Citrix receiver and pass-through authentication.Authenticate
Looking for:
Citrix receiver and pass-through authenticationHow to Manually Install and Configure Citrix Receiver for Pass-Through Authentication
Note : On XenApp 6. Users should now be able to log on to an existing Store or configure a new Store using Citrix Receiver for Windows without providing credentials. For newer versions of Receiver 4. In Citrix Receiver for Windows Version 4.
The Configuration Checker window appears. The test runs on all the SSON checkpoints. If users face any issues with Single Sign-on, Citrix recommends that you verify the list of network providers list on the client machin e as described below:.
Press ALT to display the menu. Failed to load featured products content, Please try again. Customers who viewed this article also viewed. Log in to Verify Download Permissions.
Objective Citrix Workspace app is the new universal app for all workspace services, that will encompass all Citrix clients and app capabilities over time. Single Sign-on authentication can be configured on both new and upgraded setup. Was this page helpful? Advanced store settings. Manage a Citrix Receiver for Web site. Create a Citrix Receiver for Web site. Configure Citrix Receiver for Web sites. Support for the unified user experience. Create and manage featured apps.
Configure workspace control. Configure user access. Configure StoreFront to launch applications and desktops in Windowed Mode. Configure communication and session time-out. Set up highly available multi-site stores. Add a Citrix Gateway connection. Import a Citrix Gateway. Configure Citrix Gateway connection settings. Load balancing with Citrix ADC. Authenticate using different domains. Configure beacon points. Advanced configurations. Configure Resource Filtering. Configure using configuration files.
Configure StoreFront using the configuration files. Configure Citrix Receiver for Web sites using the configuration files.
Secure your StoreFront deployment. Export and import the StoreFront configuration. StoreFront SDK. Troubleshoot StoreFront. Document History. Aviso legal. Este texto foi traduzido automaticamente. Este artigo foi traduzido automaticamente. You can enable or disable user authentication methods set up when the authentication service was created by selecting an authentication method in the results pane of the Citrix StoreFront management console and, in the Actions pane, clicking Manage Authentication Methods.
The domain pass-through for Citrix Receiver for Web is limited to Windows operating systems using Internet Explorer, Microsoft Edge, Mozilla Firefox, and Google Chrome, and the browsers rely on successful client detection to communicate with native Citrix Workspace apps. To enable pass-through authentication for smart card users accessing stores through Citrix Gateway, use the Configure Delegated Authentication task.
Use the Trusted Domains task to restrict access to stores for users logging on with explicit domain credentials, either directly or using pass-through authentication from Citrix Gateway. Select the Stores node in the left pane of the Citrix StoreFront management console and, in the results pane, select the appropriate authentication method.
In the Actions pane, click Manage Authentication Methods. Select Trusted Domains only and click Add to enter the name of a trusted domain. Users with accounts in that domain are able to log on to all stores that use the authentication service.
To modify a domain name, select the entry in the Trusted domains list and click Edit. To discontinue access to stores for user accounts in a domain, select the domain in the list and click Remove. Secure communications. Storebrowse for Workspace. Citrix Workspace app Desktop Lock. ICA settings reference. Aviso legal. Este texto foi traduzido automaticamente. Este artigo foi traduzido automaticamente.
You can configure various types of authentication for your Citrix Workspace app, including domain pass-through single sign-on or SSON , smart card, and Kerberos pass-through. When enabled, domain pass-through single sign-on caches your credentials, so that you can connect to other Citrix applications without having to sign in each time. Ensure that only software that is in accordance with your corporate policies runs on your device to mitigate the risk of credential compromise.
When you log on to Citrix Workspace app, your credentials are passed through to StoreFront, along with the apps and desktops and Start menu settings. After configuring single sign-on, you can log on to Citrix Workspace app and launch virtual apps and desktops sessions without having to retype your credentials. You can configure single sign-on on both fresh installation or upgrade setup, using any of the following options:.
The terms domain pass-through, single sign-on, and SSON might be used interchangeably in this document. Single sign-on lets you authenticate to a domain and use Citrix Virtual Apps and Desktops and Citrix DaaS from the same domain without having to reauthenticate to each app or desktop. When you add a store using the Storebrowse utility, your credentials pass through the Citrix Gateway server, along with the apps and desktops enumerated for you, including your Start menu settings.
After configuring single sign-on, you can add the store, enumerate your apps and desktops, and launch the required resources without having to type your credentials multiple times. Depending on the Citrix Virtual Apps and Desktops deployment, single sign-on authentication can be configured on StoreFront using the Management Console.
In the User Authentication pane, select Automatic logon with current user name and password. You can now log on to an existing store or configure a new store using Citrix Workspace app without entering user credentials. You can configure single sign-on on workspace for web using the Group Policy Object administrative template.
Verify that the single sign-on is enabled by launching the Task Manager and check if the ssonsvr. Complete the following steps to configure Citrix Workspace app for pass-through authentication using Active Directory group policy. In this scenario, you can achieve the single sign-on authentication without using the enterprise software deployment tools, such as the Microsoft System Center Configuration Manager.
It must be accessible by the target machines you install Citrix Workspace app on. Edit the content to reflect the location and the version of CitrixWorkspaceApp. For more information on deploying the startup scripts, see the Active Directory section. After adding the receiver. For more information about adding the template files, see Group Policy Object administrative template. Select the Local user name and password policy and set it to Enabled.
Citrix Workspace app provides an option to disable the storing of authentication tokens on the local disk. Starting with Version , Citrix Workspace app provides another option to disable the storing of authentication tokens on the local disk. Along with the existing GPO configuration, you can also disable the storing of authentication tokens on the local disk using the Global App Configuration Service. For more information, see the Global App Configuration Service documentation. Configuration Checker lets you run a test to check if the single sign-on is configured properly.
The test runs on different checkpoints of the single sign-on configuration and displays the configuration results. Click Configuration Checker. The Citrix Configuration Checker window appears. Configuration Checker does not include the checkpoint for the configuration of trust requests sent to the XML service on Citrix Virtual Apps and Desktops servers. Citrix Workspace app allows you to do a beacon test using the Beacon checker that is available as part of the Configuration Checker utility.
The Beacon test helps to confirm if the beacon ping. This diagnostic test helps to eliminate one of the many possible causes for slow resource enumeration, that is the beacon not being available. Select the Beacon checker option from the list of Tests and click Run. Citrix Workspace app supports Kerberos for domain pass-through single sign-on or SSON authentication for deployments that use smart cards.
When enabled, Kerberos authenticates without passwords for Citrix Workspace app.
How to Deploy Citrix Receiver for Pass-Through Authentication Using Active Directory Group Policy
When Citrix Receiver for Web is not configured to allow Domain pass-through, it automatically switches the authentication method to Username and Password , if available. If you are launching published applications using web browsers for Storeweb, enable the Single Sign-on feature as described in the section Group Policy Settings. Note : On XenApp 6. There are two methods to modify Security Zones:. Note : Automatic logon with current user name and password can be configured using Group Policy.
Users should now be able to log on to an existing Store or configure a new Store using Citrix Receiver for Windows without providing credentials. For newer versions of Receiver 4. Open Local Group Policy Editor. Open the Local user name password policy. Select Enable pass-through authentication. In Citrix Receiver for Windows Version 4. The Configuration Checker window appears.
The test runs on all the SSON checkpoints. If users face any issues with Single Sign-on, Citrix recommends that you verify the list of network providers list on the client machin e as described below:. Press ALT to display the menu.
Single Sign-on authentication can be configured on both new and upgraded setup. When Citrix Receiver for Windows is not configured with Single Sign-on, it automatically switches the authentication method from Domain pass-through to Username and Password , if available.
When Citrix Receiver for Windows is not configured with Single Sign-on, it automatically switches the authentication method from Pass-through to Explicit , if available.
The Local intranet window appears. Click Advanced. Click Custom level. From the User Authentication options, select Automatic logon with current user name and password. Log onto the client device with administrator privilege. Click Next. After the installation is complete, log off from the client device and log on again.
Open a command prompt as an administrator and change to the directory to where CitrixReceiver. Launch the Task Manager to verify that the ssonsvr. Follow the below steps to configure the policy 1. Click Apply and OK. Leave a Reply Cancel reply You must be logged in to post a comment. Links Technology Insights Insight reports look into the most cutting-edge technology, giving your business the edge that only an experienced CTO can.
Single Sign-on Troubleshooting and Diagnostics. Double-click CitrixReceiver.
Comments
Post a Comment