Readme Version: 1.4
Notes:
To provide feedback about the documentation, go to www.citrix.com and click Support > Knowledge Center > Product Documentation. To access the feedback form, click the Submit Documentation Feedback link.
Citrix Password Manager Console contains an extensive online Help system covering a wide range of topics from concepts, such as "User Authentication and Identity Verification," to specifics, such as "Creating User Configurations." You can find topics by using the table of contents, a thorough index, or a word search. To access the Help, from the console's Help menu, click Help Topics.
Note: To view, search, and print the PDF documentation, you need Adobe Reader (supported versions: Acrobat Reader 5.0.5 with Search through Adobe Reader 7.0). You can download Adobe Reader for free from the Adobe Systems Web site. Documentation is available on the Citrix Knowledge Center Web site (select Product Documentation). Updates to Citrix technical manuals are posted on the Web site.
Licensing documentation is available from the Documentation folder on all product CD-ROMs. For licensing-related issues, see the Readme for Citrix Licensing.
Citrix provides technical support primarily through Citrix Solutions Advisor. Contact your supplier for first-line support or use Citrix Online Technical Support to find the nearest Citrix Solutions Advisor.
Citrix offers online technical support services on the Citrix Support Web site. The Support page includes links to downloads, the Citrix Knowledge Center, Citrix Consulting Services, and other useful support pages.
The following is a list of known issues in this release. Read it carefully before installing the product.
Important: Before you install this product, make sure you consult the Pre-Installation Update Bulletin and the Installation Checklist.
The bulletin offers late-breaking information and links to critical updates to server operating systems and to Citrix installation files. Download and install the updates or you may not be able to install this product properly.
| Supported Environment or Microsoft Windows Operating System | Additional Hardware Requirements | |
| Password Manager Central Store | Active Directory | 30KB disk space per user |
| NTFS File Share | ||
| Novell Shared Folder | ||
| Password Manager Console | Microsoft Windows XP Professional, Service Pack 2—32-bit | 64MB RAM 60MB disk space |
| Microsoft Windows XP Professional x64 Edition—64-bit | ||
| Microsoft Windows 2000 Professional, Service Pack 4 | ||
| Microsoft Windows Server 2003, Service Pack 1 (Standard Edition, Enterprise Edition, Datacenter Edition )—32-bit and 64-bit | ||
| Microsoft Windows Server 2003 R2 (Standard Edition, Enterprise Edition, Datacenter Edition )—32-bit and 64-bit | ||
| Microsoft Windows 2000 Server, Service Pack 4 (Windows 2000 Server, Advanced Server, Datacenter Server)—32-bit | ||
| Password Manager Agent | Microsoft Windows XP Professional, Service Pack 2—32-bit | 10MB RAM 25MB disk space (if optional features such as Hot Desktop and so on are not installed) 35MB disk space (if optional features such as Hot Desktop and so on are installed) |
| Microsoft Windows XP Professional x64 Edition—64-bit | ||
| Microsoft Windows XP Embedded | ||
| Microsoft Windows 2000 Professional, Service Pack 4 | ||
| Microsoft Windows Fundamentals for Legacy PCs | ||
| Microsoft Windows Server 2003, Service Pack 1 (Standard Edition, Enterprise Edition, Datacenter Edition )—32-bit and 64-bit | ||
| Microsoft Windows Server 2003 R2 (Standard Edition, Enterprise Edition, Datacenter Edition )—32-bit and 64-bit | ||
| Microsoft Windows 2000 Server, Service Pack 4 (Windows 2000 Server, Advanced Server, Datacenter Server)—32-bit | ||
| Password Manager Application Definition Tool | Same as Password Manager Agent | Same as Password Manager Agent |
| Password Manager Service | Microsoft Windows Server 2003, Service Pack 1 (Standard Edition, Enterprise Edition, Datacenter Edition )—32-bit | 128MB RAM 30MB disk space |
| Microsoft Windows Server 2003 R2 (Standard Edition, Enterprise Edition, Datacenter Edition )—32-bit | ||
| ASP.NET (Application Server component) installed |
Notes:
If you use the Access Management Console to manage multiple Citrix Access Suite components, read this section before upgrading the Access Management Console to the 4.5 release.
When you upgrade an Access Suite component to the 4.5 release, you must also upgrade the Access Management Console to manage that component. However, by default, the new 4.5 version of the console only supports 4.5 components. Therefore, if you plan to upgrade some, but not all, of your components to 4.5, you have two options for managing these components:
If you upgrade some Access Suite components to the 4.5 release but not others, Citrix recommends that you use two versions of the Access Management Console to manage the Access Suite components. Each version of the Access Management Console must reside on a separate computer.
- Use a 4.5 version of the Access Management Console to manage the Access Suite components that you upgraded to the 4.5 release.
- Use the existing version of the Access Management Console to manage the Access Suite Components that are not upgraded.
Specifically, you should do the following:
- Install a new 4.5 version of the Access Management Console on a different computer than the Access Management Console that manages the components from the earlier release.
Note: You can also publish the 4.5 version of the Access Management Console on a Citrix Presentation Server. Publishing the console allows you to access the console remotely and, as a result, manage different versions of the console from a single computer.- Install the product extension(s) for the component(s) you plan to upgrade into the new 4.5 version of the Access Management Console. For example, if you intend to upgrade Password Manager and Access Gateway Advanced Edition to the 4.5 release, install the Password Manager 4.5 and Access Gateway Advanced Edition 4.5 extensions in the Access Suite Console.
- Upgrade the servers running the Access Suite components (the Password Manager and Access Gateway Advanced Edition in this example.)
Later if you upgrade an additional component (such as the Citrix Presentation Server), you can also load that component extension into the Access Management Console 4.5. Eventually, when you have upgraded all of the Access Suite components, you can eliminate the earlier version of the Access Management Console.
In some environments you can use a single instance of the Access Management Console 4.5 to manage Access Suite components from both the 4.5 release and earlier releases.
This option has these limitations:
- You cannot use the Access Management Console 4.5 to manage a Citrix Presentation Server 4.0. You should not use this option if your environment includes the Citrix Presentation Server.
- You can use the Access Management Console 4.5 to manage either the Password Manager (4.1) or Access Gateway Advanced Edition (4.0 or 4.2). However, you must install individual hot fixes for these components to manage them from the Access Management Console 4.5.
For example, you can do the following:
- Upgrade the Password Manager from the 4.1 release to the 4.5 release.
- Upgrade the Access Management Console from the 4.1 release to the 4.5 release and install the product extensions for the Password Manager 4.5 into the Access Management Console.
- Install the hot fix in the Access Management Console that enables you to manage the Access Gateway Advanced Edition 4.2 from the Access Management Console 4.5.
When you have completed these steps, you can use the Access Management Console 4.5 to manage the Password Manager 4.5 and the Access Gateway Advanced Edition 4.0 or 4.2.
You can also use this approach to manage the Access Gateway Advanced Edition 4.5 and the Password Manager 4.1 from the Access Management Console 4.5. In this case, you must install a hot fix for the Password Manager in the Access Management Console 4.5.
[Back to installation issues contents]
If you create a Password Manager Agent installation image (.msi) from a 32-bit computer, this image can beinstalled on 32-bit computers only. If you create an image from a 64-bit computer, thisimage can be installed on 64-bit computers only. [#149128]
Installing Password Manager outside the default ..\Program Files\Citrix on 64-bit systems may result in maintenance problems. During this installation, some files will still be installed in the default location, rather than the one specified. To avoid maintenance problems and to keep all Password Manager files together, install Password Manager in the default location. [#152840]
When creating a Password Manager Agent installation image (.msi) to install Password Manager Agent on a 64-bit computer running Windows XP, specify a network share as the network installation point, rather than %SystemDrive%\. Specifying the %SystemDrive%\ will cause the 32-bit version of the SSOGina.dll file to be installed, instead of the 64-bit version. This causes a User Interface Failure message to appear when the agent software is launched, stating that the SSOGina.dll file failed to load. [#153539 ]
For non-English operating systems, set up .NET Framework language support by installing the Microsoft .NET Framework Version 2.0 language pack. This is available from the Microsoft Web site. [#154151]
The %SystemRoot%\System32\Msvcp60.dll file does not get removed when Password Manager is uninstalled from a Microsoft Windows 2000 server.
[Back to installation issues contents]
This section includes information for the following products:
The name of the computer running Password Manager Service must not contain non-ASCII characters. If the computer name does contain non-ASCII characters, the service configuration will fail and the installed service modules will not start. [#140193]
[Back to known issues contents]
When using Password Manager Agent 4.0 or 4.1, the password policy setting, Maximum number of times the same character can occur sequentially, should be 2 or higher. A setting of 0 or 1 turns off sequential restrictions without notification to the administrator. [#138487]
When importing administrative data into the Password Manager Console, only administrator-created password policies are overwritten. The Default and Domain Policies are not imported and, as a result, retain any changes made to them previously. [#154092]
[Back to known issues contents]
When Password Manager Agent detects an unregistered password-protected Web application, it launches the New Logon dialog box. Under certain conditions, if Not now is clicked, a loop might occur, with the New Logon dialog box continuing to appear. The looping occurs if at least one of the CSS styles associated with the username, password, or submit fields refers to an external resource. In the following example, the background style is defined to display an image:
#password
{
background: url(stars.gif) no-repeat top;
}
Because the image is external to the page, this style will produce the looping effect if Not now is clicked. If this occurs, have the user temporarily pause the agent software. [#151515]
When enrolling with Password Manager Agent 4.0 in an environment that has upgraded from Password Manager Console 4.0 to 4.1 or 4.5, the user may receive a message stating, "No identity verification questions have been configured. Please contact your administrator." This generally occurs if the Identity Verification Question list, retained from Password Manager Console 4.0, contains only the default identity verification question. If you continue using Password Manager Agent 4.0, create identity verification questions to prevent user lockouts. See Chapter 9, "Managing Question-Based Authentication," of the Citrix Password Manager Administrator's Guide for details. [#150835]
When Password Manager Agent detects an unregistered password-protected Web application, it launches the New Logon dialog box. When this occurs, the scroll bars of the Web browser are locked. If the logon fields of the Web application are not visible in the browser, the user cannot confirm that Password Manager Agent identified the logon fields correctly. In this situation, instruct the user to click Not Now to close the New Logon dialog box, resize or rearrange the Web browser window, and then click Refresh to restore the New Logon dialog box. [#137536]
If you are running Password Manager Agent from Citrix Presentation Server, do not select the Use default NT Authentication option, available on the Advanced Connection Settings page of the Citrix Connection Configuration Tool. If this option is selected, all authentication will occur through the default Microsoft Windows NT authentication file, msGINA.dll, bypassing Password Manager's SSOGina.dll file and preventing access to the agent credentials. [#153485]
[Back to known issues contents]
The opening paragraph of the To Make Your Questionnaire Backward Compatible section of Chapter 9, Managing Question-based Authentication, states that "the questionnaire must include exactly four security questions associated with the self-service password reset feature." Actually, there may be as few as one security question.
Password Manager now supports Java Runtime Environment Version 5.0, update 9 (also known as JRE v1.5, update 9). See "Installing the Java Runtime Environment," in Chapter 3, "Installing Password Manager," of the Citrix Password Manager Administrator's Guide, for details about configuring the upgraded Java Runtime Environment to run with Password Manager.
Chapters 1 and 2 of the Citrix Password Manager Administrator's Guide refer to access centers and content delivery agents (CDAs) while discussing the Citrix Access Gateway product line. As the guide was going into production, Citrix Access Gateway Advanced Edition 4.5 was released. This version does not use access centers or CDAs.
