Run' entry.

URL of EULA (if available).

Plug-in Dependencies: Provide the type GUID of any other plug-ins on which this plug-in has dependencies, either at install time (installationDependencies) or runtime (functionalDependencies).

detectCurrentVersionRulesList — The detectCurrentVersionRulesList element provides information to help detect previous installations of plug-ins. As the installer GUIDs and names may not be consistent between releases, custom rules are required. These can take the following form (as required).

REG - path to registry value. If the value is a DWORD then the format is assumed to be Mmbb - 8 bits Major, 8 bits Minor, 16 bits Build. If the value is a string then it will be assumed to be numeric dot separated up to 4 parts (major, minor, build, custom). Supported prefixes for the Reg path are:HKLM, HKCU, HKCR

EXE - path to exe file where version can be extracted. The path can include environment variables: ProgramFiles, ProgramFiles(x86), WinDir, SystemRoot.

UPGRADECODE - packed GUID from installer *

DISPLAYNAME - display name of the package *

As many of these as are necessary can be specified.

It helps Citrix Receiver operation if one of these rules are used as Uninstall Strings and actual Display names of the installed plug-ins can be detected at the same time.

Examples:

ICA client package

UPGRADECODE:9B123F490B54521479D0EDD389BCACC1

Streaming

UPGRADECODE:CF106F6CA08399341B9EB788F1071D2D

AG Standard

REG:hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Net6 Vpn\DisplayVersion DISPLAYNAME:Citrix Secure Access Client EXE:%programfiles%\Net6

WANScaler

UPGRADECODE:2E36AAD0884DAD11993000016C1E5903

Version Upgrade / Reinstall list — for all previous detected versions of the plug-in (in min / mix pairs) is the current version able to upgrade or should the prior version be uninstalled first. If the latter, then what is the uninstall string to be used.

If an installer contains multiple plug-ins then there should be a section within the metadata file for each plug-in. Ideally the plug-ins will install separately.


3.1.5.8.2. Sample Metadata File

Updated: 2009-09-30

The following is a sample of a metadata file for the Receiver for Windows installer.

<?xml version="1.0"?> <metadata xmlns="http://www.citrix.com/AppReceiver" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.citrix.com/AppReceiver MetaData.xsd"> <plugin product="11111111-1111-1111-1111-111111111111" productName="Citrix Receiver" appReceiverComponent="true" >



<platforms>XP Vista</platforms> <version>1.0.0.6380</version> <installerFilename>AppReceiver.msi</installerFilename> <fullPlugin>true</fullPlugin>  <autoInstall reboot="false"> <command>msiexec /i $INSTALLERFILENAME $PARAMETERS $SILENTSWITCH</command> <commandParameters>BCTYPE=http BROADCASTER=$UpdateServer/appliance/services/applianceService REINSTALLMODE=avomus REINSTALL=all R <silentSwitch>/qn</silentSwitch> <lessSilentSwitch>/qb</lessSilentSwitch> </autoInstall>  <autoUninstall reboot="false"> <command>MsiExec.exe /X{1C8DA3EE-A45F-464C-AD8F-EEF7BE4101FD} $SILENTSWITCH</command> <silentSwitch>/qn</silentSwitch> </autoUninstall> <adminOptions>demand</adminOptions>  <pluginDescriptions> <descriptions language="en" > <description>Citrix Receiver version 1.0.0.6380 manages plugin installation and runtime orchestration for your desktop. </description> <shortdescription>Citrix Receiver version 1.0.0.6380- Manages your Citrix plugins automatically</shortdescription> </descriptions> </pluginDescriptions>  <installerOptGUI> <config varname="ServerLoc"> <InstallerOpt language="en"> <description>Address of the Broadcast Server</description> </InstallerOpt> <InstallerOpt language="fr"> <description>Adresse du serveur de Broadcast Serveur </description> </InstallerOpt> </config> </installerOptGUI>  <pluginLanguages>en</pluginLanguages>  <detectCurrentVersionRulesList> <detectRule>UPGRADECODE:508B3DEB038C58A4AA232045B1DADAB1</detectRule> </detectCurrentVersionRulesList> <installOnce>false</installOnce> </plugin> </metadata>


4. Client pour Java

Client 9.7 pour Java


4.1. Client 9.7 pour Java

Mise à jour : 2009-08-28

Le Client pour Java est une applet Java qui offre un accès aux applications exécutées sur une batterie de serveurs depuis toute machine disposant d'un navigateur Web. L'applet est une applet à télécharger et exécuter, un client sans installation, optimisé pour être utilisé dans les environnements Web pour lequel il n'est pas possible ou désiré d'installer le logiciel sur la machine cliente.

Le client possède les avantages suivants :

Vous n'avez pas à installer de logiciel sur les machines clientes. Les utilisateurs ne requièrent qu'un navigateur Web compatible Java. L'installation est transparente et automatique.

Au niveau de fonctionnalité le plus bas, l'applet est d'approximatevement 517Ko en taille, offrant un téléchargement plus rapide que tout autre client.

Le Client pour Java s'exécute sur toute machine cliente exécutant un navigateur Web dans un environnement J2SE 1.4.x ou ultérieur.

L'applet réside sur un serveur Web et elle est déployée à l'aide d'une page HTML avec une balise <applet>. Les utilisateurs exécutent le client en ouvrant la page HTML à l'aide d'un navigateur qui possède une prise en charge Java. Lorsque la page s'ouvre, l'applet Java est automatiquement téléchargée sur la machine cliente. L'applet s'exécute alors et se connecte au serveur ou l'application publiée spécifié(e) dans la balise <applet>.

À l'inverse de ActiveX, de Netscape plug-in ou des clients Web Win32, qui sont téléchargés une fois puis enregsitrés pour une utilisation ultérieure par les systèmes clients, l'applet n'est pas stockée de manière permanente par le système client. Cependant, les environnements Java offrent un cache distinct pour les applets Java, que vous pouvez configurer dans le panneau de configuration du plug-in.


4.1.1. Readme for Citrix XenApp Client for Java 9.7

Updated: 2009-08-21

Readme Version: 1.1

Issues Resolved in This Release

This release provides the following improvements: Client security certificate renewed

Windows created in pass-through seamless sessions appear in the taskbar

Clearer audio present at high bit rates

Full screen mode uses entire screen area of all monitors

Proxy auto-detection supported for JRE 1.6

Client security certificate renewed

When starting the Client for Java, a message appeared stating the security certificate has expired and prompted the user for permission to continue. This message appeared because the security certificate that Citrix uses to digitally sign the Client for Java software expired. By installing this release, the security certificate is renewed and error

Fichier Lisez-moi pour XenApp client pour Java 9.7

Présentation du client pour Java

Conditions requises par le client pour Java

Déploiement du client pour Java

Configuration du client pour Java



messages no longer appear. To download the latest Client for Java software, visit http://www.citrix.com/English/ss/downloads/details.asp?downloadId=1856735&productId=186&c1=sot2755.

Windows created in pass-through seamless sessions appear on the taskbar

When using Client for Java with Microsoft Windows Vista or Java SE Runtime Environment 6 in pass-through authentication mode, the windows created in seamless sessions did not appear on the taskbar. This release corrects this issue.

Clearer audio present at high bit rates

When the Client for Java connected to a XenDesktop server the audio was extremely choppy. This release corrects this issue. [#212524]

Full screen mode uses entire screen area of all monitors

When using the Client for Java in a multi-monitor display environment, published applications and desktops did not use the entire screen area of all the monitors. This release corrects this issue.

Proxy auto-detection supported for JRE 1.6

When using the Client for Java with Java SE Runtime Environment 6, auto-detection of proxy servers was not supported. This release supports this version of JRE.


4.1.2. Client for Java Feature Overview

Updated: 2009-08-28

Java 2 Standard Edition, Version 1.4.x

The Client for Java requires Java 2 Standard Edition (J2SE), Version 1.4.x and 1.5.x.

The Microsoft Java Virtual Machine (JVM) is no longer supported. Note that within a deployment comprising Web Interface, the Version 8 client is deployed for use with the Microsoft JVM.

SSL Support

Secure Sockets Layer (SSL) support, provided by the Java Secure Socket Extension (JSSE), is embedded in J2SE 1.4.x and 1.5.x. Therefore, fewer packages are downloaded to the client device for SSL support. The cryptojN.jar library is no longer required and the sslN.jar library is reduced from 187KB to 28KB.

CRL Checking

Certificate Revocation List (CRL) checking is supported. When connecting to a server running XenApp using SSL or TLS, and CRL checking is enabled, the client checks whether or not the server’s certificate is revoked. This feature improves the cryptographic authentication and overall security of the connection to the server running XenApp.

Kerberos Authentication

Kerberos authentication is supported when the client is running on Windows 2000 or Windows XP, with the necessary trust relationship between client and server Active Directory domains.

Kerberos logon requires MetaFrame Presentation Server 3.0 or Presentation Server 4.0 or 4.5, and works only between clients and servers that belong to the same or to trusted Windows 2000 or Windows 2003 domains. Servers must also be trusted for delegation, an option you configure through the Active Directory Users and Computers management tool.

Important: Kerberos support requires XML Service DNS address resolution to be enabled for the server farm, or reverse DNS resolution to be enabled for the Active Directory domain.

You can configure Kerberos-enabled UNIX and Microsoft Windows domains to allow users working on UNIX client devices to access XenApp using their UNIX Kerberos credentials.

Kerberos authentication is not supported when the client is running on Mac OS X client devices. For further information, see http://developer.apple.com (Java: Java on Mac OS X 10.3 Release Notes: Java Security, article 3173133.)

NTLM Proxy Authentication

Windows NT LAN Manager (NTLM) proxy authentication is supported when the client is configured to access XenApp through a proxy server. The client must be running on Windows and connecting through a proxy server that supports NTLM (such as Microsoft Internet Security & Acceleration Server).

Session Reliability

Session reliability enables sessions to remain open and on screen when network connectivity is interrupted, therefore allowing client users to view the application while the network connection is restored. This feature is useful for mobile users with wireless connections.

Mac OS X Japanese Support

The client is now supported on Japanese Mac OS X.

User Interface Improvements

The user interface has been updated with the following improvements: Connection Center

Look and feel

The Connection Center is more compact and includes a notification area, similar to the notification area (also referred to as the system tray) on computers running Windows. The Connections and Settings dialog boxes are available from the Connection Center.

The user interface includes various enhancements such as status bar updates to provide users with more information.

Terminal Services Client Access License Improvements

For Windows 2000 Server, Microsoft supports Terminal Services Client Access License (TS CAL) equivalency. This means that connecting to a Windows 2000 Server from a Windows 2000 (or later) client platform should not consume a TS CAL. This is now supported when the Client for Java runs on a Windows 2000 (or later) client system connecting to XenApp.

TS CAL equivalency is not supported on Microsoft Windows Server 2003.

Note that Windows XP Home edition does consume a TS CAL.

Note: TS CAL equivalency can cause Java problems on Microsoft Windows XP client devices. The parameter ‘SupportTSEquivalencyOnWinXP’ specifies whether or not TS CAL equivalency is used on Microsoft Windows XP client devices. The parameter is set to off by default.

Performance

Several performance enhancements are implemented in this release including: Graphics, improved responsiveness

Audio improvements

Client drive mapping improvements

Line drawing improvements with XenApp for UNIX

ICA Browsing

ICA browsing is applicable when deploying the client without the Web Interface. Support for ICA browsing is no longer provided in the core archive; it is provided as a separate archive (JICA-browserN.jar).

Universal Print Driver Support



The Universal Print Driver (UPD) is a standard Windows print driver that encapsulates print jobs in Printer Control Language 4 (PCL4) format. A client-based interpreter renders the print job using the client device’s local print driver and printing services. The UPD generates smaller print jobs, which can significantly improve performance when printing over WAN or dial-up connections. Using UPD also increases security on the server because the number of drivers used is restricted.

The Client for Java supports only UPD1 (UPD2 and UPD3 support printing in color and at higher resolutions).


4.1.2.1. Seamless Support

Updated: 2009-08-24

Seamless support is provided as an option on the client. It has three main aspects: Seamless windows

Session sharing

Connection Center, a tool that enables users to manipulate both seamless and non-seamless ICA connections

To provide seamless support on the client, Citrix recommends deploying the client through the Web Interface, because this provides the most effective interface for the features provided. You can deploy the client using the sample HTML pages provided with the client package, but this requires more work on your part.

Note: Seamless desktops are not supported.

Seamless Windows

Seamless windows means that each remote application appears in a separate resizable window on the client desktop. Users can resize the application window, minimize it, and copy and paste text between published applications and applications running locally on the client device. Copy/paste also works for non-text objects when used between applications sharing an ICA session.

Note: Seamless windows are supported on Mac OS X Version 10.3 (Panther). However, if the Java Client is configured for seamless mode and run on earlier versions of Mac OS X platforms, a non-seamless session is launched.

Dynamic Session Reconfiguration

For seamless windows, the client detects and requests the server to update the underlying session size when the local desktop size changes. The client cannot detect changes to the local color depth.

Session Sharing

Session sharing allows seamless application launches to share a single connection rather than creating a new connection for each application. This reduces the system overhead and therefore improves response times for users who have several applications open at the same time. Applications launched in existing sessions also launch more quickly, because a new connection and associated resources do not need to be created.

Connection Center

The Connection Center includes a notification area and the Connections and Settings options.

The notification area is similar to the notification area (also referred to as the system tray) on computers running Windows. Notification icons appear in the notification area for certain published applications. These icons provide information and access to application settings.

The Connections and Settings options launch separate dialog boxes.

The Connections dialog box allows users to: Disconnect a session

Switch between full screen and seamless mode

View properties such as the ICA encryption setting and the user name

Log off a server session

Close a published application

The Settings dialog box allows users to: Configure client settings such as general settings, printer and drive mapping, firewall settings, bitmap cache options, and hotkey configuration


4.1.3. Client for Java Requirements

To run the Client for Java, the client system must have the following:

A Web browser with Java 2, Standard Edition Version 1.4.x or 1.5.x, configured to accept signed Java applets. For more information about signed applets, see Using Signed Java Applets.

Network access to the Web server that stores the client files.


4.1.3.1. Java Environments

A large number of Java-enabled environments are available, and their functionality varies from platform to platform. To validate proper functionality of the Client for Java, Citrix selects a representative group of platforms for testing.

For English and other European languages, the client has been tested with:

Internet Explorer 6.x on Windows 98, Windows Me, Windows NT 4.0 Workstation, Windows 2000 Professional, Windows XP Professional and Home editions, and Windows Server 2003, with the Sun JRE 1.4.x and 1.5.0

Safari 1.x with Apple JVM 1.4.1 and 1.4.2 on Mac OS X 10.x

Mozilla 1.x and Firefox 0.9x on Solaris SPARC 9

Mozilla 1.x and Firefox 0.9x on Suse Linux 9.x

For Japanese, the client has been tested with:

Internet Explorer 6.x on Japanese Windows NT 4.0, Windows 2000, and Windows XP

Safari 1.x with Apple JVM 1.4.2 (software update 2) on Japanese Mac OS X 10.3

Mozilla 1.x with Sun JVM 1.4.2_05 on Japanese Solaris SPARC 9

For details of any known limitations of particular platforms or browsers, see Limitations of the Client for Java, and consult the Readme file for any late-breaking issues.


4.1.4. Deploying the Client for Java

Updated: 2009-08-28

To deploy the client, you need: A copy of the client package. You can download the package from the Citrix Web site or copy it in decompressed form from the Components CD. Citrix recommends



that you obtain the latest version of the client from the Web site.

On the Web site, the client package is available in two formats:

.zip, primarily for Windows systems.

.tar.gz, primarily for UNIX systems.

Both have identical contents.

A means of decompressing and unpacking the .zip or .tar.gz package, if you download this from the Web site. If you are copying files from the Components CD you do not need to decompress them.

Administrator access to a Web server.

Note: If deploying the client using the Web Interface, you can configure the client deployment options using the Delivery Services Console.


4.1.4.1. To unpack the Client for Java package

Updated: 2009-08-24

1. Copy the client package to a suitable location on the Web server. For Microsoft IIS servers, copy the package to a folder in the Web root directory (typically C:\inetpub\wwwroot). For UNIX systems, consult the Web server documentation.

Note: If you downloaded the compressed package from the Web site, extract the program files from the .zip or .tar.gz package to the same folder, using a suitable decompression utility.

A number of files are created on the Web server. The *N.jar files are signed Java archives that make up the applet. They are compatible with:

Netscape 6.x/7.x, Mozilla 1.x, and other browsers using a J2SE environment

Internet Explorer on Windows platforms with Java plug-in 1.4.x or 1.5.x. The Java plug-in is available from http://www.ava.com

There are a number of different components:

Essential

Use one of the following components.

Security

Use these components in conjunction with JICAEngN.jar or JICA-coreN.jar, as required.

Optional

Use these components in conjunction with JICA-coreN.jar, as required. They are included in JICAEngN.jar.


4.1.4.2. Getting Started with the Sample HTML Files

Updated: 2009-08-24

The Client for Java comes with sample HTML pages that you can customize to specify the correct archives for the user's browser.

Each sample HTML page is described, together with instructions for customizing the page. To use seamless windows and the Connection Center, read the instructions about how to edit seamless1.html, but also keep the desktop.html instructions close for reference. If you do not want to use this functionality, read the instructions for editing desktop.html. For information about the benefits of seamless support and the Connection Center, see Seamless Support.

To access the Connection Center, session sharing, and seamless windows functionality, Citrix strongly recommends that you use the Web Interface, which automates the steps that you otherwise need to implement yourself.

Seven sample HTML files are supplied in the client package (in the ‘examples’ directory):

index.html

This page contains links to and descriptions of the six launching pages: desktop.html, application.html, and autoproxy.html. If you do not want to implement seamless windows and the Connection Center, use these pages.

seamless1.html, seamless2.html, and seamless3.html. To implement seamless windows and the Connection Center, use these pages.

desktop.html

This page launches a desktop session to a server. To make a connection with this page, specify an address for the server.

application.html

This page launches a connection, with 128-bit ICA encryption enabled, to a published application. Specify the name of the published application and the name of a server to use for server location.

autoproxy.html

Archive File Approximate Size Description

JICAEngN.jar 853KB Complete archive. Contains the contents of all of the other archives apart from cryptojN.jar and sslN.jar, which must be included if required.

JICA-coreN.jar 518KB Core archive. Provides only a basic connection. You add functionality by using it in conjunction with the other component archives described below.


sslN.jar 28KB SSL component. Adds SSL and TLS encryption support.

cryptojN.jar 168KB Encryption component required for ICA encryption. This is not needed for SSL and TLS encryption support.


JICA-audioN.jar 8KB Audio component. Adds client audio mapping.

JICA-browseN.jar 26KB ICA browsing component. Adds support for ICA browsing and is applicable when deploying the client without the Web Interface.

JICA-cdmN.jar 25KB CDM component. Adds client drive mapping.

JICA-clipboardN.jar 10KB Clipboard component. Adds client clipboard mapping.

JICA-configN.jar 77KB User configuration component. Adds support for the status bar, buttons, and the ICA Settings dialog box.

JICA-printerN.jar 70KB Printer component. Adds client printer mapping.

JICA-seamlessN.jar 81KB Seamless and Connection Center components. Adds support for seamless windows and the Connection Center.

JICA-sicaN.jar 17KB ICA encryption component. Adds ICA encryption support.

JICA-zlcN.jar 96KB SpeedScreen latency reduction component. Adds support for local text echo and mouse feedback.



This page launches a connection to a published application through a proxy server, using proxy auto detection. Specify the name of the published application and the name of a server to use for the server location. For more information about the server location, see Configuring Network Protocol and Server Location.

seamless1.html, seamless2.html, and seamless3.html

These pages start remote applications using the Connection Center and seamless windows. The only difference between the three files is that they each start a different application. The applications are launched using an existing ICA session when possible. When session sharing is not possible, a new ICA session is created. You specify the name of a published application and the name of a server to use for the server location.


4.1.4.2.1. Customizing the desktop.html File

Updated: 2009-08-24

Desktop.html contains the following <applet> tag:

<applet name="javaclient" codebase="../" code="com.citrix.JICA" archive="JICA-coreN.jar,JICA-configN.jar" width="640" height="480"> <param name="Address" value="plateau"> <param name="End" value="end.html"> </applet>

The <applet> tag is used to configure the client. Some parameters are specified inside the <applet> tag:

Applet name

This is an optional, unique name for the applet. Use this name to refer to the applet when writing scripts. In desktop.html, the applet name javaclient is used by a script that displays a warning message if the user tries to close the Web browser window when an ICA session is running. It is also needed for proxy auto configuration (PAC) file support.

Codebase

The path from the HTML page to the client archives. Change this path if it is not correct for your deployment.

Code

The name of the class file that is executed. For the client without the Connection Center, this is always com.citrix.JICA.

Archive

Specify signed archives here. Separate multiple archives with commas.

Note: If, for example, you want users to be able to map drives and printers, specify the necessary archives here.

Width

The width of the applet, in pixels.

Height

The height of the applet, in pixels.

All other parameters are specified using <param> tags, located between the <applet> and </applet> tags. Use the <param> tags in the form:

<param name="parametername" value="valuename">

where parametername is the name of the parameter you are specifying and valuename is the value you are defining.


4.1.4.2.1.1. To customize and use desktop.html

1. Open desktop.html in a plain text editor and find the <applet> tag section:

<applet name="javaclient" codebase="../" code="com.citrix.JICA" archive="JICA-coreN.jar,JICA-configN.jar” width="640" height="480"> <param name="Address" value="plateau"> <param name="End" value="end.html"> </applet>

This is the section that launches the client.

2. Change the Address value to the address of a server on your local network.

3. Change the relative path specified for the codebase if it is not correct for your deployment.

4. Publish the sample HTML pages using your Web server. See the Web server documentation for more information about how to do this.

5. On the client device, open a Web browser and open the URL for the sample HTML pages. The index.html page opens.

6. Click the Minimal Desktop link. The applet appears.

7. To connect to the server, click Connect or Click to connect. To configure the client using the ICA Settings dialog box, click Settings.

You can edit application.html and autoproxy.html in the same way. The additional parameters used in these examples are described in Configuring the Client for Java


4.1.4.2.1.2. To change the warning message displayed when a user tries to close an active ICA session

If you try to close the Web browser window when using an ICA session created with one of the example Web pages, a warning message appears. The message is defined in this section of the HTML page:

function onBeforeUnload() { var connected = document.javaclientname.isConnected(); if (connected) { alerted = true; return "Closing this window will disconnect your ICA session"; } }

where javaclientname is the name of the applet.

1. To change the message displayed, edit the text in the HTML page.

eDocs Home



© 2009 Citrix Systems, Inc. All rights reserved. Terms of Use | Trademarks | Privacy Statement

4.1.4.2.2. Customizing the seamless1.html File

Updated: 2009-08-24

Seamless1.html contains the following applet tag:

<applet name="javaclient" code="com.citrix.ConnectionCenter" codebase="../" archive="JICA-coreN.jar,JICA-browseN.jar,JICA-configN.jar, JICA-seamlessN.jar" width="330" height="140"> <param name="Address" value="Notepad"> <param name="InitialProgram" value="#Notepad"> <param name="HTTPBrowserAddress" value="plateau"> <param name="TWIMode" value="on"> </applet>

The applet tag is similar to that used in desktop.html (see Editing desktop.html), with the following differences:

Code

The name of the class file that is executed. For the client with the Connection Center, this is always com.citrix.ConnectionCenter.

Archive

The JICA-seamless archive is required for the Connection Center and seamless windows.

Width and height

These are set to 330 and 140 pixels respectively, which are appropriate dimensions for the Connection Center user interface.

TWIMode

This parameter enables seamless windows. Seamless windows are required for session sharing. If you use the Connection Center without seamless windows, there is no session sharing, in other words each application is launched in a separate ICA connection and you gain no reduction in system resource overhead.

You can customize the sample HTML files and specify additional HTML files to launch your own published applications. If you have many applications, it may be easier to provide users with HTML links that all reference a server-side script that generates the <applet> tag as needed, based on the selected link.


4.1.4.2.2.1. To customize and use seamless1.html

1. Open seamless1.html in a plain text editor and find the <applet> tag section:

<applet name="javaclient" code="com.citrix.ConnectionCenter" codebase="../" archive="JICA-coreN.jar,JICA-browseN.jar, JICA-configN.jar,JICA-seamlessN.jar" width="330" height="140"> <param name="Address" value="Notepad"> <param name="InitialProgram" value="#Notepad"> <param name="HTTPBrowserAddress" value="plateau"> <param name="TWIMode" value="on"> </applet>

This is the section that launches the client.

2. Change the value of the Address parameter to the name of the published application to which you want to connect.

3. Change the value of the InitialProgram parameter to the application name specified in Address, preceded by a # symbol. For example, if the published application is called Word, use the following parameters:

<param name="Address" value="Word"> <param name="InitialProgram" value="#Word">

4. Change the relative path specified for the codebase if it is not correct for your deployment.

5. Change the value of the HTTPBrowserAddress parameter to the address of the server used for HTTP browsing.

6. Publish the sample HTML pages using your Web server. See your Web server documentation for more information about how to do this.

7. On the client device, open a Web browser and open the URL for the sample HTML pages. The index.html page opens.

8. Click the Launch seamless application 1 link. The first time in each Web browser session that you select a seamless link, the Connection Center applet starts up, launches an ICA connection to the specified application, and displays it in a separate window.

9. If you select another seamless link while this session is open, the Connection Center applet starts up again; however, this new applet is displayed as a progress indicator rather than a duplicate Connection Center, and it closes itself when the new application opens. In this way the launching and management of all applications is centralized by the initial Connection Center instance, which performs session sharing when possible.

Select Connections to view the Connections dialog box. Double-clicking a window node on the Connections tree brings that window to the front. If the window is minimized, double-clicking the node has no effect.

Right-clicking a window node displays the application’s System menu.

Closing the Connection Center window disconnects all connected sessions, after prompting the user for confirmation.


4.1.4.3. Using Signed Java Applets

Due to security restrictions imposed by Java, many Java environments do not permit users to connect to other computers on the network when using Java applets.

When a Java applet attempts to make a connection to the server specified in the HTML page, the Java security manager detects the attempt to connect to another computer and cancels the operation. The result of this security restriction is that, under normal conditions, a client system can connect to a server only if the server is also the same device as the Web server that contains the applet class files.

To overcome this restriction, the client uses signed archives. The signature confirms that the files being downloaded came from Citrix and have not been altered since the signature was applied. You must ensure that users’ Web browsers are configured to accept signed Java applets.

When attempting a connection to the server, the user is prompted with the Citrix signed certificate. When the user accepts the signature, the connection is permitted.


4.1.4.4. Example: To make a desktop for a server available to users

Updated: 2009-08-28

In the following example, you want to make the desktop for a server called "buster" available to users. Buster is a XenApp server that runs Microsoft IIS. You want the users to be able to use the drives on their client devices during ICA sessions, and to be able to print to local or network printers.

1. You go to the Citrix Web site and download JICAComponents.zip to C:\inetpub\wwwroot on buster.



2. You extract the files to C:\inetpub\wwwroot.

3. You open desktop.html in the examples folder using Notepad, then make and save the following changes:

a. To specify the correct server, you change the value of the Address parameter as follows:

<param name="Address" value="buster">

b. To enable users to map client drives and printers, you add JICA-cdmN.jar and JICA-printerN.jar to the Archive attribute, so that it reads as follows:

archive="JICA-coreN.jar,JICA-configN.jar, JICA-cdmN.jar,JICA-printerN.jar"

4. You verify that the users’ Web browsers are configured to accept signed Java applets.

5. You publish desktop.html using the IIS Manager tool, and tell the users the URL of the page (http://buster/desktop.html).


4.1.5. Configuring the Client for Java

Updated: 2009-08-25

The client can be configured using:

An HTML page.

The ICA Settings dialog box.

To display the ICA Settings dialog box, click the Settings button. In seamless mode, the Settings button is on the Connection Center. If the client is not in seamless mode, the Settings button is on the status bar.

You can prevent users from configuring their own settings by removing the Settings button or the status bar, as described in Status Bar and Settings Button.

The Web Interface.

The Web Interface automatically generates the necessary Web pages to launch the client. See the Web Interface Administrator’s Guide for details about how to use the Web Interface to configure the client.

Note: You can only configure drive mapping through the ICA Settings dialog box.You cannot configure client drive mapping on an HTML page or through the Web Interface because this is a violation of the client’s security.


4.1.5.1. To set the client language

Updated: 2009-08-25

The Client for Java allows you to specify which language is used to display the user interface. By default, a session uses the language specified for the client device to display the user interface. If you specify a language code that is not recognized or not supported, English is used.

1. Specify the following parameter in the HTML page:

<param name="Language" value="yourlanguage">

where yourlanguage is the two-letter abbreviation for the language you want to use.

The standard two-letter abbreviations are: English = en

French = fr

German = de

Spanish = es

Japanese = ja

For example, to use Japanese as the language on a non-Japanese device when connecting to the server named CitrixServer, create an applet tag:

<applet code="com.citrix.JICA" archive="JICAEngN.jar" width="1024" height="768"> <param name="Address" value="CitrixServer"> <param name="Language" value="ja"> </applet>

If you use languages other than English, ensure that your Web server sends HTML files with the correct Content-Type and Charset, to avoid possible corruption of the applet parameter strings. Configuration details depend on the server software in use.

When troubleshooting suspected problems with parameter string encoding, it can be useful to copy the strings outside the applet tag and check that they display correctly in the Web browser.


4.1.5.2. To change the network protocol for the Client for Java

Updated: 2009-08-28

The network protocol setting allows you to control the way the client searches for servers and how it communicates with them.

The protocols are:

TCP/IP + HTTP

The client uses the HTTP protocol to search for servers. The client communicates with the server using ICA protocol over TCP/IP. This is the default protocol.

SSL/TLS + HTTPS

The client uses the HTTPS protocol to search for a list of servers. The client communicates with the server using the SSL or TLS protocols.

1. To change the protocol to SSL/TLS+HTTPS, add the following parameter to the HTML page:

<param name= "SSLEnable" value="on">


4.1.5.3. Configuring Server Browsing

Updated: 2009-08-28

Server browsing is the mechanism by which a client discovers an appropriate server to host a given application. Depending on the server configuration, this can involve taking load balancing into account so that the user’s application is run on the least loaded server.



The default browser server address is ica. You must set specific server addresses for XenApp computers unless your networking environment is configured with a DNS record for ica. The client uses the HTTP or HTTPS protocol respectively to contact the servers.

Example: Specifying the Browser Server

In the following example, the HTTPBrowserAddress parameter is specified to be the server Wizard. This browser server is responsible for locating an appropriate server to run the published application Notepad.

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480" <param name="HTTPBrowserAddress" value="Wizard"> <param name="Address" value="Notepad"> <param name="InitialProgram" value="#Notepad"> </applet> </body> </html>

Note: If you are using the JICA-coreN.jar archive, you must specify the JICA-browserN.jar archive to enable server browsing.


4.1.5.4. To specify a business recovery server group

Updated: 2009-08-25

Business recovery provides consistent connections to published applications in the event of a browser server disruption. You can define up to three groups of servers to which you want to connect: a primary and two backups. Each group can contain from one to five servers.

1. Use the following parameters to specify server groups: HTTPBrowserAddress and HTTPBrowserAddress2 through HTTPBrowserAddress5 specify the primary group of servers

HTTPBrowserAddress6 through HTTPBrowserAddress10 specify the first backup group of servers

HTTPBrowserAddress11 through HTTPBrowserAddress15 specify the second backup group of servers

Fill in any unused server addresses with five dashes (-----). These dashes are required to fill in any gaps in the list but are not required at the end of the list.

Example: Specifying a business recovery server group

In the following example, the primary group of servers contains Arthur, Morgana, and Merlin. The first backup group contains the servers Excalibur and Stone. There is no secondary backup group.

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480"> <param name="HTTPBrowserAddress" value="Arthur"> <param name="HTTPBrowserAddress2" value="Morgana"> <param name="HTTPBrowserAddress3" value="Merlin"> <param name="HTTPBrowserAddress4" value="-----"> <param name="HTTPBrowserAddress5" value="-----"> <param name="HTTPBrowserAddress6" value="Excalibur"> <param name="HTTPBrowserAddress7" value="Stone"> </applet> </body> </html>


4.1.5.5. To change the client name

Updated: 2009-08-25

The client name is used to identify the client to the server, and is also used to name printers. You may need to change the client name if you are trying to access resources shared with another client with the same name.

By default, the client uses the value for the client device’s host name (if it exists and is not set to localhost) as the client name reported to the server. If the client cannot use the client device’s host name, it uses AnonJava as the client name. The client name sent to the server is always truncated to 20 characters.

You can change the client name on the HTML page or by using the ICA Settings dialog box.

1. To change the client name, add two parameters on the HTML page:

<param name="client.wfclient.UseHostname" value="off"> <param name="client.wfclient.Clientname" value="yourclient">

where yourclient is the client name you want to use.


4.1.5.6. Passing Parameters to Applications

When connecting to a published application, you specify the application name using the InitialProgram parameter on the HTML page. For example, to connect to an application called Notepad, specify the following parameters:

<param name="Address" value="Notepad"> <param name="InitialProgram" value="#Notepad">

You can also specify a command-line parameter that the server will pass to a published application when it runs that application. For example, if you provide a file name parameter to Notepad, Notepad will start up with that file loaded.

The parameters that an application will honor are built into the application and do not have to be file names.


4.1.5.6.1. To pass a parameter to an application

Updated: 2009-08-28

1. Specify the following parameters on the HTML page:

<param name="Address" value="application">



<param name="InitialProgram" value="#application"> <param name="Param" value="parameter">

where application is the name of the published application and parameter is the parameter. You can specify a maximum value length of 256 characters for these parameters. For example, to open a file called M:\new.txt in Notepad, specify the following parameters:

<param name="Address" value="Notepad"> <param name="InitialProgram" value="#Notepad"> <param name="Param" value="M:\new.txt">

Note: For parameter passing to work, you must configure the published application to receive parameters by appending %* to the published application's command line. For example:

notepad %*

Full details of how to publish applications and set up commands are in the documentation included in the XenApp package.

File name parameters are interpreted by the remote application relative to the server’s file system. If you want to pass a client-side file to a remote published application, you must use client drive mapping.


4.1.5.7. To set the size and number of colors used for the ICA session window

Updated: 2009-08-26

Just as you can set the dimensions of the applet panel in which ICA sessions run using the Width and Height attributes of the <applet> tag, you can also specify the size of the remote session by using the DesiredHRes and DesiredVRes parameters. If you do not specify these last two parameters, the remote session fits into the applet area available when any border and status bar are added.

The number of colors used in the session window is defined with a parameter on the HTML page.


<param name="DesiredColor" value="2|4|8">

where 2 specifies 256 colors, 4 specifies thousands of colors, and 8 specifies millions of colors. You cannot configure the client to use only 16 colors but it can display applications published in 16 color mode; these are run in 256 colors.


4.1.5.8. Showing and Hiding the Status Bar and Settings Button

Updated: 2009-08-26

You can display or hide the status bar and Settings button using parameters on the HTML page. Both are displayed by default; however, if you do not want users to make configuration changes, you may hide the Settings button. If you decide that maximum screen real estate is a priority, you may hide the status bar.

When the client is in seamless mode, the status bar is not visible and the user accesses the Settings dialog box from the Connection Center.

To hide the status bar

1. Specify the following parameter on the HTML page:

<param name="ShowStatusBar" value="no">

To hide the Settings button


<param name="ShowSettingsButton" value="no">

Note: To display the Settings button and status bar when using the component archives, you must include the JICA-config archive. This functionality is included in the complete archive.


4.1.5.9. To enable Session Reliability

Updated: 2009-08-26

Session Reliability enables sessions to remain open and on the screen when network connectivity is interrupted, therefore allowing client users to view the application until the network connection is restored. This feature is especially useful for mobile users with wireless connections.

For session reliability and SSL support through Secure Gateway, Secure Gateway Version 3 is required.


<param name="CGPAddress" value="hostname:port">

Rather than specifying the hostname, type an asterisk (*) to use the Address parameter value as the host (session reliability server).

The port value is optional. If you do not specify a port value the default 2598 is used. If a connection on port 2598 fails, the client tries to establish a standard (non session reliability) connection on port 1494.


4.1.5.10. Controlling Auto-Reconnect and Session Termination

Updated: 2009-08-26

You can control how the client behaves when starting or ending a session by specifying parameters on the HTML page.

Note: The information in this topic does not apply if you are using the Connection Center. Sessions always start automatically and, if the network connection is lost, an attempt is always made to reconnect.

To change the client startup


<param name="Start" value="Manual|Auto">

If you set this parameter to Manual (the default), the user must click to connect to a server. If you set it to Auto, the message "Connecting to server" appears as the HTML page is displayed and the user is automatically connected to the server.



To change what happens when a session ends


<param name="End" value="Manual|Auto|Terminate|URL">

where:

Manual displays the startup splash screen when the session ends, and the message "Click to reconnect." To reconnect, the user clicks anywhere on the splash screen.

Auto displays the Reconnecting dialog box when the session ends for any reason. The number in the dialog box counts down to 0 and the client reconnects.

Terminate displays either "Connection Terminated" or "Connection Error" when the session ends, depending on whether the user chose to end the session or whether or not there is a problem that caused the session to end.

URL displays the splash screen and redirects in two seconds to the specified URL. You can specify the URL of any Web page.

The HTML examples supplied with the client include the End parameter. The value specified is a URL to a page called end.html. The applet tag section of each of the examples has this parameter:

<param name="End" value="end.html">

When you end the session, the client redirects to end.html, which contains a script to close the browser window. You can edit end.html to display anything you want.

To change the time-out period for automatic reconnection

The default time-out period is five seconds.


<param name="ReconnectDelay" value="delay">

where delay is the delay in seconds. Specifying this parameter does not affect the delay before connection to an HTML page if you specified a URL for the End parameter.

Note: If the Start and End parameters are both set to Auto, the startup splash screen is displayed and you must click on it to connect.


4.1.5.11. Specifying Keyboard and Mouse Preferences

Updated: 2009-08-28

The client lets you specify what type of keyboard to use in ICA sessions. By default, if you do not specify a keyboard preference, the session uses the default keyboard for the user’s XenApp computer. The client supports the use of any keyboard supported by the server to which the user is connecting.

When using the Client for Java with applications that require a 3-button mouse, the middle button of a 3-button mouse can be emulated by clicking both buttons of a 2-button mouse at the same time.

To specify a keyboard other than the server’s default


<param name="user.wfclient.keyboardlayout" value="layout">

where layout is a value from the server’s list of supported keyboards. A list of the supported keyboards is provided in Supported Keyboard Layouts.

For example, to specify a Danish keyboard, create an HTML page like the following:

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480"> <param name="Address" value="CitrixServer"> <param name="user.wfclient.keyboardlayout" value="Danish"> </applet> </body> </html>

The client supports the following keyboard types to distinguish between subtypes of the Japanese keyboard layout:

"(Default)" "IBM PC/XT or compatible keyboard" "101 Keyboard (Japanese)" "106 Keyboard (Japanese)" "NEC PC-9800 on PC98-NX (Japanese)" "NEC PC-9800 on PC98-NX 2 (Japanese)" "NEC PC-9800 Windows 95 and 98 (Japanese)" "NEC PC-9800 Windows NT (Japanese)" "Japanese Keyboard for 106 (Japanese)" "DEC LK411-JJ Keyboard (Japanese)" "DEC LK411-AJ Keyboard (Japanese)"

Note: If you are using a 109 key Japanese keyboard, specify the keyboard type as 106 Keyboard (Japanese).

To specify a Japanese keyboard type


<param name="user.wfclient.keyboardtype" value="101 Keyboard (Japanese) | 106 Keyboard (Japanese)">

For example, to specify a Japanese 106 key keyboard, create an HTML page like the following:

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480"> <param name="Address" value="CitrixServer"> <param name="user.wfclient.keyboardtype" value="106 Keyboard (Japanese)"> </applet> </body>



</html>


4.1.5.11.1. Specifying Japanese IME Preferences

Updated: 2009-08-28

The client provides a choice of options for using a Japanese Input Method Editor (IME). Users can configure these options using the ICA Settings dialog box. Alternatively, you can set the keyboard layout parameter in the <applet> tag; this overrides the users’ settings.

You can choose between using a client-side IME or a server-side IME.

With a client-side IME, users can choose their preferred IME that they have installed on the client device and they do not have to deal with one IME for local applications and another potentially different IME with a different dictionary for server-side applications. When using a client-side IME, the user composes the text in a separate window instead of at the insertion point.

With a server-side IME, the user composes the text at the insertion point.

To use a client-side IME for connections to servers running Windows Server 2003


<param name="user.wfclient.keyboardlayout" value="Japanese (client IME only)">

To use a client-side IME for connections to servers running Windows 2000 Server

Note: This section does not apply to servers running Windows 2000 with Service Pack 4. If you have installed Service Pack 4, you can type Japanese characters into the logon dialog box using a client-side IME.

When connecting to XenApp on Windows 2000 Server with Service Pack 3 or earlier, users cannot use a client-side IME to type Japanese characters into the session logon dialog box.

1. If they want to use a client-side IME but they also need to type Japanese characters in the logon dialog box, specify the following parameter on the HTML page:

<param name="user.wfclient.keyboardlayout" value="Japanese (client and server IME)">

This allows users to use the server-side IME to type credentials in the logon dialog box. After they log on to the session, they should turn off the server-side IME and use the client-side IME.

When the server-side IME is used to type logon credentials with this keyboard layout, if the server-side IME is in Kana mode, Shift+0 does not generate the “wo” character. To work around this problem, when using the Web Interface, select between “Japanese (client IME only)” and “Japanese (server IME only).” Do not select the keyboard layout “Japanese (client and server IME),” because users provide credentials using the Web Interface and do not need to manually log on to the session.

To use a server-side IME


<param name="user.wfclient.keyboardlayout" value="Japanese (server IME only)">

Alternatively, select “(Server Default)” for the keyboard layout and connect to a server with a Japanese keyboard layout with IME configured as the default keyboard layout.


4.1.5.11.2. Specifying Hotkey Functions

Updated: 2009-08-28

Hotkeys are used to control the behavior of the client and as substitutes for the standard Windows hotkeys. For example, to display the Windows Security Desktop on a Windows computer, press CTRL+ALT+DEL. If you are running the client on a Windows computer and are working in a XenApp session, this key combination opens the Security Desktop on the local device. Hotkey functionality allows you to map common key combinations like CTRL+ALT+DEL to a key combination such as CTRL+F1 that is ignored by your local operating system. When you press this new combination, the client sends CTRL+ALT+DEL to the server, displaying the Windows Security Desktop in your session.

You can specify hotkeys on the HTML page or the user can do it by using the ICA Settings dialog box.

Client hotkeys use a pair of keys. The first is a modifier key and the second is a character. The following hotkeys are available:

Hotkey (Default Mapping) Description

Hotkey2

(Shift+F3)

Close Remote Application. The Close Remote Application hotkey disconnects applications opened in an ICA session. If no programs are open, the session is disconnected after the user is prompted for confirmation.

Hotkey3

(Shift+F2)

When the client is running in seamless mode, this hotkey toggles between seamless mode and windowed mode. When the client is not in seamless mode, this hotkey is used when a reconnected session is larger than the applet panel; it toggles between embedding the session inside the applet panel with scroll bars and displaying it in a separate window.

When the client is running in full screen mode, this hotkey toggles the title bar on and off.

Hotkey4

(CTRL+F1)

Substitute for the standard Windows hotkey CTRL+ALT+DEL. The CTRL+ALT+DEL hotkey displays the Windows Security Desktop in the ICA session.

Hotkey5

(CTRL+F2)

Substitute for the standard Windows hotkey CTRL+ESC. On XenApp computers, the remote Windows Start menu appears.

Hotkey6

(ALT+F2)

Substitute for the standard Windows hotkey ALT+ESC. This hotkey brings the focus to maximized and minimized windows of programs that are open in an ICA session, in the order that they were opened.

Hotkey7

(ALT+PLUS)

Substitute for the standard Windows hotkey ALT+TAB. This hotkey cycles through applications that are open in the ICA session. A popup box appears and displays the programs as you cycle through them. The chosen application receives keyboard and mouse focus.

Hotkey8

(ALT+MINUS)

Substitute for the standard Windows hotkey ALT+Shift+TAB. Like the ALT+TAB hotkey, this key sequence cycles through applications that are open in the ICA session but in the opposite direction. The chosen application receives keyboard and mouse focus.

Hotkey9

(CTRL+F3)

Substitute for the standard Windows hotkey CTRL+Shift+ESC. This hotkey displays the Task Manager.

Hotkey10

(CTRL+F5)

Toggle SpeedScreen latency reduction. This hotkey toggles mouse click feedback and local text echo on and off.

This hotkey displays the ICA Settings dialog box.




4.1.5.11.2.1. To change the hotkey sequence from the default

1. For each hotkey, specify two parameters on the HTML page: one for the shift state and a second for the character state, as follows:

<param name="user.wfclient.hotkey*shift" value="shiftstate"> <param name="user.wfclient.hotkey*char" value="character">

where star (*) is the hotkey number; shiftstate is ctrl, shift, alt, or (none); and character can be any of the following:

F1 through F12, tab, star, plus, minus, escape, (none)

Specifying (none) for the character disables the hotkey.

The following example describes how to map the Close Remote Application hotkey to the key sequence CTRL+F1 and the ALT+TAB hotkey key sequence to Shift+TAB.

<html> <body> <applet code=com.citrix.JICA archive="JICAEngN.jar" width=640 height=480> <param name="Address" value="CitrixServer"> <param name="user.wfclient.hotkey2shift" value="ctrl"> <param name="user.wfclient.hotkey2char" value="f1"> <param name="user.wfclient.hotkey7shift" value="shift"> <param name="user.wfclient.hotkey7char" value="tab"> </applet> </body> </html>

Note: There may be conflicts between the default or user-defined client hotkeys and those pre-configured on Mac OS X and UNIX platforms. See your platform documentation for further information.


4.1.5.12. Client Device Mapping

Updated: 2009-08-28

The client supports client device mapping for connections to servers. Client device mapping allows a remote application running on the server to access printers and disk drives attached to the local client machine. The applications and system resources appear to the user at the client machine as if they are running locally. Ensure that client device mapping is supported on your server before using these features.

Client Drive Mapping

Client drive mapping can make any specified directory on the client machine, including CD-ROMs, available to the user during ICA sessions. When a server is configured to allow client drive mapping, users can access their locally stored files, work with them during their ICA sessions, and then save them again either on a local drive or on a drive on the server.

The user’s home directory is automatically mapped to drive H at the start of a session. Users can configure drive mapping using the Client Drive Mapping tab on the Settings dialog box.

When drive mapping is configured, the client attempts to use it for all connections. If the server does not support drive mapping, or if the Java environment is configured not to allow access to local drives, drive mapping is not available.

Note: When drive mapping is enabled and the client accesses a mapped drive for the first time, a dialog box appears on the client device. The dialog box informs the user that the client is attempting to access a mapped drive and the user must click Yes to allow the client to access the drive.

Drive mapping can be configured only by the user through the ICA Settings dialog box. Configuration settings are stored in the appsrv.ini file. You cannot configure client drive mapping on an HTML page or through the Web Interface because this is a violation of the client’s security.

To make client drive mapping available to users when using the core archives, you must include the JICA-cdm archive. If you do not, the Drive Mapping tab does not appear in the ICA Settings dialog box.

To deploy client drive mapping settings to multiple users, you can configure client drive mapping on one device and copy the appsrv.ini file to the correct location on the users' devices.

Limitations of Mapped Drives

Once configured, mapped drives are transparent and appear the same as other network drives on the server. However, due to the way Java accesses file systems, the following functions are not available on mapped drives:

Locking files that are in use by an application. To prevent file corruption, warn users not to access the same file with two or more applications at the same time.

Setting file attributes.

Setting date and time on files created or edited on mapped drives.

Reporting drive capacity and usage. Users must use the operating system of their local computer to determine the capacity of mapped drives.


4.1.5.12.1. Mapping Client Printers

Updated: 2009-08-28

Printers are auto-detected by default. To make client printer mapping available to users, specify the JICA-printer archive in the <applet > tag or use the full archive. If you do not, the Printer Mapping functionality is not available and the relevant tab does not appear in the ICA Settings dialog box.

Note: Printers are not auto-detected on Mac OS X platforms. You can configure printers manually using the ICA Settings dialog box (described in the online help). This is the easiest way to do it. Alternatively, you can configure printers using:

The HTML page

The Printer Management node on the Advanced Configuration tool

Detecting Printers Automatically

The client automatically detects all printers available to the client device, including USB printers, and makes them available to the session.

Note: Mac OS X provides a J2SE 1.4.x environment but does not provide the Java Print Service API, so printers are not auto-detected.

For PostScript-capable printers, a generic Postscript driver is configured on the server, and the resulting PostScript output is sent directly to the printer.

Hotkey 11

(ALT+*)



For non-PostScript printers, the Universal Print Driver (UPD) is configured which encapsulates print jobs in Printer Control Language 4 (PCL4) format. A client-based interpreter renders the print job using the client device’s local print driver and printing services.

To modify printer settings, users select the Printer Mapping tab on the ICA Settings dialog box. If a print job requires color or advanced printing options such as duplex printing, users should configure an appropriate native driver. If they configure both a native driver and a UPD driver, the server uses the native driver if it is available; otherwise, it uses the UPD driver.

Users cannot delete auto-detected printers unless the Java environment detects that they are no longer available.


4.1.5.12.2. To configure printers manually

Updated: 2009-08-28

When you configure printers manually users find those printers mapped to their sessions and ready for use when they log on. When they log off, their printer mappings are deleted from the server. The printers are automatically mapped again the next time they log on.

Note: You cannot configure USB printers manually.

1. Specify the printer name, the port name, and the driver, using the following parameters in the HTML page:

<param name="user.localclientprinters" value="printername"> <param name="user.printername.port" value="portname"> <param name="user.printername.driver" value="drivername">

where:

printername

The name by which you want to identify the printer.

portname

Specifies a file name, port name, or printer IP address (or network name and print queue).

drivername

Specifies the printer driver. This name is case-sensitive and must exactly match the driver name on the server.

Note: When mapping printers attached to a Macintosh computer, you can specify only a file name, not a port name or printer IP address.

When printing to a file, the output file is composed of printer machine code. This file can be sent to a printer using a platform-specific utility. For example, use a command prompt on Windows platforms to send the file to a printer by copying the file to a printer port.

When printing to a port, specify the port. A typical port on Windows systems is LPT1. On Linux or UNIX systems, the port is similar to /dev/lp0. Check your operating system documentation for more information.

When printing to a network printer, specify the printer’s IP address or network name and print queue (ipaddress:printqueuename or networkname:printqueuename).

To check the driver list on a server

1. Click My Computer > Printers > Add Printer.

2. In the Add Printer wizard, be sure My Computer is selected. Click Next.

3. Select a port, such as LPT1. Click Next.

The list under Printers contains the printer driver names.

To assign a default printer for a session

1. Specify the following parameter:

<param name="user.printername.comment" value="WFCDefault">

where printername is the name of the printer. If the server is set to connect only to the user’s default printer, this sets the manually configured printer to be the default printer.

Note: The server must have the correct printer driver installed, as specified either in the ICA Settings dialog box or on the HTML page using the Driver parameter. If the correct driver is not installed, the printer is not configured. In this case, you must install the correct printer driver on the server.

You can change the list of drivers that appears in the ICA Settings dialog box by editing the ICAPrinterDrivers.txt file. This plain-text file is included in the client package and is located in the same directory as the client archives.

When editing the ICAPrinterDrivers.txt file, add or remove driver names by deleting or adding names to the file, one driver name per line. You can add the driver names in any order.


4.1.5.12.3. Examples of Configuring Printers Manually

Updated: 2009-08-27

The following examples demonstrate configuring a printer by specifying parameters on the HTML page.

Example: Manually Configuring Individual Printers

This HTML page is suitable for use only with a Windows client system. In this example, the printer’s name is LocalPrinter1. It is connected to the client’s LPT1 port and has a driver named HP LaserJet.

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480"> <param name="Address" value="CitrixServer"> <param name="user.localclientprinters" value="LocalPrinter1"> <param name="user.LocalPrinter1.port" value="lpt1:"> <param name="user.LocalPrinter1.driver" value="HP LaserJet"> </applet> </body> </html>

In this example, the printer’s name is NetPrinter1 and has a driver named HP LaserJet. The printer is a network printer that exists on a network print server with an IP address of 192.168.1.24 and a print queue named FLOOR2_LJ.

<html> <body> <applet code="com.citrix.JICA"



archive="JICAEngN.jar" width="640" height="480"> <param name="Address" value="CitrixServer"> <param name="user.localclientprinters" value="NetPrinter1"> <param name="user.NetPrinter1.port" value="192.168.1.24:FLOOR2_LJ"> <param name="user.NetPrinter1.driver" value="HP LaserJet"> </applet> </body> </html>

Example: Manually Configuring Multiple Printers

This example shows how you would configure two individual printers. Note how the two printer names, LocalPrinter1 and NetPrinter1, are both specified in the user.localclientprinters parameter.

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480"> <param name="Address" value="CitrixServer"> <param name="user.localclientprinters" value="LocalPrinter1,NetPrinter1"> <param name="user.LocalPrinter1.port" value="lpt1:"> <param name="user.LocalPrinter1.driver" value="HP LaserJet"> <param name="user.NetPrinter1.port" value="192.168.1.24:FLOOR2_LJ"> <param name="user.NetPrinter1.driver" value="HP LaserJet 400 Series PS"> </applet> </body> </html>


4.1.5.12.4. To enable client audio mapping

Updated: 2009-08-27

Client audio mapping enables applications running on the server to play sounds through a sound device installed on the client computer. To make client audio mapping available to users, you must enable it using a parameter on the HTML page.

Important: Starting the client while an audio application is running on your desktop can disable audio mapping. Do not run audio applications while starting the client.

To make client audio mapping available to users, specify the JICA-audio archive in the <applet > tag or use the full archive. If you do not, the Audio Mapping functionality is not available.

1. Add the following parameter to the HTML page:

<param name="ClientAudio" value="on">

You control the amount of bandwidth used by client audio mapping by configuring the ICA settings on the server.

Note: If the server is set to use Low quality audio, client audio mapping for the client is disabled.


4.1.5.13. Connecting Through a Proxy Server

Updated: 2009-08-28

Proxy servers are used to limit access into and out of your network, and to handle connections between clients and servers. The Client for Java supports both SOCKS and Secure proxy protocols.

Configure the client to work with a proxy server by specifying parameters on the HTML page, through the ICA Settings dialog box, or through the Web Interface.

Some proxy servers require authentication when a connection is requested. Specify a proxy logon name and password on the HTML page when configuring the client. If authentication is required and you do not specify the details on the HTML page, users are prompted to enter the proxy logon name and password when they open an ICA connection.

Note: The client supports Basic proxy authentication and NTLM proxy authentication when connecting to a Secure proxy, and user name/password authentication when connecting to a SOCKS proxy. Proxy authentication therefore does not work with proxy servers configured to use other authentication schemes such as Kerberos and Digest.

Microsoft ISA Server

If your deployment includes a Microsoft ISA Server note that, by default, Microsoft ISA Server forbids client connections to XenApp on ports 1494 and 2598. Modify the Microsoft ISA Server settings as detailed in the Citrix Knowledge Base article: Configuring Microsoft ISA Server to Allow Outbound ICA Connections (CTX104998).

NTLM Proxy Authentication

NTLM proxy authentication is supported when the client is configured to access XenApp through a proxy server. The client must be running on Windows, connecting through a proxy server that supports NTLM (such as Microsoft Internet Security & Acceleration Server).


4.1.5.13.1. To enable proxy auto detection

Updated: 2009-08-27

Proxy auto detection obtains proxy details from the local Web browser settings. It is useful if you are deploying the client in an organization with many proxy servers or if you cannot determine which proxy server will be used when you configure the client. Proxy auto detection can be used with:

Internet Explorer 4.0 or later for Windows using the Sun plug-in

Netscape 6.x or later for Windows, UNIX, and Linux

Safari 1.x with Apple JVM 1.4.x/1.5x on Mac OS X

Other Web browsers that use the Sun plug-in; for example, Mozilla

1. Specify the following parameter in the HTML file:

<param name="ProxyType" value="auto">




4.1.5.13.2. To obtain the proxy server settings from a PAC file

Updated: 2009-08-27

A PAC file is a JavaScript file that is served from a local Web server and used to automatically configure the proxy settings of Web browsers. You cannot specify this method of proxy configuration through the ICA Settings dialog box.

1. Specify the following parameters in the HTML file:

<param name="ProxyType" value="script"> <param name="ProxyAutoConfigURL" value="http://webserver.example.com/myproxies.pac">

where http://webserver.example.com/myproxies.pac is the URL for the PAC file.


4.1.5.13.3. To specify the proxy server details manually

Updated: 2009-08-27

If you are manually specifying the proxy server, you need to know its address. You also need to know its port number if it is not set to 1080 for a SOCKS proxy server or 8080 for a Secure proxy server.

Note: If you are configuring the proxy manually, confirm the proxy server details with your security administrator. ICA connections cannot be made if these details are incorrect.

1. Specify the following details using parameters in the HTML file: The address of the proxy server.

The port number of the proxy server (if not 1080 for SOCKS or 8080 for Secure proxy).

The protocol of the proxy server: SOCKS proxy or Secure proxy.

In the case of a SOCKS proxy, the protocol version number. Alternatively, you can omit the version number; the client will then try SOCKS Version 5 and fall back to SOCKS Version 4 if necessary.

If the proxy requires authentication and you are supplying it through the HTML page, the proxy logon name and password.

For example, to connect to a server named Norbert using a SOCKS proxy server, Version 5, at the IP address 10.45.1.3 and port 1080, use an HTML page like the following:

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480"> <param name="Address" value="Norbert"> <param name="ProxyType" value="socksv5"> <param name="ProxyHost" value="10.45.1.3:1080"> <param name="ProxyUsername" value="dentres"> <param name="ProxyPassword" value="sangle"> </applet> </body> </html>


4.1.5.14. Integrating the Client with the Secure Gateway or SSL Relay

Updated: 2009-08-28

You can integrate the client with the Secure Gateway or with an SSL relay service. The client supports both SSL and TLS protocols:

SSL provides strong encryption to increase the privacy of your ICA connections and certificate-based server authentication to ensure that the server you are connecting to is a genuine server.

TLS is the latest, standardized version of the SSL protocol. The Internet Engineering Taskforce (IETF) renamed it TLS when they took over responsibility for the development of SSL as an open standard. TLS secures data communications by providing server authentication, encryption of the data stream, and message integrity checks. Because there are only minor technical differences between SSL Version 3.0 and TLS Version 1.0, the certificates you use for SSL in your XenApp installation also work with TLS. Some organizations, including US government organizations, require the use of TLS to secure data communications.

For more information about Secure Gateway, see the Secure Gateway Administrator’s Guide.


Parameter Description

ProxyType=none | auto | socks | socksv4 | socksv5 | secure | script none

No proxy

auto

Use the Web browser’s settings

socks

Use SOCKS and automatically detect the version

socksv4

Use SOCKS Version 4

socksv5

Use SOCKS Version 5

secure

Use Secure proxy

script

Use a PAC file (specified by ProxyAutoConfigURL)

ProxyHost=address:port Address and port (if required) of the proxy server

ProxyUsername Proxy username

ProxyPassword Proxy password

ProxyExcludeList=address1; address2; etc... A semicolon-separated list of addresses of servers that the client must connect to directly—not through the proxy server.

ProxyAutoConfigURL The URL for the PAC file. Use with the parameter ProxyType.



4.1.5.14.1. To enable SSL and TLS

Updated: 2009-08-27

SSL and TLS are configured in the same way, use the same certificates, and are enabled with the same parameter. You configure SSL and TLS using parameters on the HTML page or with the Web Interface.

When SSL and TLS are enabled, each time you initiate a connection the client tries to use TLS first, then tries SSL. If it cannot connect with SSL, the connection fails and an error message appears. You can force clients to connect only with TLS. The comprehensive set of root certificates stored in the Java plug-in keystore is automatically used. Where the client device is running Microsoft Windows, Microsoft Internet Explorer, and Java 1.5.x, the client also uses root certificates stored in the Windows keystore.

1. If you have not already done so, include the sslN.jar archive in the archive parameter in the applet tag on the HTML page. This archive is not included in the complete JICAEng archive and you must include it before SSL or TLS encryption can be used.

2. Configure the Web server so that the HTML page specifying the applet can be delivered to the Web browser only through an SSL/TLS (https://) connection.

Caution: Security is seriously compromised if this step is omitted.

3. Enable SSL by adding the following parameter to the HTML page:

<param name="SSLEnable" value="on">


4.1.5.14.2. Configuring the Client for Use with Your Security Solution

Updated: 2009-08-27

You must perform further configuration if: You require clients to use TLS only.

You are using a Secure Gateway server that is configured to run in relay mode. If you are not sure what this means, see the Secure Gateway Administrator’s Guide or contact your security administrator for more information.

You are not using the default Cipher Suite. You may need to use the COM or GOV cipher suites to comply with your organization’s security regulations. If you are not sure, contact your security administrator.

Your organization has its own certification authority. You may need to import alternative root certificates to comply with your organization’s security regulations. If you are not sure, contact your security administrator. Before importing a root certificate, it is important to verify the authenticity of the certificate.Your organization should have a procedure in place for users to check the root certificate as they import it.

Your organization uses root certificates stored in the Microsoft Windows keystore. Where the client device is running Microsoft Windows, Microsoft Internet Explorer, and Java 1.5.x., the client is able to use root certificates stored in the Windows keystore (in addition to the root certificates in the Java keystore). Java must be configured accordingly.

To force TLS connections

To force clients to connect only with TLS, you must specify TLS on the Secure Gateway server or SSL relay service. See the Secure Gateway Administrator’s Guide or SSL relay service documentation for more information.


<param name="SecureChannelProtocol" value="TLS"

To specify a Secure Gateway server that is configured to run in Relay mode


<param name="SSLProxyHost" value="address:port">

where address is the fully qualified domain name of the Secure Gateway server and the same domain name specified in the server certificate. If the server port is not 443, specify the port.

To use a different Cipher Suite


<param name="SSLCiphers" value="All|COM|GOV"

where:

All

SSL_RSA_WITH_RC4_128_MD5

SSL_RSA_WITH_RC4_128_SHA

SSL_RSA_WITH_3DES_EDE_CBC_SHA

COM

SSL_RSA_WITH_RC4_128_MD5

SSL_RSA_WITH_RC4_128_SHA

GOV

SSL_RSA_WITH_3DES_EDE_CBC_SHA


4.1.5.14.3. Importing Root Certificates

Updated: 2009-08-27

In addition to the default root certificates provided by the JRE and/or the Windows keystore, you can import your own root certificates.

By default, the maximum key length is limited to 2048 bits. If you require support for key lengths up to 4096 bits, download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy File on each client device. The file can be downloaded from the relevant site.

To import root certificates with Java Keytool

You can import your own root certificates using the Java keytool utility. The root certificates you import are stored in the JRE keystore. Use the Java keytool utility to import certificates for each client device. It is not possible to import certificates using the Java Control Panel.

1. Use the following sample command line to import a root certificate:

keytool -import -trustcacerts -alias myrootcert -file c:\bin\rootcert.cer -keystore c:\Program Files\Java\j2re1.4.2_01\lib\security\cacerts

where ‘c:\Program Files\Java\j2re1.4.2_01\’ is the JRE directory.

The keystore parameter is mandatory. The default password for the Java keystore is “changeit."



2. Use the following command to change the password:

keytool -storepasswd -keystore c:\Program Files\Java\j2rel.4.2_01\lib\security\cacerts

where ‘c:\Program Files\Java\j2rel.4.2_01\’ is the JRE directory.

To use root certificates in the Windows Keystore

To allow the client to use root certificates in the Windows keystore, you must configure Java.

To use root certificates stored in the Windows keystore, the client device must be running Microsoft Windows, Microsoft Internet Explorer, and Java 1.5.x. Client for Java uses these root certificates in addition to root certificates in the Java keystore.

1. From the Java Control Panel, select the Advanced tab. Within the Security settings, ensure Use certificates and keys in browser keystore is selected.

2. To add your own root certificates to the Windows keystore, double-click the required certificate file and follow the certificate installation instructions.

Note: Root certificates in the Windows keystore are available for use by all applications, not just the client. If this is not acceptable, disable the Use certificates and keys in browser keystore security option. This ensures the client uses root certificates in the Java keystore only.


4.1.5.14.4. Certificate Revocation List Checking

Updated: 2009-08-28

When connecting to a XenApp server using SSL or TLS, with certificate revocation list checking enabled, the client checks whether or not the server’s certificate is revoked.

You can enable several levels of certificate revocation list checking using the “SSLCertificateRevocationCheckPolicy” parameter values:

NoCheck - No certificate revocation checking is performed.

CheckWithNoNetworkAccess - The local CRL store is checked (default option).

FullAccessCheck - The local CRL store and any CRLs available over a network are checked.

FullAccessCheckAndCRLRequired - The local CRL store and any CRLs available over a network are checked and verified. The connection fails if a CRL cannot be found.

The location of the local CRL store is shown below.

Microsoft Windows: %USERPROFILE%\Citrix\crl

UNIX: $HOME/.Citrix/crl


4.1.5.14.5. Certificate Chains

The Sun JVM provides two certificate validation engines: SunX509 and SunPKIX. You select the required validation engine in the java.security file (for example, C:\Program Files\Java\j2re1.4.2_01\lib\security\java.security) using the “ssl.TrustManagerFactory.algorithm” parameter:

ssl.TrustManagerFactory.algorithm=[SunX509|PKIX]

where ‘C:\Program Files\Java\j2rel.4.2_01\’ is the JRE directory

The validation engine selection determines the certificate chain length:

SunX509 allows certificate chains of up to three certificates

PKIX allows certificate chains of up to five certificates

PKIX is often the choice of validation engine within government deployments. However, the choice of certificate validation engine is dependent on your organization’s security policy.


4.1.5.14.6. Connecting to a Server Across a Firewall

Updated: 2009-08-28

Network firewalls can allow or block packets based on the destination address and port. If you are using the client through a network firewall that employs IP address translation, specify the following parameters:

UseAlternateAddress: Use an alternate address across a firewall (specified by the parameter HTTPBrowserAddress). The values are 0 (default; actual address is used) and 1 (alternate address is used). If this parameter is set to 1, the parameter HTTPBrowserAddress must also be specified. Setting this parameter to 0 is the same as not using the parameter.

You can also enable alternate addressing using the ICA Settings dialog box.

HTTPBrowserAddress: The external Internet address of a server.

Note: All servers in the farm must be configured with their alternate (external) address.

For example, to connect to a server across a firewall in applet mode and use an alternate address for the server Fountain, create an HTML page like the following:

<html> <body> <applet code="com.citrix.JICA" archive="JICAEngN.jar" width="640" height="480"> <param name="Address" value="Fountain"> <param name="HTTPBrowserAddress" value="177.17.1.7"> <param name="user.wfclient.UseAlternateAddress" value="1"> </applet> </body> </html>


4.1.5.15. To specify ICA encryption

Updated: 2009-08-28

The default level for ICA encryption is Basic. To enable encryption levels higher than Basic, the following conditions must be present: The server is configured to allow the selected encryption level or higher. To enable encryption levels higher than Basic, the server must support RC5 encryption.

If you are using the core archive, include the cryptoj and JICA-sica archives in the archive attributes on the HTML page. If you are using a complete JICAEng archive, include the cryptoj archive.



1. Use the following parameter on an HTML page:

<param name="EncryptionLevel" value="0|1|2|5">

The number you type corresponds to the encryption level required as follows:

To create a connection to a server called CitrixServer using 128-bit ICA encryption, create an HTML page like the following example:

<html> <body> <applet code="com.citrix.JICA" archive="JICA-coreN.jar,cryptojN.jar,JICA-sicaN.jar" width="640" height="480"> <param name="Address" value="CitrixServer"> <param name="EncryptionLevel" value="5"> </applet> </body> </html>


4.1.5.16. Configuring Kerberos Authentication

Updated: 2009-08-28

XenApp extends the use of Kerberos. Users can log on to the client device with any authentication method, for example, using a smart card, and access published resources without further authentication. The user’s password is not transmitted to XenApp—instead, authentication tokens are exchanged. This authentication exchange is performed within an ICA virtual channel and does not require any additional protocols or ports.

Kerberos logon is not available in the following circumstances:

Connections for which you select any of the following options in Terminal Services Configuration: On the General tab, the Use standard Windows authentication option

On the Logon Settings tab, the Always use the following logon information option or the Always prompt for password option

Connections you route through the Secure Gateway for XenApp

The XenApp server requires smart card logon

The authenticated user account requires a smart card for interactive logon

The default security settings have changed on recent releases of the Microsoft Windows operating system, including Windows Server 2003, Windows 2000 Server with Service Pack 4, and Windows XP with Service Pack 2. To ensure Kerberos functions on these platforms, set the following registry setting on each client device:

AllowTGTSessionKey = 0x01 (DWORD)

The location of the registry setting differs depending on the operating system. On Windows XP with Service Pack 2, the setting is stored in: HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos


4.1.5.16.1. To configure the client for Kerberos logon

Updated: 2009-08-28

Client for Java, by default, is not configured to use Kerberos authentication when logging on to the server. When the client is configured, the user logs on using Kerberos authentication only. If Kerberos logon fails for any reason, the user is prompted for credentials. Kerberos can fail due to a missing operating system requirement, such as the requirement that the server be trusted for delegation.

1. Use the following parameter to enable Kerberos logon:

<param name="UseLocalUserAndPassword" value="on">


4.1.5.16.2. Configuring UNIX Kerberos Authentication

Updated: 2009-08-28

It is possible to configure Kerberos-enabled UNIX and Microsoft Windows domains to allow users working on UNIX client devices to access XenApp using their UNIX Kerberos credentials.

The client must be configured for Kerberos as detailed above. There are no other special requirements for the client; however, there are some prerequisites: Your UNIX and Microsoft Windows domains must be configured to allow Kerberos authentication across the domains. The requirements and process differs depending on your UNIX Kerberos installation. See your UNIX Kerberos documentation and your Windows Kerberos documentation for information.

Within your UNIX Kerberos installation, you may need to specify the relevant Windows domains (the domains in which the XenApp servers are located).

Additional information on this topic is available at http://www.microsoft.com.


4.1.5.17. Locating Client Configuration and Device Files

Updated: 2009-08-28

The client configuration is stored in three places: The HTML page, stored on a Web server

The ICA file, served from a server running the Web Interface or from a standard Web server

The appsrv.ini file, stored on the user’s local device

Most parameters specified on the HTML page take precedence over those specified in the ICA file. Similarly, parameters specified in the ICA file take precedence over those in the appsrv.ini file. Note that some parameters can be specified only in the .ini file.

The location of the appsrv.ini configuration file depends on the client operating system. The locations for some common operating system are:

Windows:

Level Description

0 No encryption (needs server setup; default is Basic).

1 Basic encryption. This is the default.

2 RC5 128-bit encryption during authentication. After the logon process is successfully completed, the encryption level changes to Basic.

5 RC5 128-bit. This is intended for users who are dealing with sensitive data and need a high level of privacy and integrity.



%USERPROFILE%\Citrix

UNIX and Linux:

$HOME/.citrix

Mac OS X:

<User's home directory>/.citrix

Files Stored on the Client Device


4.1.6. Improving Performance of the Client for Java

Session Sharing

If you are not using seamless windows, consider moving to this mode of working to gain the performance benefits of session sharing. These include a reduction in system overhead for both client and server and quicker application launching.

Data Compression

Data compression reduces the amount of data that needs to be transferred over the network. However, additional processor resources are required to compress and decompress the data. If your connection is bandwidth-limited, enabling data compression improves performance.

You can specify two levels of data compression, standard and maximum. Maximum data compression uses more processor power and memory and may reduce performance on slow devices. Data compression is enabled by default.

To enable maximum data compression, specify the following parameters on the HTML page:

<param name="Compress" value="on"> <param name="MaximumCompression" value="on">

To disable data compression specify the following parameter on the HTML page:

<param name="Compress" value="off">

Bitmap Caching

Bitmap caching stores commonly used images on a local disk. If the connection is bandwidth-limited, using bitmap caching increases performance. If the client is on a high-speed LAN, you do not need bitmap caching.

You can configure bitmap caching using parameters on the HTML page or the user can do it through the ICA Settings dialog box.

To enable bitmap caching for a connection specify the following parameter on the HTML page:

<param name="PersistentCacheEnabled" value="on">

The bitmap cache directory is stored in the directory specified by the standard Java system property user.home. The location of the user.home directory depends on the Java environment or Web browser you are using. If necessary, use the ICA Settings dialog box to change the bitmap cache directory.

Queuing Mouse Movements

When queuing is enabled, the client sends mouse movement updates less frequently to the server. This prevents the connection from becoming overburdened with excessive mouse events, which would degrade performance. Disabling queuing makes the ICA session more responsive to mouse movements. By default, mouse queuing is disabled.

To change the update period for mouse movement queuing, specify the following parameter on the HTML page:

<param name="MouseTimer" value="period">

where period is the update period you are using, in milliseconds. To disable mouse movement queuing, set the period to zero.

Using SpeedScreen Latency Reduction

SpeedScreen latency reduction improves performance over high latency connections by providing instant feedback to the user in response to typed data or mouse clicks.

SpeedScreen latency reduction is available only when it is enabled on the server to which the client connects.

SpeedScreen latency reduction is not available on the Japanese client.

Using SpeedScreen Browser Acceleration

SpeedScreen browser acceleration provides major performance improvements for users connecting to Internet Explorer published on a server. Users can interact with the browser while graphically rich pages or large images are being downloaded. Scrolling performance in Internet Explorer is also greatly improved on graphically rich pages. This feature is available only when using Internet Explorer 5.5 or later on the server.


File Description

appsrv.ini Stores settings from the Settings user interface, except client name.

wfcname.ini Stores the client name. The file is stored in the same directory as appsrv.ini.

*.jfn If local text echo is enabled, glyphs are cached in files with the .jfn suffix. These files are stored in the same directory as appsrv.ini.

Graphical objects (Citrix proprietary format) If bitmap caching is enabled, cached graphics are stored in the ‘Cache’ subdirectory (which appears in the directory in which the appsrv.ini file is stored).

*.crl If certificate revocation checking (CRL) is enabled, CRL files are stored in ‘crl’ or ‘crl/cache’.

Users can place CRLs in the ‘crl’ directory. The client caches CRLs in the ‘crl/cache’ directory.

CRLs are not deleted from the ‘crl’ directory (whereas CRLs may be deleted from the ‘crl/cache’ directory when they expire).

The CRL directories appear in the directory in which the file appsrv.ini is stored.

CTX.DAT The file contains data that is used to identify the client device for Terminal Services licensing purposes. The client attempts to create the file in the following locations, in the following order:

UNIX platforms only: ‘/usr/local’

Windows platforms only: ‘C:\’ through ‘Z:\’

All platforms: directory specified by the Java system property <java.home>

All platforms: directory specified by the Java system property <user.home>

If the client is unable to create the file, the network IP address is used to identify the client device. This may lead to the client consuming multiple client access licenses (CALs) in a DHCP environment.



4.1.6.1. Improving Performance over a Low-Bandwidth Connection

If you are using ICA over a low-bandwidth connection, such as a modem or cellular telephone, you can make a number of changes to your client configuration and the way you use the client that will improve performance:

Reduce the client download size. If you do not require the entire functionality of the client, specify only the archives necessary to provide the functions you require. Reducing the size of the applet can greatly reduce the download time.

Change the client configuration. On devices with limited processing power, or where limited bandwidth is available, there is a trade-off between performance and functionality. The client provides both the user and administrator with the ability to choose an acceptable mixture of rich functionality and interactive performance. Making one or more of the following changes can reduce the bandwidth that the connection requires and improve performance:

Enable maximum data compression. Compression reduces the size of the data that is transferred over the ICA connection.

Enable the bitmap cache. Bitmap caching stores commonly used images locally on the client so that they do not have to be transferred over the ICA connection every time they are needed.

Queue mouse movements. When queuing is enabled, the client sends mouse updates to the server less frequently. Increasing the queuing period may improve performance on a low-bandwidth connection.

Enable SpeedScreen latency reduction. SpeedScreen latency reduction improves performance over high latency connections by providing instant feedback to the user in response to typed data or mouse clicks.

Reduce the window size. Change the window size to the minimum size users can comfortably use.

Reduce the number of colors. Reduce the number of colors to 256.

Disable client audio mapping. If users do not need sound, disable client audio mapping or remove the JICA-audio archive.

Disable clipboard mapping. If users do not need to copy and paste text, do not include the JICA-clipboard archive.

Disable client drive mapping. If users do not need to map drives, do not include the JICA-cdm archive.

Disable printing. If users do not need to map printers, do not include the JICA-printer archive.

Disable server browsing. If providing connections to desktops only (not published applications), do not include the JICA-browse archive.

Change the way you use the client. ICA technology is highly optimized and typically does not have high CPU and bandwidth requirements. However, users on a low-bandwidth connection should consider the following to preserve performance:

Avoid accessing large files using client drive mapping. When you access a large file with client drive mapping, the file is transferred over the ICA connection. On slow connections, this may take a long time.

Avoid printing large documents on local client printers. When you print a document on a local client printer, the print file is transferred over the ICA connection. On slow connections, this may take a long time.

Avoid playing multimedia content. Playing multimedia content uses a lot of bandwidth and can cause reduced performance.

Use the latest client and server software. Citrix is continually enhancing and improving ICA performance with each release, and many performance features require the latest client and server software in order to function.


4.1.7. Limitations of the Client for Java

Client Drive Mapping

A remote application generates an error message because it cannot lock a file.

Due to Java limitations, Java programs cannot lock files. This means that files cannot be locked on mapped local drives.

To avoid generating error messages, disable the Safelock option on the HTML page:

<param name="Safelock" value="off">

When Safelock is disabled, if a remote application attempts to lock a file on a mapped drive, the client will report success. However, this does not mean that the file is locked; you must take precautions to ensure that another application does not write to or delete the same file, because this could result in data corruption.

Mouse Pointer Support

In shadowed sessions, the mouse pointer does not move when shadowing users move their mouse pointer.

NTLM Authentication

If using J2SE 1.4.2_04 or earlier, and the codebase of the applet points to a Web site that is protected by NTLM authentication, the client takes many minutes to start. This issue has been reported to Sun. The workaround is to upgrade to a later version J2SE (1.4.2_05 or later).

Seamless Windows

On some platforms, the outline drag-box that is displayed when you move or resize seamless windows can cause unattractive repaint effects. If you experience this, you can either specify a solid drag-box type or eliminate the drag-box entirely by setting the parameter TWIDragBoxType to solid or none respectively.

Server Names with non-ASCII Characters

For client operating systems to contact servers, the host name and domain name must be compliant with the Domain Naming System (DNS). That is, the names must contain only upper- and lower-case ASCII a to z, digits 0 to 9, and dash (-). This may not be necessary when client operating systems and the DNS server support multinational characters.

Published application names can comprise any characters because these are always resolved by the ICA browser. Note that any ICA browser addresses have the same DNS restrictions as the server names described above.

On some systems, you may not be able to connect to a server if its name does not conform to this requirement (that is, a server with a Japanese name or a name containing other non-ASCII characters).

To avoid this, do one of the following:

Conform to the DNS requirement and use only ASCII characters in server names.

Specify ICA browser addresses as IP addresses and do not enable DNS resolution for the server. If you do both of these things, the servers can have names that do not comply with the DNS requirement; however, SSL does not work in this scenario because DNS names are required for certificate validation. In addition, the Web Interface does not work because DNS is used to resolve the hostname part of the Web Interface URL.

Universal Print Driver and PCL4

Horizontal lines in text and images sometimes appear jagged in landscape mode

Print output near the page edge is sometimes clipped when you are using small page margins

To avoid these problems, use the appropriate native printer driver instead of the UPD. Configure the driver using the Settings dialog box and ensure that it is available on the server.


4.1.7.1. Linux and Solaris

Loss of Keyboard Focus

On Linux and Solaris platforms, the applet in embedded or non-seamless mode can lose keyboard focus after opening a client dialog box. The keyboard focus is successfully passed to the dialog box when the dialog box is opened, but it is lost when the dialog box is closed.

For Solaris, the workaround is to give keyboard focus to another application’s window, then give it back to the browser window containing the embedded client applet. For Linux, click in the applet to restore keyboard focus.



Clipboard Support on X11

Clipboard support on the Client for Java works only with applications that use the X11 CLIPBOARD selection. Specifically, Motif and Gnome applications are fine, but KDE applications do not work. Xterm can be configured with X11 resources to use the CLIPBOARD selection. For example:

XTerm*VT100.Translations: #override \n\ ~Ctrl ~Meta <Btn2Up>:\ insert-selection(PRIMARY,CLIPBOARD,CUT_BUFFER0)\n\ <BtnUp>: select-end(PRIMARY,CLIPBOARD,CUT_BUFFER0)\n

GNU Emacs can also be configured to use CLIPBOARD with the following Emacs lisp:

(setq x-select-enable-clipboard t)

The xclipboard utility (present on most X11 systems) may be of use in transferring data between the PRIMARY and CLIPBOARD selections.


4.1.7.2. Mac OS X

Updated: 2009-08-28

To right-click when connected to a XenApp computer with a Macintosh, hold down the command key and click the mouse button.

Characters generated using the Option keys on Macintosh may not be supported by the current Windows font in your ICA session. If the character produced is not the expected character, choose a Windows font in the ICA session that supports the character. After producing the desired character, you can return to the usual font.

The client cannot load when the Java archive files are hosted on a Web server that requires cookies or authentication before serving the files. Ensure that the Web server does not require authentication to serve these files.

This issue also affects the HTML help and .ica files.

In particular, asp or jsp applications that manage session state using cookies are affected.

Arbitrary mouse pointers are not supported on Mac OS X.


4.1.7.3. Windows Internet Explorer

Displaying Dead Key Characters

To display dead key characters, press a dead key, then press the space bar twice.

Enabling Java Environments when Logged on as Administrator

For Windows Server 2003, the default security settings when you log on with administrator privileges are:

Internet = High

Local Intranet = Medium-Low

Trusted Sites = Medium

If you log on as an administrator and use the client over the Internet, enable Java environments for the High security level through Internet Explorer’s Internet Options.

Follow the instructions given in Microsoft Knowledge Base article 182569.

Accept the Internet site that provides the Java applet as a trusted site. The default security level for a trusted site is Medium, therefore the Java environment is enabled, and you can use the client.


4.1.7.4. Using the Client for Java on Japanese Operation Systems

Updated: 2009-08-28

Typing Japanese Characters in Shadowing Sessions

If you shadow another session, use the server IME. By default, the server side IME is used, but if you have been using the client IME, change your keyboard layout setting.

From the ICA Settings dialog box, choose the General tab, followed by either (Server Default) or Japanese (server IME only) from the Keyboard Layout options.

Alternatively, you can choose Japanese (client and server IME) and use the server IME during shadowing.

Typing the Long Vowel Sound Symbol (—) in Kana Input Mode

When using the server IME to type Japanese characters in Kana input mode, press the Shift key with the long vowel symbol key (—) to enter the long vowel symbol. This is not necessary when using the client IME.

Typing Japanese Characters in Applications Using the Client IME

If you use the client IME, displayed characters may be corrupted when you are using certain applications. If this happens, use the server IME instead.

Web Interface on Windows Unicode Settings

If you are using the Web Interface for XenApp, installed on a Microsoft Windows server, to deploy the Client for Java, Citrix recommends that you configure the Web Interface to deploy Version 8 or later clients. This ensures all ICA files are encoded in Unicode.

Configure this setting using the Delivery Services Console. When specifying the launch client settings, set the client version support option to version 8 or later clients.

If this option is not selected, ICA files are encoded using Microsoft Windows Codepage 932. Although this is acceptable in many circumstances, users will not be able to launch published applications if the application name includes certain characters, such as a long tilde.

Hotkey Support for Japanese Keyboards

On certain hardware platforms, some Java environments may have problems with the special Japanese modifier keys, such as Hankaku, Zenkaku, and Hiragana, which are used to control the IME on the server.

If you experience this problem, first ensure that you have the latest version of a J2SE environment for your platform. If the problem persists, you can interact with the IME by clicking the IME buttons using your mouse.

Alternatively, define hotkeys to simulate the effect of the IME keys. For example, you can define F1 as the Katakana key. This technique for mapping hotkeys is similar to that used for defining special key combinations for the client, such as using CTRL+F1 to send the key combination CTRL+ALT+DEL.

Define Japanese hotkeys in the same way as English hotkeys: either in the <applet> tag or by using the ICA Settings dialog box, as described in Specifying Hotkey Functions.

The full set of possible Japanese hotkeys is:

HotkeyMuHenkanChar HotkeyMuHenkanShift HotkeyPrevKouhoChar



HotkeyPrevKouhoShift HotkeyKatakanaChar HotkeyKatakanaShift HotkeyHankakuChar HotkeyHankakuShift HotkeyKanjiBangoChar HotkeyKanjiBangoShift HotkeyNextKouhoChar HotkeyNextKouhoShift HotkeyAllKouhoChar HotkeyAllKouhoShift HotkeyHiraganaChar HotkeyHiraganaShift HotkeyRomajiChar HotkeyRomajiShift HotkeyEisuChar HotkeyEisuShift


4.1.7.4.1. Using Client-side IME Input Mode on Mac OS X

Using ATOK

When using the client on Japanese Mac OS X with the ATOK IME, use ATOK17. The client is not supported with ATOK16. Alternatively, use the default Kotoeri IME.

Displaying the First Character Typed

When using the client-side IME on Mac OS X, if the first character you type is a full width Roman (a-z) character, it is not displayed.

To display the first character:

Use the server-side IME to input full width Roman characters.

Or, type one or more kana characters before typing a full width Roman character.

Changing the Input Mode

Key combinations using the Apple (Alt) key can switch focus to the application menu bar, which results in the first character you type not being recognized.

When using the client-side IME on Mac OS X, use the kana and eisu keys to switch the IME input mode.

Typing Characters After Reconnecting Using the Client IME

If you reconnect to a session from a different browser or with a different window size setting from the original session, you may see a dialog box warning you that the video mode for the existing session cannot change. You cannot input characters using the client IME until you close the dialog box by clicking OK.

Sometimes this dialog box is displayed behind the application window. If you cannot type characters using the client IME after reconnecting, even if you do not see a dialog box, try minimizing the application window in the browser window to see whether the warning dialog box appears. Close the dialog box by clicking OK, then restore the application window.


4.1.8. Parameters for the Client for Java

The following tables provide a complete list of the parameters that you can specify to provide additional features and customization. The Address parameter is the only required parameter.

You specify most of the parameters on the HTML page; however, you specify the client drive mapping parameters listed in this section in the client-side appsrv.ini file.


Address The address of the server or the name of the published application. If a published application is entered as an address value, the InitialProgram parameter must also be specified.

CGP Address The address of the session reliability server: “hostname:port”. Type an asterisk (*) to use the Address parameter value as the session reliability server.

Clientname The client name. Use in the form client.wfclient.Clientname. Use with the parameter client.wfclient.UseHostname=off.

CREnabled Specifies whether or not content redirection is enabled. Values are yes or no. The default value is yes.

Domain The name of the domain for the user name.

HTTPBrowserAddress

HTTPBrowserAddress2 to 15

The address of a browser server. This parameter is used when TCP/IP+HTTP or SSL/TLS+HTTPS browsing has been specified. This parameter is also used to designate groups of primary and backup servers.

Note that when the XML Service on the server is not configured to use the default port 80, you must append :<port number> to this parameter, substituting <port number> with the port number your server’s XML Service is configured to use.

For HTTPBrowserAddress the default is ica. There is no default for HTTPBrowserAddress 2 to 15.

Icafile An ICA file for the client to use. The value entered must be a valid URL. There is no default.

ICAPortNumber The default ICA port number is 1494. You can specify a different port number using this parameter or by appending the port number to the address value; for example, CitrixServer:1495.

InitialProgram The name of the initial program to run after connecting to the server. If you are connecting to a published application, add a # symbol before the program name.

Language Causes the client’s user interface components to appear in a language other than the language of the client device.

Param Passes a parameter such as a file name to a published application.

Password The password of the user. The Password parameter cannot be used to specify an encrypted password. To specify an encrypted password, use an ICA file or .ini file that contains an encrypted password.

SpeedScreenBA Specifies whether or not SpeedScreen browser acceleration is enabled. Values are yes or no. The default value is yes.

SupportTSEquivalencyOnWinXP Specifies whether or not Microsoft Terminal Services Client Access License equivalency is used on Microsoft Windows XP client devices. Values are on or off. The default value is off.

TWIDisableSessionSharing Specifies whether or not session sharing is disabled. Used in conjunction with the Connection Center. The default value is no.

TWIMode Enables seamless windows. If you are using seamless windows, set this parameter to on; otherwise, set it to off.

UseHostname Specifies using the hostname as the client name. Use in the form client.wfclient.UseHostname.

Username The user name to use during logon.

WorkDirectory The path of the working directory where the initial program is run after the user connects to the server.




4.1.8.1. Security Integration Parameters


4.1.8.2. User Interface Parameters


EncryptionLevel The level of ICA encryption to use for an ICA connection. Values are as follows:

0 = No encryption, 1 = basic encryption, 2 = RC5 128-bit encryption during authentication only, 5 = RC5 128-bit

The default value is 1.

PermitCGP Specifies whether or not session reliability is allowed on the client (client-side parameter). Values are yes or no. The default value is yes.

PermitVirtualChannelSDK Specifies whether or not the SDK virtual channel is allowed on the client (client-side parameter). Values are yes or no. The default value is no.

ProxyAutoConfigURL The location of a Proxy Auto Configuration (PAC) file for automatic proxy configuration. There is no default value.

(This parameter is meaningful only if you specify ProxyType.)

ProxyDebug Specifies whether or not to enable proxy debugging in the Java console for troubleshooting purposes. Values are on or off. The default value is off.


ProxyExcludeList A semicolon- or comma-separated list of addresses of servers that the client must connect to directly—not through the proxy server. There is no default value.


ProxyHostThe location and port of the proxy server. There is no default value.


ProxyTypeThe type of proxy server. Values are:

none = no proxy

auto = use the Web browser’s settings

socks = use SOCKS and automatically detect the version socksv4 = use SOCKS Version 4

socksv5 = use SOCKS Version 5

secure = use Secure proxy

script = use a PAC file (specified by ProxyAutoConfigURL)

There is no default value.

ProxyUsername

ProxyPassword

Proxy server logon credentials. There is no default value.

(These parameters is meaningful only if you specify ProxyType.)

SecureChannelProtocol Specifies the SSL/TLS protocol version. Values are SSL, TLS, or detect. If you specify detect, the client connects using the protocol requested by the server. The default value is detect.

SSLCertificateRevocationCheckPolicySpecifies whether or not to use Certificate Revocation Checking. Values are NoCheck, CheckWithNoNetworkAccess, FullAccessCheck, and FullAccessCheckAndCRLRequired.

The default value is CheckWithNoNetworkAccess.

SSLCiphers An alternative cipher suite. Values are Gov, Com, or All. The default value is All.

SSLEnable Enables SSL and TLS encryption protocols. Used with the BrowserProtocol parameter. Values are on or off. The default value is off.

SSLProxyHost A Secure Gateway (relay mode) address. There is no default value.

UseAlternateAddressSpecifies whether or not to use an alternate server address across a firewall. Used in the form user.wfclient.UseAlternateAddress.

Values are 0 (actual address is used) or 1 (alternate address is used). The default value is 0.

UseLocalUserAndPassword Specifies whether or not to configure the client for Kerberos support. Values are yes or no. The default value is no.


Border Turns the border around the ICA session in the browser window on or off. Values for this parameter are on or off. The default value is off.

BorderWidth The border width in pixels. The default value is 6.

DesiredColor The color depth of the ICA session windows. The values are 2 (256 colors), 4 (thousands of colors), and 8 (millions of colors). The default value is 256 colors. 16 color mode is not supported but the client can connect to applications published in 16 color mode, in which case 256 colors are used.

DesiredHRes The height of the ICA session window, if you want the session size to be different from the applet size. If this parameter is not specified, the Height parameter is used and the session height is therefore the same as the applet height. There is no default.

DesiredVRes The width of the ICA session window, if you want the session size to be different from the applet size. If this parameter is not specified, the Width parameter is used and the session width is therefore the same as the applet width. There is no default.

End Controls the client’s behavior when you terminate a session. The values are manual (default), auto, terminate, and URL.

Height The height of the ICA session window. This parameter is specified as an attribute in the <applet> tag.

HotkeynShift

HotkeynChar

Sets hotkeys that can be used to control various client functions. Use in the form user.wfclient.HotkeynShift or user.wfclient.HotkeynChar where n is the number of the hotkey. n can be 2, 3, 4, 5, 6, 7, 8, 9, 10, or 11. For information about how to set hotkeys, see Specifying Hotkey Functions.

KeyboardLayout and KeyboardType The type of keyboard. Use in the form user.wfclient.KeyboardType and user.wfclient.KeyboardLayout.

ShowSettingsButton Specifies whether or not to show the Settings button. You must include the complete JICAEng archive or the JICA-config archive to display the Settings button. Values for this parameter are yes or no. The default value is yes.

ShowStatusBar Specifies whether or not to show the status bar. You must include the complete JICAEng archive or the JICA-config archive to display the status bar. Values for this parameter are yes or no. The default value is yes.

Start Controls the client’s behavior when you start a session. The values are manual and auto. The default value is manual.

Width The width of the ICA session window. This parameter is specified as an attribute in the <applet> tag.




4.1.8.3. Client Audio Mapping Parameters


4.1.8.4. Client Printer Mapping Parameters


4.1.8.5. Client Drive Mapping Parameters

Although the user specifies most client drive mapping parameters using the ICA Settings dialog box, there are three parameters that you can specify only in the client-side appsrv.ini file:


4.1.8.6. Performance Tuning Parameters


4.1.9. ICAPrinterDrivers.txt File

The contents of the default ICAPrinterDrivers.txt file are as follows:

HP LaserJet HP DeskJet HP OfficeJet HP LaserJet Series II HP LaserJet III HP LaserJet 4 HP LaserJet 5 HP LaserJet 4000 Series PCL HP LaserJet 4000 Series PS HP LaserJet 4050 Series PCL HP LaserJet 4050 Series PS HP LaserJet 5000 Series PCL HP LaserJet 5000 Series PS HP LaserJet 8000 Series PCL HP LaserJet 8000 Series PS HP LaserJet 8100 Series PCL HP LaserJet 8100 Series PS Canon Bubble-Jet BJC-70 Canon Bubble-Jet BJ-200ex Canon Bubble-Jet BJC-600 Canon LBP-4Canon LBP-8II Canon LBP-8III Epson Stylus Pro ESC/P 2 Epson Stylus COLOR ESC/P 2 Epson Stylus Photo ESC/P 2 Epson EPL-3000 Epson EPL-4000 Epson EPL-5000 Epson EPL-6000 Epson EPL-7000 Epson EPL-8000 Epson EPL-9000 Lexmark Optra

eDocs Home


ClientAudio Enables client audio. The values are on and off. The default is off.


Comment Sets a default printer. Must be specified as user.printername.Comment, where printername is the name allocated with the parameter LocalClientPrinters.

Driver The printer driver. Use in the form user.printername.Driver, where printername is the name allocated with the parameter LocalClientPrinters.

LocalClientPrinters Used for passing information about client printers to the server. Must be specified as <param name=”user.localclientprinters” value=”printername”>. To specify more than one printer, separate the printer names with commas.

Port The printer port. Use in the form user.printername.Port, where printername is the name allocated with the parameter LocalClientPrinters.


DriveRemovable<x> Specifies whether or not drive x is removable, that is, whether it is a floppy drive or a CD-ROM drive. Values for this parameter are yes or no. The default is no.

DriveMappingHomeDrive Specifies the drive letter to use for the home drive. The value must be a single letter. The default is H.

DriveMappingAutoDetectHome Specifies whether or not to auto-detect the user’s home drive. Values for this parameter are yes or no. The default is yes.


Compress Sets data compression. The values are on to enable data compression and off to disable it. The default value is on.

MaximumCompression Sets high level data compression. The values are on to enable greater data compression and off to select normal data compression. Requires the Compress parameter to be enabled. The default value is off.

MouseTimer The time (in milliseconds) between the mouse movement updates that are sent to the server. Set to 0 to disable queuing. The default value is 0.

PersistentCacheEnabled Enables or disables bitmap caching. Must be specified as “user.wfclient.PersistentCacheEnabled”. Values are on or off. The default value is off.

PersistentCacheMinBitmap The size of the smallest bitmap to cache, in KB. The default value is 8.

PersistentCacheSize The size of the bitmap cache in MB. The default value is 10.

ZLKeyboardMode SpeedScreen latency reduction mode. The values are 0 (off), 1 (on), or 2 (auto). The default value is 0.

ZLMouseMode SpeedScreen latency reduction mode. The values are 0 (off), 1 (on), or 2 (auto). The default value is 2.



© 2009 Citrix Systems, Inc. All rights reserved. Terms of Use | Trademarks | Privacy Statement

4.1.10. Supported Keyboard Layouts

The supported keyboard layouts are:

"(Server Default)"

"Albanian" "Belarusian"

"Belgian Dutch"

"Belgian French"

"Brazilian (ABNT)"

"British"

"Bulgarian (Latin)"

"Bulgarian"

"Canadian English (Multilingual)"

"Canadian French (Multilingual)"

"Canadian French"

"Croatian"

"Czech (QWERTY)"

"Czech"

"Danish"

"Dutch"

"Estonian"

"Finnish"

"French"

"German (IBM)"

"German"

"Greek (220) Latin"

"Greek (220)"

"Greek (319) Latin"

"Greek (319)"

"Greek Latin"

"Greek"

"Hungarian 101-Key"

"Hungarian"

"Icelandic"

"Irish"

"Italian (142)"

"Italian"

"Japanese (client and server IME)"

"Japanese (client IME only)"

"Japanese (server IME only)"

"Korean" "Latin American"

"Latvian (QWERTY)"

"Latvian"

"Lithuanian"

"Norwegian"

"Polish (214)"

"Polish (Programmers)"

"Portuguese"

"Romanian"

"Russian (Typewriter)"

"Russian"

"Serbian (Cyrillic)"

"Serbian (Latin)"

"Slovak (QWERTY)"

"Slovak"

"Slovenian"

"Spanish Variation"

"Spanish"

"Swedish"

"Swiss French"

"Swiss German"

"Taiwan"

"Turkish (F)"

"Turkish (Q)"

"Ukrainian"

"United Kingdom"

"US"



"US-Dvorak for Right hand"

"US-Dvorak for left hand"

"US-Dvorak"

"US-International"


5. Appareils mobiles

Mise à jour : 2010-02-08

Citrix Receiver pour appareils mobiles

Citrix Receiver permet aux utilisateurs d'appareils mobiles d'accéder facilement, rapidement et de façon sécurisée à leurs applications d'entreprise. Les utilisateurs peuvent accéder à n'importe quelle application XenApp (en mode connecté) à partir de leur appareil. Ils peuvent afficher, vérifier, modifier et interagir avec des applications Windows complètes, des documents et des données comme s'ils se trouvaient sur leur propre poste de travail.

Citrix Receiver pour Android Technical Preview de Citrix Receiver pour Android

Citrix Receiver pour iPhone Citrix Receiver pour iPhone 1.0

Citrix Receiver pour iPhone 1.0

Citrix Doc Finder

Doc Finder est un assistant de recherche, qui associé à Citrix Receiver, permet aux utilisateurs d'accéder à des documents stockés sur un emplacement réseau sécurisé. Étant donné que les documents ne résident pas sur les appareils mobiles des utilisateurs, leur accès est totalement sécurisé.

Doc Finder est une application Windows que vous installez et configurez sur des serveurs XenApp et que vous mettez à la disposition des utilisateurs en tant qu'application publiée, à l'instar de toute autre application Windows.

Lorsque vos utilisateurs cliquent sur des fichiers dans Doc Finder, les applications correspondantes s'ouvrent automatiquement. Citrix Doc Finder

Citrix Doc Finder 1.0


5.1. Citrix Receiver pour Android

Mise à jour : 2010-02-09

Technical Preview de Citrix Receiver pour Android


5.1.1. Citrix Receiver for Android Technical Preview

Updated: 2010-02-07

Requirements for Citrix Receiver

Providing Access Information to End Users

Troubleshooting Citrix Receiver


5.1.1.1. Requirements for Citrix Receiver

Updated: 2009-11-20

To use Citrix Receiver, end users need an Android device with Android 1.5, 1.6, or 2.0 operating system.

To provide published resources to Citrix Receiver users, you need:

A server farm running one of the following: Citrix Presentation Server 4.0, with a Program Neighborhood Agent site configured

Citrix Presentation Server 4.5, with a Program Neighborhood Services site configured

Citrix XenApp 5.x, with a XenApp Services site configured

For information about requirements for deploying Citrix Presentation Server or Citrix XenApp and publishing resources, see Citrix eDocs for your XenApp version.

Updating Citrix Receiver

If a previous version of Citrix Receiver is installed on the user device, the user obtains software updates through the Android Market.

SSL Certificates

Currently, it is not possible to import a certificate into an Android device. You can use any certificate on your server, but if the root certificate authority is not trusted, users receive a prompt each time they connect.


5.1.1.2. Providing Access Information to End Users

Updated: 2009-11-20

When users launch Citrix Receiver for the first time, they are required to enter information about the XenApp farm hosting the resources they want to access. To ensure users can connect successfully to the XenApp farm, distribute the following information:

The location of the XenApp Services site or Program Neighborhood Services site hosting resources; for example:

https://servername/Citrix/PNAgent/config.xml

Domain name

You do not need to provide the full path to the config.xml file. If the server is using the default location for the pnagent config file, then only the server name needs to be provided.


5.1.1.3. Troubleshooting Citrix Receiver



Updated: 2009-11-20

Connectivity Failure

Citrix Receiver for Android does not support Access Gateway or Secure Gateway. Users need to be on the corporate network to connect to corporate published applications.

Users who have connectivity issues can create a temporary user account at the Citrix Cloud at http://android.citrixcloud.net.

The Citrix Cloud offers users the ability to experience the power of Citrix solutions without having to set up and configure their own environment. The Citrix Cloud demo environment uses a number of key Citrix solutions including Citrix XenServer, Citrix XenApp, Citrix NetScaler, and Citrix Access Gateway.


5.2. Citrix Receiver pour iPhone

Mise à jour : 2010-02-09




5.2.1. Receiver for iPhone 1.0

Updated: 2010-02-07

Requirements for Citrix Receiver for iPhone

Configuring Access Gateway and Secure Gateway for Citrix Receiver for iPhone

Providing Access Information to End Users

Troubleshooting Citrix Receiver for iPhone

Known Issues for Citrix Receiver for iPhone


5.2.1.1. Requirements for Citrix Receiver for iPhone

Updated: 2009-08-04

To use Citrix Receiver, end users need an iPhone or iPod touch mobile device with iPhone Software Update installed (version 3.0 or 2.2.1).

For more information about software updates for iPhone and iPod touch, visit the Apple Web site.

To provide published resources to Citrix Receiver users, you need:

A server farm running one of the following: Citrix Presentation Server 4.0, with a Program Neighborhood Agent site configured (supported only if the iPhone connection does not use a Secure Gateway or Access Gateway)

Citrix Presentation Server 4.5, with a Program Neighborhood Services site configured

Citrix XenApp 5.x, with a XenApp Services site configured

The root certificate for the farm to which users will connect (needed only if the Web server hosting the farm's Program Neighborhood Services site or XenApp Services site requires a secure connection).

For information about requirements for deploying Citrix Presentation Server or Citrix XenApp and publishing resources, refer to the XenApp Administration section for your XenApp version in Citrix eDocs. For information about deploying or configuring Program Neighborhood Services or XenApp Services sites, refer to the Web Interface section of eDocs.

XenApp Service

For connections using a Secure Gateway or Access Gateway, support for Citrix Receiver for iPhone requires XenApp Service 5.x, formerly known as PNAgent, which allows you to configure the XenApp Services site, as well as a Secure Gateway or Access Gateway configuration for the following products:

XenApp 4.5 (formerly Presentation Server 4.5)

XenApp 4.5 with Feature Pack 1

XenApp 5.0

XenApp 5.0 with Feature Pack

Web Interface

To deploy or configure XenApp Services sites on the Web Interface, use Web Interface 5.x.

Updating Citrix Receiver

If a previous version of Citrix Receiver 1.x is installed on your iPhone or iPod touch, the software updates automatically from the App Store.

SSL Certificates

To connect to a XenApp farm, users’ iPhone or iPod touch devices require a Configuration Profile be installed that includes the certificate for the Web server hosting the farm’s Program Neighborhood Services site or XenApp Services site. You can obtain this certificate from your browser’s certificate store.

For more information about creating Configuration Profiles and distributing them to users, visit the Apple Web site.

Connectivity

Citrix Receiver supports HTTP, HTTPS, and ICA-over-SSL connections to a XenApp server farm through the following products or components: Citrix Access Gateway Enterprise Edition 8.1, 9.0, and 9.1

Citrix Access Gateway Standard Edition 4.5.8, 4.6 and 4.6.1 (beta build14.1)

Citrix Access Gateway Advanced Edition 4.5.8 and HF4 (AAC450W004)

Citrix Secure Gateway 3.0 when used in proxy mode

Authentication through Access Gateway

Citrix Receiver supports authentication through Access Gateway using the following methods: Domain authentication

RSA SecurID

Domain authentication paired with RSA SecurID

For more information about using these authentication methods with Access Gateway, see the configuration topics in this section of Citrix eDocs, as well as the section for Access Gateway.




5.2.1.2. Configuring Access Gateway and Secure Gateway for Citrix Receiver for iPhone

Citrix Receiver for iPhone v1.x supports secure connections to an enterprise installation of Citrix Access Gateway and Citrix Secure Gateway.

The process to enable connections from the Citrix Receiver for iPhone is very similar to configuring an Access Gateway or Secure Gateway to accept Citrix XenApp connections, but with small differences.

Traditionally, when configuring an Access Gateway or Secure Gateway for XenApp connections, a Web Interface site provides information about the published applications that a user has rights to and presents them with a Web page with icons to click.

The Citrix Receiver for iPhone uses a XenApp services site (previously known as a PNAgent site) to gather information and allow it to appear on the Citrix Receiver for iPhone’s App list.

Both traditional Citrix XenApp connections (using Web Interface) and the Citrix Receiver for iPhone (using XenApp Services) can co-exist on the one Citrix Access Gateway installation or Citrix Secure Gateway installation.

For more information about configuring connections, including videos, blogs, and a support forum, refer to http://community.citrix.com/iphone.


5.2.1.2.1. To configure the Secure Gateway for Citrix Receiver for iPhone

Updated: 2009-08-10

Before beginning this configuration, install and configure the Secure Gateway to work with Web Interface. You can adapt these instructions to fit your specific environment.

Citrix Receiver for iPhone supports only version 3.0 for the Secure Gateway. If you are using a Secure Gateway connection, do not configure Citrix Access Gateway settings on the Receiver.

Support for Citrix Receiver for iPhone requires XenApp Service 5.x, formerly known as PNAgent, which allows you to configure the XenApp Services site and the Secure Gateway configuration.

1. In the XenApp console, create a XenApp Services site (such as http://XenAppServerName/Citrix/PNAgent or http://XenAppServerName/CustomPath) for iPhone users.

The Citrix Receiver for iPhone uses a XenApp Services site (formally PNAgent site) to get information about the applications a user has rights to and present them to the Citrix Receiver running on the iPhone.

This is similar to the way you use the Web Interface for traditional SSL-based XenApp connections for which a Secure Gateway can be configured. XenApp 5.x XenApp Services sites have this configuration ability built in.

Note: If you have already configured a Web Interface site for ICA connections on a Secure Gateway, create the XenApp Services site on the same server hosting the Web Interface site.

To create a XenApp Services site for Citrix Receiver for iPhone to use:

a. Configure the XenApp Services site to support connections from a Secure Gateway connection. The configuration of this site is similar to the Web Interface site.

b. In the XenApp Services site, select Manage secure client access > Edit secure client access settings.

c. Change the Access Method to Gateway Direct.

d. Enter the FQDN of the Secure Gateway.

e. Enter the Secure Ticket Authority (STA) information.

Note: For the Secure Gateway, Citrix recommends using the Citrix default path for this site (http://XenAppServerName/Citrix/PNAgent). The default path enables your users to specify the FQDN of the Secure Gateway they are connecting to instead of the full path to the config.xml file that resides on the XenApp Services site (such as http://XenAppServerName/CustomPath/config.xml).

2. On the Secure Gateway, use the Secure Gateway Configuration wizard to configure the Secure Gateway to work with the server in the secure network hosting the XenApp Service site. After selecting the Indirect option, enter the FQDN path of your Secure Gateway Server and continue the wizard steps.

3. Test a connection from a user device to guarantee that the Secure Gateway is configured correctly for networking and certificate allocation.

4. On the iPhone or iPod touch device, for the Citrix Receiver application:

a. open Account Settings, and in the Address field, enter the matching FQDN of your Secure Gateway server: If you created the XenApp Services site using the default path (/Citrix/PNAgent), enter the Secure Gateway FQDN: https://FQDNofSecureGateway.company.com

If you customized the path of the XenApp Services site, enter the full path of the config.xml file, such as: https://FQDNofSecureGateway.company.com/CustomPath/config.xml

b. In the Citrix Access Gateway settings, turn off Access Gateway.

Note: If you configured your Access Gateway with No Authentication Required to replace your Secure Gateway, turn on Citrix Access Gateway settings on the Receiver, enter the gateway type and No Authentication as Gateway Authentication on the Receiver for iPhone.


5.2.1.2.2. To configure Access Gateway Standard Edition for Citrix Receiver for iPhone

Updated: 2009-08-11

Support for Citrix Receiver for iPhone requires XenApp Service 5.x, formerly known as PNAgent, which allows you to configure the XenApp Services site and the Access Gateway configuration.


The Citrix Receiver for iPhone uses a XenApp Services site (formally PNAgent site) to get information about the applications a user has rights to and present them to the Citrix Receiver running on the iPhone.

This is similar to the way you use the Web Interface for traditional SSL-based XenApp connections for which an Access Gateway can be configured. XenApp 5.0 XenApp Services sites have this configuration ability built in.

Note: If you have already configured a Web Interface site for ICA connections on an Access Gateway, create the XenApp Services site on the same server hosting the Web Interface site.


a. Configure the XenApp Services site to support connections from an Access Gateway connection. The configuration of this site is similar to the Web Interface site.



d. Enter the FQDN of the Access Gateway appliance.


Note: For Access Gateway Standard Edition, Citrix recommends using the Citrix default path for this site (http://XenAppServerName/Citrix/PNAgent). The default path enables your users to specify the FQDN of the Access Gateway they are connecting to instead of the full path to the config.xml file that resides on the XenApp Services site (such as http://XenAppServerName/CustomPath/config.xml).

2. Configure Authentication realms to authenticate users connecting to the Access Gateway using the Access Gateway Plug-in.

Active Directory authentication and RSA SecurID are the two supported authentication methods for v1.0.x of the Citrix Receiver for iPhone:

If double source authentication is required (such as RSA SecurID and Active Directory), RSA SecurID authentication must be the primary authentication type. Active Directory authentication must be the secondary authentication type.



RSA SecurID can use either RADIUS or an sdconf.rec file to enable token authentication.

Active Directory authentication can use either LDAP or RADIUS.

Test a connection from a user device to guarantee that the Access Gateway is configured correctly in terms of networking and certificate allocation.

3. To establish communication with XenApp servers and the Web Interface, you need to configure the Access Gateway to recognize the servers. You can configure the settings using group properties on the Access Gateway. Configure the Access Gateway to allow incoming XenApp connections from the Citrix Receiver and specify the location of your newly created XenApp Services site.

a. In the Administration Tool, click the Access Policy Manager tab.

b. Right-click a user group and then click Properties.

c. On the Gateway Portal tab, click Redirect to Web Interface.

d. If the Path field for XenApp Services for Web Interface contains an existing configuration for a Web Interface site for ICA connections on the Access Gateway, do not modify your existing configuration, but make sure that your XenApp Services site is located on the same server that is hosting the Web Interface site. If the Path field is empty, meaning there is no existing configuration for ICA connections, type /Citrix/PNAgent.

e. In Web server, type the IP address or FQDN of the server running the Web Interface.

f. On the Global Cluster Policies tab, select Enable logon page authentication.

Note: The check box Single sign-on to the Web Interface is specifically for Web Interface and does not affect connections using Citrix Receiver for iPhone. If you configured the Access Gateway to use a Web Interface site for other users, continue to maintain and use it for the Web Interface.

To enable Citrix XenApp connections on an Access Gateway that has previously been configured to accept connections using the Access Gateway Plug-in, select Use the multiple logon option page. For more information, refer to Configuring a Portal Page with Multiple Logon Options in the Citrix Access Gateway Standard Edition Administrator’s Guide. Product documentation is available in the Citrix Knowledge Center at: http://support.citrix.com/pages/docs/.

In the Access Gateway Administration Tool, on the Authentication tab, click the Secure Ticket Authority tab and add the STA details. Make sure the STA information is the same as the XenApp Services site.

An important note about the use of certificates:

If the server certificate used on the Access Gateway is part of a certificate chain (with an intermediate certificate), make sure that the intermediate certificates are also installed correctly on the Access Gateway. For information about installing certificates, see Citrix Access Gateway Standard Edition Administrator's Guide.


a. In Account Settings, in the Address field, enter the matching FQDN of your Access Gateway server:

If you created the XenApp Services site using the default path (/Citrix/PNAgent), enter the Access Gateway FQDN such as: FQDNofAccessGateway.

If you customized the path for the XenApp Services site, enter the full path to the config.xml file, such as: FQDNofAccessGateway/CustomPath/config.xml.

b. In the Citrix Access Gateway settings, turn on Access Gateway, set the Gateway Type to the Standard edition, and select the authentication method.


5.2.1.2.3. To configure Access Gateway Advanced Edition for Citrix Receiver for iPhone

Updated: 2009-08-11

Citrix Receiver supports the Access Gateway Advanced Edition 4.5 with Hotfix 4 (AAC450W004).



The Citrix Receiver for iPhone uses a XenApp Services site (formally PNAgent site) to get information about the applications a user has rights to and presents them to the Citrix Receiver running on the iPhone.

This is similar to the way you use the Web Interface for traditional SSL-based XenApp connections for which an Access Gateway can be configured.


a. Configure the XenApp Services site to support connections from an Access Gateway connection. For more information, see the Access Gateway Standard Edition Integration Guide for Citrix XenApp and Citrix XenDesktop.





Note: The configuration of this site is similar to the Web Interface site.

2. Configure the Access Gateway appliance to use the Access Gateway Advanced Edition.

3. In the Administration Tool, click the Access Gateway Cluster tab and open the window for the appliance.

4. On the Advanced Options tab, click Advanced Access Control.

5. Configure the settings for the server running Advanced Access Control.

6. On the server running Advanced Access Control, from your Logon Point, verify that the authentication method you prefer is set up and working. In the Logon Point Properties dialog box, click Authentication, and select a supported authentication method for iPhone:

For single-factor authentication, select Active Directory, LDAP, or RADIUS (which can be used for RSA SecurID or Active Directory authentication).

For double-source authentication, under Active Directory, select RSA SecurID, which can be used with either RADIUS or an sdconf.rec file to enable token authentication.




7. On the server running Advanced Access Control, create and deploy a second Logon point (you can verify the existence of the logon point by using this address in the Web browser through the Access Gateway, such as https://FQDNofAccessGateway/CitrixLogonPoint/IPhone).

Citrix recommends using iPhone as the name for this logon point because the iPhone Receiver uses this name as the default logon point; otherwise, enter the full URL, such as https://FQDNofAccessGateway/CitrixLogonPoint/<2ndLogonPointName>/) in the iPhone Receiver settings.

a. Create a Web resource (iPhonePNA) for the XenApp Service site of the iPhone, created in Step 6.

b. On the Web Resource Properties page for URL Addresses, set the home page and display order for the iPhone logon point. Ensure that the Authentication Type is No authentication. Also, ensure the XenApp Service sites are available in the URL Addresses list.

c. Select the new Logon Point and set the following properties:

On the Select Home Page tab, select the option to display the home page application and set the display order so that the Web resource (iPhonePNA) home page has the highest priority.



On the Authentication tab, select the method to authenticate users connecting to the Access Gateway using the Access Gateway Plug-in.

On the Session Settings tab, clear the check box for Time to prompt user before password expires.

On the Visibility tab, select Allow external users access to this logon point.

For more information about creating policies for the Access Gateway and XenApp, see the Access Gateway Advanced Edition Administrator's Guide for AAC450W004.

Product documentation is available in the Citrix Knowledge Center at: http://support.citrix.com/pages/docs/.

8. In the console under Policies, create a filter applying to this logon point. Right-click Filters, and select Create filter.

a. In Filter Properties, click the Logon Points tab.

b. In the Selected logon points list, add iPhone.

9. Create a policy for this Logon Point, such as iPhone-policy, and set the following Policy Properties:

a. On the Resources tab, select the check boxes for Web Resources > iPhonePNA and for Allow Logon.



b. On the Settings tab, ensure that the value for Web Resources > Access and Network Resources > Access are set to Allow. This setting allows users to access the Web resource and allows the Logon to this logon point.

c. On the Filter tab, select the iPhone filter to apply to the policy.


If the server certificate used on the Access Gateway is part of a certificate chain (with an intermediate certificate), make sure that the intermediate certificates are also installed correctly on the Access Gateway. For information about installing certificates, see Citrix Access Gateway Advanced Edition Administrator's Guide.


a. In Account Settings, in the Address field, enter the matching FQDN of your Access Gateway server:

If you used iPhone as the iPhone Logon Point name, enter the FQDN of Access Gateway, such as: FQDNofAccessGateway

If you used anything other than iPhone as the iPhone Logon Point name, enter the following path in the Address field: AGA-FQDN/CitrixLogonPoint/<secondLogonPointName>.

b. In the Citrix Access Gateway settings, turn on Access Gateway, set the Gateway Type to Advanced edition, and select the authentication method.


5.2.1.2.4. To configure Access Gateway Enterprise Edition for Citrix Receiver for iPhone

Updated: 2009-08-11



The Citrix Receiver for iPhone uses a XenApp Services site (formally PNAgent site) to get information about the applications a user has rights to and presents them to the Citrix Receiver running on the iPhone.

This is similar to the way you use the Web Interface for traditional SSL-based XenApp connections for which an Access Gateway can be configured.


a. Configure the XenApp Services site to support connections from an Access Gateway connection. For more information, see the Access Gateway Enterprise Edition Integration Guide for Citrix XenApp and Citrix XenDesktop.





Note: The configuration of this site is similar to the Web Interface site.

2. Configure authentication policies to authenticate users connecting to the Access Gateway using the Access Gateway Plug-in. Bind each authentication policy to a virtual



server.

Active Directory authentication and RSA SecurID are the two supported authentication methods for v1.x of the Citrix Receiver for iPhone:

If double source authentication is required (such as RSA SecurID and Active Directory), RSA SecurID authentication must be the primary authentication type. Active Directory authentication must be the secondary authentication type.

RSA SecurID uses a RADIUS server to enable token authentication.

Active Directory authentication can use either LDAP or RADIUS.


3. Create a session policy on the Access Gateway to allow incoming XenApp connections from the Citrix Receiver, and specify the location of your newly created XenApp Services site.

Create a new session policy to identify that the connection is from Citrix Receiver for iPhone. As you create the session policy, configure the following expressions and select Match All Expressions as the operator for the expressions:

REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver

REQ.HTTP.HEADER User-Agent CONTAINS CFNetwork

REQ.HTTP.HEADER User-Agent CONTAINS Darwin

In the associated profile configuration for the session policy, if this is not a global setting (you checked the Override Global check box), ensure the ICA Proxy field is ON.

In the Web Interface Address field, enter the URL including the config.xml for the XenApp Services site that the iPhone users use, such as http://XenAppServerName/Citrix/PNAgent/config.xml or http://XenAppServerName/CustomPath/config.xml.

Bind the session policy to a virtual server.

Create authentication policies for RADIUS and Active Directory.

Bind the authentication policies to the virtual server.

For more information about creating policies for the Access Gateway and XenApp, see the Citrix Access Gateway Enterprise Edition Administrator's Guide and the Citrix Access Gateway Enterprise Edition Integration Guide for Citrix XenApp and Citrix XenDesktop.

Product documentation is available in the Citrix Knowledge Center at: http://support.citrix.com/pages/docs/.


If the server certificate used on the Access Gateway is part of a certificate chain (with an intermediate certificate), make sure that the intermediate certificates are also installed correctly on the Access Gateway. For information about installing certificates, see Citrix Access Gateway Enterprise Edition Administrator's Guide.


a. In Account Settings, in the Address field, enter the matching FQDN of your Secure Gateway server, such as FQDNofAccessGateway.

b. In the Citrix Access Gateway settings, turn on Access Gateway, set the Gateway Type to Enterprise edition, and select the authentication method.


5.2.1.3. Providing Access Information to End Users

When users launch Citrix Receiver for the first time, they are required to enter information about the XenApp farm hosting the resources they want to access. To ensure users can connect successfully to the XenApp farm, distribute the following information:

The location of the XenApp Services site or Program Neighborhood Services site hosting resources; for example:

https://servername/Citrix/PNAgent/config.xml

Domain name

The product edition and authentication method, if using Access Gateway

For specific details about configuring the Citrix Access Gateway or Secure Gateway for Citrix Receiver for the iPhone, refer to the configurations topics in this section of eDocs. For other information, see http://community.citrix.com/iphone.

Users can turn on the Sign In Automatically option so this information is remembered the next time they start Citrix Receiver.

If the Sign In Automatically option is turned on, users cannot access the Account Settings screen. To access the Account Settings screen, users can turn off this option by tapping Settings > Citrix. Then, they restart the Citrix Receiver to view the Account Settings screen.


5.2.1.4. Troubleshooting Citrix Receiver for iPhone

Disconnected Sessions

Users can disconnect from a Citrix Receiver session in the following ways: Pressing the home button on their iPhone or iPod touch device

Tapping the Back to Apps button in Citrix Receiver

If this happens, the session remains in a disconnected state. Although the user can reconnect at a later time, you can ensure disconnected sessions are rendered inactive after a specific interval. To do this, configure a session timeout for the ICA-tcp connection in Terminal Services Configuration. For more information about configuring



Terminal Services, refer to the Microsoft Windows Server product documentation.

Connectivity Failure

Users who continue to have connectivity issues can create a temporary user account at the Citrix Cloud at http://community.citrix.com/display/xa/Citrix+Receiver+Demos+in+the+Citrix+Cloud.

The Citrix Cloud offers users the ability to experience the power of Citrix solutions without having to set up and configure their own environment. The Citrix Cloud demo environment uses a number of key Citrix solutions including Citrix XenServer, Citrix XenApp, Citrix NetScaler, and Citrix Access Gateway.


5.2.1.5. Known Issues for Citrix Receiver for iPhone

Updated: 2009-11-06

Applications published with 40-bit, 56-bit, and 128-bit encryption

When using Citrix Receiver to access an application published with 40-bit, 56-bit, and 128-bit encryption, the application does not open or operate as expected. This is due to the lack of RSA Crypto-C libraries for the iPhone operating system. Applications published with basic encryption open and operate normally when accessed with Citrix Receiver.

Using non-ASCII characters with published applications

When using Citrix Receiver to access a published application, the following limitations exist: If the application is published with a name containing non-ASCII characters, the application does not open

Entering non-ASCII characters, such as Korean characters, in published applications does not work as expected

To mitigate these limitations, ensure that: Your farm consists of one of the following configurations:

Citrix Presentation Server 4.5 with a Program Neighborhood Services site configured on a non-English operating system

Citrix XenApp 5.0 with a XenApp Services site configured on a non-English operating system

The Microsoft IME toolbar is not minimized in the published application

To enter non-ASCII characters in a published application using the iPhone’s QWERTY/Pinyin keyboard, instruct users to perform the following steps:

1. Using Citrix Receiver, connect to the published application.

2. Tap the Microsoft IME toolbar and select the language you want to use; for example, JP.

3. Select the language mode in which to enter non-ASCII characters; for example, Hiragana mode.

Setting the screen resolution for published applications

Do not publish applications with a screen resolution of 1024 x 1024 pixels or more due to restrictions on the Apple operating system. Citrix recommends publishing applications at 1024 x 768 pixels or less.


5.2.2. Receiver pour iPhone 2.1

Mise à jour : 2010-02-07

Conditions requises par Citrix Receiver pour iPhone

Configuration d'Access Gateway et de Secure Gateway pour Citrix Receiver pour iPhone

Communication des informations d'accès aux utilisateurs

Pour configurer Citrix Receiver pour iPhone à l'aide de Citrix Mobile Receiver Setup

Enregistrement de mots de passe

Dépannage de Citrix Receiver pour iPhone

Problèmes connus avec Citrix Receiver pour iPhone


5.2.2.1. Conditions requises par Citrix Receiver pour iPhone

Mise à jour : 2010-02-16

Pour utiliser Citrix Receiver, les utilisateurs doivent disposer d'un iPhone ou iPod Touch sur lequel la mise à jour logicielle iPhone a été installée (version 3.0 ou 2.2.1).

Pour de plus amples informations sur les mises à jour logicielles pour l'iPhone et l'iPod Touch, visitez le site Web d'Apple.

Pour fournir des ressources publiées aux utilisateurs Citrix Receiver, vous avez besoin :

D'une batterie de serveurs exécutant l'un des produits suivants : Citrix Presentation Server 4.0, avec un site Agent Program Neighborhood configuré (uniquement pris en charge si la connexion iPhone n'utilise ni Secure Gateway, ni Access Gateway)

Citrix Presentation Server 4.5, avec un site Program Neighborhood Services configuré

Citrix XenApp 5.x, avec un site XenApp Services configuré

Du certificat racine de la batterie à laquelle les utilisateurs se connectent (uniquement nécessaire si le serveur Web qui héberge le site Program Neighborhood Services de la batterie ou le site XenApp Services requiert une connexion sécurisée).

Pour obtenir des informations sur la configuration nécessaire pour le déploiement de Citrix Presentation Server ou Citrix XenApp et la publication de ressources, consultez la documentation relative à votre version de XenApp dans Citrix eDocs. Pour obtenir des informations sur le déploiement ou la configuration de sites Program Neighborhood Services ou XenApp Services, consultez la section Interface Web sur eDocs.

XenApp Service

Pour les connexions utilisant Secure Gateway ou Access Gateway, la prise en charge de Citrix Receiver pour iPhone requiert XenApp Service 5.x, anciennement appelé PNAgent, qui vous permet de configurer le site XenApp Services, ainsi qu'une configuration Secure Gateway ou Access Gateway pour les produits suivants :

XenApp 4.5 (anciennement Presentation Server 4.5)

XenApp 4.5 avec Feature Pack 1

XenApp 5.0

XenApp 5.0 avec Feature Pack

Interface Web

Pour déployer ou configurer des sites XenApp Services sur l'Interface Web, utilisez l'Interface Web 5.x.

Mise à jour de Citrix Receiver

Si une version antérieure de Citrix Receiver 2.x est installée sur votre iPhone ou iPod Touch, le logiciel se met à jour automatiquement à partir de l'App Store.

Certificats SSL



Pour se connecter à une batterie XenApp, les utilisateurs d'iPhone ou d'iPod doivent disposer d'un profil de configuration comprenant le certificat du serveur Web hébergeant les sites Program Neighborhood Services ou XenApp Services de la batterie. Vous pouvez obtenir ce certificat auprès du magasin de certificats de votre navigateur.

Pour de plus amples informations sur la création de profils de configuration et leur distribution aux utilisateurs, visitez le site Web d'Apple.

Connectivité

Citrix Receiver prend en charge les connexions HTTP, HTTPS et ICA-over-SSL à une batterie de serveurs XenApp par le biais des produits ou composants suivants : Citrix Access Gateway édition Enterprise 8.1, 9.0 et 9.1

Citrix Access Gateway édition Standard 4.5.8, 4.6 et 4.6.1 (build bêta 14.1)

Citrix Access Gateway édition Advanced Edition 4.5.8 et HF4 (AAC450W004)

Citrix Secure Gateway 3.0 utilisé en mode proxy

Authentification via Access Gateway

Citrix Receiver prend en charge l'authentification via Access Gateway à l'aide des méthodes suivantes : Authentification de domaine

Authentification SMS

RSA SecurID

Authentification de domaine associée à RSA SecurID

Pour de plus amples informations sur l'utilisation de ces méthodes d'authentification avec Access Gateway, consultez les rubriques de configuration dans cette section de Citrix eDocs, ainsi que la section consacrée à Access Gateway.


5.2.2.2. Configuration d'Access Gateway et de Secure Gateway pour Citrix Receiver pour iPhone

Citrix Receiver pour iPhone v2.x prend en charge les connexions sécurisées vers les installations d'entreprise de Citrix Access Gateway et de Citrix Secure Gateway.

Le processus d'activation des connexions émanant de Citrix Receiver pour iPhone est similaire à la configuration d'Access Gateway ou Secure Gateway afin d'accepter des connexions Citrix XenApp, à quelques exceptions près.

Généralement, lorsque vous configurez Access Gateway ou Secure Gateway pour des connexions XenApp, un site Interface Web fournit des informations sur les applications publiées auxquelles un utilisateur est autorisé à accéder et les présente sous forme d'une page Web contenant des icônes à cliquer.

Citrix Receiver pour iPhone utilise un site XenApp Services (anciennement site PNAgent) pour rassembler les informations et les afficher sur la liste des applications de Citrix Receiver pour iPhone.

Les connexions Citrix XenApp traditionnelles (Interface Web) et Citrix Receiver pour iPhone (XenApp Services) peuvent co-exister sur la même installation Citrix Access Gateway ou Citrix Secure Gateway.

Pour accéder aux informations sur la configuration des connexions, y compris des vidéos, des blogs et un forum d'assistance, connectez-vous à http://community.citrix.com/iphone.


5.2.2.2.1. Pour configurer Secure Gateway pour Citrix Receiver for iPhone

Mise à jour : 2009-08-10

Avant de commencer la configuration, installez et configurez Secure Gateway avec l'Interface Web sur le même serveur. Vous pouvez modifier ces instructions afin de les adapter à votre environnement spécifique.

Citrix Receiver pour iPhone prend uniquement en charge la version 3.0 de Secure Gateway. Si vous utilisez une connexion Secure Gateway, ne configurez pas les paramètres Citrix Access Gateway sur le Receiver.

La prise en charge de Citrix Receiver pour iPhone requiert XenApp Service 5.x, anciennement appelé PNAgent, qui vous permet de configurer le site XenApp Services et Secure Gateway.

1. Dans la console XenApp, créez un site XenApp Services (tel que http://NomServeurXenApp/Citrix/PNAgent ou http://NomServeurXenApp/Cheminpersonnalisé) pour les utilisateurs d'iPhone.

Citrix Receiver pour iPhone utilise un site XenApp Services (anciennement appelé PNAgent) pour obtenir des informations sur les applications auxquelles un utilisateur est autorisé à accéder et les présenter au logiciel Citrix Receiver exécuté sur un iPhone.

Ce processus est similaire à la manière dont vous utilisez l'Interface Web pour les connexions XenApp SSL traditionnelles pour lesquelles une passerelle Secure Gateway peut être configurée. Cette capacité de configuration est intégrée aux sites XenApp Services de XenApp 5.x.

Remarque : si vous avez déjà configuré un site Interface Web pour les connexions ICA sur Secure Gateway, créez le site XenApp Services sur le même serveur que celui qui héberge le site Interface Web.

Pour créer un site XenApp Services à utiliser avec Citrix Receiver pour iPhone :

a. Configurez le site XenApp Services pour prendre en charge des connexions provenant d'une connexion Secure Gateway. La configuration de ce site est similaire au site Interface Web.

b. Dans le site XenApp Services, sélectionnez Gérer l'accès client sécurisé > Modifier les paramètres d'accès au client sécurisé.

c. Dans Méthode d'accès, choisissez Passerelle directe.

d. Entrez le nom de domaine complet du boîtier Secure Gateway.

e. Entrez les informations de Secure Ticket Authority (STA).

Remarque : pour Secure Gateway, Citrix recommande d'utiliser le chemin d'accès par défaut Citrix pour ce site (http://NomServeurXenApp/Citrix/PNAgent). Le chemin d'accès par défaut permet à vos utilisateurs de spécifier le nom de domaine complet de la passerelle Secure Gateway à laquelle ils se connectent plutôt que le chemin d'accès complet au fichier config.xml qui réside sur le site XenApp Services (tel que http://NomServeurXenApp/Cheminpersonnalisé/config.xml).

2. Sur Secure Gateway, utilisez l'assistant de configuration de Secure Gateway pour configurer Secure Gateway de manière à fonctionner avec le serveur du réseau sécurisé qui héberge le site XenApp Service. Après avoir sélectionné l'option Indirect, entrez le chemin d'accès du nom de domaine complet de votre serveur Secure Gateway et complétez les étapes suivantes de l'assistant.

3. Testez une connexion à partir d'une machine utilisateur pour vous assurer que Secure Gateway est correctement configuré en termes de réseau et d'allocation de certificat.

4. Sur l'iPhone ou l'iPod Touch, pour l'application Citrix Receiver :

a. ouvrez Account Settings, et dans le champ d'adresse, entrez le nom de domaine complet de votre serveur Secure Gateway : Si vous avez créé le site XenApp Services à l'aide du chemin par défaut (/Citrix/PNAgent), entrez le FQDN de Secure Gateway : https://FQDNdeSecureGateway.company.com.

Si vous avez personnalisé le chemin d'accès au site XenApp Services, entrez le chemin d'accès complet au fichier config.xml, tel que : https://FQDNdeSecureGateway.company.com/CheminPersonnalisé/config.xml.

b. Dans les paramètres Citrix Access Gateway, désactivez Access Gateway.

Remarque : si vous avez configuré Access Gateway sur No Authentication Required pour remplacer Secure Gateway, activez les paramètres Citrix Access Gateway sur le Receiver, entrez le type de passerelle et sélectionnez l'option No Authentication en tant qu'authentification de la passerelle sur le Receiver pour iPhone.




5.2.2.2.2. Pour configurer Access Gateway édition Standard pour Citrix Receiver for iPhone

Mise à jour : 2009-08-11

La prise en charge de Citrix Receiver pour iPhone requiert XenApp Service 5.x, anciennement appelé PNAgent, qui vous permet de configurer le site XenApp Services et Access Gateway.

1. Dans la console XenApp, créez un site XenApp Services (tel que http://NomServeurXenApp/Citrix/PNAgent ou http://NomServeurXenApp/Cheminpersonnalisé) pour les utilisateurs d'iPhone.

Configurez les domaines d'authentification sur Access Gateway et testez leur fonctionnement sur Access Gateway Plug-in exécuté sur une machine cliente.

Ce processus est similaire à la manière dont vous utilisez l'Interface Web pour les connexions XenApp SSL traditionnelles pour lesquelles une passerelle Access Gateway peut être configurée. Cette capacité de configuration est intégrée aux sites XenApp Services de XenApp 5.0.

Remarque : si vous avez déjà configuré un site Interface Web pour les connexions ICA sur Access Gateway, créez le site XenApp Services sur le même serveur que celui qui héberge le site Interface Web.


a. Configurez le site XenApp Services pour prendre en charge des connexions provenant d'une connexion Access Gateway. La configuration de ce site est similaire au site Interface Web.



d. Entrez le nom de domaine complet du boîtier Access Gateway.


Remarque : pour Access Gateway édition Standard, Citrix recommande d'utiliser le chemin d'accès par défaut Citrix pour ce site (http://NomServeurXenApp/Citrix/PNAgent). Le chemin d'accès par défaut permet à vos utilisateurs de spécifier le nom de domaine complet de la passerelle Access Gateway à laquelle ils se connectent plutôt que le chemin d'accès complet au fichier config.xml qui réside sur le site XenApp Services (tel que http://NomServeurXenApp/Cheminpersonnalisé/config.xml).

2. Dans la console XenApp, créez un site XenApp Services (tel que http://NomServeur/Citrix/PNAgent ou http://iphone.citrix.com/CheminPersonnalisé/config.xml) pour les utilisateurs d'iPhone.

Les authentifications Active Directory et RSA SecurID constituent les deux méthodes d'authentification prises en charge pour la version 1.0.x de Citrix Receiver pour iPhone :

Si l'authentification double est requise (telle que RSA SecurID et Active Directory), l'authentification RSA SecurID doit être le type d'authentification principal. L'authentification Active Directory doit être le type d'authentification secondaire.

RSA SecurID peut utiliser RADIUS ou un fichier sdconf.rec pour activer l'authentification par jeton.

L'authentification Active Directory peut utiliser LDAP ou RADIUS.

Testez une connexion à partir d'une machine utilisateur pour vous assurer qu'Access Gateway est correctement configuré en termes de réseau et d'allocation de certificat.

3. Configurez Access Gateway de manière à autoriser les connexions XenApp entrantes provenant de Citrix Receiver, et spécifiez l'emplacement du nouveau site XenApp Services que vous venez de créer.

a. Sur l'onglet Access Policy Manager, cliquez avec le bouton droit sur un groupe d'utilisateurs, sélectionnez

b. Sur l'onglet Global Cluster Policies, sélectionnez

c. Sur l'onglet Gateway Portal, cliquez sur Redirect to Web Interface.

d. Si le champ Path du site XenApp Services pour l'Interface Web contient une configuration existante pour un site Interface Web pour les connexions ICA sur Access Gateway, ne modifiez pas votre configuration existante, mais vérifiez que votre site XenApp Services se situe sur le même serveur que celui qui héberge le site Interface Web. Si le champ Path est vide, ce qui signifie qu'il n'existe aucune configuration pour les connexions ICA, tapez /Citrix/PNAgent.

e. Sur le serveur Web, entrez l'adresse IP ou le nom de domaine complet du serveur exécutant l'Interface Web.

f. Sur l'onglet Global Cluster Policies, sélectionnez Enable logon page authentication.

Remarque : La case Single sign-on to the Web Interface est dédiée à l'Interface Web et n'affecte pas les connexions utilisant Citrix Receiver pour iPhone. Si vous avez configuré Access Gateway pour utiliser un site Interface Web pour d'autres utilisateurs, continuez à l'utiliser et à le maintenir pour l'Interface Web.

Pour autoriser les connexions Citrix XenApp sur une passerelle Access Gateway préalablement configurée pour accepter des connexions à l'aide d'Access Gateway Plug-in, sélectionnez Use the multiple logon option page. (Pour de plus amples informations, reportez-vous à la section Configuring a Portal Page with Multiple Logon Options dans le Guide de l'administrateur Citrix Access Gateway, édition standard.) La documentation Produit est disponible dans le centre de connaissances Citrix sur : http://support.citrix.com/pages/docs/

Dans Access Gateway Administration Tool, sur l'onglet Authentication, cliquez sur l'onglet Secure Ticket Authority et ajoutez les détails de STA. Assurez-vous que les informations de STA sont identiques à celles du site XenApp Services.

Remarque importante relative à l'utilisation des certificats :

Si le certificat de serveur utilisé sur Access Gateway fait partie d'une chaîne de certificats (avec un certificat intermédiaire), assurez-vous que les certificats intermédiaires sont également installés sur Access Gateway. Pour de plus amples informations sur l'installation de certificats, consultez la documentation Access Gateway.


a. dans Account Settings, dans le champ d'adresse, entrez le nom de domaine complet de votre serveur Access Gateway :

Si vous avez créé le site XenApp Services à l'aide du chemin par défaut (/Citrix/PNAgent), entrez le FQDN d'Access Gateway tel que : FQDNd'AccessGateway.

Si vous avez personnalisé le chemin d'accès au site XenApp Services, entrez le chemin d'accès complet au fichier config.xml, tel que : FQDNd'AccessGateway/CheminPersonnalisé/config.xml.

b. Dans les paramètres Citrix Access Gateway, activez Access Gateway, définissez le type de passerelle sur l'édition Standard et sélectionnez la méthode d'authentification.


5.2.2.2.3. Pour configurer Access Gateway édition Advanced pour Citrix Receiver pour iPhone

Mise à jour : 2009-08-11

Citrix Receiver prend en charge Access Gateway 4.5 édition Advanced avec le correctif 4 (AAC450W004).


1. Dans la console XenApp, créez un site XenApp Services (tel que http://nomserveurXenApp/Citrix/PNAgent ou http://nomserveurXenApp/chemind'accèspersonnalisé) pour les utilisateurs d'iPhone.

Citrix Receiver pour iPhone utilise un site XenApp Services (anciennement appelé site PNAgent) pour obtenir des informations sur les applications auxquelles un utilisateur est autorisé à accéder et les présenter au logiciel Citrix Receiver exécuté sur un iPhone.

Ce processus est similaire à la manière dont vous utilisez l'Interface Web pour les connexions XenApp SSL traditionnelles pour lesquelles une passerelle Access Gateway peut être configurée.


a. Configurez le site XenApp Services pour prendre en charge des connexions provenant d'une connexion Access Gateway. Pour de plus amples informations, consultez le Guide d'intégration Citrix Access Gateway édition Standard pour Citrix XenApp et Citrix XenDesktop.







Remarque : la configuration de ce site est similaire au site Interface Web.

2. Configurez le boîtier Access Gateway pour utiliser Access Gateway édition Advanced.

3. Dans Administration Tool, cliquez sur l'onglet Access Gateway Cluster et ouvrez la fenêtre du boîtier.

4. Sur l'onglet Advanced Options, cliquez sur Advanced Access Control.

5. Configurez les paramètres du serveur exécutant Advanced Access Control.

6. Sur le serveur exécutant Advanced Access Control, à partir de votre point d'ouverture de session, vérifiez que la méthode d'authentification que vous avez choisie est configurée et en état de marche. Dans la boîte de dialogue Logon Point Properties, cliquez sur Authentication, et sélectionnez une méthode d'authentification prise en charge par l'iPhone :

Pour l'authentification à un facteur, sélectionnez Active Directory, LDAP ou RADIUS (qui peut être utilisé pour l'authentification RSA SecurID ou Active Directory).

Pour l'authentification à deux facteurs, sous Active Directory, sélectionnez RSA SecurID, qui peut être utilisé avec RADIUS ou un fichier sdconf.rec pour activer l'authentification par jeton.


7. Sur le serveur exécutant Advanced Access Control, créez et déployez un second point d'ouverture de session (vous pouvez vérifier l'existence du point d'ouverture de session en utilisant une adresse du type https://FQDNd'AccessGateway/CitrixLogonPoint/IPhone dans le navigateur Web via Access Gateway).

Citrix vous recommande d'utiliser iPhone comme nom pour ce point d'ouverture de session car iPhone Receiver utilise ce nom comme point d'ouverture de session par défaut ; sinon, entrez l'adresse URL complète, telle que https://FQDNd'AccessGateway/CitrixLogonPoint/<2ndnomPointOuvertureSession>/ dans les paramètres d'iPhone Receiver.

a. Créez une ressource Web (iPhonePNA) pour le site XenApp Service de l'iPhone, créé à l'étape 6.

b. Sur la page Web Resource Properties des adresses URL, définissez la page de démarrage et l'ordre d'affichage du point d'ouverture de session de l'iPhone. Assurez-vous que l'option No authentication est sélectionnée pour le type d'authentification. Vérifiez également que les sites XenApp Service sont disponibles dans la liste des adresses URL.

c. Sélectionnez le nouveau point d'ouverture de session et définissez les propriétés suivantes :

Sur l'onglet Select Home Page, sélectionnez l'option permettant d'afficher la page de démarrage et définissez l'ordre d'affichage de telle sorte que la page de démarrage de la ressource Web (iPhonePNA) dispose de la priorité la plus élevée.



Sur l'onglet Authentication, sélectionnez la méthode utilisée pour authentifier les utilisateurs qui se connectent à Access Gateway à l'aide d'Access Gateway Plug-in.

Sur l'onglet Session Settings, décochez la case Time to prompt user before password expires.

Sur l'onglet Visibility, sélectionnez Allow external users access to this logon point.

Pour de plus amples informations sur la création de stratégies pour Access Gateway et XenApp, consultez le Guide de l'administrateur Access Gateway édition Advanced pour AAC450W004.

La documentation Produit est disponible dans le centre de connaissances Citrix sur : http://support.citrix.com/pages/docs/

8. Dans la console, sous Policies, créez un filtre qui s'applique à ce point d'ouverture de session. Cliquez avec le bouton droit sur Filters et sélectionnez Create filter.

a. Dans Filter Properties, cliquez sur l'onglet Logon Points.

b. Dans la liste Selected logon points, ajoutez iPhone.

9. Créez une stratégie pour ce point d'ouverture de session, telle que stratégie-iPhone, puis définissez les propriétés de stratégie suivantes :

a. sur l'onglet Resources, sélectionnez les cases Web Resources > iPhonePNA et Allow Logon.



b. Sur l'onglet Settings, veillez à ce que Web Resources > Access et Network Resources > Access utilisent la valeur Allow. Ce paramètre permet aux utilisateurs d'accéder à la ressource Web et d'ouvrir une session à partir de ce point.

c. Sur l'onglet Filter, sélectionnez le filtre iPhone à appliquer à la stratégie.




a. dans Account Settings, dans le champ d'adresse, entrez le nom de domaine complet de votre serveur Access Gateway :

Si vous avez utilisé iPhone comme nom de point d'ouverture de session pour l'iPhone, entrez le nom de domaine complet d'Access Gateway, tel que : FQDNd'AccessGateway

Si vous avez utilisé un nom autre que iPhone en tant que nom de point d'ouverture de session pour l'iPhone, entrez le chemin suivant dans le champ d'adresse : AGA-FQDN/CitrixLogonPoint/<secondnomPointOuvertureSession>.

b. Dans les paramètres Citrix Access Gateway, activez Access Gateway, définissez le type de passerelle sur l'édition Advanced et sélectionnez la méthode d'authentification.


5.2.2.2.4. Pour configurer Access Gateway édition Enterprise pour Citrix Receiver pour iPhone

Mise à jour : 2009-08-11


1. Dans la console XenApp, créez un site XenApp Services (tel que http://NomServeurXenApp/Citrix/PNAgent ou http://NomServeurXenApp/chemind'accèspersonnalisé) pour les utilisateurs d'iPhone.

Citrix Receiver pour iPhone utilise un site XenApp Services (anciennement appelé site PNAgent) pour obtenir des informations sur les applications auxquelles un utilisateur est autorisé à accéder et les présenter au logiciel Citrix Receiver exécuté sur un iPhone.

Ce processus est similaire à la manière dont vous utilisez l'Interface Web pour les connexions XenApp SSL traditionnelles pour lesquelles une passerelle Access Gateway peut être configurée.


a. Configurez le site XenApp Services pour prendre en charge des connexions provenant d'une connexion Access Gateway. Pour de plus amples informations, consultez le Guide d'intégration Citrix Access Gateway édition Enterprise pour Citrix XenApp et Citrix XenDesktop.







Remarque : la configuration de ce site est similaire au site Interface Web.

2. Configurez un site XenApp Services à utiliser avec Citrix Receiver pour iPhone.

Les authentifications Active Directory et RSA SecurID constituent les deux méthodes d'authentification prises en charge pour la version 1.x de Citrix Receiver pour iPhone :

Si l'authentification double est requise (telle que RSA SecurID et Active Directory), l'authentification RSA SecurID doit être le type d'authentification principal. L'authentification Active Directory doit être le type d'authentification secondaire.

RSA SecurID utilise un serveur RADIUS pour activer l'authentification par jeton.

L'authentification Active Directory peut utiliser LDAP ou RADIUS.


3. Créez une stratégie de session sur Access Gateway de manière à autoriser les connexions XenApp entrantes provenant de Citrix Receiver, et spécifiez l'emplacement du nouveau site XenApp Services que vous venez de créer.

Créez une nouvelle stratégie de session pour identifier Citrix Receiver pour iPhone comme étant à l'origine de la connexion. Lors de la création de la stratégie de session, configurez les expressions suivantes et sélectionnez Match All Expressions en tant qu'opérateur des expressions :

REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver

REQ.HTTP.HEADER User-Agent CONTAINS CFNetwork

REQ.HTTP.HEADER User-Agent CONTAINS Darwin

Dans la configuration du profil associé de la stratégie de session, s'il ne s'agit pas d'un paramètre global (vous avez coché la case Override Global), assurez-vous que la valeur ON est attribuée au champ ICA Proxy.

Dans le champ Adresse Interface Web, entrez l'adresse URL, y compris le fichier config.xml pour le site XenApp Services que les utilisateurs d'iPhone utilisent, telle que http://NomServeurXenApp/Citrix/PNAgent/config.xml ou http://NomServeurXenApp/CheminPersonnalisé/config.xml.

Associez la stratégie de session à un serveur virtuel.

Créez des stratégies d'authentification pour RADIUS et Active Directory.

Associez les stratégies d'authentification au serveur virtuel.

Pour de plus amples informations sur la création de stratégies pour Access Gateway et XenApp, consultez le Guide de l'administrateur Citrix Access Gateway, édition Enterprise et le Guide d'intégration Citrix Access Gateway édition Enterprise pour Citrix XenApp et Citrix XenDesktop.

La documentation Produit est disponible dans le centre de connaissances Citrix sur : http://support.citrix.com/pages/docs/




a. Dans Account Settings, dans le champ d'adresse, entrez le nom de domaine complet de votre serveur Access Gateway, tel que FQDNd'AccessGateway.

b. Dans les paramètres Citrix Access Gateway, activez Access Gateway, définissez le type de passerelle sur l'édition Enterprise et sélectionnez la méthode d'authentification.


5.2.2.3. Pour configurer Citrix Receiver pour iPhone à l'aide de Citrix Mobile Receiver Setup

Mise à jour : 2009-11-24

Citrix Mobile Receiver Setup peut être utilisé sur un PC ou Mac aussi bien par des administrateurs que des utilisateurs pour configurer rapidement Citrix Receiver pour iPhone. Utilisez cet utilitaire sur votre bureau pour configurer les paramètres de vos comptes XenApp et envoyez les configurations aux périphériques par e-mail. Cela permet une mise à disposition rapide des services auprès des utilisateurs de votre organisation.

Pour commencer à utiliser Mobile Receiver Setup, téléchargez l'utilitaire depuis http://c.citrix.com/iphone et installez-le sur un PC ou Mac.

XenApp :

1. Après avoir installé Mobile Receiver Setup sur votre ordinateur, exécutez l'utilitaire.

2. Pour la configuration du périphérique, choisissez iPhone.

3. Dans le champ Description, entrez la description qui s'affichera sur l'écran de l'utilisateur (par exemple, Production, DR).

4. Entrez l'adresse de votre batterie de serveurs XenApp (par exemple, citrix.monentreprise.net).

5. Entrez votre nom de domaine.

Pour activer les configurations Access Gateway

Étant donné que le nom d'utilisateur et le mot de passe sont saisis par l'utilisateur, la configuration ne requiert que le nom du serveur, l'adresse du serveur et le nom de domaine. Vous pouvez envoyer cette configuration à plusieurs utilisateurs simultanément, ce qui accélère le déploiement et la mise à disposition de Citrix Receiver.

1. Sélectionnez la case à cocher Access Gateway.

2. Sous Gateway Edition, choisissez l'édition d'Access Gateway déployée dans votre environnement. (Contactez votre administrateur si vous ne connaissez pas



l'édition.)

3. Sous Authentication Type, choisissez la méthode d'authentification utilisée dans votre infrastructure.

4. Après avoir ajouté vos éléments de configuration, cliquez sur Generate Account et envoyez la configuration à vos utilisateurs par e-mail.


5.2.2.4. Enregistrement de mots de passe

Mise à jour : 2010-02-05

Vous pouvez configurer Online Plug-in de manière à autoriser les utilisateurs à enregistrer leurs mots de passe. La première fois qu'un utilisateur ouvre une session et entre un mot de passe, le mot de passe crypté est chargé dans la mémoire mais pas nécessairement enregistré. Si l'enregistrement des mots de passe est activé dans Online Plug-in, Citrix Receiver enregistre le mot de passe pour les prochaines ouvertures de session. Si l'enregistrement des mots de passe n'est pas autorisé, un message indiquant que l'enregistrement des mots de passe a été désactivé s'affichera la prochaine fois que l'utilisateur ouvre une session et ce dernier sera invité à entrer un mot de passe.

Vous pouvez activer ou désactiver l'enregistrement des mots de passe à tout moment. Si l'enregistrement des mots de passe était préalablement désactivé et qu'il est maintenant activé, les utilisateurs sont informés que l'enregistrement des mots de passe est maintenant autorisé et ils sont invités à enregistrer un mot de passe.

Si un mot de passe est enregistré et que l'administrateur désactive l'enregistrement des mots de passe par le biais de stratégies, un message informe l'utilisateur du changement, le mot de passe enregistré est supprimé et le champ correspondant est désactivé dans les paramètres de compte.


5.2.2.5. Dépannage de Citrix Receiver for iPhone

Mise à jour : 2009-11-11

Sessions déconnectées

Les utilisateurs peuvent se déconnecter d'une session Citrix Receiver de la manière suivante : En appuyant sur le bouton d'accueil sur leur iPhone ou iPod touch

En tapant sur le bouton Retour aux apps dans Citrix Receiver

Lorsque cela se produit, la session affiche un état déconnecté. Bien que l'utilisateur puisse se reconnecter ultérieurement, vous pouvez désactiver les sessions déconnectées après un certain laps de temps. Pour ce faire, configurez un délai d'expiration de session pour la connexion ICA-tcp dans la configuration des services Terminal Server. Pour de plus amples informations sur la configuration des services Terminal Server, reportez-vous à la documentation produit Microsoft Windows Server.

Échec de la connectivité

Si vos problèmes de connectivité persistent, vous pouvez créer un compte utilisateur temporaire sur le Citrix Cloud à l'adresse http://community.citrix.com/display/xa/Citrix+Receiver+Demos+in+the+Citrix+Cloud.

Le Citrix Cloud permet aux utilisateurs de bénéficier de la puissance des solutions Citrix sans avoir à préparer et configurer leur propre environnement. L'environnement de démo du Citrix Cloud utilise un certain nombre de solutions Citrix clés, telles que Citrix XenServer, Citrix XenApp, Citrix NetScaler et Citrix Access Gateway.


5.2.2.6. Problèmes connus avec Citrix Receiver pour iPhone

Mise à jour : 2010-02-05

Utilisation de caractères non ASCII avec des applications publiées

Lorsque vous utilisez Citrix Receiver pour accéder à une application publiée, vous rencontrerez les limitations suivantes : Si l'application est publiée avec un nom contenant des caractères non ASCII, elle ne s'ouvre pas.

La saisie de caractères non ASCII dans les applications publiées, tels que des caractères coréens, ne fonctionne pas comme prévu.

Pour pallier ces limitations, veillez à ce que : Votre batterie soit dotée de l'une des configurations suivantes :

Citrix Presentation Server 4.5 avec un site Program Neighborhood Services configuré sur un système d'exploitation de langue autre que l'anglais.

Citrix XenApp 5.0 avec un site XenApp Services configuré sur un système d'exploitation de langue autre que l'anglais.

La barre d'outils Microsoft IME ne soit pas réduite dans l'application publiée.

Pour saisir des caractères non ASCII dans une application publiée à l'aide du clavier QWERTY/Pinyin de l'iPhone, demandez aux utilisateurs de procéder comme suit :

1. À l'aide de Citrix Receiver, connectez-vous à l'application publiée.

2. Tapez sur la barre d'outils Microsoft IME et sélectionnez la langue que vous souhaitez utiliser ; par exemple, JP.

3. Sélectionnez le mode de langue à utiliser pour la saisie de caractères non ASCII ; par exemple, le mode Hiragana.

Définition de la résolution d'écran pour les applications publiées

En raison de restrictions du système d'exploitation Apple, ne publiez pas d'applications avec une résolution d'écran de 1024 x 1024 pixels ou plus. Citrix recommande d'utiliser une résolution de 1024 x 768 pixels ou inférieure pour la publication d'applications.


5.3. Citrix Doc Finder

Mise à jour : 2010-02-09

Citrix Doc Finder 1.0


5.3.1. Citrix Doc Finder 1.0

Mise à jour : 2010-02-07

Configuration requise pour Doc Finder

Déploiement de Doc Finder

Lancement d'applications à partir de Doc Finder


5.3.1.1. Configuration requise pour Doc Finder

Mise à jour : 2009-11-10

Pour mettre Doc Finder à la disposition des utilisateurs d'appareils mobiles, vous devez disposer d'une batterie de serveurs exécutant l'un des produits suivants : Citrix Presentation Server 4.5



Citrix XenApp 5 pour Windows Server 2003

Citrix XenApp 5 Feature Pack pour Windows Server 2003

Citrix XenApp 5 Feature Pack 2 pour Windows Server 2003

Citrix XenApp 5 pour Windows Server 2008 (R1 uniquement)

Citrix XenApp 5 Feature Pack pour Windows Server 2008 (R1 uniquement)

Doc Finder est pris en charge sur tout appareil mobile prenant en charge Citrix Receiver. Pour de plus amples informations sur la prise en charge d'un appareil spécifique, consultez la documentation Citrix Receiver relative à cet appareil.


5.3.1.2. Déploiement de Doc Finder

Mise à jour : 2009-12-08

Déployez Doc Finder en le publiant sur une batterie de serveurs XenApp. Pour vous assurer que les utilisateurs puissent accéder à Citrix Doc Finder, installez et publiez Citrix Doc Finder sur chaque serveur XenApp qui met des applications à la disposition des utilisateurs.

Publiez Citrix Doc Finder avec le titre « Citrix Doc Finder ».

Si vos utilisateurs se connectent à la batterie à l'aide d'un BlackBerry, demandez-leur de régler leurs paramètres d'affichage afin de bénéficier d'un affichage optimal.


5.3.1.3. Lancement d'applications à partir de Doc Finder

Mise à jour : 2009-11-05

Lorsque les utilisateurs sélectionnent un document, Doc Finder lance l'application associée qui est installée et publiée sur le serveur XenApp sur lequel Doc Finder est installé.

Important : pour vous assurer que les applications nécessaires au lancement de fichiers à partir de Doc Finder sont disponibles, publiez Doc Finder et ces applications sur le même serveur.

Si une application n'est pas publiée sur le même serveur que Doc Finder, les utilisateurs ne peuvent pas travailler avec les fichiers dont les types requièrent l'application non publiée, même si cette application est publiée sur un autre serveur de la batterie.

Exemple : vous installez Doc Finder sur un serveur XenApp hébergeant uniquement des applications Microsoft Office. Lorsqu'un utilisateur se connecte au serveur et ouvre un document Word, Doc Finder lance l'application associée hébergée sur ce serveur. Toutefois, lorsque l'utilisateur ouvre un document PDF, Doc Finder ne peut pas lancer l'application associée, dans ce cas Adobe Acrobat, car cette dernière n'est pas installée sur le serveur. Pour que les utilisateurs puissent ouvrir des documents PDF à l'aide de Doc Finder, installez Adobe Acrobat sur le serveur hébergeant Doc Finder.


6. Offline Plug-in Offline Plug-in 5.2 pour Windows


7. Online Plug-in

Mise à jour : 2010-02-08

Online Plug-in 11.x pour Macintosh

Online Plug-in 11.2 pour Windows

Plug-in pour applications hébergées 11.0 pour Windows

Liens rapides

Fichier lisez-moi pour Online Plug-in 11.x pour Macintosh

Fichier lisez-moi pour Online Plug-in 11.2 pour Windows

Configuration et compatibilité système pour Online Plug-in 11.2 pour Windows


7.1. Online Plug-in 11.1 for Macintosh

Updated: 2010-02-12

These topics are primarily for system administrators who are responsible for installing, configuring, and maintaining the Citrix online plug-in for Macintosh. This documentation assumes knowledge of:

Citrix XenApp and/or Citrix XenDesktop

The machine running Citrix XenApp or Citrix XenDesktop to which the plug-in connects

The operating system on the client device (Mac OS X)

Installation, operation, and maintenance of network and asynchronous communication hardware, including serial ports, modems, and device adapters

To make it easier to read, all the procedures in these topics refer to "you." In some circumstances "you" refers to the administrator of the plug-in, in others to the user of the plug-in, and sometimes to both. The context indicates whether a procedure is primarily an administrator or user activity.


7.1.1. Readme for Citrix Online Plug-in for Macintosh 11.1

Updated: 2010-02-12

Readme Version: 1.0

Contents


Getting Support

Known Issues

Readme for Citrix Online Plug-in for Macintosh 11.1 Configuring the Plug-in for Macintosh

About the Plug-in for Macintosh Optimizing the Plug-in Environment

Deploying the Plug-in for Macintosh Securing Plug-in Communication

Using Dazzle




To access complete and up-to-date product information, go to Citrix eDocs located at http://support.citrix.com/proddocs/index.jsp and expand the topics for your product.

Licensing Documentation

To access licensing documentation, go to http://support.citrix.com/proddocs/topic/licensing/lic-library-node-wrapper.html.

Getting Support



Known Issues

Users cannot subscribe to applications and virtual desktops using Dazzle if logged on to the client device with a normal user account. Dazzle requires the user to be logged on as an administrator. If this is not possible in your environment, the following workarounds allow a user logged on with a normal account to subscribe to applications:

Drag applications and virtual desktops to the desktop or to a folder other than the Applications folder, rather than clicking the Add button in Dazzle.

Log on as an administrator, create a Dazzle folder in Applications, and set the permissions for that folder to Read and Write for all users.

Ask a system administrator to log on, run Dazzle, and modify the permissions for the Dazzle folder to Read and Write for all users. [#212763, 219444 ]

Minimized applications may re-appear in the foreground of your screen when launching new applications using the plug-in. Note that this issue is seen only with applications to which you have subscribed using Dazzle. It is not seen with applications accessed through Web Interface. [#222517]

Users may experience issues with keyboard input on the virtual desktop to which they are connecting in the following circumstances: If the English keyboard type is not enabled on the virtual desktop by the XenDesktop administrator, at install. [#223499]

If the default input language on the virtual desktop is not set to English by the XenDesktop administrator. [#224018]

For more information about either of these issues, contact your XenDesktop administrator.



7.1.2. About the Plug-in for Macintosh

Updated: 2009-11-12

The Citrix online plug-in for Macintosh (the plug-in) provides users with access to resources published on XenApp or XenDesktop servers. The plug-in combines ease of deployment and use, and offers quick, secure access to applications and virtual desktops.

After subscribing to published resources, users can access those resources from a familiar Macintosh desktop environment. Users work with published resources the same way they work with local applications and files. Published resources are represented on the local desktop, by icons that behave just like local icons, on the Dock, or in the Dazzle folder available from the Finder.

Users can also access published resources from within a familiar browser environment, by clicking links on a Web page you publish on your corporate intranet or the Internet.


7.1.2.1. New Features in This Release

Updated: 2009-12-03

Support for Citrix Receiver for Macintosh. The Citrix Merchandising Server administrator console and Citrix Receiver for Macintosh simplify application delivery for administrators by eliminating the need to repeatedly install and update the online plug-in on user devices. Administrators use the web-based Citrix Receiver Merchandising Server Administrator Console to configure plug-ins and schedule their delivery to devices. Instead of installing the Citrix online plug-in on the client device, the end user installs the Receiver, which then installs and updates the online plug-in as scheduled by the administrator.

Support for Citrix Branch Repeater. Integration with Branch Repeater using a new variant of the Thinwire protocol provides improved levels of graphics compression, optimizing the user experience and reducing the amount of time taken to cache and re-use graphics between sessions.

Support for Multiple Dazzle Stores. The Citrix online plug-in provides support for users to access applications and virtual desktops provided by multiple Dazzle stores. Using a simple drop-down list, users can switch between Dazzle stores to subscribe to all the applications and desktops they need to complete their everyday tasks.

Client Certificate Support. The Citrix online plug-in provides support for authenticating to the Access Gateway using client certificates. For more information, see your Access Gateway documentation.

Dazzle Tile View. You can now view applications and desktops in Dazzle using Tile View. This displays your applications and desktops as a series of tiles on screen as an alternative to displaying them in a list.


7.1.2.2. Custom Connection Files and the ICA Client Editor

Updated: 2009-11-12

In previous versions of the plug-in, you used the ICA Client Editor to create custom connection files. Those files contained all the settings used by the plug-in when connecting to hosted applications and desktops.

In the current version of the plug-in, both custom connection files and the ICA Client Editor are deprecated and the creation of new custom connection files is no longer supported. You can, however, still use existing custom connection files to connect to hosted applications and desktops.

To configure settings for Version 11.x or later of the plug-in, use the Receiver or Citrix online plug-in Preferences pane in System Preferences.


7.1.3. Deploying the Plug-in for Macintosh

Updated: 2009-12-03

Installation files for the plug-in are available for download from the Citrix Web site.

This section contains information about system requirements, installation packages, and installing the plug-in in your environment.


7.1.3.1. System Requirements

Updated: 2009-11-25

Ensure your system meets the following hardware and software requirements before installing the plug-in.

Hardware Requirements

The computer on which you intend to install the plug-in must meet the following minimum requirements: At least 256 MB of RAM



29 MB of free disk space

A working network or Internet connection to connect to servers

Software Requirements

You can install the plug-in manually or through Citrix Receiver. Supported operating systems for each install type are as follows:


7.1.3.2. Overview of Plug-in Installation Packages

Updated: 2010-03-02

This release contains two installation packages and offers several options for installing the plug-in. You can install the two plug-in installer packages with almost no user interaction.

Citrix_online_plugin.dmg - Complete package

Citrix_online_plugin_web.dmg - Smaller, more limited package that you can deploy from a Web page.

Note: The Citrix online web plug-in package does not include Dazzle.

Note: Upgrades are supported only from versions 10.x and 11.0 of the plug-in. Remove any earlier versions before installing the online plug-in.


7.1.3.3. Using the Merchandising Server and Citrix Receiver to Deploy the Plug-in

Updated: 2009-11-26

Citrix recommends using the Merchandising Server and Citrix Receiver for Macintosh to deploy and update the plug-in to a user device.

Citrix Merchandising Server administrator console. With the administrator console, you can upload the plug-in installation and metadata files, create reuseable rules to define the delivery recipients, and create deliveries.

Citrix Receiver client (Receiver for Macintosh). After users install Receiver for Macintosh on their user devices, Receiver installs, updates, and starts the plug-in with minimal user interaction.

Users can change their plug-in settings using the Application Delivery pane in Citrix Receiver preferences.

Upgrading the Plug-in with Receiver

Updates are, by default, automatically installed on the user device. When an update is available, the Receiver downloads and installs the updated plug-in.

Uninstalling the Plug-in with Receiver

Receiver upgrades the plug-in when a newer plug-in is available. When users remove the Receiver manually, the plug-in is also removed. Additionally, the administrator can remove the Receiver and all of its managed plug-ins through the Merchandising Server Administrator Console.

For more information, see the Merchandising Server documentation.


7.1.3.4. Installing the Plug-in

Updated: 2009-12-03

You can download the Citrix online plug-in for Macintosh from the Citrix Web site, at http://www.citrix.com.

To install the plug-in

1. Log on as an administrator.

2. Download the .dmg file for the version of the plug-in you want to install from the Citrix Web site and open it. This runs the Disk Utility program, which mounts the file as a disk image accessible from your Macintosh desktop.

3. On the Introduction page, click Continue.

4. On the License page, click Continue.

5. Click Agree to accept the terms of the License Agreement.

6. On the Destination Select page, select the volume where you want to install the plug-in and click Continue.

7. On the Installation Type page, click Install.

8. Enter the administrator account details for the device on which you are installing the plug-in and click OK.

9. To subscribe to applications and desktops immediately, click Open Dazzle now when prompted.


7.1.3.5. Upgrading the Plug-in

Updated: 2009-11-13

You can upgrade to the latest version of the plug-in from the following previous versions: Citrix Presentation Server Client for Macintosh, Version 10.0

Citrix Online Plug-in for Macintosh, Version 11.0 (Full)

Citrix Online Plug-in for Macintosh, Version 11.0 (Web)

Before upgrading to version 11.1 of the Citrix online plug-in, be aware of the following: You must remove all applications and desktops to which you have previously subscribed before upgrading to the latest version of the plug-in.

Any existing custom connection files are preserved and can be used to connect to remote applications and desktops. The creation of new custom connection files, however, is no longer supported.


7.1.3.6. Uninstalling the Plug-in

Updated: 2009-12-03

Operating System Install manually? Install through Receiver?

Mac OS X Version 10.4 (Intel-based) 32-bit and 64-bit Yes No

Mac OS X Version 10.4 (PowerPC-based) 32-bit and 64-bit Yes No

Mac OS X Version 10.5 (Intel-based) 32-bit and 64-bit Yes Yes

Mac OS X Version 10.5 (PowerPC-based) 32-bit and 64-bit Yes No

Mac OS X Version 10.6 (Intel-based) 32-bit and 64-bit Yes Yes



Uninstall instructions for the plug-in differ, depending on whether you installed it manually or through Citrix Receiver. If you installed the plug-in manually, you can uninstall it using this procedure. If you installed the plug-in through Citrix Receiver, refer to the Receiver for Macintosh documentation for complete uninstall instructions.

To uninstall the plug-in

1. Open the Uninstall Citrix online plug-in application located in /Library/Application Support/Citrix/.

2. Click Continue.

3. Enter the administrator account details for the device from which you are uninstalling the plug-in and click OK.

4. Click Finish.


7.1.4. Using Dazzle

Updated: 2009-11-13

Dazzle provides users with self-service access to the applications and desktops they need to work productively. Icons for those applications and desktops can be presented on the local desktop, on the Dock, or in the Dazzle folder available from the Finder.

The new, easy-to-use interface allows users to subscribe to applications and desktops hosted on XenApp and XenDesktop servers with a single click, replacing the need for individual connection files used by earlier versions of the plug-in.

For more information about connection files, see Custom Connection Files and the ICA Client Editor.

Opening Dazzle

The way you open Dazzle depends on whether you installed the plug-in manually or through Citrix Receiver, as follows: If you installed the plug-in manually, open Dazzle from the Citrix folder in the Applications folder.

If you installed the plug-in through Citrix Receiver, choose Dazzle... from the Citrix Receiver menu.


7.1.4.1. Choosing Your Applications and Desktops

Updated: 2009-12-03

At the end of the plug-in install you are prompted to launch Dazzle. After launching Dazzle, you can select the applications and desktops you want to subscribe to and begin working with those applications and desktops immediately.

You can also launch Dazzle separately, when you want to subscribe to other applications or desktops; for example, when new applications or desktops are added to those already hosted by a store or when a new store is added to the list.

To subscribe to applications or desktops when installation completes

1. Select the checkbox labeled Open Dazzle now when prompted at the end of the plug-in installation process, and then click Continue.

2. Do one of the following: If a No Stores Configured message appears, click OK to open Preferences and then select the Dazzle Stores pane. Click the Plus button. Enter the name and address for the store to which you want to connect and click OK. Close Preferences and go to Step 4.

If stores have already been configured, select the store hosting your applications and desktops from the list of available stores.

3. If requested, enter the user name and password for the store hosting your applications or desktops and click OK.

Note: If you want to add these details to your keychain, select Remember this password in my keychain.

4. Select the applications and desktops you want to subscribe to and click Add. This adds the applications and desktops to your Dazzle folder. Alternatively, you can drag the applications or desktops to your local desktop or any folder of your choice. If you do not see the application or desktop you require, you can search for it by selecting All Applications and typing the name in the search field.

To subscribe to additional applications and desktops

1. Open Dazzle.

2. Select the store hosting your applications and desktops from the list of available stores.

3. If requested, enter the user name and password for the store hosting your applications or desktops and click OK.


4. Select the applications and desktops you want to subscribe to and click Add. This adds the applications and desktops to your Dazzle folder. Alternatively, you can drag the applications or desktops to your local desktop or any folder of your choice. If you do not see the application or desktop you require, you can search for it by selecting All Applications and typing the name in the search field.


7.1.4.2. Adding an Alias for an Application or Desktop to the Dock

Updated: 2009-11-27

You can add an alias for a hosted application or virtual desktop to the Dock, quickly and easily, by dragging the application or desktop icon from the folder view in Dazzle directly to the Dock. Alternatively, you add an alias to the Dock in the same way as you can for any local application, using the procedure below.

To add an alias for an application or desktop to the Dock

1. In the Finder, open the folder containing the application or desktop you want to add to the dock.

2. Drag the application or desktop icon to the Dock.


7.1.4.3. Launching Applications and Desktops

Updated: 2009-11-13

Users launch hosted applications and virtual desktops in exactly the same way as local applications. If a user does not add their account information for the Citrix server to the keychain, they are asked to enter that information before the application or desktop launches.

Users can search for applications and desktops to which they have subscribed using Spotlight and can also rename them to more easily distinguish between local and hosted versions.


7.1.4.4. Removing Applications and Desktops

Updated: 2009-12-03

You can remove applications and desktops you no longer need access to by dragging them to the Trash. Alternatively, you can use Dazzle to remove applications and desktops located in both the Dazzle folder and any sub-folders you have created.



If you require access to an application or desktop after removing it, use Dazzle to subscribe to that application or desktop again.

To remove applications and desktops using Dazzle

1. Open Dazzle.

2. Select the folder containing the applications and desktops you want to remove.

3. Click Remove to remove each application or desktop you no longer require access to.


7.1.4.5. Working with Dazzle Stores

Updated: 2009-12-01

If you installed the plug-in manually, you need to add stores to the Dazzle stores list when you start Dazzle for the first time.

If you installed the plug-in through Receiver, you are presented with a list of available stores (XenApp or XenDesktop servers) from which you can choose your applications and desktops when you start Dazzle for the first time. This list of stores is pre-configured using Merchandising Server.

From time to time, you may also need to add new stores to or remove old stores from this list. For example, if your applications and desktops are migrated from one server to another, you can add the new server hosting those resources to the list and remove the existing server to which you no longer require access. You may also need to edit the details of a store you have set up; for example, if the URL for a store changes or you want to change a store's name. You can add, remove, and edit stores by selecting Preferences... from the list of available stores in Dazzle.

Note: You can edit the details of and remove from the list only those stores that you added manually. Stores delivered through Merchandising Server, and denoted by a padlock next to their entry in the Stores list, can not be removed.

To add a new store to the stores list

1. Select Preferences... from the list of available stores and then select the Dazzle Stores pane.

2. Click the Plus sign.

3. Enter a name for the new store in the Store Name field.

4. Enter the address of the new store (server) to which you want to connect in the Store URL field and click OK.

To connect to a new store

1. Open Dazzle.

2. Choose the new store to which you want to connect from the list of available stores.

3. If requested, enter the user name and password for the new store and click OK.


After you connect to the new store, you can subscribe to applications and desktops hosted by that store in the usual way.

To remove a store from the stores list


2. Select the store you want to remove from the Stores list.

3. Click the Minus sign, then click OK to confirm you want to remove the store from the list.

To edit the details of a store


2. Double-click the store you want to edit.

3. Edit the details in Store Name and/or Store URL fields, as required.

4. Click OK.


7.1.5. Configuring the Plug-in for Macintosh

Updated: 2009-11-26

After the plug-in software is installed, you can configure various plug-in settings.

The way you configure these settings depends on whether you installed the plug-in manually or through Citrix Receiver. Although the settings themselves are identical in each case, the way you access them differs.

Configuring a Plug-in You Installed Manually

If you installed the plug-in manually, choose Apple menu > System Preferences and click Citrix online plug-in to display plug-in preferences. All user configurable settings are contained within three tabs; Appearance, Keyboard, and Devices.

Configuring a Plug-in Installed through Citrix Receiver

If you installed the plug-in through Citrix Receiver, choose Apple menu > System Preferences and click Citrix Receiver to display Receiver preferences. All user configurable settings are accessed from the Application Delivery pane. Choose from Appearance, Keyboard, or Devices depending on the settings you want to configure.


7.1.5.1. Configuring Window Properties

Updated: 2009-11-13

You can configure the plug-in to display virtual desktops in either fixed size windows or as full screen. Hosted applications are automatically displayed in seamless mode, in fully resizable windows.

To configure window properties

1. Click Appearance.

2. Select whether you want to display virtual desktops in Windowed or Full Screen mode.


7.1.5.2. Showing and Hiding the Menu Bar and Dock

Updated: 2009-11-13

When viewing virtual desktops in full screen mode, the Macintosh menu bar and Dock might be hidden.

To display the Macintosh menu bar, press Control-Option. The same key combination also hides it again.

Note: If you are not in full screen mode, and your window size enables you to see the entire desktop, you can use Control-Option to show a standard Macintosh resize control in the bottom right corner of the ICA session window. The same key combination hides the resize box again.

If the window size is too small to show the entire desktop, you must use the scroll bars to see the hidden content of the desktop.



To display both the complete window and the Macintosh menu bar when connected to a session, from the Citrix online plug-in menu, choose View > Best Window Position.

You can also configure the plug-in to show the menu bar and Dock automatically, whenever you move your mouse to the top of the screen or to the edge where the Dock is located. If you select this option, the Dock is hidden when you are not using it.

To show and hide the menu bar and Dock automatically

1. Click Appearance.

2. Select Show the Dock and menu bar. Alternatively you can use the standard Macintosh method from the Apple menu by choosing Dock > Dock Preferences > Automatically hide and show the Dock.


7.1.5.3. Mapping Client Devices

Updated: 2009-11-13

You can map local drives and devices so that they are available from within a session. If enabled on the server, client device mapping allows a remote application or desktop running on the server to access devices attached to the local client device. You can:

Access local drives, COM ports, and printers

Hear audio (system sounds and audio files) played from the session

Note that client audio mapping and client printer mapping do not require any configuration on the client device.

Mapping Client Drives

Client drive mapping allows you to access the local disk drives of the client device, including CD-ROM drives, during sessions. When a server is configured to allow client drive mapping, users can access their locally stored files, work with them during their sessions, and then save them either on a local drive or on a drive on the server.

In addition, you can configure servers to map their server drives. When server drives are mapped and the drive letters clash with those selected for the user’s local drives, the server automatically changes the client drive letters.

Because Windows operating systems recognize file paths with drive letters but not Macintosh paths, the plug-in needs to map local Macintosh folders to drive letters for published applications and remote desktop sessions to locate local files.

For example, to use the files in the Macintosh HD/MacClientDocs/Docs/MacPDF folder, you can map Macintosh HD/MacClientDocs/Docs to drive M and within a session access the files using the path M:\MacPDF.

To map client drives

1. Click Devices. The Mapped Drives pane lists the disk or path name of every Macintosh folder already mapped to each drive on the server. The Read and Write columns show whether or not you have read and write access. Drives A, B, and C are mapped automatically as follows:

2. Click the Plus button.

3. Select an available drive letter.

4. Click Browse.

5. Select the folder on the Macintosh hard drive that you want to map and click Browse.

6. Click Create. The Mapped Drives pane now displays the mapped folder.

7. Select the level of read and write access for the mapped drive from the Read and Write pop-up menus.

8. Log out of any open sessions and reconnect to apply the changes.

Mapping Client COM Ports

Client COM port mapping allows devices attached to the COM ports of the client device to be used during sessions on a server. These mappings can be used like any other network mappings.

Macintosh serial ports do not provide all the control signal lines that are used by Windows applications. The DSR (Data Set Ready), DCD (Device Carrier Detect), RI (Ring Indicator), and RTS (Request To Send) lines are not provided. Windows applications that rely on these signals for hardware handshaking and flow control may not work. The Macintosh implementation of serial communications relies on CTS (Clear To Send) and DTR (Data Terminal Ready) lines for input and output hardware handshaking only.

To map client COM ports

1. Click Devices.

2. Select the COM port you want to map, from the Mapped COM Ports list. This is the virtual COM port that is displayed in the session, not the physical port on the local machine.

3. Select the device to associate with the virtual COM port from the Device pop-up menu.

4. Start the plug-in and log on to a server.

5. Run a command prompt.

6. At the prompt, type net use comx: \\client\comz: where x is the number of the COM port on the server (ports 1 through 9 are available for mapping) and z is the number of the client COM port (ports 1 through 4 are available).

7. To confirm the mapping, type net use at the prompt. A list displays mapped drives, LPT ports, and mapped COM ports.


7.1.5.4. Printing

Updated: 2009-11-13

You can access printers connected to client devices during a session. When a server is configured to allow client printer mapping, applications running remotely on the server can print to any printer that can be used from locally running applications.

No special configuration is needed to set up local printers to print during an ICA session. Note, however, that A4 pages might not print correctly if you choose the A4 paper size option in the Page Setup dialog box (or the Page Layout tab in the case of Microsoft Office 2007 applications). In order to print on A4 paper, the user must either specify it as a default size and use the A4 paper size option, or choose the A4 210×297 option if available.

To set A4 as the default, from the plug-in File menu choose Default Paper Size > A4. All other paper sizes will print correctly if the printer supports that paper size.


7.1.6. Optimizing the Plug-in Environment

Updated: 2009-11-13

By optimizing your environment you gain the best performance from the plug-in and provide the best user experience.


7.1.6.1. Improving Performance

Drive Mapped to

A A Macintosh removable media drive (floppy disk, USB flash drive, or any other item that is removable and can be written to).

B The Macintosh internal CD or DVD drive, or any other item that is removable and non-writable, such as a disk image .dmg file.

C Permanently mapped to the user’s Home folder on the Macintosh hard disk.



Updated: 2009-11-27

You can improve the performance of the plug-in software by enabling auto-client reconnections, session reliability, and SpeedScreen Latency Reduction.

Reconnecting Users Automatically

Users can be disconnected from their sessions because of unreliable networks, highly variable network latency, or range limitations of wireless devices. With the HDX Broadcast auto-client reconnection feature, the plug-in can detect unintended disconnections of ICA sessions and reconnect users to the affected sessions automatically.

When this feature is enabled on the server, users do not have to reconnect manually to continue working. The plug-in attempts to reconnect to the session until there is a successful reconnection or the user cancels the reconnection attempts. If user authentication is required, a dialog box requesting credentials appears to a user during automatic reconnection. Automatic reconnection does not occur if users exit applications without logging off. Users can reconnect only to disconnected sessions.

Providing HDX Broadcast Session Reliability

With the HDX Broadcast Session Reliability feature, users continue to see a published application’s window if the connection to the application experiences an interruption. For example, wireless users entering a tunnel may lose their connection when they enter the tunnel and regain it when they emerge on the other side. During such interruptions, the session reliability feature enables the session window to remain displayed while the connection is being restored.

You can configure your system to display a warning dialog box to users when the connection is unavailable.

HDX Broadcast Session Reliability is enabled on the server by default. Users of the plug-in cannot override the server settings for HDX Broadcast Session Reliability.

Important: If HDX Broadcast Session Reliability is enabled, the default port used for session communication switches from 1494 to 2598.

Reducing Display Latency

Over high latency connections, you might experience significant delays between the time when you type text at the keyboard and when it is displayed on the screen. Similarly, there may be a delay between clicking a mouse button and the screen displaying any visible feedback. This can result in you retyping text or making several unnecessary mouse clicks. When enabled on the server, SpeedScreen Latency Reduction lessens the impact of high latency connections on your display.

SpeedScreen Latency reduction is not supported when connecting to Citrix XenApp for UNIX.


7.1.6.2. Changing the Way You Use the Plug-in

Updated: 2009-11-13

ICA technology is highly optimized and typically does not have high CPU and bandwidth requirements. However, if you are using a very low-bandwidth connection, the following tasks can impact performance:

Accessing large files using client drive mapping. When you access a large file with client drive mapping, the file is transferred over the ICA connection. On slow connections, this may take a long time.

Printing large documents on local client printers. When you print a document on a local client printer, the print file is transferred over the ICA connection. On slow connections, this may take a long time.

Playing multimedia content. Playing multimedia content uses a lot of bandwidth and can cause reduced performance.

Citrix receiver

Documents

program filescitrixreceiverreceiver

microsoft

speedscreen

allumer sa

des produits

en tout endroit

modifier les

playing multimedia