Wednesday, December 18, 2013

You want back the PNA (Program Neighbourhood Agent) with Citrix Receiver 4.1, Citrix StoreFront 2.1 and Citrix XenDesktop 7.1

 

If you are longing for the 2000’s, you want back the PNA (Program Neighbourhood Agent) back but the man is making you move to receiver, never fear, with some time, configuration and tweeks you can be right back in the comfort zone.

This is the standard Citrix Receiver without sign sing on when it opens the StoreFront store.

image

First you need to install the agent with the single sign on support (/includeSSON and ,SSON,) in the command line below.

Just as a note when installing this and removing this the ,USB item had to be last to stop errors occurring in installing and the installation failing.

Command line to install Receiver 4.1:

CitrixReceiver.exe /includeSSON ADDLOCAL="ReceiverInside,ICA_Client,SSON,AM,SELFSERVICE,DesktopViewer,Flash,Vd3d,usb" /Store0="sp;https://storefront.colvi.in/Citrix/desktops/discovery"

clip_image004

YOU NEED TO REBOOT, you need the SSOSVR.EXE to be running as seen below.

clip_image005

You need to make the changes to the GPO for the client (the desktop computer) to allow internet explorer to pass the logon credentials.

clip_image007

You need to install and configure Authentication with Domain Pass-through on the StoreFront Server.

YOU NEED TO BE USING HTTPS and a valid Cert.

clip_image009

You can see I have the receiver web site disabled, you can use it, but it is not needed for this configuration (in fact it does not support pass-through and this confuses people).

clip_image010

You need to configure the XML Policy on the Delivery Controller, this is the GPO, but it can also be via PowerShell.

clip_image012

You need your StoreFront server to be in ‘Local Intranet’ or ‘Trusted Sites’.

clip_image013

If your IE policy is locked down, delete these Registry Settings and then you can check (until next reboot).

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

Check that “Automatic Logon with current user name and password” is enabled in local Intranet if that is what you are in (see above).

clip_image014

Check that “Automatic Logon with current user name and password” is enabled in Trusted Sites if that is what you are in (see above).

clip_image015

At this point if you start the receiver you will see the client automatically logs on and gets the desktop(s) as shown below.

clip_image017

If you want to automate further (you needed the self service plug installed, it is if you used my command line above), then you can it force do a logon, a refresh and then see the newly created .EXE dummy files that you can use to create shortcuts in the Start Menu (or Metro interface), yes Windows 8.1 using these commands in the back ground.

Here are the commands to force this:

"C:\Program Files\Citrix\SelfServicePlugin\SelfService.exe" -logon

"C:\Program Files\Citrix\SelfServicePlugin\SelfService.exe" -poll

dir C:\Users\ColvinDave\AppData\Roaming\Citrix\SelfService

clip_image019

If you want to you can make shortcuts to the EXE files, anywhere in the start menu, you cant copy just the .EXE files or you will get the error below.

clip_image021

Good luck and tell them Dave Sent You.

Friday, December 13, 2013

Finding Citrix StoreFront via Email Address

 

This is old news, and everyone should know this, but I have never found a site using it yet, so maybe someone wasn't paying attention in class, so here is how.

 

You must install a valid server certificate on the StoreFront before you start. Also the full chain to the root certificate must be valid.

  1. Create a DNS Service Location (SRV) record
  2. In DNS, Right-click your Forward Lookup Zone
  3. Click on Other New Records, Create a Service Location (SRV)
  4. Click in the Service box and enter the host value _citrixreceiver
  5. Click in the Protocol box and enter the value _tcp
  6. In the Host offering this service box, put the fully qualified domain name (FQDN) and port for your StoreFront

You can use nslookup to test this:

  1. Open command prompt, type nslookup
  2. Type “set type=srv”
  3. Type “_citrixreceiver._tcp.MyADdomain.com.au”
  4. The response should be :

_citrixreceiver._tcp.MyADdomain.com.au SRV service location:

priority = 0
weight = 100
port     = 443
svr hostname = StoreFront.MyADdomain.com.au

Blog Archive