How to Use Citrix eDocs
Creating a PDF
Restricting Search
Printing Pages and Topics
Bookmarking Pages and Emailing Topics
Synchronizing the Contents and View Panes
Legal Notices and Terms of Use
Creating a PDF
Restricting Search
Printing Pages and Topics
Bookmarking Pages and Emailing Topics
Synchronizing the Contents and View Panes
Legal Notices and Terms of Use
XenDesktop
XenDesktop 3
Citrix XenDesktop 3 Feature Pack 1 Release Note
Readme for XenDesktop 3.0
Overview of Citrix XenDesktop
About XenDesktop
XenDesktop Overview
What's New in XenDesktop
XenDesktop Editions Overview
XenDesktop Features and Editions
XenDesktop Editions Overview
Features in XenDesktop Standard Edition
Additional Features in XenDesktop Advanced Edition
Additional Features in XenDesktop Enterprise Edition
Additional Features in XenDesktop Platinum Edition
Evaluating XenDesktop
Introduction
How to Use This Document
Getting Support and Training
About the Evaluation Environment
Physical Components
XenDesktop Components
IP Addressing
System Requirements
Software Requirements
Citrix Products and Components
Third-Party Products
Third-Party Virtual Machine Infrastructure Hosts
Installation Time
Hardware Requirements
What’s on the Installation Media
Licensing the Evaluation Environment
Installing and Configuring the Evaluation Deployment
Overview
XenDesktop Administration
Task 1. Installing the Virtual Machine Infrastructure
To install XenServer on pServerOne (and pServerTwo)
Task 2. Installing and Configuring XenCenter
To assign a static IP address to pXenCenterComputer
To install XenCenter on pXenCenterComputer
To connect XenCenter to pServerOne (and pServerTwo)
To install the XenServer license
To create a resource pool on pServerTwo
Task 3. Creating the Virtual Machines
To create the domain controller virtual machine
To create the Desktop Delivery Controller virtual machine
To create the Provisioning Server virtual machine
To create the base desktop virtual machine
To create a Provisioning Server virtual machine template
To install XenServer Tools
Task 4. Configuring Active Directory for XenDesktop
To configure Active Directory on the domain controller
To create an organizational unit named XenDesktop
To create user accounts
To add virtual machines to the XenDT.net domain
Task 5. Installing Desktop Delivery Controller
To install Desktop Delivery Controller
To run the XenDesktop Active Directory Configuration Wizard
To configure the Access Management Console
To install the XenDesktop license
Task 6. Installing and Configuring Provisioning Server
To install Microsoft .NET Framework 3.5
To install Microsoft SQL Server 2005 Express Edition
To install Provisioning Server
To configure Provisioning Server
Specifying Permissions for the XenDesktop Setup Wizard
To install the XenDesktop Setup Wizard
To create the Provisioning Server virtual disk
To configure DHCP boot options 66 and 67 on the domain controller
Task 7. Preparing the Virtual Desktop Image
To install the Virtual Desktop Agent on the base desktop virtual machine
Customizing the Desktop for Your Users
Configuring Access to XenApp Applications
Task 8. Preparing and Provisioning Virtual Desktops
To add the base desktop to the Provisioning Server database
To install a target device on the base desktop virtual machine
To image the base desktop to the Provisioning Server virtual disk
To set the virtual disk access mode
Task 9. Creating Multiple Virtual Desktops
To create multiple virtual desktops
To modify the idle desktop count
XenDesktop Endpoint Devices
Task 1. Converting an Endpoint Device to Full-Screen-Only Mode
To configure the endpoint device to receive virtual desktops
To enable full-screen-only mode on the endpoint device
To experience a seamless virtual desktop
Task 2. Connecting to a Virtual Desktop in Window View Mode
To experience a virtual desktop in window view mode
Task 3. Connecting to a Virtual Desktop from a Desktop Appliance
To connect to a virtual desktop from a desktop appliance
Task 4. Observing Virtual Desktop Usage
Using XenDesktop with Third-Party Virtual Machine Infrastructures
Overview
Guidelines for Using System Center Virtual Machine Manager
XenDesktop Administration with System Center Virtual Machine Manager
Task 1. Installing the Virtual Machine Infrastructure (VMM)
Task 2. Installing and Configuring XenCenter (VMM)
Task 3. Creating the Virtual Machines (VMM)
Task 4. Configuring Active Directory for XenDesktop (VMM)
Task 5. Installing Desktop Delivery Controller (VMM)
Task 6. Installing and Configuring Provisioning Server (VMM)
Task 7. Preparing the Virtual Desktop Image (VMM)
Task 8. Preparing and Provisioning Virtual Desktops (VMM)
Task 9. Creating Multiple Virtual Desktops (VMM)
XenDesktop Endpoint Devices (VMM)
Guidelines for Using VMware Infrastructure 3
XenDesktop Administration with VMware Infrastructure 3
Task 1. Installing the Virtual Machine Infrastructure (VI3)
Task 2. Installing and Configuring XenCenter (VI3)
Task 3. Creating the Virtual Machines (VI3)
Task 4. Configuring Active Directory for XenDesktop (VI3)
Task 5. Installing Desktop Delivery Controller (VI3)
Task 6. Installing and Configuring Provisioning Server (VI3)
Task 7. Preparing the Virtual Desktop Image (VI3)
Task 8. Preparing and Provisioning Virtual Desktops (VI3)
Task 9. Creating Multiple Virtual Desktops (VI3)
XenDesktop Endpoint Devices (VI3)
Administering XenDesktop
Planning Your XenDesktop Deployment
New Features in This Release
Planning Your XenDesktop Farm
Using Active Directory with Desktop Delivery Controller
Using the Web Interface with Desktop Delivery Controller
Security Planning for XenDesktop
Security Best Practices
Managing User Privileges
Deployment Scenarios
Upgrading from Previous Versions of XenDesktop
Planning the XenDesktop User Experience
Your XenDesktop Environment
User Types
Network Environment
Desktop Connection Scenarios
Scenario A: Connecting from an Appliance
Scenario B: Connecting from a Domain-Joined or Repurposed Computer
Scenario C: Connecting from a Fat Client Device on a LAN
Scenario D: Connecting from Remote Computers
Using Smart Cards with XenDesktop
Smart Card Types and Readers Supported
Endpoint Device Requirements for Smart Cards
Secure Use of Smart Cards
Configuring Smart Card Authentication
Managing Smart Card Use
Removing Smart Cards
Installing XenDesktop
Installing XenDesktop: Overview
XenDesktop Installation Media
What's on the XenDesktop Installation Media
Licensing XenDesktop
Creating the Farm Data Store
Installing Desktop Delivery Controller on a Single Server
To install Desktop Delivery Controller and create a farm
To configure Active Directory
To use a separate database server
To add a controller to a farm
To install the management consoles on a separate computer
To start the Access Management Console
To configure and run discovery
Installing VM Infrastructure Software
To install XenServer
To replace the default XenServer SSL Certificate
To install a certificate on the delivery controller
Installing Citrix Provisioning Server
Installing the XenDesktop Setup Wizard
Installing the Virtual Desktop Agent
To install the Virtual Desktop Agent
To configure firewalls manually
Installing the Citrix Desktop Receiver
Upgrading to XenDesktop 3.0
To upgrade Desktop Delivery Controller
To upgrade the Virtual Desktop Agent
To upgrade to a different edition of XenDesktop
Removing XenDesktop
To remove the Virtual Desktop Agent
Removing Desktop Delivery Controller Components
To remove all components
To remove selected components
To remove the XenDesktop Setup Wizard
Preparing and Provisioning Desktops
To create a base desktop VM
To create a vDisk
To add the base desktop VM to the Provisioning Server database
To install a target device for the x86 Platform on the base desktop VM
To image the base desktop VM to the Provisioning Server vDisk
To set the vDisk access mode
To create a Provisioning Server VM template
Creating and Updating Desktop Groups
Overview of Desktop Groups
To create a VM-based pooled desktop group using the XenDesktop Setup Wizard
To enable logging on the XenDesktop Setup Wizard
To enable Pool Management logging
To create a VM-based desktop group using the Access Management Console
To create multiple XenServer pools
To create a PC- or blade-based desktop group
Configuring Advanced Settings for Desktop Groups
To configure access controlled by Access Gateway
To set up an idle pool
Configuring Logoff Behavior
To configure logoff behavior for pooled desktops
To configure logoff behavior for assigned desktops
Specifying Client Options
Importing and Exporting Desktop and User Assignment Data
To export data to a file
To import data from a file
Updating Desktop Groups
To update a desktop group
To configure user-driven desktop restart
To delete a desktop group
Customizing Your Desktop Delivery Controller Environment
Customizing Your Desktop Delivery Controller Environment: Overview
Creating Administrators for Desktop Delivery Controller Environments
Delegating Desktop Delivery Controller Administration Tasks
Configuring USB Support
Support for USB Mass Storage Devices
Optimizing the User Experience
Configuring Time Zone Settings
Configuring Connection Timers
Disabling RDP
Removing the Shut Down Command
Managing Your Desktop Delivery Controller Deployment
To put a desktop into maintenance mode
To view sessions for a desktop group
To view all sessions for a particular user
To disconnect or log off a session
To send a message to users
Manually Controlling Virtual Machines
To start virtual machines
To shut down and restart virtual machines
To migrate a controller to another farm
To migrate a desktop to another farm
Updating License Server Settings
To specify a license server for the farm
To specify a license server for an individual controller
Using XenApp for Virtual Desktops
Why Use XenApp with XenDesktop
Application Streaming Versus Hosting
Before Installing XenApp in a XenDesktop Environment
Server Considerations
Management Console Considerations
Installing XenApp from the Product Media
Licensing Considerations
Optimizing Application Delivery
Installing the XenApp Plugins
Setting up Pass-through Authentication
Mapping Network Drives Using a Policy
To map network drives in XenApp
USB Drive Mapping Limitations
Pre-caching Streamed Applications
Smart Card Support
User Profile Manager Considerations
XenDesktop Command-Line Tools
Installing and Removing Controllers Using Setup.exe
Setup.exe Examples
Installing and Removing the Virtual Desktop Agent Using XdsAgent.msi
Configuring Active Directory Using ADSetup
XenDesktop 3.0 System Requirements
Requirements for Delivery Controllers
Data Store Database Requirements
Separate Component Requirements
Citrix Licensing Requirements
License Server
License Management Console
Desktop Delivery Controller Management Console Requirements
Client Requirements
Active Directory Requirements
Virtual Desktop Requirements
Hosting Infrastuctures
Microsoft System Center Virtual Machine Manager 2008 and Desktop Delivery Controller
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Server
Creating a Desktop Group
Troubleshooting
VMware Infrastructure 3 and Desktop Delivery Controller
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Server
Creating a Desktop Group
Troubleshooting
Administering Desktop Receiver
Readme for Citrix Desktop Receiver 11.1
Overview of This Release
Getting Support and Training
Introducing the Desktop Receiver
Desktop Receiver Features
New Features in this Release
User-Driven Desktop Restart
USB Support
Smart Card Support
Enhanced Multimedia Support
Existing Features
Full-Screen-Only Mode
Window View Mode
Dynamic Client Drive Mapping
Support for Multiple Monitors
Support for Displaying Multiple Desktop Receiver Windows
ICA Features Supported for Connections to Virtual Desktops
Installing the Desktop Receiver
Deciding Which Desktop Receiver Version to Use
Citrix Desktop Receiver
Citrix Desktop Receiver Embedded Edition
Compatibility With Other Citrix Products and Components
System Requirements
USB Support
Before Installing the Desktop Receiver
Packaging the Client Software
Upgrading Citrix Desktop Receiver
Installing the Desktop Receiver
To install the Desktop Receiver
Installing the Desktop Receiver Embedded Edition
Stage One
Stage Two
User Accounts Used to Install the Desktop Receiver Embedded Edition
Removing the Desktop Receiver
To remove the Desktop Receiver
To remove the Desktop Receiver Embedded Edition
Configuring the Desktop Receiver
Configuring USB Support
How USB Support Works
Mass Storage Devices
Default Policy Rules Applying to USB Device Classes
USB Device Classes Allowed by Default
Audio (Class 01)
Physical Interface Devices(Class 05)
Still Imaging (Class 06)
Printers (Class 07)
Mass Storage (Class 08)
Content Security (Class 0d)
Video (Class 0e)
Personal Healthcare (Class 0f)
Application and Vendor Specific (Classes fe and ff)
USB Device Classes Denied by Default
Communications and CDC Control (Classes 02 and 0a)
Human Interface Devices (Class 03)
USB Hubs (Class 09)
Smart Card (Class 0b)
Wireless Controller (Class e0)
Updating the List of USB Devices Available for Remoting
Configuring User-Driven Desktop Restart
Preventing the Desktop Receiver Window from Dimming
To prevent the Desktop Receiver window from dimming
Using the Desktop Receiver
Accessing Virtual Desktops
Using Virtual Desktops in Window View Mode
Changing the Appearance of Virtual Desktops
To change the resolution of a virtual desktop so it fits in a window
To scale a virtual desktop so it fits in a window
To display a virtual desktop in actual size on the remote computer
Working with Toolbars
To move the toolbar to another edge of the screen
To display the mini-bar
To hide the toolbar
Switching Between Virtual Desktops
To switch to another virtual desktop
Logging Off and Disconnecting From Virtual Desktops
To log off from a virtual desktop, shut it down, or lock its screen
To disconnect from the virtual desktop
Restarting Virtual Desktops
To restart a virtual desktop during startup
To restart a virtual desktop during a session
Customizing USB Preferences
To customize USB preferences
Using Virtual Desktops in Full-Screen-Only Mode
Restarting Virtual Desktops
To restart a full-screen-only desktop during startup
To restart a full-screen-only desktop during a session
Other Factors Affecting the User Experience
Connections, Sessions, and Devices
Keyboard Input
Printing
XenDesktop 4
Readme for Citrix XenDesktop 4
Overview of Citrix XenDesktop
Introduction
Key Features
XenDesktop Components
What's New in XenDesktop
XenDesktop Features and Editions
Features in XenDesktop VDI Edition
Features in XenDesktop Enterprise Edition
Features in XenDesktop Platinum Edition
XenDesktop 4 System Requirements
Requirements for Delivery Controllers
Data Store Database Requirements
Separate Component Requirements
Citrix Licensing Requirements
Desktop Delivery Controller Management Console Requirements
Client Requirements
Active Directory Requirements
Virtual Desktop Requirements
Hosting Infrastuctures
Evaluating XenDesktop
Evaluating XenDesktop Enterprise Edition
Before You Begin
About the Enterprise Edition Evaluation Environment
XenDesktop Components
Physical Components
IP Addressing
System Requirements
Software Requirements
Citrix Products and Components
Third-Party Products
Third-Party Virtual Machine Infrastructure Hosts
Installation Time
Hardware Requirements
What’s on the Installation Media
Licensing the Evaluation Environment
Installing and Configuring the Enterprise Edition Evaluation Deployment
Overview
XenDesktop Administration
Task 1. Installing the Virtual Machine Infrastructure
To install XenServer on pServerOne (and pServerTwo)
Task 2. Installing and Configuring XenCenter
To assign a static IP address to pXenCenterComputer
To install XenCenter on pXenCenterComputer
To connect XenCenter to pServerOne (and pServerTwo)
To create a resource pool on pServerTwo
Task 3. Creating the Virtual Machines
To create the domain controller virtual machine
To create the Desktop Delivery Controller virtual machine
To create the Provisioning Services virtual machine
To create the base desktop virtual machine
To create a Provisioning Services virtual machine template
To install XenServer Tools
Task 4. Configuring Active Directory for XenDesktop
To configure Active Directory on the domain controller
To create an organizational unit named XenDesktop
To create user accounts
To add virtual machines to the XenDT.net domain
Task 5. Installing Desktop Delivery Controller
To install Desktop Delivery Controller
To configure the Active Directory organizational unit
To configure the Delivery Services Console
To install the XenDesktop license
Task 6. Installing and Configuring Provisioning Services
To install Microsoft .NET Framework 3.5 with Service Pack 1
To install Microsoft SQL Server 2005 Express Edition
To install Provisioning Services
To configure Provisioning Services
Specifying Permissions for the XenDesktop Setup Wizard
To install the XenDesktop Setup Wizard
To create the Provisioning Services virtual disk
To configure DHCP boot options 66 and 67 on the domain controller
Task 7. Preparing the Virtual Desktop Image
To install the Virtual Desktop Agent on the base desktop virtual machine
Customizing the Desktop for Your Users
Configuring Access to XenApp Applications
Task 8. Preparing and Provisioning Virtual Desktops
To add the base desktop to the Provisioning Services database
To install a target device on the base desktop virtual machine
To image the base desktop to the Provisioning Services virtual disk
To set the virtual disk access mode
Task 9. Creating Multiple Virtual Desktops
To create multiple virtual desktops
To modify the idle desktop count
XenDesktop User Devices
Task 1. Converting a User Device to Full-Screen-Only Mode
To configure the user device to receive virtual desktops
To enable full-screen-only mode on the user device
To experience a seamless virtual desktop
Task 2. Connecting to a Virtual Desktop in Window View Mode
To experience a virtual desktop in window view mode
Task 3. Connecting to a Virtual Desktop from a Desktop Appliance
To connect to a virtual desktop from a desktop appliance
Task 4. Observing Virtual Desktop Usage
Using Third-Party Virtual Machine Infrastructures
Overview
Guidelines for Using System Center Virtual Machine Manager
XenDesktop Administration with System Center Virtual Machine Manager
Task 1. Installing the Virtual Machine Infrastructure (VMM)
Task 2. Installing and Configuring XenCenter (VMM)
Task 3. Creating the Virtual Machines (VMM)
Task 4. Configuring Active Directory for XenDesktop (VMM)
Task 5. Installing Desktop Delivery Controller (VMM)
Task 6. Installing and Configuring Provisioning Services (VMM)
Task 7. Preparing the Virtual Desktop Image (VMM)
Task 8. Preparing and Provisioning Virtual Desktops (VMM)
Task 9. Creating Multiple Virtual Desktops (VMM)
XenDesktop User Devices (VMM)
Guidelines for Using VMware Infrastructure
XenDesktop Administration with VMware Infrastructure
Task 1. Installing the Virtual Machine Infrastructure (VMware)
Task 2. Installing and Configuring XenCenter (VMware)
Task 3. Creating the Virtual Machines (VMware)
Task 4. Configuring Active Directory for XenDesktop (VMware)
Task 5. Installing Desktop Delivery Controller (VMware)
Task 6. Installing and Configuring Provisioning Services (VMware)
Task 7. Preparing the Virtual Desktop Image (VMware)
Task 8. Preparing and Provisioning Virtual Desktops (VMware)
Task 9. Creating Multiple Virtual Desktops (VMware)
XenDesktop User Devices (VMware)
Evaluating XenDesktop Express Edition
Before You Begin
About the Express Edition Evaluation Environment
XenDesktop Components
Physical Components
IP Addressing
System Requirements
Software Requirements
Hardware Requirements
What’s in the Download
Installing and Configuring the Express Edition Evaluation Deployment
Task 1. Installing the Virtual Machine Infrastructure
Task 2. Installing and Configuring XenCenter
Task 3. Creating the Virtual Machines
To create the domain controller virtual machine
To create the Desktop Delivery Controller virtual machine
To create the virtual desktop virtual machine
To install XenServer Tools
Task 4. Configuring Active Directory for XenDesktop
Task 5. Installing Desktop Delivery Controller
To install Desktop Delivery Controller
To configure the Active Directory organizational unit
To configure the Delivery Services Console
To install the XenDesktop license
Task 6. Preparing and Delivering the Virtual Desktop
XenDesktop User Experience
Administering XenDesktop
Planning Your XenDesktop Deployment
Planning Your XenDesktop Farm
Using Active Directory with Desktop Delivery Controller
Using the Web Interface with Desktop Delivery Controller
Security Planning for XenDesktop
Security Best Practices
Managing User Privileges
Deployment Scenarios
Upgrading from Previous Versions of XenDesktop
XenDesktop User Access Scenarios
Using Smart Cards with XenDesktop
Smart Card Types and Readers Supported
User Device Requirements for Smart Cards
Secure Use of Smart Cards
Configuring Smart Card Authentication
Managing Smart Card Use
Removing Smart Cards
Installing XenDesktop
Installing XenDesktop: Overview
XenDesktop Installation Media and Downloads
Licensing XenDesktop
Creating the Farm Data Store
Installing Desktop Delivery Controller on a Single Server and Creating a Farm
To install Desktop Delivery Controller and create a farm
To configure Active Directory
To use a separate database server
To add a controller to a farm
To install the management consoles on a separate computer
To start the Delivery Services Console
To configure and run discovery
Installing VM Infrastructure Software
To install XenServer
To replace the default XenServer SSL Certificate
To install a certificate on the delivery controller
Installing Citrix Provisioning Services
Installing the XenDesktop Setup Wizard
Installing the Virtual Desktop Agent
To install the Virtual Desktop Agent
To configure firewalls manually
To use Windows XP virtual desktops with Password Manager
Upgrading to XenDesktop 4.0
To upgrade Desktop Delivery Controller
To upgrade the Virtual Desktop Agent
To change to a different edition of XenDesktop
Removing XenDesktop
To remove the Virtual Desktop Agent
Removing Desktop Delivery Controller Components
To remove all components
To remove selected components
To remove the XenDesktop Setup Wizard
Preparing and Provisioning Desktops
To create a base desktop VM
To create a vDisk
To add the base desktop VM to the Provisioning Services database
To install a target device on the base desktop VM
To image the base desktop VM to the Provisioning Services vDisk
To set the vDisk access mode
To create a Provisioning Services VM template
Creating and Updating Desktop Groups
Overview of Desktop Groups
To create a VM-based pooled desktop group using the XenDesktop Setup Wizard
To enable logging on the XenDesktop Setup Wizard
To enable Pool Management logging
To create a VM-based desktop group using the Delivery Services Console
To create multiple XenServer pools
To create a PC- or blade-based desktop group
Configuring Advanced Settings for Desktop Groups
To configure access controlled by Access Gateway
To set up an idle pool
Configuring Logoff Behavior
To configure logoff behavior for pooled desktops
To configure logoff behavior for assigned desktops
Specifying Client Options
Importing and Exporting Desktop and User Assignment Data
To export data to a file
To import data from a file into an existing desktop group
Updating Desktop Groups
To update a desktop group
To configure user-driven desktop restart
To delete a desktop group
Customizing Your Desktop Delivery Controller Environment
Creating Administrators for Desktop Delivery Controller Environments
Delegating Desktop Delivery Controller Administration Tasks
Configuring USB Support
Support for USB Mass Storage Devices
Optimizing the User Experience
Configuring Audio for User Sessions
Configuring Audio
HDX MediaStream for Flash
Configuring HDX MediaStream for Flash with Group Policy Objects
To enable HDX MediaStream for Flash from the server
Enabling and Disabling HDX MediaStream for Flash on the User Device
Mitigating High Network Latency
Enabling Server-side Event Logging
Blocking Web Sites From Working With HDX MediaStream For Flash
Configuring Time Zone Settings
Configuring Connection Timers
Removing the Shut Down Command
Managing Your Desktop Delivery Controller Deployment
To put a desktop into maintenance mode
To view sessions for a desktop group
To view all sessions for a particular user
To disconnect or log off a session
To send a message to users
Manually Controlling Virtual Machines
To start virtual machines
To shut down and restart virtual machines
To migrate a controller to another farm
To migrate a desktop to another farm
Updating License Server Settings
To specify a license server for the farm
To specify a license server for an individual controller
Using XenApp with XenDesktop
Why Use XenApp with XenDesktop
Application Streaming Versus Hosting
Before Installing XenApp in a XenDesktop Environment
Server Considerations
Management Console Considerations
Installing XenApp from the Product Media
Licensing Considerations
Optimizing Application Delivery
Installing the Citrix Online and Offline Plug-ins
Setting up Pass-through Authentication
Mapping Network Drives Using a Policy
To map network drives in XenApp
USB Drive Mapping Limitations
Pre-caching Streamed Applications
Smart Card Support
Profile Management Considerations
XenDesktop Command-Line Tools
Installing and Removing Controllers Using Setup.exe
Setup.exe Examples
Installing and Removing the Virtual Desktop Agent Using XdsAgent.msi
Configuring Active Directory Using ADSetup
Microsoft System Center Virtual Machine Manager 2008 and XenDesktop
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Services
Creating a Desktop Group
Troubleshooting
VMware and XenDesktop
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Services
Creating a Desktop Group
Troubleshooting
XenDesktop Scalability Guidelines
XenDesktop 3
Citrix XenDesktop 3 Feature Pack 1 Release Note
Readme for XenDesktop 3.0
Overview of Citrix XenDesktop
About XenDesktop
XenDesktop Overview
What's New in XenDesktop
XenDesktop Editions Overview
XenDesktop Features and Editions
XenDesktop Editions Overview
Features in XenDesktop Standard Edition
Additional Features in XenDesktop Advanced Edition
Additional Features in XenDesktop Enterprise Edition
Additional Features in XenDesktop Platinum Edition
Evaluating XenDesktop
Introduction
How to Use This Document
Getting Support and Training
About the Evaluation Environment
Physical Components
XenDesktop Components
IP Addressing
System Requirements
Software Requirements
Citrix Products and Components
Third-Party Products
Third-Party Virtual Machine Infrastructure Hosts
Installation Time
Hardware Requirements
What’s on the Installation Media
Licensing the Evaluation Environment
Installing and Configuring the Evaluation Deployment
Overview
XenDesktop Administration
Task 1. Installing the Virtual Machine Infrastructure
To install XenServer on pServerOne (and pServerTwo)
Task 2. Installing and Configuring XenCenter
To assign a static IP address to pXenCenterComputer
To install XenCenter on pXenCenterComputer
To connect XenCenter to pServerOne (and pServerTwo)
To install the XenServer license
To create a resource pool on pServerTwo
Task 3. Creating the Virtual Machines
To create the domain controller virtual machine
To create the Desktop Delivery Controller virtual machine
To create the Provisioning Server virtual machine
To create the base desktop virtual machine
To create a Provisioning Server virtual machine template
To install XenServer Tools
Task 4. Configuring Active Directory for XenDesktop
To configure Active Directory on the domain controller
To create an organizational unit named XenDesktop
To create user accounts
To add virtual machines to the XenDT.net domain
Task 5. Installing Desktop Delivery Controller
To install Desktop Delivery Controller
To run the XenDesktop Active Directory Configuration Wizard
To configure the Access Management Console
To install the XenDesktop license
Task 6. Installing and Configuring Provisioning Server
To install Microsoft .NET Framework 3.5
To install Microsoft SQL Server 2005 Express Edition
To install Provisioning Server
To configure Provisioning Server
Specifying Permissions for the XenDesktop Setup Wizard
To install the XenDesktop Setup Wizard
To create the Provisioning Server virtual disk
To configure DHCP boot options 66 and 67 on the domain controller
Task 7. Preparing the Virtual Desktop Image
To install the Virtual Desktop Agent on the base desktop virtual machine
Customizing the Desktop for Your Users
Configuring Access to XenApp Applications
Task 8. Preparing and Provisioning Virtual Desktops
To add the base desktop to the Provisioning Server database
To install a target device on the base desktop virtual machine
To image the base desktop to the Provisioning Server virtual disk
To set the virtual disk access mode
Task 9. Creating Multiple Virtual Desktops
To create multiple virtual desktops
To modify the idle desktop count
XenDesktop Endpoint Devices
Task 1. Converting an Endpoint Device to Full-Screen-Only Mode
To configure the endpoint device to receive virtual desktops
To enable full-screen-only mode on the endpoint device
To experience a seamless virtual desktop
Task 2. Connecting to a Virtual Desktop in Window View Mode
To experience a virtual desktop in window view mode
Task 3. Connecting to a Virtual Desktop from a Desktop Appliance
To connect to a virtual desktop from a desktop appliance
Task 4. Observing Virtual Desktop Usage
Using XenDesktop with Third-Party Virtual Machine Infrastructures
Overview
Guidelines for Using System Center Virtual Machine Manager
XenDesktop Administration with System Center Virtual Machine Manager
Task 1. Installing the Virtual Machine Infrastructure (VMM)
Task 2. Installing and Configuring XenCenter (VMM)
Task 3. Creating the Virtual Machines (VMM)
Task 4. Configuring Active Directory for XenDesktop (VMM)
Task 5. Installing Desktop Delivery Controller (VMM)
Task 6. Installing and Configuring Provisioning Server (VMM)
Task 7. Preparing the Virtual Desktop Image (VMM)
Task 8. Preparing and Provisioning Virtual Desktops (VMM)
Task 9. Creating Multiple Virtual Desktops (VMM)
XenDesktop Endpoint Devices (VMM)
Guidelines for Using VMware Infrastructure 3
XenDesktop Administration with VMware Infrastructure 3
Task 1. Installing the Virtual Machine Infrastructure (VI3)
Task 2. Installing and Configuring XenCenter (VI3)
Task 3. Creating the Virtual Machines (VI3)
Task 4. Configuring Active Directory for XenDesktop (VI3)
Task 5. Installing Desktop Delivery Controller (VI3)
Task 6. Installing and Configuring Provisioning Server (VI3)
Task 7. Preparing the Virtual Desktop Image (VI3)
Task 8. Preparing and Provisioning Virtual Desktops (VI3)
Task 9. Creating Multiple Virtual Desktops (VI3)
XenDesktop Endpoint Devices (VI3)
Administering XenDesktop
Planning Your XenDesktop Deployment
New Features in This Release
Planning Your XenDesktop Farm
Using Active Directory with Desktop Delivery Controller
Using the Web Interface with Desktop Delivery Controller
Security Planning for XenDesktop
Security Best Practices
Managing User Privileges
Deployment Scenarios
Upgrading from Previous Versions of XenDesktop
Planning the XenDesktop User Experience
Your XenDesktop Environment
User Types
Network Environment
Desktop Connection Scenarios
Scenario A: Connecting from an Appliance
Scenario B: Connecting from a Domain-Joined or Repurposed Computer
Scenario C: Connecting from a Fat Client Device on a LAN
Scenario D: Connecting from Remote Computers
Using Smart Cards with XenDesktop
Smart Card Types and Readers Supported
Endpoint Device Requirements for Smart Cards
Secure Use of Smart Cards
Configuring Smart Card Authentication
Managing Smart Card Use
Removing Smart Cards
Installing XenDesktop
Installing XenDesktop: Overview
XenDesktop Installation Media
What's on the XenDesktop Installation Media
Licensing XenDesktop
Creating the Farm Data Store
Installing Desktop Delivery Controller on a Single Server
To install Desktop Delivery Controller and create a farm
To configure Active Directory
To use a separate database server
To add a controller to a farm
To install the management consoles on a separate computer
To start the Access Management Console
To configure and run discovery
Installing VM Infrastructure Software
To install XenServer
To replace the default XenServer SSL Certificate
To install a certificate on the delivery controller
Installing Citrix Provisioning Server
Installing the XenDesktop Setup Wizard
Installing the Virtual Desktop Agent
To install the Virtual Desktop Agent
To configure firewalls manually
Installing the Citrix Desktop Receiver
Upgrading to XenDesktop 3.0
To upgrade Desktop Delivery Controller
To upgrade the Virtual Desktop Agent
To upgrade to a different edition of XenDesktop
Removing XenDesktop
To remove the Virtual Desktop Agent
Removing Desktop Delivery Controller Components
To remove all components
To remove selected components
To remove the XenDesktop Setup Wizard
Preparing and Provisioning Desktops
To create a base desktop VM
To create a vDisk
To add the base desktop VM to the Provisioning Server database
To install a target device for the x86 Platform on the base desktop VM
To image the base desktop VM to the Provisioning Server vDisk
To set the vDisk access mode
To create a Provisioning Server VM template
Creating and Updating Desktop Groups
Overview of Desktop Groups
To create a VM-based pooled desktop group using the XenDesktop Setup Wizard
To enable logging on the XenDesktop Setup Wizard
To enable Pool Management logging
To create a VM-based desktop group using the Access Management Console
To create multiple XenServer pools
To create a PC- or blade-based desktop group
Configuring Advanced Settings for Desktop Groups
To configure access controlled by Access Gateway
To set up an idle pool
Configuring Logoff Behavior
To configure logoff behavior for pooled desktops
To configure logoff behavior for assigned desktops
Specifying Client Options
Importing and Exporting Desktop and User Assignment Data
To export data to a file
To import data from a file
Updating Desktop Groups
To update a desktop group
To configure user-driven desktop restart
To delete a desktop group
Customizing Your Desktop Delivery Controller Environment
Customizing Your Desktop Delivery Controller Environment: Overview
Creating Administrators for Desktop Delivery Controller Environments
Delegating Desktop Delivery Controller Administration Tasks
Configuring USB Support
Support for USB Mass Storage Devices
Optimizing the User Experience
Configuring Time Zone Settings
Configuring Connection Timers
Disabling RDP
Removing the Shut Down Command
Managing Your Desktop Delivery Controller Deployment
To put a desktop into maintenance mode
To view sessions for a desktop group
To view all sessions for a particular user
To disconnect or log off a session
To send a message to users
Manually Controlling Virtual Machines
To start virtual machines
To shut down and restart virtual machines
To migrate a controller to another farm
To migrate a desktop to another farm
Updating License Server Settings
To specify a license server for the farm
To specify a license server for an individual controller
Using XenApp for Virtual Desktops
Why Use XenApp with XenDesktop
Application Streaming Versus Hosting
Before Installing XenApp in a XenDesktop Environment
Server Considerations
Management Console Considerations
Installing XenApp from the Product Media
Licensing Considerations
Optimizing Application Delivery
Installing the XenApp Plugins
Setting up Pass-through Authentication
Mapping Network Drives Using a Policy
To map network drives in XenApp
USB Drive Mapping Limitations
Pre-caching Streamed Applications
Smart Card Support
User Profile Manager Considerations
XenDesktop Command-Line Tools
Installing and Removing Controllers Using Setup.exe
Setup.exe Examples
Installing and Removing the Virtual Desktop Agent Using XdsAgent.msi
Configuring Active Directory Using ADSetup
XenDesktop 3.0 System Requirements
Requirements for Delivery Controllers
Data Store Database Requirements
Separate Component Requirements
Citrix Licensing Requirements
License Server
License Management Console
Desktop Delivery Controller Management Console Requirements
Client Requirements
Active Directory Requirements
Virtual Desktop Requirements
Hosting Infrastuctures
Microsoft System Center Virtual Machine Manager 2008 and Desktop Delivery Controller
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Server
Creating a Desktop Group
Troubleshooting
VMware Infrastructure 3 and Desktop Delivery Controller
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Server
Creating a Desktop Group
Troubleshooting
Administering Desktop Receiver
Readme for Citrix Desktop Receiver 11.1
Overview of This Release
Getting Support and Training
Introducing the Desktop Receiver
Desktop Receiver Features
New Features in this Release
User-Driven Desktop Restart
USB Support
Smart Card Support
Enhanced Multimedia Support
Existing Features
Full-Screen-Only Mode
Window View Mode
Dynamic Client Drive Mapping
Support for Multiple Monitors
Support for Displaying Multiple Desktop Receiver Windows
ICA Features Supported for Connections to Virtual Desktops
Installing the Desktop Receiver
Deciding Which Desktop Receiver Version to Use
Citrix Desktop Receiver
Citrix Desktop Receiver Embedded Edition
Compatibility With Other Citrix Products and Components
System Requirements
USB Support
Before Installing the Desktop Receiver
Packaging the Client Software
Upgrading Citrix Desktop Receiver
Installing the Desktop Receiver
To install the Desktop Receiver
Installing the Desktop Receiver Embedded Edition
Stage One
Stage Two
User Accounts Used to Install the Desktop Receiver Embedded Edition
Removing the Desktop Receiver
To remove the Desktop Receiver
To remove the Desktop Receiver Embedded Edition
Configuring the Desktop Receiver
Configuring USB Support
How USB Support Works
Mass Storage Devices
Default Policy Rules Applying to USB Device Classes
USB Device Classes Allowed by Default
Audio (Class 01)
Physical Interface Devices(Class 05)
Still Imaging (Class 06)
Printers (Class 07)
Mass Storage (Class 08)
Content Security (Class 0d)
Video (Class 0e)
Personal Healthcare (Class 0f)
Application and Vendor Specific (Classes fe and ff)
USB Device Classes Denied by Default
Communications and CDC Control (Classes 02 and 0a)
Human Interface Devices (Class 03)
USB Hubs (Class 09)
Smart Card (Class 0b)
Wireless Controller (Class e0)
Updating the List of USB Devices Available for Remoting
Configuring User-Driven Desktop Restart
Preventing the Desktop Receiver Window from Dimming
To prevent the Desktop Receiver window from dimming
Using the Desktop Receiver
Accessing Virtual Desktops
Using Virtual Desktops in Window View Mode
Changing the Appearance of Virtual Desktops
To change the resolution of a virtual desktop so it fits in a window
To scale a virtual desktop so it fits in a window
To display a virtual desktop in actual size on the remote computer
Working with Toolbars
To move the toolbar to another edge of the screen
To display the mini-bar
To hide the toolbar
Switching Between Virtual Desktops
To switch to another virtual desktop
Logging Off and Disconnecting From Virtual Desktops
To log off from a virtual desktop, shut it down, or lock its screen
To disconnect from the virtual desktop
Restarting Virtual Desktops
To restart a virtual desktop during startup
To restart a virtual desktop during a session
Customizing USB Preferences
To customize USB preferences
Using Virtual Desktops in Full-Screen-Only Mode
Restarting Virtual Desktops
To restart a full-screen-only desktop during startup
To restart a full-screen-only desktop during a session
Other Factors Affecting the User Experience
Connections, Sessions, and Devices
Keyboard Input
Printing
XenDesktop 4
Readme for Citrix XenDesktop 4
Overview of Citrix XenDesktop
Introduction
Key Features
XenDesktop Components
What's New in XenDesktop
XenDesktop Features and Editions
Features in XenDesktop VDI Edition
Features in XenDesktop Enterprise Edition
Features in XenDesktop Platinum Edition
XenDesktop 4 System Requirements
Requirements for Delivery Controllers
Data Store Database Requirements
Separate Component Requirements
Citrix Licensing Requirements
Desktop Delivery Controller Management Console Requirements
Client Requirements
Active Directory Requirements
Virtual Desktop Requirements
Hosting Infrastuctures
Evaluating XenDesktop
Evaluating XenDesktop Enterprise Edition
Before You Begin
About the Enterprise Edition Evaluation Environment
XenDesktop Components
Physical Components
IP Addressing
System Requirements
Software Requirements
Citrix Products and Components
Third-Party Products
Third-Party Virtual Machine Infrastructure Hosts
Installation Time
Hardware Requirements
What’s on the Installation Media
Licensing the Evaluation Environment
Installing and Configuring the Enterprise Edition Evaluation Deployment
Overview
XenDesktop Administration
Task 1. Installing the Virtual Machine Infrastructure
To install XenServer on pServerOne (and pServerTwo)
Task 2. Installing and Configuring XenCenter
To assign a static IP address to pXenCenterComputer
To install XenCenter on pXenCenterComputer
To connect XenCenter to pServerOne (and pServerTwo)
To create a resource pool on pServerTwo
Task 3. Creating the Virtual Machines
To create the domain controller virtual machine
To create the Desktop Delivery Controller virtual machine
To create the Provisioning Services virtual machine
To create the base desktop virtual machine
To create a Provisioning Services virtual machine template
To install XenServer Tools
Task 4. Configuring Active Directory for XenDesktop
To configure Active Directory on the domain controller
To create an organizational unit named XenDesktop
To create user accounts
To add virtual machines to the XenDT.net domain
Task 5. Installing Desktop Delivery Controller
To install Desktop Delivery Controller
To configure the Active Directory organizational unit
To configure the Delivery Services Console
To install the XenDesktop license
Task 6. Installing and Configuring Provisioning Services
To install Microsoft .NET Framework 3.5 with Service Pack 1
To install Microsoft SQL Server 2005 Express Edition
To install Provisioning Services
To configure Provisioning Services
Specifying Permissions for the XenDesktop Setup Wizard
To install the XenDesktop Setup Wizard
To create the Provisioning Services virtual disk
To configure DHCP boot options 66 and 67 on the domain controller
Task 7. Preparing the Virtual Desktop Image
To install the Virtual Desktop Agent on the base desktop virtual machine
Customizing the Desktop for Your Users
Configuring Access to XenApp Applications
Task 8. Preparing and Provisioning Virtual Desktops
To add the base desktop to the Provisioning Services database
To install a target device on the base desktop virtual machine
To image the base desktop to the Provisioning Services virtual disk
To set the virtual disk access mode
Task 9. Creating Multiple Virtual Desktops
To create multiple virtual desktops
To modify the idle desktop count
XenDesktop User Devices
Task 1. Converting a User Device to Full-Screen-Only Mode
To configure the user device to receive virtual desktops
To enable full-screen-only mode on the user device
To experience a seamless virtual desktop
Task 2. Connecting to a Virtual Desktop in Window View Mode
To experience a virtual desktop in window view mode
Task 3. Connecting to a Virtual Desktop from a Desktop Appliance
To connect to a virtual desktop from a desktop appliance
Task 4. Observing Virtual Desktop Usage
Using Third-Party Virtual Machine Infrastructures
Overview
Guidelines for Using System Center Virtual Machine Manager
XenDesktop Administration with System Center Virtual Machine Manager
Task 1. Installing the Virtual Machine Infrastructure (VMM)
Task 2. Installing and Configuring XenCenter (VMM)
Task 3. Creating the Virtual Machines (VMM)
Task 4. Configuring Active Directory for XenDesktop (VMM)
Task 5. Installing Desktop Delivery Controller (VMM)
Task 6. Installing and Configuring Provisioning Services (VMM)
Task 7. Preparing the Virtual Desktop Image (VMM)
Task 8. Preparing and Provisioning Virtual Desktops (VMM)
Task 9. Creating Multiple Virtual Desktops (VMM)
XenDesktop User Devices (VMM)
Guidelines for Using VMware Infrastructure
XenDesktop Administration with VMware Infrastructure
Task 1. Installing the Virtual Machine Infrastructure (VMware)
Task 2. Installing and Configuring XenCenter (VMware)
Task 3. Creating the Virtual Machines (VMware)
Task 4. Configuring Active Directory for XenDesktop (VMware)
Task 5. Installing Desktop Delivery Controller (VMware)
Task 6. Installing and Configuring Provisioning Services (VMware)
Task 7. Preparing the Virtual Desktop Image (VMware)
Task 8. Preparing and Provisioning Virtual Desktops (VMware)
Task 9. Creating Multiple Virtual Desktops (VMware)
XenDesktop User Devices (VMware)
Evaluating XenDesktop Express Edition
Before You Begin
About the Express Edition Evaluation Environment
XenDesktop Components
Physical Components
IP Addressing
System Requirements
Software Requirements
Hardware Requirements
What’s in the Download
Installing and Configuring the Express Edition Evaluation Deployment
Task 1. Installing the Virtual Machine Infrastructure
Task 2. Installing and Configuring XenCenter
Task 3. Creating the Virtual Machines
To create the domain controller virtual machine
To create the Desktop Delivery Controller virtual machine
To create the virtual desktop virtual machine
To install XenServer Tools
Task 4. Configuring Active Directory for XenDesktop
Task 5. Installing Desktop Delivery Controller
To install Desktop Delivery Controller
To configure the Active Directory organizational unit
To configure the Delivery Services Console
To install the XenDesktop license
Task 6. Preparing and Delivering the Virtual Desktop
XenDesktop User Experience
Administering XenDesktop
Planning Your XenDesktop Deployment
Planning Your XenDesktop Farm
Using Active Directory with Desktop Delivery Controller
Using the Web Interface with Desktop Delivery Controller
Security Planning for XenDesktop
Security Best Practices
Managing User Privileges
Deployment Scenarios
Upgrading from Previous Versions of XenDesktop
XenDesktop User Access Scenarios
Using Smart Cards with XenDesktop
Smart Card Types and Readers Supported
User Device Requirements for Smart Cards
Secure Use of Smart Cards
Configuring Smart Card Authentication
Managing Smart Card Use
Removing Smart Cards
Installing XenDesktop
Installing XenDesktop: Overview
XenDesktop Installation Media and Downloads
Licensing XenDesktop
Creating the Farm Data Store
Installing Desktop Delivery Controller on a Single Server and Creating a Farm
To install Desktop Delivery Controller and create a farm
To configure Active Directory
To use a separate database server
To add a controller to a farm
To install the management consoles on a separate computer
To start the Delivery Services Console
To configure and run discovery
Installing VM Infrastructure Software
To install XenServer
To replace the default XenServer SSL Certificate
To install a certificate on the delivery controller
Installing Citrix Provisioning Services
Installing the XenDesktop Setup Wizard
Installing the Virtual Desktop Agent
To install the Virtual Desktop Agent
To configure firewalls manually
To use Windows XP virtual desktops with Password Manager
Upgrading to XenDesktop 4.0
To upgrade Desktop Delivery Controller
To upgrade the Virtual Desktop Agent
To change to a different edition of XenDesktop
Removing XenDesktop
To remove the Virtual Desktop Agent
Removing Desktop Delivery Controller Components
To remove all components
To remove selected components
To remove the XenDesktop Setup Wizard
Preparing and Provisioning Desktops
To create a base desktop VM
To create a vDisk
To add the base desktop VM to the Provisioning Services database
To install a target device on the base desktop VM
To image the base desktop VM to the Provisioning Services vDisk
To set the vDisk access mode
To create a Provisioning Services VM template
Creating and Updating Desktop Groups
Overview of Desktop Groups
To create a VM-based pooled desktop group using the XenDesktop Setup Wizard
To enable logging on the XenDesktop Setup Wizard
To enable Pool Management logging
To create a VM-based desktop group using the Delivery Services Console
To create multiple XenServer pools
To create a PC- or blade-based desktop group
Configuring Advanced Settings for Desktop Groups
To configure access controlled by Access Gateway
To set up an idle pool
Configuring Logoff Behavior
To configure logoff behavior for pooled desktops
To configure logoff behavior for assigned desktops
Specifying Client Options
Importing and Exporting Desktop and User Assignment Data
To export data to a file
To import data from a file into an existing desktop group
Updating Desktop Groups
To update a desktop group
To configure user-driven desktop restart
To delete a desktop group
Customizing Your Desktop Delivery Controller Environment
Creating Administrators for Desktop Delivery Controller Environments
Delegating Desktop Delivery Controller Administration Tasks
Configuring USB Support
Support for USB Mass Storage Devices
Optimizing the User Experience
Configuring Audio for User Sessions
Configuring Audio
HDX MediaStream for Flash
Configuring HDX MediaStream for Flash with Group Policy Objects
To enable HDX MediaStream for Flash from the server
Enabling and Disabling HDX MediaStream for Flash on the User Device
Mitigating High Network Latency
Enabling Server-side Event Logging
Blocking Web Sites From Working With HDX MediaStream For Flash
Configuring Time Zone Settings
Configuring Connection Timers
Removing the Shut Down Command
Managing Your Desktop Delivery Controller Deployment
To put a desktop into maintenance mode
To view sessions for a desktop group
To view all sessions for a particular user
To disconnect or log off a session
To send a message to users
Manually Controlling Virtual Machines
To start virtual machines
To shut down and restart virtual machines
To migrate a controller to another farm
To migrate a desktop to another farm
Updating License Server Settings
To specify a license server for the farm
To specify a license server for an individual controller
Using XenApp with XenDesktop
Why Use XenApp with XenDesktop
Application Streaming Versus Hosting
Before Installing XenApp in a XenDesktop Environment
Server Considerations
Management Console Considerations
Installing XenApp from the Product Media
Licensing Considerations
Optimizing Application Delivery
Installing the Citrix Online and Offline Plug-ins
Setting up Pass-through Authentication
Mapping Network Drives Using a Policy
To map network drives in XenApp
USB Drive Mapping Limitations
Pre-caching Streamed Applications
Smart Card Support
Profile Management Considerations
XenDesktop Command-Line Tools
Installing and Removing Controllers Using Setup.exe
Setup.exe Examples
Installing and Removing the Virtual Desktop Agent Using XdsAgent.msi
Configuring Active Directory Using ADSetup
Microsoft System Center Virtual Machine Manager 2008 and XenDesktop
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Services
Creating a Desktop Group
Troubleshooting
VMware and XenDesktop
System Requirements
Installing and Configuring Your Environment
Using Citrix Provisioning Services
Creating a Desktop Group
Troubleshooting
XenDesktop Scalability Guidelines
XenApp
XenApp 5 Feature Pack for Windows Server 2003
Release Notes for XenApp 5.0 Feature Pack
Readme for XenApp 5 for Windows Server 2003
Getting Started with Citrix XenApp
Before You Begin
New Product and Feature Names
Media Kit Contents
Introducing Citrix XenApp 5
XenApp Product Editions
New Features and Changes in XenApp 5
New Features, Capabilities, and Changes in the XenApp 5 Feature Pack
XenApp Feature Overview
Hosted Application Delivery and Features
Application Streaming
Citrix Receiver and Merchandising Server
XenServer Virtualization Platform
Load Testing Services
Provisioning Services
Profile Management
Service Monitoring
SmartAuditor
Secure Application Access
Branch Optimization
Single Sign-on
EasyCall Voice Services
Workflow Studio Orchestration
Getting Up and Running with XenApp 5
Using XenApp to Manage Applications
Preparing to Create the Farm
Licensing This Release
Installing XenApp 5
Installing Additional Features
Running Mixed Farms
System Requirements for XenApp 5.0 for Windows Server 2003
Planning Your XenApp Deployment
Farm Terminology and Concepts
Farm Hardware Considerations
Remapping Drive Letters
Planning for Applications and Server Loads
Assessing Applications for XenApp Compatibility
Evaluating Application Delivery Methods
Placing Applications on Servers
Deciding How Many Farms to Deploy
Planning Infrastructure Servers
Planning the XenApp Data Store
Connecting to the Data Store
Database Server Hardware Performance Considerations
Replication Considerations
Planning for Configuration Logging and IMA Encryption
Planning for Data Collectors
Planning for WANs by Using Zones
Planning for the Web Interface and XML Broker
Planning for Application Streaming
Designing Terminal Services User Profiles
Planning for Accounts and Trust Relationships
Recommendations for Active Directory Environments
Planning for System Monitoring and Maintenance
Planning for Shadowing
Securing Delivery and Access
Planning for Supported Languages and Windows MUI Support
Planning for Passthrough Client Authentication
Planning a Successful User Experience
Integrating Other XenApp Features and Technologies
Choosing an Installation Method
XenApp Installation
Building a XenApp Farm
Preparing Your Environment
Creating a Farm
Choosing the Edition
Choosing an Installation Category
Selecting Components
Enabling and Configuring Passthrough Client Authentication
Installing the License Server
Specifying the Farm Name, Data Store, Zone, and Credentials
Enabling and Configuring IMA Encryption
Specifying the Citrix License Server
Enabling and Configuring Session Shadowing
Configuring the Citrix XML Service Port
Adding Users to the Remote Desktop Users Group
Joining a Server Farm
Upgrading or Migrating an Existing Server Farm
Provisioning Servers and Configuring XenApp
Provisioning Farm Servers
Cloning XenApp Servers
To clone a server
Configuring Infrastructure Servers After Setup
Configuring XenApp after Installation
Custom XenApp Installation
Generating an Installation Log File
Preparing for Custom XenApp Installations
Installing XenApp by Modifying Windows Installer Packages
Applying Transforms to Setup
Performing an Unattended Installation with an Answer File
XenApp Windows Installer Properties Reference
XenApp Setup Properties for Create Farm and Join Farm
CTX_ADDLOCAL
CTX_CONFIGMGR_USER
CTX_CONFIGMGR_USER_PASSWORD
CTX_CPSVC_SERVICE_USER_NAME
CTX_CPSVC_SERVICE_USER_PASSWORD
CTX_IGNORE_MCM
CTX_IMA_PROTECTION_ENABLE
CTX_MALOO_SERVICE_USER
CTX_MALOO_SERVICE_USER_PASSWORD
CTX_MF_ADD_ANON_USERS
CTX_MF_ADD_LOCAL_ADMIN
CTX_MF_CREATE_FARM_DB_CHOICE
CTX_MF_CREATE_REMOTE_DESKTOP_USERS
CTX_MF_DOMAIN_NAME
CTX_MF_ENABLE_VIRTUAL_SCRIPTS
CTX_MF_FARM_SELECTION
CTX_MF_INDIRECT_JOIN_DOMAIN_NAME
CTX_MF_INDIRECT_JOIN_PASSWORD
CTX_MF_INDIRECT_JOIN_USER_NAME
CTX_MF_JOIN_FARM_DB_CHOICE
CTX_MF_JOIN_FARM_SERVER_NAME
CTX_MF_JOIN_FARM_SERVER_PORT
CTX_MF_LIC_CHOICE_FOR_CREATE
CTX_MF_LIC_CHOICE_FOR_JOIN_OR_UPGRADE
CTX_MF_LICENSE_SERVER_NAME
CTX_MF_LICENSE_SERVER_PORT
CTX_MF_LICENSE_SERVER_PORT_DEFAULT
CTX_MF_LOCAL_DATABASE
CTX_MF_MSDE_INSTANCE_NAME
CTX_MF_NEW_FARM_NAME
CTX_MF_ODBC_DRIVER
CTX_MF_ODBC_PASSWORD
CTX_MF_ODBC_USER_NAME
CTX_MF_ONLY_LAUNCH_PUBLISHED_APPS
CTX_MF_SERVER_TYPE
CTX_MF_SHADOW_PROHIBIT_NO_LOGGING
CTX_MF_SHADOW_PROHIBIT_NO_NOTIFICATION
CTX_MF_SHADOW_PROHIBIT_REMOTE_ICA
CTX_MF_SHADOWING_CHOICE
CTX_MF_SILENT_DSNFILE
CTX_MF_USER_NAME
CTX_MF_XML_CHOICE
CTX_MF_XML_PORT_NUMBER
CTX_MF_ZONE_NAME
CTX_PROTECT_KEY_PATH
CTX_PROTECT_KEY_TYPE
CTX_PROTECT_NEW_KEY_PATH
CTX_RDP_DISABLE_PROMPT_FOR_PASSWORD
CTX_REMOVE_WI_TURNKEY
CTX_SERV_MALOO_LOGON
CTX_SERV_PRINTER_LOGON
CTX_USE_EXISTING_JRE
INSTALLDIR
REBOOT
REINSTALLMODE
XenApp Windows Setup Properties Script Examples
Data Store Database Reference
Microsoft Access Database
Microsoft SQL Server Express Database
Microsoft SQL Server Database
Oracle Database
IBM DB2 Database
Creating a DSN File for XenApp Setup
Maintaining and Recovering a XenApp Data Store
Migrating a Farm Data Store
Migrating a Farm Data Store from MSDE to SQL Server Express
XenApp Administration
Management Consoles and Other Tools
Choosing the Console or Tool to Use
To start the console
Displaying Items in the Console
The Console User Interface
Performing Tasks with the Console
To view zones
Enabling Citrix Administrators to Manage Farms Remotely
XenApp Advanced Configuration and Presentation Server Console
Managing Citrix Administrators
Delegating Tasks to Custom Administrators
Publishing Resources
Publishing Resources for Users
To publish a resource using the Publish Application wizard
To select a resource type and delivery method
To configure locations of published applications
To configure locations of published content
To disable command-line validation
Configuring Content Redirection
To enable content redirection from server to client
To configure content redirection from client to server
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Making Virtual IP Addresses Available to Applications
How Virtual IP Addressing Works
Configuring Virtual Loopback
Binding Applications
To determine whether an application needs to use virtual IP addresses
To make virtual IP addresses available to applications running in sessions
To assign virtual IP address ranges to servers
To enable application processes to use virtual IP addresses or virtual loopback
To supply client IP addresses to published applications on a server
To make a virtual loopback address available to applications running in sessions
To enable or disable virtual loopback for a farm
To configure virtual IP addresses and virtual loopback on an individual server
Working with XenApp Policies
Creating XenApp Policies
Applying XenApp Policies
Configuring Policy Rules
To configure policy rules
Using Multiple Policies
Using Citrix policies with Active Directory
Prioritizing Policies and Creating Exceptions
Determining Which Policies Apply to a Connection
Resolving Search Results that Partially Match Criteria
Troubleshooting Policies with Conflicting Rules
Disabling, Reenabling, and Deleting Policies
Changing Settings Based on User Location
Configuring Policies and Filters for Web Access
Enabling Scanners and Other TWAIN Devices
To enable TWAIN redirection
Managing Session Environments and Connections
Defining User Environments in XenApp
Controlling the Appearance of User Logons
Controlling Access to Devices and Ports
Mapping Client Drives
Mapping Client COM Ports and Audio
Configuring Audio for User Sessions
To enable or disable audio for published applications
Limiting Bandwidth for Audio Throughput
To configure audio compression and output quality
Enabling Support for Microphones and Speakers
Setting Up for Digital Dictation Devices
Ensuring Session Continuity for Mobile Workers
Maintaining Session Activity
Configuring Session Reliability
Configuring Automatic Client Reconnection
Configuring ICA Keep-Alive
Managing and Monitoring XenApp Sessions
Monitoring Session Status
Viewing User Sessions
Viewing User Sessions with the Shadow Taskbar
To view user sessions with the console
Enabling Logging for Shadowing
Enabling User-to-User Shadowing with Policies
Managing User Sessions
To terminate processes in a user’s session
To display session properties
To connect to a user’s session from Program Neighborhood
To reset a session
To log off from a session
To send a message to one or more users
Controlling Client Connections in XenApp
Preventing Specific Client Connection Types
Specifying Connection Limits
Limiting Connections to a Server Farm
Sharing Sessions and Connections
Limiting Application Instances
Logging Connection Denial Events
Controlling Connections with Terminal Services Configuration
Preventing User Connections during Farm Maintenance
Optimizing User Sessions for XenApp
Optimizing Web Page and Email Responsiveness
Effects of Restricting Animations in Internet Explorer
SpeedScreen Browser Acceleration Limitations
Configuring SpeedScreen Browser Acceleration
Optimizing Audio and Video Playback
Configuring SpeedScreen Multimedia Acceleration
Optimizing Flash Animations
Optimizing Throughput of Image Files
Optimizing Display of Image Files
Optimizing Keyboard and Mouse Responsiveness
Configuring SpeedScreen Latency Reduction
Adjusting SpeedScreen Latency Reduction for an Application
To configure latency reduction settings for input fields in an application
To create exception entries for non-standard input fields in an application
Configuring ICA Display Settings
To configure ICA browser settings for a server
Securing Server Farms
Securing Access to Your Servers
Securing the Data Store
Securing Client-Server Communications
Using SecureICA
Enabling SSL/TLS Protocols
To configure session data encryption
To set a policy for ICA encryption
Configuring SSL/TLS Between Servers and Clients
Task Summary for Implementing SSL Relay
Obtaining and Installing Server and Root SSL Certificates
Choosing an SSL Certificate Authority
Acquiring a Signed SSL Certificate and Password
To enable the SSL Relay and select the relay credentials
Using the SSL Relay with the Microsoft Internet Information Service (IIS)
Configuring the Relay Port and Server Connection Settings
To add a server to the destination server list
To change the port for a server listed in the destination server list
To run the SSL Relay on port 443 without using HTTPS
Configuring the Ciphersuites Allowed by the SSL Relay
Using the Secure Gateway
Using the Secure Ticket Authority
Securing Network Communications
Configuring TCP Ports
Using Proxy Servers
Configuring Authentication for Workspace Control
Using Smart Cards with Citrix XenApp
Smart Card Requirements
Configuring XenApp for Smart Cards
Configuring Kerberos Logon
To enable Citrix XML Service DNS address resolution
To disable Kerberos logon to a server
Logging Administrative Changes to a XenApp Farm
Setting up the Configuration Logging Database
Defining Database Permissions for Configuration Logging
To configure the connection to the Configuration Logging database using the Configuration Logging Database wizard
To configure a SQL Server database for configuration logging
To configure an Oracle database for configuration logging
To set Configuration Logging properties
Delegating the Administration of Configuration Logging
To view Configuration Logging properties
Clearing Entries from the Configuration Logging Database
Generating Configuration Logging Reports
Encrypting Sensitive Configuration Logging Data
Copying the key to a local computer
To generate a key and enable IMA encryption on the first server in a farm
To load a key on subsequent servers in the farm
To store the key on a network location
Changing Farms
Enabling IMA Encryption Features
XenApp Service Account Privileges
Maintaining Server Farms
Displaying and Organizing Your Farm
Organizing Your Farm Display in the Console
To configure general farm properties
To search for objects in your farm
Connecting to a Remote Server Console
To connect to a server’s published desktop
To connect directly to a server's desktop
To limit the number of server connections per user
To disable and re-enable server logons
Enabling Local Browsers with Published Applications
Restarting Servers at Scheduled Times
To repair a XenApp installation
Changing XenApp Farm Membership
Removing and Reinstalling XenApp
To uninstall XenApp
To force the uninstallation of XenApp
To remove a server from the farm
To rename a XenApp server
Monitoring Server Performance with Health Monitoring & Recovery
Enabling and Disabling Health Monitoring & Recovery
Modifying Health Monitoring & Recovery Test Settings
To modify the Health Monitoring & Recovery Tests settings for farms or a server
Adding Health Monitoring & Recovery Tests
Developing Custom Health Monitoring & Recovery Tests
Getting Health Monitoring & Recovery Alerts
Using Citrix Performance Monitoring Counters
Optimizing Server Performance
Managing CPU Usage
Enabling CPU Utilization Management
Managing Virtual Memory Usage
Enabling Memory Utilization Management
Scheduling Virtual Memory Optimization
To create a memory optimization schedule
Excluding Applications from Memory Optimization
To exclude additional applications from memory optimization
Optimizing Simultaneous Logon Performance
Managing Farm Infrastructure
Maintaining the Local Host Cache
Tuning Local Host Cache Synchronization
Refreshing the Local Host Cache
Recreating the Local Host Cache
Data Collectors and Elections
Specifying Backup Data Collectors
Enhancing the Performance of a Remote Group of Servers
To configure zones in your farm
Updating Citrix License Server Settings
To specify a default license server for a farm
To specify a license server for individual servers
To set the product edition
Setting the Citrix XML Service Port
To configure the Citrix XML Service port for a server
To manually change the XML Service port to use a port different from IIS after installation
To manually configure Citrix XML Service to share the TCP port with IIS
Understanding XenApp Printing
Introduction to Windows Printing Concepts
Local and Remote Print Job Spooling
XenApp Printing Concepts
Overview of Client and Network Printing Pathways
Provisioning Printers for Sessions
Auto-Creating Client Printers
Auto-Creating Network Printers
Letting Users Provision Their Own Printers
Device or Session-Based Print Settings
Device-Based Print Settings
Controlling Printing Settings and User Preferences
Setting Default Printers
Printing and Mobile Workers
Optimizing Printing Performance by Routing
Managing Printer Drivers
Planning Your Printing Configuration
Default Printing Behavior
Printing Policy Configuration
Printing Security
Purchasing Printing Hardware
Configuring and Maintaining XenApp Printing
Configuring Printing
Configuring Printer Autocreation Settings
Configuring Citrix Universal Printing
Configuring Auto-Creation for DOS and Windows CE Clients
Configuring Network Printers for Users
To import printers from a network print server
To import printers from other domains
To assign printers using the Session printers policy rule
To add a network printer while configuring the Session printers rule
To specify a default printer for a session
To edit the printer settings in the sessions policy
To configure server local printers
Configuring Printers for Mobile Workers
Changing Network Print Job Routing
Providing Tools for User Provisioning
To store users’ printer properties
To synchronize properties from the printer
Controlling Printer Driver Automatic Installation
Configuring Universal Printer Drivers on Farm Servers
Mapping Client Printer Drivers
Increasing Printing Speed and Session Performance
Updating Network Print Server Information
Replicating Printer Drivers Across a Farm
Replicating Printer Drivers Manually
Replicating Printer Drivers Automatically
Displaying Printers
Displaying Printers Using the Network Printing Pathway
Displaying Printers Using the Client Printing Pathway
Displaying Drivers
XenApp Commands Reference
ACRCFG
ALTADDR
APP
AUDITLOG
CHANGE CLIENT
CHFARM
To move a server to a new server farm using SQL Server Express
CTXKEYTOOL
CTXXMLSS
DRIVEREMAP
DRIVEREMAP64
DSCHECK
DSMAINT
ENABLELB
ICAPORT
IMAPORT
MIGRATETOSQLEXPRESS
QUERY FARM
QUERY PROCESS
QUERY SESSION
QUERY TERMSERVER
QUERY USER
TWCONFIG
Policy Rules Reference
Policy Rules: Quick Reference Table
Bandwidth Folder
Visual Effects Folder
SpeedScreen Folder
Session Limits and Session Limits (%) Folder
Client Devices Folder
Resources Folder
Audio Folder
Drives Folder
Optimize Folder
Other Folder
Ports Folder
PDA Devices folder
Maintenance Folder
Printing Folder
Client Printers Folder
Drivers Folder
User Workspace Folder
Connections Folder
Content Redirection Folder
Shadowing Folder
Configuring User Shadowing
Permissions to Shadow Users
Time Zones Folder
Citrix Password Manager Folder
Streamed Applications Folder
Security and Encryption Folders
Performance Counters Reference
Citrix CPU Utilization Mgmt User Counters
Citrix IMA Networking Counters
Citrix Licensing Counters
Citrix MetaFrame Presentation Server Counters
ICA Session Counters
Secure Ticket Authority Counters
Application Streaming
Components for Application Streaming
Creating Application Profiles
Targets Overview
Service Pack Level
System Drive Letter
Operating System Language
Managing Isolation Environment Rules
Types of Isolation Environment Rules
Restrictions and Limitations for Rules
Creating Isolation Environment Rules for a Target
To create an isolation environment rule
To modify a rule
Using Environment Variables to Construct Rules
Preparing a Workstation for Profiling Applications
Known Limitations for Profiling
To install the profiler
To start the profiler
To disable and enable profile signing
Creating a Profile and Its Initial Target
To create a profile and target
To install multiple applications through Advanced Install
To set user profile security
To install Internet Explorer plug-ins
To include files and folders in a target
To include registry settings
To choose an installation program for the application
To run an application in the profiler
To select applications for listing in the profile
To sign a profile
Editing Profiles
To view profile information
To edit the profile name, description, or location
To view details about applications in a profile
To view File Type Associations set in a profile
To check for launch prerequisites
To check for prerequisite registry entries
To check prerequisite applications and files
To specify pre-launch and post-exit scripts
To add a target to a profile
To resolve target conflicts
To delete a folder from a profile
To delete a target from a profile
To resolve invalid shortcuts
Editing Targets
To edit the target name and description
To modify the application properties in the target
To modify the operating system and language properties of a target
To check for launch prerequisites for a target
To specify pre-launch and post-exit scripts for a target
To update a target
To remove an old version of an updated target
Profile Contents on the Server
Manifest File
Targets
Digital Signature
Icons
Scripts
Managing Streamed Applications
Publishing Streamed Applications
Streaming Applications to Client Devices
Accessing Applications from a XenApp Server
To publish an application for streaming
To select a streaming delivery method
To specify a farm-wide policy for delivery
To enable event logging and a trust relationship to the client
Configuring Offline Access
To set the license period for offline users
To renew offline licenses
Indirect Membership to the Offline Access User List
Experiencing Offline Access
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Managing the XenApp Streaming Plug-in
XenApp Streaming Plug-in Overview
Managing the XenApp Streaming Plug-in
To install the XenApp Streaming Plug-in
To configure the cache size of the streaming plug-in
To deploy the XenApp Streaming Plug-in
To configure an .MSI package using transforms
To deploy the XenApp Streaming Plug-in to client devices through Active Directory
To deploy applications to client devices
To clear the streamed application cache on user devices
Enterprise Management
Management Pack for Microsoft Operations Manager 2000
Management Pack for Microsoft Operations Manager 2005
Management Pack Features
The Management Pack and the Providers
Citrix Views in the Management Pack
Health Monitoring Views
Discovery Views
Deployment Topology View
State View: the Citrix Server and Citrix Licensing Roles
XenApp Managed and Unmanaged Computers
About Citrix Computer Groups
To install or upgrade the Management Pack for MOM 2005
Management Pack Post-Installation Tasks
Security Considerations for the Management Pack
Troubleshooting Query Errors in MOM
Configuring Topology Discovery
To specify server farm and zone computer groups
To configure Citrix Administrators as MOM operators
To change the format of net send messages
Configuring and Enabling Site-specific Rules for MOM 2005
Too Many Disconnected Sessions
Idle Sessions
Too Many Active Sessions
Sample Published Application Load
To open the Access Management Console from the MOM Operator Console
To change the Access Management Console path with the MOM Administrator Console
Installation Manager
Network Manager for Citrix Presentation Server
Resource Manager
Managing Providers and WMI
XenApp Provider Overview
Licensing Provider Overview
Installing the XenApp Provider
Installing the Licensing Provider
Starting the Provider Services
Security Considerations
Uninstalling the Providers
WMI Schema
XenApp Provider WMI Schema (Part 1 of 3)
XenApp Provider WMI Schema (Part 2 of 3)
XenApp Provider WMI Schema (Part 3 of 3)
Citrix Licensing Provider WMI Schema
Load Manager
Working with Load Manager Rules
List of Load Manager Rules
Working with Load Evaluators
Viewing and Modifying Load Evaluator Properties
Creating Load Evaluators
Assigning Load Evaluators to Servers and Applications
Copying Load Evaluators
Deleting Load Evaluators
Scheduling Server Availability
Monitoring Server Loads
Logging Load Manager Activity
Setting the Frequency of Information Updates
Viewing Usage Reports
Secure Gateway
Citrix XenApp Components That Work with Secure Gateway
Secure Gateway Features
System Requirements for Secure Gateway
System Hardware Requirements
Citrix Products Compatibility with Secure Gateway
Certificate Requirements
Planning a Secure Gateway Deployment
Deploying the Secure Gateway in a Single-Hop DMZ
Running the Web Interface behind the Secure Gateway in the Demilitarized Zone
Locking Down Internet Information Services
Running the Web Interface Parallel with the Secure Gateway
Setting Up the Web Interface and the Secure Gateway in a Single-Hop Demilitarized Zone
Deploying the Secure Gateway in a Double-Hop DMZ
Setting Up the Secure Gateway and the Secure Gateway Proxy in a Double-Hop DMZ
Publishing the Web Address for the Secure Gateway in a Double-Hop Demilitarized Zone
Setting Up and Testing a Server Farm
Installing the Secure Ticket Authority
Testing Your Deployment
Installing and Configuring the Secure Gateway and Secure Gateway Proxy
Upgrading Secure Gateway or Secure Gateway Proxy
Using Firewall Software with the Secure Gateway or Secure Gateway Proxy
Installing the Secure Gateway or Secure Gateway Proxy
To install the Secure Gateway or Secure Gateway Proxy
Configuring the Secure Gateway or Secure Gateway Proxy
To start the configuration wizard manually
To select a configuration level (Secure Gateway)
To select a configuration level (Secure Gateway Proxy)
Task Summary for Secure Gateway, Advanced or Standard Configuration
Task Summary for Secure Gateway Proxy, Advanced or Standard Configuration
To select a server certificate
To configure secure protocol settings
To configure inbound client connections
To configure outbound connections
To configure an access control list for outbound connections
To configure servers running the Secure Gateway Proxy
To add the Secure Ticket Authority details
To configure connection parameters
To configure logging exclusions
To add the Web Interface server details
To configure the logging parameters
To complete the configuration
To stop the Secure Gateway/Secure Gateway Proxy service
To uninstall the Secure Gateway
Managing the Secure Gateway
Viewing Session and Connection Information with the Secure Gateway Console
Viewing Secure Gateway Performance Statistics
To view the Secure Gateway performance statistics
Performance Counters Available for the Secure Gateway
Generating the Secure Gateway Diagnostics Report
Viewing the Secure Gateway Events
Viewing the Secure Gateway Access Logs
Secure Gateway Configuration Wizard
Secure Gateway Optimization and Security Guidelines
Configuring Firewalls for the Secure Gateway
Ensuring High Availability of the Secure Gateway
Load Balancing Multiple Secure Gateway Servers
Load Balancing an Array of the Secure Gateway Proxy
Certificate Requirements for Load Balancing Secure Gateway Servers
Using Load Balancers and SSL Accelerator Cards with Secure Gateway Servers
Coordinating Keep-Alive Values Between the Secure Gateway and Citrix XenApp
Setting Connection Keep-Alive Values and the Secure Gateway
Improving Security (Recommendations)
Preventing Indexing by Search Engines
Troubleshooting the Secure Gateway
To check your certificates
Client Connections Launched from IP Addresses in the Logging Exclusions List Fail
Load Balancers Do Not Report Active Client Sessions if Connections Are Idle
Performance Issues with Transferring Files Between a Client Device and a Citrix XenApp Server
Gateway Client Connections Fail When Using Windows XP Service Pack 2
Failed Client Connections to the Secure Gateway Result in Duplicate Entries in the Secure Gateway Log
Placing the Secure Gateway Behind a Reverse Web Proxy Causes an SSL Error 4
Run the Secure Gateway Parallel to the Reverse Web Proxy
Use a Network Address Translator Instead of a Reverse Web Proxy
Digital Certificates and the Secure Gateway
Understanding Cryptography
Types of Cryptography
Combining Public Key and Secret Key Cryptography
Understanding Digital Certificates and Certificate Authorities
Certificate Chains
Certificate Revocation Lists
Deciding Where to Obtain Certificates
Obtaining and Installing Server Certificates
Obtaining and Installing Root Certificates
Support for Wildcard Certificates with the Secure Gateway
Using the Secure Gateway Proxy in Relay Mode
Modes of Operation for the Secure Gateway Proxy
How Relay Mode Works
Installing the Secure Gateway Proxy in Relay Mode
To install the Secure Gateway Proxy in relay mode
To configure the Secure Gateway in relay mode
Configuring Plug-ins for Secure Gateway
To configure plug-in connections to the Secure Gateway Proxy
To configure all application sets for the plug-in to connect to the Secure Gateway Proxy
To test the Secure Gateway relay mode
To start or stop the Secure Gateway Proxy Service manually
SmartAuditor
Example Usage Scenarios
Getting Started with SmartAuditor
Planning Your Deployment
Security Recommendations
Installing Certificates
Scalability Considerations
Important Deployment Notes
Pre-Installation Checklist
To install SmartAuditor
Automating Installations
Uninstalling SmartAuditor
To configure SmartAuditor to play and record sessions
Granting Access Rights to Users
Creating and Activating Recording Policies
Using System Policies
Creating Custom Policies
To create a new policy
To modify a policy
To delete a policy
To activate a policy
Understanding Rollover Behavior
To disable or enable recording
To configure the connection to the SmartAuditor Server
Creating Notification Messages
Enabling Custom Event Recording
To enable or disable live session playback
To enable or disable playback protection
To enable and disable digital signing
To specify where recordings are stored
Specifying File Size for Recordings
Viewing Recordings
To launch the SmartAuditor Player
To open and play recordings
To search for recorded sessions
To play recorded sessions
To use events and bookmarks
To change the playback display
To display or hide window elements
To cache recorded session files
To change SmartAuditor Servers
Troubleshooting SmartAuditor
Verifying Component Connections
Testing IIS Connectivity
Troubleshooting Certificate Issues
SmartAuditor Agent Cannot Connect
SmartAuditor Server Cannot Connect to the SmartAuditor Database
Sessions are not Recording
Searching for Recordings in the Player Fails
Troubleshooting MSMQ
Unable to View Live Session Playback
To change your communication protocol
Reference: Managing Your Database Records
Glossary
XenApp 5 Feature Pack 2 for Windows Server 2003
Readme for XenApp 5 Feature Pack 2 for Windows Server 2003
Getting Started with XenApp 5 Feature Pack 2
Media Kit Contents
Introducing Citrix XenApp 5
XenApp 5 Feature Pack 2 Product Editions and Features
New Features in XenApp 5 Feature Pack 2
XenApp Feature Overview
Hosted Application Delivery and Features
Service Monitoring
Application Streaming
Branch Optimization
Citrix Online Plug-in
Citrix Receiver and Merchandising Server
EasyCall Voice Services
Load Testing Services
Profile Management
Provisioning Services
Secure Application Access
Single Sign-on
SmartAuditor
Workflow Studio Orchestration
XenServer Virtualization Platform
Getting Up and Running with XenApp 5
Building a XenApp Farm
Licensing This Release
Installing Additional Features
System Requirements for XenApp 5 Feature Pack 2 for Windows Server 2003
Planning Your XenApp Deployment
Farm Terminology and Concepts
Farm Hardware Considerations
Remapping Drive Letters
Planning for Applications and Server Loads
Assessing Applications for XenApp Compatibility
Evaluating Application Delivery Methods
Placing Applications on Servers
Deciding How Many Farms to Deploy
Planning Infrastructure Servers
Planning the XenApp Data Store
Connecting to the Data Store
Database Server Hardware Performance Considerations
Replication Considerations
Planning for Configuration Logging and IMA Encryption
Planning for Data Collectors
Planning for WANs by Using Zones
Planning for the Web Interface and XML Broker
Planning for Application Streaming
Designing Terminal Services User Profiles
Planning for Accounts and Trust Relationships
Recommendations for Active Directory Environments
Planning for System Monitoring and Maintenance
Planning for Shadowing
Securing Delivery and Access
Planning for Supported Languages and Windows MUI Support
Planning for Passthrough Client Authentication
Planning a Successful User Experience
Integrating Other XenApp Features and Technologies
Choosing an Installation Method
XenApp Installation
Building a XenApp Farm
Preparing for XenApp Installation
Creating a Farm
Specifying the Data Store Database and the Zone Name
Enabling and Configuring IMA Encryption
Enabling and Configuring Session Shadowing
Configuring the Citrix XML Service Port
Adding Users to the Remote Desktop Users Group
Joining a Server Farm
Upgrading or Migrating an Existing Server Farm
Provisioning Servers and Configuring XenApp
Provisioning Farm Servers
Cloning XenApp Servers
To clone a server
Configuring Infrastructure Servers After Setup
Configuring XenApp after Installation
Custom XenApp Installation
Generating an Installation Log File
Preparing for Custom XenApp Installations
Installing XenApp by Modifying Windows Installer Packages
Applying Transforms to Setup
Performing an Unattended Installation with an Answer File
XenApp Windows Installer Properties Reference
XenApp Setup Properties for Create Farm and Join Farm
CTX_ADDLOCAL
CTX_CONFIGMGR_USER
CTX_CONFIGMGR_USER_PASSWORD
CTX_CPSVC_SERVICE_USER_NAME
CTX_CPSVC_SERVICE_USER_PASSWORD
CTX_IGNORE_MCM
CTX_IMA_PROTECTION_ENABLE
CTX_MALOO_SERVICE_USER
CTX_MALOO_SERVICE_USER_PASSWORD
CTX_MF_ADD_ANON_USERS
CTX_MF_ADD_LOCAL_ADMIN
CTX_MF_CREATE_FARM_DB_CHOICE
CTX_MF_CREATE_REMOTE_DESKTOP_USERS
CTX_MF_DOMAIN_NAME
CTX_MF_ENABLE_VIRTUAL_SCRIPTS
CTX_MF_FARM_SELECTION
CTX_MF_INDIRECT_JOIN_DOMAIN_NAME
CTX_MF_INDIRECT_JOIN_PASSWORD
CTX_MF_INDIRECT_JOIN_USER_NAME
CTX_MF_JOIN_FARM_DB_CHOICE
CTX_MF_JOIN_FARM_SERVER_NAME
CTX_MF_JOIN_FARM_SERVER_PORT
CTX_MF_LIC_CHOICE_FOR_CREATE
CTX_MF_LIC_CHOICE_FOR_JOIN_OR_UPGRADE
CTX_MF_LICENSE_SERVER_NAME
CTX_MF_LICENSE_SERVER_PORT
CTX_MF_LICENSE_SERVER_PORT_DEFAULT
CTX_MF_LOCAL_DATABASE
CTX_MF_MSDE_INSTANCE_NAME
CTX_MF_NEW_FARM_NAME
CTX_MF_ODBC_DRIVER
CTX_MF_ODBC_PASSWORD
CTX_MF_ODBC_USER_NAME
CTX_MF_ONLY_LAUNCH_PUBLISHED_APPS
CTX_MF_SERVER_TYPE
CTX_MF_SHADOW_PROHIBIT_NO_LOGGING
CTX_MF_SHADOW_PROHIBIT_NO_NOTIFICATION
CTX_MF_SHADOW_PROHIBIT_REMOTE_ICA
CTX_MF_SHADOWING_CHOICE
CTX_MF_SILENT_DSNFILE
CTX_MF_USER_NAME
CTX_MF_XML_CHOICE
CTX_MF_XML_PORT_NUMBER
CTX_MF_ZONE_NAME
CTX_PROTECT_KEY_PATH
CTX_PROTECT_KEY_TYPE
CTX_PROTECT_NEW_KEY_PATH
CTX_RDP_DISABLE_PROMPT_FOR_PASSWORD
CTX_REMOVE_WI_TURNKEY
CTX_SERV_MALOO_LOGON
CTX_SERV_PRINTER_LOGON
CTX_USE_EXISTING_JRE
INSTALLDIR
REBOOT
REINSTALLMODE
XenApp Windows Setup Properties Script Examples
Data Store Database Reference
Microsoft Access Database
Microsoft SQL Server Express Database
Microsoft SQL Server Database
Oracle Database
IBM DB2 Database
Creating a DSN File for XenApp Setup
Maintaining and Recovering a XenApp Data Store
Migrating a Farm Data Store
Migrating a Farm Data Store from MSDE to SQL Server Express
XenApp Administration
Management Consoles and Other Tools
Choosing the Console or Tool to Use
To start the console
Displaying Items in the Console
The Console User Interface
Performing Tasks with the Console
To view zones
Enabling Citrix Administrators to Manage Farms Remotely
XenApp Advanced Configuration and Presentation Server Console
Managing Citrix Administrators
Delegating Tasks to Custom Administrators
Publishing Resources
Publishing Resources for Users
To publish a resource using the Publish Application wizard
To select a resource type and delivery method
To configure locations of published applications
To configure locations of published content
To disable command-line validation
Configuring Content Redirection
To enable content redirection from server to client
To configure content redirection from client to server
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Making Virtual IP Addresses Available to Applications
How Virtual IP Addressing Works
Configuring Virtual Loopback
Binding Applications
To determine whether an application needs to use virtual IP addresses
To make virtual IP addresses available to applications running in sessions
To assign virtual IP address ranges to servers
To enable application processes to use virtual IP addresses or virtual loopback
To supply client IP addresses to published applications on a server
To make a virtual loopback address available to applications running in sessions
To enable or disable virtual loopback for a farm
To configure virtual IP addresses and virtual loopback on an individual server
Working with XenApp Policies
Creating XenApp Policies
Applying XenApp Policies
Configuring Policy Rules
To configure policy rules
Using Multiple Policies
Using Citrix policies with Active Directory
Prioritizing Policies and Creating Exceptions
Determining Which Policies Apply to a Connection
Resolving Search Results that Partially Match Criteria
Troubleshooting Policies with Conflicting Rules
Disabling, Reenabling, and Deleting Policies
Changing Settings Based on User Location
Configuring Policies and Filters for Web Access
Enabling Scanners and Other TWAIN Devices
To enable TWAIN redirection
Managing Session Environments and Connections
Defining User Environments in XenApp
Controlling the Appearance of User Logons
Controlling Access to Devices and Ports
Mapping Client Drives
Mapping Client COM Ports and Audio
Configuring Audio for User Sessions
To enable or disable audio for published applications
Limiting Bandwidth for Audio Throughput
To configure audio compression and output quality
Enabling Support for Microphones and Speakers
Setting Up for Digital Dictation Devices
Ensuring Session Continuity for Mobile Workers
Maintaining Session Activity
Configuring HDX Broadcast Session Reliability
Configuring Automatic Client Reconnection
Configuring HDX Broadcast Keep-Alive
Managing and Monitoring XenApp Sessions
Monitoring Session Status
Viewing User Sessions
Viewing User Sessions with the Shadow Taskbar
To view user sessions with the console
Enabling Logging for Shadowing
Enabling User-to-User Shadowing with Policies
Managing User Sessions
To terminate processes in a user’s session
To display session properties
To connect to a user’s session from Program Neighborhood
To reset a session
To log off from a session
To send a message to one or more users
Controlling Client Connections in XenApp
Preventing Specific Client Connection Types
Specifying Connection Limits
Limiting Connections to a Server Farm
Sharing Sessions and Connections
Limiting Application Instances
Logging Connection Denial Events
Controlling Connections with Terminal Services Configuration
Preventing User Connections during Farm Maintenance
Optimizing User Sessions for XenApp
Optimizing Web Page and Email Responsiveness
Effects of Restricting Animations in Internet Explorer
HDX 3D Browser Acceleration Limitations
Configuring HDX 3D Browser Acceleration
Optimizing Audio and Video Playback
Configuring HDX MediaStream Multimedia Acceleration
Optimizing Flash Content
Optimizing Throughput of Image Files
Optimizing Display of Image Files
Optimizing Keyboard and Mouse Responsiveness
Configuring SpeedScreen Latency Reduction
Adjusting SpeedScreen Latency Reduction for an Application
To configure latency reduction settings for input fields in an application
To create exception entries for non-standard input fields in an application
Configuring HDX Broadcast Display Settings
To configure HDX Broadcast browser settings for a server
Securing Server Farms
To prevent users from pasting from the server clipboard
Securing Access to Your Servers
Securing the Data Store
Securing Client-Server Communications
Using SecureICA
Enabling SSL/TLS Protocols
To configure session data encryption
To set a policy for ICA encryption
Configuring SSL/TLS Between Servers and Clients
Task Summary for Implementing SSL Relay
Obtaining and Installing Server and Root SSL Certificates
Choosing an SSL Certificate Authority
Acquiring a Signed SSL Certificate and Password
To enable the SSL Relay and select the relay credentials
Using the SSL Relay with the Microsoft Internet Information Service (IIS)
Configuring the Relay Port and Server Connection Settings
To add a server to the destination server list
To change the port for a server listed in the destination server list
To run the SSL Relay on port 443 without using HTTPS
Configuring the Ciphersuites Allowed by the SSL Relay
Using the Secure Gateway
Using the Secure Ticket Authority
Securing Network Communications
Configuring TCP Ports
Using Proxy Servers
Configuring Authentication for Workspace Control
Using Smart Cards with Citrix XenApp
Smart Card Requirements
Configuring XenApp for Smart Cards
Configuring Kerberos Logon
To enable Citrix XML Service DNS address resolution
To disable Kerberos logon to a server
Logging Administrative Changes to a XenApp Farm
Setting up the Configuration Logging Database
Defining Database Permissions for Configuration Logging
To configure the connection to the Configuration Logging database using the Configuration Logging Database wizard
To configure a SQL Server database for configuration logging
To configure an Oracle database for configuration logging
To set Configuration Logging properties
Delegating the Administration of Configuration Logging
To view Configuration Logging properties
Clearing Entries from the Configuration Logging Database
Generating Configuration Logging Reports
Encrypting Sensitive Configuration Logging Data
Copying the key to a local computer
To generate a key and enable IMA encryption on the first server in a farm
To load a key on subsequent servers in the farm
To store the key on a network location
Changing Farms
Enabling IMA Encryption Features
XenApp Service Account Privileges
Maintaining Server Farms
Displaying and Organizing Your Farm
Organizing Your Farm Display in the Console
To configure general farm properties
To search for objects in your farm
Connecting to a Remote Server Console
To connect to a server’s published desktop
To connect directly to a server's desktop
To limit the number of server connections per user
To disable and re-enable server logons
Enabling Local Browsers with Published Applications
Restarting Servers at Scheduled Times
To repair a XenApp installation
Changing XenApp Farm Membership
Removing and Reinstalling XenApp
To uninstall XenApp
To force the uninstallation of XenApp
To remove a server from the farm
To rename a XenApp server
Monitoring Server Performance with Health Monitoring & Recovery
Enabling and Disabling Health Monitoring & Recovery
Modifying Health Monitoring & Recovery Test Settings
To modify the Health Monitoring & Recovery Tests settings for farms or a server
Adding Health Monitoring & Recovery Tests
Developing Custom Health Monitoring & Recovery Tests
Getting Health Monitoring & Recovery Alerts
Using Citrix Performance Monitoring Counters
Optimizing Server Performance
Managing CPU Usage
Enabling CPU Utilization Management
Managing Virtual Memory Usage
Enabling Memory Utilization Management
Scheduling Virtual Memory Optimization
To create a memory optimization schedule
Excluding Applications from Memory Optimization
To exclude additional applications from memory optimization
Optimizing Simultaneous Logon Performance
Managing Farm Infrastructure
Maintaining the Local Host Cache
Tuning Local Host Cache Synchronization
Refreshing the Local Host Cache
Recreating the Local Host Cache
Data Collectors and Elections
Specifying Backup Data Collectors
Enhancing the Performance of a Remote Group of Servers
To configure zones in your farm
Updating Citrix License Server Settings
To specify a default license server for a farm
To specify a license server for individual servers
To set the product edition
Setting the Citrix XML Service Port
To configure the Citrix XML Service port for a server
To manually change the XML Service port to use a port different from IIS after installation
To manually configure Citrix XML Service to share the TCP port with IIS
Understanding XenApp Printing
Introduction to Windows Printing Concepts
Local and Remote Print Job Spooling
XenApp Printing Concepts
Overview of Client and Network Printing Pathways
Provisioning Printers for Sessions
Auto-Creating Client Printers
Auto-Creating Network Printers
Letting Users Provision Their Own Printers
Device or Session-Based Print Settings
Device-Based Print Settings
Controlling Printing Settings and User Preferences
Setting Default Printers
Printing and Mobile Workers
Optimizing Printing Performance by Routing
Managing Printer Drivers
Planning Your Printing Configuration
Default Printing Behavior
Printing Policy Configuration
Printing Security
Purchasing Printing Hardware
Configuring and Maintaining XenApp Printing
Configuring Printing
Configuring Printer Autocreation Settings
Configuring Citrix Universal Printing
Configuring Auto-Creation for DOS and Windows CE Clients
Configuring Network Printers for Users
To import printers from a network print server
To import printers from other domains
To assign printers using the Session printers policy rule
To add a network printer while configuring the Session printers rule
To specify a default printer for a session
To edit the printer settings in the sessions policy
To configure server local printers
Configuring Printers for Mobile Workers
Changing Network Print Job Routing
Providing Tools for User Provisioning
To store users’ printer properties
To synchronize properties from the printer
Controlling Printer Driver Automatic Installation
Configuring Universal Printer Drivers on Farm Servers
Mapping Client Printer Drivers
Increasing Printing Speed and Session Performance
Updating Network Print Server Information
Replicating Printer Drivers Across a Farm
Replicating Printer Drivers Manually
Replicating Printer Drivers Automatically
Displaying Printers
Displaying Printers Using the Network Printing Pathway
Displaying Printers Using the Client Printing Pathway
Displaying Drivers
XenApp Commands Reference
ACRCFG
ALTADDR
APP
AUDITLOG
CHANGE CLIENT
CHFARM
To move a server to a new server farm using SQL Server Express
CTXKEYTOOL
CTXXMLSS
DRIVEREMAP
DRIVEREMAP64
DSCHECK
DSMAINT
ENABLELB
ICAPORT
IMAPORT
MIGRATETOSQLEXPRESS
QUERY FARM
QUERY PROCESS
QUERY SESSION
QUERY TERMSERVER
QUERY USER
TWCONFIG
Policy Rules Reference
Policy Rules: Quick Reference Table
HDX 3D Folder
HDX Broadcast Folder
Visual Effects Folder
Session Limits Folder
HDX Plug-n-Play Folder
Client Resources Folder
Audio Folder
Drives Folder
Optimize Folder
Ports Folder
PDA Devices folder
Other Folder
Client Maintenance Folder
Printing Folder
Client Printers Folder
Drivers Folder
Content Redirection Folder
Time Zones Folder
User Workspace Folder
Connections Folder
Shadowing Folder
Configuring User Shadowing
Permissions to Shadow Users
Single Sign-On Folder
Streamed Applications Folder
Security and Encryption Folders
Performance Counters Reference
Citrix CPU Utilization Mgmt User Counters
Citrix IMA Networking Counters
Citrix Licensing Counters
Citrix MetaFrame Presentation Server Counters
ICA Session Counters
Secure Ticket Authority Counters
Application Performance Monitoring
Application Streaming
Readme for Citrix Offline Plug-in 5.2 and Streaming Profiler 5.2
System Requirements for Application Streaming
New Features in This Release
Components for Application Streaming
Providing Single Sign-on for Streamed Applications
Creating Application Profiles
Targets Overview
Service Pack Level
System Drive Letter
Operating System Language
Inter-Isolation Communication Overview
Managing Isolation Environment Rules
Types of Isolation Environment Rules
Restrictions and Limitations for Rules
Creating Isolation Environment Rules for a Target
To create an isolation environment rule
To modify a rule
Using Environment Variables to Construct Rules
Preparing a Workstation for Profiling Applications
Known Limitations for Profiling
To install the profiler
To disable and enable profile signing
To start the profiler
Creating a Profile and Its Initial Target
To create a profile and target
To allow users to update applications
To set up inter-isolation communication
To select an install option
To install multiple applications through Advanced Install
To choose an installation program for the application
To install Internet Explorer plug-ins
To include files and folders in a target
To include registry settings
To install an application in the profile
To run an application in the profiler
To select applications for listing in the profile
To sign a profile
Editing Profiles
To view profile information
To edit the profile name, description, or location
To view details about applications in a profile
To view File Type Associations set in a profile
To check for launch prerequisites
To check for prerequisite registry entries
To check for prerequisite applications and files
To specify pre-launch and post-exit scripts
To add a target to a profile
To resolve target conflicts
To resolve invalid shortcuts
To delete a target from a profile
To delete a folder from a profile
To delete a profile in a linked profile
Editing Targets
To edit the target name and description
To modify the application properties in the target
To modify the operating system and language properties of a target
To update a target
To remove an old version of an updated target
Profile Contents on the Server
Manifest File
Targets
Digital Signature
Icons
Scripts
Managing Streamed Applications
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Managing the Offline Plug-in
Citrix Offline Plug-in Overview
Deciding Which Plug-ins to Use for Application Streaming
Using the Merchandising Server and Citrix Receiver to Deploy the Plug-ins
Installing the Offline Plug-in
To install the Citrix offline plug-in
To configure the cache size of the offline plug-in
To deploy the Citrix offline plug-in
To configure an .MSI package for the offline plug-in using transforms
To deploy the offline plug-in to user devices through Active Directory
To deploy applications to user devices
To clear the streamed application cache on user devices
To clear merged rules for linked profiles on user devices
Branch Optimization
Easy Call Voice Services
Enterprise Management
Management Pack for Microsoft Operations Manager 2000
Management Pack for Microsoft Operations Manager 2005
Management Pack Features
The Management Pack and the Providers
Citrix Views in the Management Pack
Health Monitoring Views
Discovery Views
Deployment Topology View
State View: the Citrix Server and Citrix Licensing Roles
XenApp Managed and Unmanaged Computers
About Citrix Computer Groups
To install or upgrade the Management Pack for MOM 2005
Management Pack Post-Installation Tasks
Security Considerations for the Management Pack
Troubleshooting Query Errors in MOM
Configuring Topology Discovery
To specify server farm and zone computer groups
To configure Citrix Administrators as MOM operators
To change the format of net send messages
Configuring and Enabling Site-specific Rules for MOM 2005
Too Many Disconnected Sessions
Idle Sessions
Too Many Active Sessions
Sample Published Application Load
To open the Access Management Console from the MOM Operator Console
To change the Access Management Console path with the MOM Administrator Console
Installation Manager
Network Manager for Citrix Presentation Server
Resource Manager
Managing Providers and WMI
XenApp Provider Overview
Licensing Provider Overview
Installing the XenApp Provider
Installing the Licensing Provider
Starting the Provider Services
Security Considerations
Uninstalling the Providers
WMI Schema
XenApp Provider WMI Schema (Part 1 of 3)
XenApp Provider WMI Schema (Part 2 of 3)
XenApp Provider WMI Schema (Part 3 of 3)
Citrix Licensing Provider WMI Schema
HDX MediaStream for Flash
Configuring HDX MediaStream for Flash with Group Policy Objects
To enable and disable HDX MediaStream for Flash from the server
Enabling and Disabling HDX MediaStream for Flash on the User Device
Mitigating High Network Latency
Enabling Server-side Event Logging
Blocking Web Sites From Working With HDX MediaStream For Flash
Load Manager
Working with Load Manager Rules
List of Load Manager Rules
Working with Load Evaluators
Viewing and Modifying Load Evaluator Properties
Creating Load Evaluators
Assigning Load Evaluators to Servers and Applications
Copying Load Evaluators
Deleting Load Evaluators
Scheduling Server Availability
Monitoring Server Loads
Logging Load Manager Activity
Setting the Frequency of Information Updates
Viewing Usage Reports
Load Testing Services
Power and Capacity Management
Understanding Power and Capacity Management
Power and Capacity Management System Components
Setpoints
Power and Capacity Management Schedules
Server Profiles
Server Control Mode
Concentrator Operations
Virtual Machine Management
Dynamic Capacity Estimation
What Happens During Power Management Operations
What Happens During Load Consolidation
Installing Power and Capacity Management
System Requirements for Power and Capacity Management
Considerations for Installing the Concentrator
Interactively Installing Components
Silently Installing Components
Removing Components
Configuring Power and Capacity Management
Task Descriptions
Provisioning Services
Secure Application Access
Secure Gateway
Citrix XenApp Components That Work with Secure Gateway
Secure Gateway Features
System Requirements for Secure Gateway
System Hardware Requirements
Citrix Products Compatibility with Secure Gateway
Certificate Requirements
Planning a Secure Gateway Deployment
Deploying the Secure Gateway in a Single-Hop DMZ
Running the Web Interface behind the Secure Gateway in the Demilitarized Zone
Locking Down Internet Information Services
Running the Web Interface Parallel with the Secure Gateway
Setting Up the Web Interface and the Secure Gateway in a Single-Hop Demilitarized Zone
Deploying the Secure Gateway in a Double-Hop DMZ
Setting Up the Secure Gateway and the Secure Gateway Proxy in a Double-Hop DMZ
Publishing the Web Address for the Secure Gateway in a Double-Hop Demilitarized Zone
Setting Up and Testing a Server Farm
Installing the Secure Ticket Authority
Testing Your Deployment
Installing and Configuring the Secure Gateway and Secure Gateway Proxy
Upgrading Secure Gateway or Secure Gateway Proxy
Using Firewall Software with the Secure Gateway or Secure Gateway Proxy
Installing the Secure Gateway or Secure Gateway Proxy
To install the Secure Gateway or Secure Gateway Proxy
Configuring the Secure Gateway or Secure Gateway Proxy
To start the configuration wizard manually
To select a configuration level (Secure Gateway)
To select a configuration level (Secure Gateway Proxy)
Task Summary for Secure Gateway, Advanced or Standard Configuration
Task Summary for Secure Gateway Proxy, Advanced or Standard Configuration
To select a server certificate
To configure secure protocol settings
To configure inbound client connections
To configure outbound connections
To configure an access control list for outbound connections
To configure servers running the Secure Gateway Proxy
To add the Secure Ticket Authority details
To configure connection parameters
To configure logging exclusions
To add the Web Interface server details
To configure the logging parameters
To complete the configuration
To stop the Secure Gateway/Secure Gateway Proxy service
To uninstall the Secure Gateway
Managing the Secure Gateway
Viewing Session and Connection Information with the Secure Gateway Console
Viewing Secure Gateway Performance Statistics
To view the Secure Gateway performance statistics
Performance Counters Available for the Secure Gateway
Generating the Secure Gateway Diagnostics Report
Viewing the Secure Gateway Events
Viewing the Secure Gateway Access Logs
Secure Gateway Configuration Wizard
Secure Gateway Optimization and Security Guidelines
Configuring Firewalls for the Secure Gateway
Ensuring High Availability of the Secure Gateway
Load Balancing Multiple Secure Gateway Servers
Load Balancing an Array of the Secure Gateway Proxy
Certificate Requirements for Load Balancing Secure Gateway Servers
Using Load Balancers and SSL Accelerator Cards with Secure Gateway Servers
Coordinating Keep-Alive Values Between the Secure Gateway and Citrix XenApp
Setting Connection Keep-Alive Values and the Secure Gateway
Improving Security (Recommendations)
Preventing Indexing by Search Engines
Troubleshooting the Secure Gateway
To check your certificates
Client Connections Launched from IP Addresses in the Logging Exclusions List Fail
Load Balancers Do Not Report Active Client Sessions if Connections Are Idle
Performance Issues with Transferring Files Between a Client Device and a Citrix XenApp Server
Gateway Client Connections Fail When Using Windows XP Service Pack 2
Failed Client Connections to the Secure Gateway Result in Duplicate Entries in the Secure Gateway Log
Placing the Secure Gateway Behind a Reverse Web Proxy Causes an SSL Error 4
Run the Secure Gateway Parallel to the Reverse Web Proxy
Use a Network Address Translator Instead of a Reverse Web Proxy
Digital Certificates and the Secure Gateway
Understanding Cryptography
Types of Cryptography
Combining Public Key and Secret Key Cryptography
Understanding Digital Certificates and Certificate Authorities
Certificate Chains
Certificate Revocation Lists
Deciding Where to Obtain Certificates
Obtaining and Installing Server Certificates
Obtaining and Installing Root Certificates
Support for Wildcard Certificates with the Secure Gateway
Using the Secure Gateway Proxy in Relay Mode
Modes of Operation for the Secure Gateway Proxy
How Relay Mode Works
Installing the Secure Gateway Proxy in Relay Mode
To install the Secure Gateway Proxy in relay mode
To configure the Secure Gateway in relay mode
Configuring Plug-ins for Secure Gateway
To configure plug-in connections to the Secure Gateway Proxy
To configure all application sets for the plug-in to connect to the Secure Gateway Proxy
To test the Secure Gateway relay mode
To start or stop the Secure Gateway Proxy Service manually
Single Sign-on
SmartAuditor
System Requirements for SmartAuditor
Example Usage Scenarios
Getting Started with SmartAuditor
Planning Your Deployment
Security Recommendations
Installing Certificates
Scalability Considerations
Important Deployment Notes
Pre-Installation Checklist
To install SmartAuditor
Automating Installations
Uninstalling SmartAuditor
To configure SmartAuditor to play and record sessions
Granting Access Rights to Users
Creating and Activating Recording Policies
Using System Policies
Creating Custom Policies
To create a new policy
To modify a policy
To delete a policy
To activate a policy
Understanding Rollover Behavior
To disable or enable recording
To configure the connection to the SmartAuditor Server
Creating Notification Messages
Enabling Custom Event Recording
To enable or disable live session playback
To enable or disable playback protection
To enable and disable digital signing
To specify where recordings are stored
Specifying File Size for Recordings
Viewing Recordings
To launch the SmartAuditor Player
To open and play recordings
To search for recorded sessions
To play recorded sessions
To use events and bookmarks
To change the playback display
To display or hide window elements
To cache recorded session files
To change SmartAuditor Servers
Troubleshooting SmartAuditor
Verifying Component Connections
Testing IIS Connectivity
Troubleshooting Certificate Issues
SmartAuditor Agent Cannot Connect
SmartAuditor Server Cannot Connect to the SmartAuditor Database
Sessions are not Recording
Searching for Recordings in the Player Fails
Troubleshooting MSMQ
Unable to View Live Session Playback
To change your communication protocol
Reference: Managing Your Database Records
VM Hosted Apps
Readme for VM Hosted Apps
System Requirements for VM Hosted Apps
Planning Your VM Hosted Apps Deployment
Using Active Directory with Desktop Delivery Controller
Security Planning for VM Hosted Apps
Using Smart Cards with VM Hosted Apps
Installing the VM Hosted Apps Feature
To create a farm
To use a separate database server
To add a controller to a farm
To manage your farm remotely
Providing Access to VM-Hosted Applications
To install the XenDesktop Setup Wizard
Installing the Virtual Desktop Agent
To install the Virtual Desktop Agent
To configure firewalls manually
To use Windows XP virtual desktops with Password Manager
Removing Components of VM Hosted Apps
To remove the Virtual Desktop Agent
Removing Desktop Delivery Controller Components
To remove all components
To remove selected components
To remove the XenDesktop Setup Wizard
Using Command-Line Tools to Install and Remove Components of VM Hosted Apps
Preparing and Provisioning Desktops
To create a base desktop VM
To create a vDisk
To add the base desktop VM to the Provisioning Services database
To install a target device on the base desktop VM
To image the base desktop VM to the Provisioning Services vDisk
To set the vDisk access mode
To create a Provisioning Services VM template
Using Desktop Groups to Publish Applications
To configure desktops to deliver an application
To create a desktop group
To create VM-based pooled desktops using the XenDesktop Setup Wizard
To enable logging on the XenDesktop Setup Wizard
To enable Pool Management logging
To create multiple XenServer pools
Configuring Advanced Settings for Desktop Groups
To configure access controlled by Access Gateway
To set up an idle pool
Configuring Logoff Behavior
To configure logoff behavior for pooled desktops
To configure logoff behavior for assigned desktops
Specifying Client Options
Importing and Exporting Desktop and User Assignment Data
To import data from a file into an existing desktop group
To export data to a file
To update a desktop group
To delete a desktop group
Customizing Your Desktop Delivery Controller Environment
Delegating Desktop Delivery Controller Administration Tasks
Configuring Connection Timers
Enabling Users to See Their Local Times
Configuring USB Support
Support for USB Mass Storage Devices
Managing Your Desktop Delivery Controller Deployment
To put a desktop into maintenance mode
To view sessions for a desktop group
To disconnect or log off a session
Manually Controlling Virtual Machines
To start virtual machines
To shut down and restart virtual machines
To migrate a desktop to another farm
To migrate a controller to another farm
Workflow Studio Orchestration
XenApp 5 for Windows Server 2008
Release Notes for XenApp 5.0 Feature Pack
Readme for Citrix XenApp 5.0 for Windows Server 2008
Installation Checklist
Getting Started with Citrix XenApp
Before You Begin
New Product and Feature Names
Media Kit Contents
Introducing Citrix XenApp 5
XenApp Product Editions
New Features and Changes in XenApp 5
New Features, Capabilities, and Changes in the XenApp 5 Feature Pack
XenApp Feature Overview
Hosted Application Delivery and Features
Application Streaming
Citrix Receiver and Merchandising Server
XenServer Virtualization Platform
Load Testing Services
Provisioning Services
Profile Management
Service Monitoring
SmartAuditor
Secure Application Access
Branch Optimization
Single Sign-on
EasyCall Voice Services
Workflow Studio Orchestration
Getting Up and Running with XenApp 5
Using XenApp to Manage Applications
Preparing to Create the Farm
Licensing This Release
Installing XenApp 5
Installing Additional Features
Running Mixed Farms
Planning Your XenApp Deployment
Farm Terminology and Concepts
Farm Hardware Considerations
Planning for Applications and Server Loads
Assessing Applications for XenApp Compatibility
Evaluating Application Delivery Methods
Placing Applications on Servers
Deciding How Many Farms to Deploy
Planning Infrastructure Servers
Planning the XenApp Data Store
Connecting to the Data Store
Database Server Hardware Performance Considerations
Replication Considerations
Planning for Configuration Logging and IMA Encryption
Planning for Data Collectors
Planning for WANs by Using Zones
Planning for the Web Interface and XML Broker
Planning for Application Streaming
Designing Terminal Services User Profiles
Planning for Accounts and Trust Relationships
Recommendations for Active Directory Environments
Planning for System Monitoring and Maintenance
Planning for UAC
Planning for Shadowing
Securing Delivery and Access
Planning for Supported Languages and Windows MUI Support
Planning for Passthrough Client Authentication
Planning a Successful User Experience
Integrating Other XenApp Features and Technologies
Choosing an Installation Method
XenApp Installation
Building a XenApp Farm
Preparing Your Environment
Creating a Farm
Choosing the Edition
Choosing an Installation Category
Selecting Components
Enabling and Configuring Passthrough Client Authentication
Installing the License Server
Selecting Components of XenApp
Specifying the Farm Name, Data Store, Zone, and Credentials
Enabling and Configuring IMA Encryption
Specifying the Citrix License Server
Enabling and Configuring Session Shadowing
Configuring the Citrix XML Service Port
Adding Users to the Remote Desktop Users Group
Joining a Server Farm
Migrating to XenApp 5.0
Choosing a Farm Migration Strategy
Creating a Migration Plan
Changes in This Release of XenApp
Migration Requirements and Restrictions
To migrate from the previous release
To uninstall XenApp and remove a server from a farm
To migrate a server farm by creating a new farm
Mixed Farms
Provisioning Servers and Configuring XenApp
Provisioning Farm Servers
Cloning XenApp Servers
To clone a server
Configuring Infrastructure Servers After Setup
Configuring XenApp after Installation
Custom XenApp Installation
Generating an Installation Log File
Preparing for Custom XenApp Installations
Installing XenApp by Modifying Windows Installer Packages
Applying Transforms to Setup
Performing an Unattended Installation with an Answer File
XenApp Windows Installer Properties Reference
XenApp Setup Properties for Create Farm and Join Farm
CTX_ADDLOCAL
CTX_CONFIGMGR_USER
CTX_CONFIGMGR_USER_PASSWORD
CTX_CPSVC_SERVICE_USER_NAME
CTX_CPSVC_SERVICE_USER_PASSWORD
CTX_IGNORE_MCM
CTX_IMA_PROTECTION_ENABLE
CTX_MALOO_SERVICE_USER
CTX_MALOO_SERVICE_USER_PASSWORD
CTX_MF_ADD_ANON_USERS
CTX_MF_ADD_LOCAL_ADMIN
CTX_MF_CREATE_FARM_DB_CHOICE
CTX_MF_CREATE_REMOTE_DESKTOP_USERS
CTX_MF_DOMAIN_NAME
CTX_MF_ENABLE_VIRTUAL_SCRIPTS
CTX_MF_FARM_SELECTION
CTX_MF_INDIRECT_JOIN_DOMAIN_NAME
CTX_MF_INDIRECT_JOIN_PASSWORD
CTX_MF_INDIRECT_JOIN_USER_NAME
CTX_MF_JOIN_FARM_DB_CHOICE
CTX_MF_JOIN_FARM_SERVER_NAME
CTX_MF_JOIN_FARM_SERVER_PORT
CTX_MF_LIC_CHOICE_FOR_CREATE
CTX_MF_LIC_CHOICE_FOR_JOIN_OR_UPGRADE
CTX_MF_LICENSE_SERVER_NAME
CTX_MF_LICENSE_SERVER_PORT
CTX_MF_LICENSE_SERVER_PORT_DEFAULT
CTX_MF_LOCAL_DATABASE
CTX_MF_MSDE_INSTANCE_NAME
CTX_MF_NEW_FARM_NAME
CTX_MF_ODBC_DRIVER
CTX_MF_ODBC_PASSWORD
CTX_MF_ODBC_USER_NAME
CTX_MF_ONLY_LAUNCH_PUBLISHED_APPS
CTX_MF_SERVER_TYPE
CTX_MF_SHADOW_PROHIBIT_NO_LOGGING
CTX_MF_SHADOW_PROHIBIT_NO_NOTIFICATION
CTX_MF_SHADOW_PROHIBIT_REMOTE_ICA
CTX_MF_SHADOWING_CHOICE
CTX_MF_SILENT_DSNFILE
CTX_MF_USER_NAME
CTX_MF_XML_CHOICE
CTX_MF_XML_PORT_NUMBER
CTX_MF_ZONE_NAME
CTX_PROTECT_KEY_PATH
CTX_PROTECT_KEY_TYPE
CTX_PROTECT_NEW_KEY_PATH
CTX_RDP_DISABLE_PROMPT_FOR_PASSWORD
CTX_REMOVE_WI_TURNKEY
CTX_SERV_MALOO_LOGON
CTX_SERV_PRINTER_LOGON
CTX_USE_EXISTING_JRE
INSTALLDIR
REBOOT
REINSTALLMODE
XenApp Windows Setup Properties Script Examples
Data Store Database Reference
Microsoft Access Database
Microsoft SQL Server Express Database
Microsoft SQL Server Database
Oracle Database
IBM DB2 Database
Creating a DSN File for XenApp Setup
Maintaining and Recovering a XenApp Data Store
Migrating a Farm Data Store
Migrating a Farm Data Store from MSDE to SQL Server Express
XenApp Administration
Management Consoles and Other Tools
Choosing the Console or Tool to Use
To start the console
Displaying Items in the Console
The Console User Interface
Performing Tasks with the Console
To view zones
Enabling Citrix Administrators to Manage Farms Remotely
XenApp Advanced Configuration and Presentation Server Console
Managing Citrix Administrators
Delegating Tasks to Custom Administrators
Publishing Resources
Publishing Resources for Users
To configure servers to publish for multiple users
To publish a resource using the Publish Application wizard
To publish App-V sequences
To select a resource type and delivery method
To configure locations of published applications
To configure locations of published content
To disable command-line validation
Managing Streamed Applications
Publishing Streamed Applications
To select a streaming delivery method
To force a delivery method for streamed applications
To provide HTTP or HTTPS delivery method
Configuring Offline Access
Configuring Content Redirection
To enable content redirection from server to client
To configure content redirection from client to server
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Making Virtual IP Addresses Available to Applications
How Virtual IP Addressing Works
Binding Applications
To determine whether an application needs to use virtual IP addresses
To make virtual IP addresses available to applications running in sessions
To make a virtual loopback address available to applications running in sessions
To supply client IP addresses to published applications on a server
Working with XenApp Policies
Creating XenApp Policies
Applying XenApp Policies
Configuring Policy Rules
To configure policy rules
Using Multiple Policies
Using Citrix policies with Active Directory
Prioritizing Policies and Creating Exceptions
Determining Which Policies Apply to a Connection
Resolving Search Results that Partially Match Criteria
Troubleshooting Policies with Conflicting Rules
Disabling, Reenabling, and Deleting Policies
Changing Settings Based on User Location
Configuring Policies and Filters for Web Access
Enabling Scanners and Other TWAIN Devices
To enable TWAIN redirection
Managing Session Environments and Connections
Defining User Environments in XenApp
Controlling the Appearance of User Logons
Controlling Access to Devices and Ports
Mapping Client Drives
Mapping Client COM Ports and Audio
Displaying Local Special Folders in Sessions
To enable Special Folder Redirection
To prevent local special folders from being redirected
Configuring Audio for User Sessions
To enable or disable audio for published applications
Limiting Bandwidth for Audio Throughput
To configure audio compression and output quality
Enabling Support for Microphones and Speakers
Setting Up for Digital Dictation Devices
Ensuring Session Continuity for Mobile Workers
Maintaining Session Activity
Configuring Session Reliability
Configuring Automatic Client Reconnection
Configuring ICA Keep-Alive
Managing and Monitoring XenApp Sessions
Monitoring Session Status
Viewing User Sessions
Viewing User Sessions with the Shadow Taskbar
To view user sessions with the console
Enabling Logging for Shadowing
Enabling User-to-User Shadowing with Policies
To create a user policy to define users who can shadow
To merge shadowers in multiple policies
Managing User Sessions
To terminate processes in a user’s session
To display session properties
To connect to a user’s session from Program Neighborhood
To reset a session
To log off from a session
To send a message to one or more users
Controlling Client Connections in XenApp
Preventing Specific Client Connection Types
Specifying Connection Limits
Limiting Connections to a Server Farm
Sharing Sessions and Connections
Limiting Application Instances
Logging Connection Denial Events
Controlling Connections with Terminal Services Configuration
Preventing User Connections during Farm Maintenance
Optimizing User Sessions for XenApp
Optimizing Web Page and Email Responsiveness
Effects of Restricting Animations in Internet Explorer
SpeedScreen Browser Acceleration Limitations
Configuring SpeedScreen Browser Acceleration
Optimizing Audio and Video Playback
Configuring SpeedScreen Multimedia Acceleration
Optimizing Flash Animations
Optimizing Throughput of Image Files
Optimizing Display of Image Files
Optimizing Keyboard and Mouse Responsiveness
Configuring SpeedScreen Latency Reduction
Adjusting SpeedScreen Latency Reduction for an Application
To configure latency reduction settings for input fields in an application
To create exception entries for non-standard input fields in an application
Configuring ICA Display Settings
To configure ICA browser settings for a server
Securing Server Farms
Securing Access to Your Servers
Securing the Data Store
Securing Client-Server Communications
Using SecureICA
Enabling SSL/TLS Protocols
To configure session data encryption
To set a policy for ICA encryption
Configuring SSL/TLS Between Servers and Clients
Task Summary for Implementing SSL Relay
Installing and Configuring the SSL Relay Tool with User Account Control Enabled
Obtaining and Installing Server and Root SSL Certificates
Choosing an SSL Certificate Authority
Acquiring a Signed SSL Certificate and Password
To enable the SSL Relay and select the relay credentials
Using the SSL Relay with the Microsoft Internet Information Service (IIS)
Configuring the Relay Port and Server Connection Settings
To add a server to the destination server list
To change the port for a server listed in the destination server list
To run the SSL Relay on port 443 without using HTTPS
Configuring the Ciphersuites Allowed by the SSL Relay
Using the Secure Gateway
Using the Secure Ticket Authority
Securing Network Communications
Configuring TCP Ports
Using Proxy Servers
Configuring Authentication for Workspace Control
Using Smart Cards with Citrix XenApp
Smart Card Requirements
Configuring XenApp for Smart Cards
Configuring Kerberos Logon
To enable Citrix XML Service DNS address resolution
To disable Kerberos logon to a server
Logging Administrative Changes to a XenApp Farm
Setting up the Configuration Logging Database
Defining Database Permissions for Configuration Logging
To configure the connection to the Configuration Logging database using the Configuration Logging Database wizard
To configure a SQL Server database for configuration logging
To configure an Oracle database for configuration logging
To set Configuration Logging properties
Delegating the Administration of Configuration Logging
To view Configuration Logging properties
Clearing Entries from the Configuration Logging Database
Generating Configuration Logging Reports
Encrypting Sensitive Configuration Logging Data
Copying the key to a local computer
To generate a key and enable IMA encryption on the first server in a farm
To load a key on subsequent servers in the farm
To store the key on a network location
Changing Farms
Enabling IMA Encryption Features
XenApp Service Account Privileges
Maintaining Server Farms
Displaying and Organizing Your Farm
Organizing Your Farm Display in the Console
To configure general farm properties
To search for objects in your farm
Connecting to a Remote Server Console
To connect to a server’s published desktop
To connect directly to a server's desktop
To limit the number of server connections per user
To disable and re-enable server logons
Enabling Local Browsers with Published Applications
Restarting Servers at Scheduled Times
To repair a XenApp installation
Changing XenApp Farm Membership
Removing and Reinstalling XenApp
To uninstall XenApp
To force the uninstallation of XenApp
To remove a server from the farm
To rename a XenApp server
Monitoring Server Performance with Health Monitoring & Recovery
Enabling and Disabling Health Monitoring & Recovery
Modifying Health Monitoring & Recovery Test Settings
To modify the Health Monitoring & Recovery Tests settings for farms or a server
Adding Health Monitoring & Recovery Tests
Developing Custom Health Monitoring & Recovery Tests
Getting Health Monitoring & Recovery Alerts
Using Citrix Performance Monitoring Counters
Enabling SNMP Monitoring
To install the Microsoft SNMP Services
SNMP Security Considerations
To display or change the SNMP security properties
Enabling the Citrix SNMP Agent and Configuring Trap Settings
To enable the SNMP agent and configure trap settings on all servers in a farm
To enable the SNMP agent and configure trap settings on an individual server
Monitoring Traps from SNMP Network Management Products
Using the Citrix Management Information Base
Optimizing Server Performance
Using Preferential Load Balancing
Resource Allotment
Multiple Published Applications in the Same Session
Using CPU Utilization Management
Fair Sharing of CPU Between Sessions
Managing Peak Utilization on Multiprocessor Servers
Enabling CPU Utilization Management
Managing Virtual Memory Usage
Enabling Memory Utilization Management
Scheduling Virtual Memory Optimization
To create a memory optimization schedule
Excluding Applications from Memory Optimization
To exclude additional applications from memory optimization
Optimizing Simultaneous Logon Performance
Managing Farm Infrastructure
Maintaining the Local Host Cache
Tuning Local Host Cache Synchronization
Refreshing the Local Host Cache
Recreating the Local Host Cache
Data Collectors and Elections
Specifying Backup Data Collectors
Enhancing the Performance of a Remote Group of Servers
To configure zones in your farm
Updating Citrix License Server Settings
To specify a default license server for a farm
To specify a license server for individual servers
To set the product edition
Setting the Citrix XML Service Port
To configure the Citrix XML Service port for a server
To manually change the XML Service port to use a port different from IIS after installation
To manually configure Citrix XML Service to share the TCP port with IIS
Understanding XenApp Printing
Introduction to Windows Printing Concepts
Local and Remote Print Job Spooling
XenApp Printing Concepts
Overview of Client and Network Printing Pathways
Provisioning Printers for Sessions
Auto-Creating Client Printers
Auto-Creating Network Printers
Letting Users Provision Their Own Printers
Device or Session-Based Print Settings
Device-Based Print Settings
Controlling Printing Settings and User Preferences
Setting Default Printers
Printing and Mobile Workers
Optimizing Printing Performance by Routing
Managing Printer Drivers
Types of Printer Drivers
Planning Your Printing Configuration
Default Printing Behavior
Printing Policy Configuration
Printing Security
Purchasing Printing Hardware
Configuring and Maintaining XenApp Printing
Configuring Printing
Configuring Printer Autocreation Settings
Configuring Citrix Universal Printing
Configuring Auto-Creation for DOS and Windows CE Clients
Configuring Network Printers for Users
To import printers from a network print server
To import printers from other domains
To assign printers using the Session printers policy rule
To add a network printer while configuring the Session printers rule
To specify a default printer for a session
To edit the printer settings in the sessions policy
To configure server local printers
Configuring Printers for Mobile Workers
Changing Network Print Job Routing
Providing Tools for User Provisioning
To store users’ printer properties
To synchronize properties from the printer
Controlling Printer Driver Automatic Installation
Configuring Universal Printer Drivers on Farm Servers
Mapping Client Printer Drivers
Increasing Printing Speed and Session Performance
Updating Network Print Server Information
Replicating Printer Drivers Across a Farm
Replicating Printer Drivers Manually
Replicating Printer Drivers Automatically
Displaying Printers
Displaying Printers Using the Network Printing Pathway
Displaying Printers Using the Client Printing Pathway
Displaying Drivers
XenApp Commands Reference
ACRCFG
ALTADDR
APP
AUDITLOG
CHANGE CLIENT
CHFARM
To move a server to a new server farm using SQL Server Express
CTXKEYTOOL
CTXXMLSS
DSCHECK
DSMAINT
ENABLELB
ICAPORT
IMAPORT
MIGRATETOSQLEXPRESS
QUERY FARM
QUERY PROCESS
QUERY SESSION
QUERY TERMSERVER
QUERY USER
TWCONFIG
Performance Counters Reference
Citrix CPU Utilization Mgmt User Counters
Citrix IMA Networking Counters
Citrix Licensing Counters
Citrix MetaFrame Presentation Server Counters
ICA Session Counters
Secure Ticket Authority Counters
Policy Rules Reference
Policy Rules: Quick Reference Table
Bandwidth Folder
Visual Effects Folder
SpeedScreen Folder
Session Limits and Session Limits (%) Folder
Client Devices Folder
Resources Folder
Audio Folder
Drives Folder
Optimize Folder
Special Folder Redirection
Other Folder
Ports Folder
PDA Devices folder
Maintenance Folder
Printing Folder
Client Printers Folder
Drivers Folder
User Workspace Folder
Connections Folder
Content Redirection Folder
Shadowing Folder
Configuring User Shadowing
Permissions to Shadow Users
Time Zones Folder
Citrix Password Manager Folder
Streamed Applications Folder
Security and Encryption Folders
Service Level Folder
Application Streaming
New Features in This Release
Components for Application Streaming
Creating Application Profiles
Targets Overview
Service Pack Level
System Drive Letter
Operating System Language
Inter-Isolation Communication Overview
Managing Isolation Environment Rules
Types of Isolation Environment Rules
Restrictions and Limitations for Rules
Creating Isolation Environment Rules for a Target
To create an isolation environment rule
To modify a rule
Using Environment Variables to Construct Rules
Preparing a Workstation for Profiling Applications
Known Limitations for Profiling
To install the profiler
To start the profiler
To disable and enable profile signing
Creating a Profile and Its Initial Target
To create a profile and target
To install multiple applications through Advanced Install
To set user profile security
To install Internet Explorer plug-ins
To include files and folders in a target
To include registry settings
To choose an installation program for the application
To run an application in the profiler
To select applications for listing in the profile
To set up inter-isolation communication
To sign a profile
Editing Profiles
To view profile information
To edit the profile name, description, or location
To view details about applications in a profile
To view File Type Associations set in a profile
To check for launch prerequisites
To check for prerequisite registry entries
To check prerequisite applications and files
To specify pre-launch and post-exit scripts
To add a target to a profile
To resolve target conflicts
To delete a folder from a profile
To delete a target from a profile
To delete a profile in a linked profile
To resolve invalid shortcuts
Editing Targets
To edit the target name and description
To modify the application properties in the target
To modify the operating system and language properties of a target
To check for launch prerequisites for a target
To specify pre-launch and post-exit scripts for a target
To update a target
To remove an old version of an updated target
Profile Contents on the Server
Manifest File
Targets
Digital Signature
Icons
Scripts
Managing Streamed Applications
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Managing the XenApp Streaming Plug-in
XenApp Streaming Plug-in Overview
Managing the XenApp Streaming Plug-in
To install the XenApp Streaming Plug-in
To configure the cache size of the streaming plug-in
To deploy the XenApp Streaming Plug-in
To configure an .MSI package using transforms
To deploy the XenApp Streaming Plug-in to client devices through Active Directory
To deploy applications to client devices
To clear the streamed application cache on user devices
Finding EdgeSight Documentation
Identifying Edgesight Documents
Installing Your Monitoring and Reporting Tools
Software Requirements
Licensing Requirements
The Installation Process
Installing or Upgrading
Uninstalling
Displaying Monitoring and Reporting Tools and Components After Installation
Configuring Metrics
Configuring a Set of Metrics for Specific Servers
Creating a Default Set of Metrics
Farm Performance Metrics
Configuring Application Metrics
Suspending Notification of a Metric’s Status
Getting More Information About Metrics And Monitoring
Viewing Monitoring Information
Current State of All Metrics
Metrics That Breach Thresholds
Graphs of Metric Values
Creating Custom Metrics Displays
Configuring Logs
Additional Alert Information
Custom Displays
Alerting Administrators to Poor Server Performance
Sources of Alerts
Preparing Your System for Email Alerts
Using MAPI to Send Alerts
Setting up SSL for SMTP Email Alerts
Preparing Your System for SMS Alerts
Preparing Your System for SNMP Alerts
Running a Script when an Alert Threshold Is Breached
Receiving Failed Import Alerts
Receiving License Server Connection Failure Alerts
Recording the History of Servers and Applications
What Information Should I Record in the Database?
Scheduling Summary Data Collection and Removal
Ignoring Server Metrics During Periods of Low Server Activity
Removing Unwanted Information from the Database
Monitoring the Status of the Database
Managing the Database
Reporting and Analyzing Monitoring Information
Reports
About Report Jobs and Specifications
Creating Reports About Current Activity
Creating Reports About Past Activity
Displaying Reports from Servers in Different Time Zones or Locales
What if a Reporting Server Uses a Different Language?
Estimating the Concurrent User Capacity of a Server
Billing Users for Resource Usage
Default Metric Set
Database Schema
Enterprise Management
Management Pack for Microsoft Operations Manager 2005
Management Pack Features
The Management Pack and the Providers
Citrix Views in the Management Pack
Health Monitoring Views
Discovery Views
Deployment Topology View
State View: the Citrix Server and Citrix Licensing Roles
XenApp Managed and Unmanaged Computers
About Citrix Computer Groups
To install or upgrade the Management Pack for MOM 2005
Management Pack Post-Installation Tasks
Security Considerations for the Management Pack
Troubleshooting Query Errors in MOM
Configuring Topology Discovery
To specify server farm and zone computer groups
To configure Citrix Administrators as MOM operators
To change the format of net send messages
Configuring and Enabling Site-specific Rules for MOM 2005
Too Many Disconnected Sessions
Idle Sessions
Too Many Active Sessions
Sample Published Application Load
To open the Access Management Console from the MOM Operator Console
To change the Access Management Console path with the MOM Administrator Console
Management Pack for System Center Operations Manager 2007
System Requirements for the Management Pack
To install the Management Pack
Management Pack Post-Installation Tasks
Uninstalling the Management Pack
Security Considerations for the Management Pack
Troubleshooting Query Errors in Operations Manager
Citrix Managed Objects Included in the Management Pack
Citrix Views Included in the Management Pack
To view state monitors and processing rules
Viewing XenApp Alert and Event Information
Viewing XenApp Deployment State Information
Viewing Citrix Presentation Server Topology Diagrams
To reconfigure security settings on zone data collectors
Viewing XenApp Performance Information
Viewing License Server Information
Configuring and Enabling Site-specific Monitors
To open the Access Management Console from the Operations Manager Console
Managing Providers and WMI
XenApp Provider Overview
Licensing Provider Overview
Installing the XenApp Provider
Installing the Licensing Provider
Starting the Provider Services
Security Considerations
Uninstalling the Providers
WMI Schema
XenApp Provider WMI Schema (Part 1 of 3)
XenApp Provider WMI Schema (Part 2 of 3)
XenApp Provider WMI Schema (Part 3 of 3)
Citrix Licensing Provider WMI Schema
Load Manager
Working with Load Manager Rules
List of Load Manager Rules
Working with Load Evaluators
Viewing and Modifying Load Evaluator Properties
Creating Load Evaluators
Assigning Load Evaluators to Servers and Applications
Copying Load Evaluators
Deleting Load Evaluators
Scheduling Server Availability
Monitoring Server Loads
Logging Load Management Activity
Setting the Frequency of Information Updates
Viewing Usage Reports
Secure Gateway
Citrix XenApp Components That Work with Secure Gateway
Secure Gateway Features
System Requirements for Secure Gateway
System Hardware Requirements
Citrix Products Compatibility with Secure Gateway
Certificate Requirements
Planning a Secure Gateway Deployment
Deploying the Secure Gateway in a Single-Hop DMZ
Running the Web Interface behind the Secure Gateway in the Demilitarized Zone
Locking Down Internet Information Services
Running the Web Interface Parallel with the Secure Gateway
Setting Up the Web Interface and the Secure Gateway in a Single-Hop Demilitarized Zone
Deploying the Secure Gateway in a Double-Hop DMZ
Setting Up the Secure Gateway and the Secure Gateway Proxy in a Double-Hop DMZ
Publishing the Web Address for the Secure Gateway in a Double-Hop Demilitarized Zone
Setting Up and Testing a Server Farm
Installing the Secure Ticket Authority
Testing Your Deployment
Installing and Configuring the Secure Gateway and Secure Gateway Proxy
Upgrading Secure Gateway or Secure Gateway Proxy
Using Firewall Software with the Secure Gateway or Secure Gateway Proxy
Installing the Secure Gateway or Secure Gateway Proxy
To install the Secure Gateway or Secure Gateway Proxy
Configuring the Secure Gateway or Secure Gateway Proxy
To start the configuration wizard manually
To select a configuration level (Secure Gateway)
To select a configuration level (Secure Gateway Proxy)
Task Summary for Secure Gateway, Advanced or Standard Configuration
Task Summary for Secure Gateway Proxy, Advanced or Standard Configuration
To select a server certificate
To configure secure protocol settings
To configure inbound client connections
To configure outbound connections
To configure an access control list for outbound connections
To configure servers running the Secure Gateway Proxy
To add the Secure Ticket Authority details
To configure connection parameters
To configure logging exclusions
To add the Web Interface server details
To configure the logging parameters
To complete the configuration
To stop the Secure Gateway/Secure Gateway Proxy service
To uninstall the Secure Gateway
Managing the Secure Gateway
Viewing Session and Connection Information with the Secure Gateway Console
Viewing Secure Gateway Performance Statistics
To view the Secure Gateway performance statistics
Performance Counters Available for the Secure Gateway
Generating the Secure Gateway Diagnostics Report
Viewing the Secure Gateway Events
Viewing the Secure Gateway Access Logs
Secure Gateway Configuration Wizard
Secure Gateway Optimization and Security Guidelines
Configuring Firewalls for the Secure Gateway
Ensuring High Availability of the Secure Gateway
Load Balancing Multiple Secure Gateway Servers
Load Balancing an Array of the Secure Gateway Proxy
Certificate Requirements for Load Balancing Secure Gateway Servers
Using Load Balancers and SSL Accelerator Cards with Secure Gateway Servers
Coordinating Keep-Alive Values Between the Secure Gateway and Citrix XenApp
Setting Connection Keep-Alive Values and the Secure Gateway
Improving Security (Recommendations)
Preventing Indexing by Search Engines
Troubleshooting the Secure Gateway
To check your certificates
Client Connections Launched from IP Addresses in the Logging Exclusions List Fail
Load Balancers Do Not Report Active Client Sessions if Connections Are Idle
Performance Issues with Transferring Files Between a Client Device and a Citrix XenApp Server
Gateway Client Connections Fail When Using Windows XP Service Pack 2
Failed Client Connections to the Secure Gateway Result in Duplicate Entries in the Secure Gateway Log
Placing the Secure Gateway Behind a Reverse Web Proxy Causes an SSL Error 4
Run the Secure Gateway Parallel to the Reverse Web Proxy
Use a Network Address Translator Instead of a Reverse Web Proxy
Digital Certificates and the Secure Gateway
Understanding Cryptography
Types of Cryptography
Combining Public Key and Secret Key Cryptography
Understanding Digital Certificates and Certificate Authorities
Certificate Chains
Certificate Revocation Lists
Deciding Where to Obtain Certificates
Obtaining and Installing Server Certificates
Obtaining and Installing Root Certificates
Support for Wildcard Certificates with the Secure Gateway
Using the Secure Gateway Proxy in Relay Mode
Modes of Operation for the Secure Gateway Proxy
How Relay Mode Works
Installing the Secure Gateway Proxy in Relay Mode
To install the Secure Gateway Proxy in relay mode
To configure the Secure Gateway in relay mode
Configuring Plug-ins for Secure Gateway
To configure plug-in connections to the Secure Gateway Proxy
To configure all application sets for the plug-in to connect to the Secure Gateway Proxy
To test the Secure Gateway relay mode
To start or stop the Secure Gateway Proxy Service manually
SmartAuditor
Example Usage Scenarios
Getting Started with SmartAuditor
Planning Your Deployment
Security Recommendations
Installing Certificates
Scalability Considerations
Important Deployment Notes
Pre-Installation Checklist
To install SmartAuditor
Automating Installations
Uninstalling SmartAuditor
To configure SmartAuditor to play and record sessions
Granting Access Rights to Users
Creating and Activating Recording Policies
Using System Policies
Creating Custom Policies
To create a new policy
To modify a policy
To delete a policy
To activate a policy
Understanding Rollover Behavior
To disable or enable recording
To configure the connection to the SmartAuditor Server
Creating Notification Messages
Enabling Custom Event Recording
To enable or disable live session playback
To enable or disable playback protection
To enable and disable digital signing
To specify where recordings are stored
Specifying File Size for Recordings
Viewing Recordings
To launch the SmartAuditor Player
To open and play recordings
To search for recorded sessions
To play recorded sessions
To use events and bookmarks
To change the playback display
To display or hide window elements
To cache recorded session files
To change SmartAuditor Servers
Troubleshooting SmartAuditor
Verifying Component Connections
Testing IIS Connectivity
Troubleshooting Certificate Issues
SmartAuditor Agent Cannot Connect
SmartAuditor Server Cannot Connect to the SmartAuditor Database
Sessions are not Recording
Searching for Recordings in the Player Fails
Troubleshooting MSMQ
Unable to View Live Session Playback
To change your communication protocol
Reference: Managing Your Database Records
Glossary
XenApp 5 Feature Pack 2 for Windows Server 2008
XenApp 5 Security Standards and Deployment Scenarios
Security Considerations in a XenApp Deployment
Country-Specific Government Information
FIPS 140 and XenApp
TLS/SSL Protocols
Government Ciphersuites
IP Security
Citrix Password Manager
Smart Cards
Smart Card Support
Kerberos Authentication
Citrix XenApp Plugins
Standards Summary
Virtual Channels
Additional XenApp Security Features
ICA Encryption Using SecureICA
Authentication for the Web Interface Using RSA SecurID
Authentication for the Web Interface Using SafeWord
Deployment Samples
Sample A – Using the SSL Relay
How the Components in Sample Deployment A Interact
FIPS 140 Validation in Sample Deployment A
TLS/SSL Support in Sample Deployment A
Supported Ciphersuites for Sample Deployment A
Certificates and Certificate Authorities in Sample Deployment A
Smart Card Support in Sample Deployment A
Plugins Used in Sample Deployment A
Sample B – Using Secure Gateway (Single-Hop)
How the Components in Sample Deployment B Interact
IPSec in Sample Deployment B
FIPS 140 Validation in Sample Deployment B
TLS/SSL Support in Sample Deployment B
Supported Ciphersuites for Sample Deployment B
Certificates and Certificate Authorities in Sample Deployment B
Smart Card Support in Sample Deployment B
Plugins Used in Sample Deployment B
Sample C – Using Secure Gateway (Double-Hop)
How the Components in Sample Deployment C Interact
IPSec in Sample Deployment C
FIPS 140 Validation in Sample Deployment C
TLS/SSL Support in Sample Deployment C
Supported Ciphersuites for Sample Deployment C
Certificates and Certificate Authorities in Sample Deployment C
Smart Card Support in Sample Deployment C
Plugins Used in Sample Deployment C
Sample D – Using the SSL Relay and the Web Interface
How the Components in Sample Deployment D Interact
FIPS 140 Validation in Sample Deployment D
TLS/SSL Support in Sample Deployment D
Supported Ciphersuites for Sample Deployment D
Certificates and Certificate Authorities in Sample Deployment D
Smart Card Support in Sample Deployment D
Plugins Used in Sample Deployment D
Sample E – Using Password Manager and Secure Gateway (Single-Hop)
How the Components in Sample Deployment E Interact
IPSec in Sample Deployment E
FIPS 140 Validation in Sample Deployment E
TLS/SSL Support in Sample Deployment E
Supported Ciphersuites for Sample Deployment E
Certificates and Certificate Authorities in Sample Deployment E
Smart Card Support in Sample Deployment E
Plugins Used in Sample Deployment E
Technical Preview: XenApp for Windows Server 2008 R2
Technical Preview Readme for XenApp for Windows Server 2008 R2
What's New in Citrix XenApp Technical Preview
System Requirements for XenApp for Windows Server 2008 R2
Installing and Configuring XenApp
Preparing to Install XenApp
Installing XenApp Using the Wizard-Based Server Role Manager
Installing XenApp from the Command Line
Preparing to Configure XenApp
Configuring XenApp Using the Wizard-based Server Configuration Tool
Configuring XenApp from the Command Line
Command Syntax
Data Store Database Reference
Microsoft SQL Server Database
Oracle Database
Maintaining and Recovering a XenApp Data Store
XenApp Administration
Managing Citrix Administrators
Delegating Tasks to Custom Administrators
Publishing Resources
Publishing Resources for Users
To configure servers to publish for multiple users
To publish a resource using the Publish Application wizard
To select a resource type and delivery method
To configure locations of published applications
To configure locations of published content
To disable command-line validation
Managing Streamed Applications
Publishing Streamed Applications
To select a streaming delivery method
To provide HTTP or HTTPS delivery method
Configuring Offline Access
Configuring Content Redirection
To enable content redirection from server to client
To configure content redirection from client to server
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Making Virtual IP Addresses Available to Applications
How Virtual IP Addressing Works
Configuring Virtual Loopback
Binding Applications
To determine whether an application needs to use virtual IP addresses
To make virtual IP addresses available to applications running in sessions
To make a virtual loopback address available to applications running in sessions
To supply client IP addresses to published applications on a server
Performance Counters Reference
Citrix CPU Utilization Mgmt User Counters
Citrix IMA Networking Counters
Citrix Licensing Counters
Citrix MetaFrame Presentation Server Counters
ICA Session Counters
Secure Ticket Authority Counters
XenApp Commands Reference
ALTADDR
APP
AUDITLOG
CHANGE CLIENT
CHFARM
To move a server to a new server farm using SQL Server Express
CTXKEYTOOL
CTXXMLSS
DRIVEREMAP
DRIVEREMAP64
DSCHECK
DSMAINT
ENABLELB
ICAPORT
IMAPORT
MIGRATETOSQLEXPRESS
QUERY FARM
QUERY PROCESS
QUERY SESSION
QUERY TERMSERVER
QUERY USER
Load Management
Working with Load Management Rules
List of Load Management Rules
Working with Load Evaluators
Viewing and Modifying Load Evaluator Properties
Creating Load Evaluators
Assigning Load Evaluators to Servers and Applications
Copying Load Evaluators
Deleting Load Evaluators
Scheduling Server Availability
Logging Load Management Activity
Application Streaming
New Features in This Release
System Requirements for Application Streaming
Components for Application Streaming
Deciding Which Plug-ins to Use for Application Streaming
Providing Single Sign-on for Streamed Applications
Creating Application Profiles
Targets Overview
Service Pack Level
System Drive Letter
Operating System Language
Inter-Isolation Communication Overview
Managing Isolation Environment Rules
Types of Isolation Environment Rules
Restrictions and Limitations for Rules
Creating Isolation Environment Rules for a Target
To create an isolation environment rule
To modify a rule
Using Environment Variables to Construct Rules
Preparing a Workstation for Profiling Applications
Known Limitations for Profiling
To install the profiler
To disable and enable profile signing
To start the profiler
Creating a Profile and Its Initial Target
To create a profile and target
To allow users to update applications
To set up inter-isolation communication
To select an install option
To install multiple applications through Advanced Install
To choose an installation program for the application
To install Internet Explorer plug-ins
To include files and folders in a target
To include registry settings
To install an application in the profile
To run an application in the profiler
To select applications for listing in the profile
To sign a profile
Editing Profiles
To view profile information
To edit the profile name, description, or location
To view details about applications in a profile
To view File Type Associations set in a profile
To check for launch prerequisites
To check for prerequisite registry entries
To check for prerequisite applications and files
To specify pre-launch and post-exit scripts
To add a target to a profile
To resolve target conflicts
To resolve invalid shortcuts
To delete a target from a profile
To delete a folder from a profile
To delete a profile in a linked profile
Editing Targets
To edit the target name and description
To modify the application properties in the target
To modify the operating system and language properties of a target
To update a target
To remove an old version of an updated target
Profile Contents on the Server
Manifest File
Targets
Digital Signature
Icons
Scripts
Publishing Resources
Publishing Resources for Users
To configure servers to publish for multiple users
To publish a resource using the Publish Application wizard
To select a resource type and delivery method
To configure locations of published applications
To configure locations of published content
To disable command-line validation
Managing Streamed Applications
Publishing Streamed Applications
To select a streaming delivery method
To provide HTTP or HTTPS delivery method
Configuring Offline Access
Configuring Content Redirection
To enable content redirection from server to client
To configure content redirection from client to server
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Making Virtual IP Addresses Available to Applications
How Virtual IP Addressing Works
Configuring Virtual Loopback
Binding Applications
To determine whether an application needs to use virtual IP addresses
To make virtual IP addresses available to applications running in sessions
To make a virtual loopback address available to applications running in sessions
To supply client IP addresses to published applications on a server
Managing the Offline Plug-in
Citrix Offline Plug-in Overview
Deciding Which Plug-ins to Use for Application Streaming
Using the Merchandising Server and Citrix Receiver to Deploy the Plug-ins
Installing the Offline Plug-in
To install the Citrix offline plug-in
To configure the cache size of the offline plug-in
To deploy the Citrix offline plug-in
To configure an .MSI package for the offline plug-in using transforms
To deploy the offline plug-in to user devices through Active Directory
To deploy applications to user devices
To clear the streamed application cache on user devices
To clear merged rules for linked profiles on user devices
SmartAuditor
System Requirements for SmartAuditor
Example Usage Scenarios
Getting Started with SmartAuditor
Planning Your Deployment
Security Recommendations
Installing Certificates
Scalability Considerations
Important Deployment Notes
Pre-Installation Checklist
To install SmartAuditor
Automating Installations
Uninstalling SmartAuditor
To configure SmartAuditor to play and record sessions
Granting Access Rights to Users
Creating and Activating Recording Policies
Using System Policies
Creating Custom Policies
To create a new policy
To modify a policy
To delete a policy
To activate a policy
Understanding Rollover Behavior
To disable or enable recording
To configure the connection to the SmartAuditor Server
Creating Notification Messages
Enabling Custom Event Recording
To enable or disable live session playback
To enable or disable playback protection
To enable and disable digital signing
To specify where recordings are stored
Specifying File Size for Recordings
Viewing Recordings
To launch the SmartAuditor Player
To open and play recordings
To search for recorded sessions
To play recorded sessions
To use events and bookmarks
To change the playback display
To display or hide window elements
To cache recorded session files
To change SmartAuditor Servers
Troubleshooting SmartAuditor
Verifying Component Connections
Testing IIS Connectivity
Troubleshooting Certificate Issues
SmartAuditor Agent Cannot Connect
SmartAuditor Server Cannot Connect to the SmartAuditor Database
Sessions are not Recording
Searching for Recordings in the Player Fails
Troubleshooting MSMQ
Unable to View Live Session Playback
To change your communication protocol
Reference: Managing Your Database Records
Video Conferencing with HDX RealTime
Profile Management 3.0 Technical Preview
New Key Features in Profile Management 3.0 Technical Preview
Planning Your Profile Management 3.0 Technical Preview Deployment
To deploy Profile management 3.0 Technical Preview
Managing Your Profile Management 3.0 Technical Preview
Single Sign-On 4.8
Single sign-on Installation and Upgrade
Introducing Citrix Single sign-on
Identifying the Four Key Components of Single Sign-on
Managing User and Administrative Data with the Central Store
Managing the User Experience with the Single Sign-on Component of the Delivery Services Console
Interacting with the User with the Single Sign-on Plug-in
Providing Additional Features with the Single Sign-on Service
New Features in Single Sign-on 4.8
Licensing Requirements
Single Sign-on in Disconnected Mode
Managing a Mixed License Type Environment
To employ available concurrent user licenses to be used offline
Single Sign-on Supporting System Software Requirements
Single Sign-on Software Requirements
Security and Account Requirements for Single Sign-on Service
Server Authentication Certificate Requirement
Accounts Required for Service Modules
Account Requirements to Install and Use Single Sign-on
To install Microsoft .NET 2.0
Installing the Java Runtime Environment
Planning Your Single sign-on Environment
Identifying the Four Key Components of Single Sign-on
Central Store Types
Choosing an Active Directory Central Store
Choosing an NTFS Network Share
Using Account Association with Multiple Central Stores and User Account Credentials in a Multiple Domain Enterprise
Advantages of Using Account Association
Password Policies
Password Policy Considerations
Default Settings for the Default and Domain Password Policies
Types of Applications Supported by Single Sign-on
Collect Information About Each Application in Advance
Smart Cards
Requiring Identity Verification
Verifying User Identity by Using Security Questions (Question-Based Authentication)
Recovering or Unlocking User Credentials Automatically
Planning Your Single Sign-on Plug-in User Configurations
Enabling the Sharing of the Same Resources or Workstation Among Many Users (Hot Desktop)
Selecting Optional Single Sign-on Service Features
Enabling Service Modules: Key Management
Enabling Service Modules: Data Integrity
Enabling Service Modules: Provisioning
Enabling Service Modules: Self-Service
Enabling Service Modules: Credential Synchronization (Account Association)
Single Sign-on Plug-in Software Deployment Scenarios
Planning for Multiple Primary Authentication and User Credential Protection
Installing Single sign-on
Installation Order
Single sign-on Component Installation Configurations
To create a central store
Installing the Single sign-on Console Component
Installing and Configuring the Service Modules
Installing and Configuring the Single sign-on Plug-in
Installation Scenarios
To install the Single sign-on plug-in on a local device
Configuring and Using the Multi-Domain Service Feature
To configure the service for multidomain use
Single sign-on Administration
Enforcing Password Requirements
Creating Password Policies
Helping to Increase Password Strength and Security
Configuring Password Manager to Recognize Applications
Application Templates
How Single Sign-on Plug-in Identifies Applications and User Credential Management Events
Application Definition Wizard Overview
Form Definition Wizard Overview
Defining Windows Type Application Definitions
Identifying Windows Forms with Advanced Matching
Windows Type Application Definitions
Window Identifier
Identification Extensions
Using the Action Editor to Define the Action Sequence for Forms
To define an action sequence
Action Descriptions
Considerations for Windows Type Definitions
Web Type Application Definitions
Gathering the Information Required for Web Application Definitions
Name Form
Identify Form
Define Form Actions
Configure Other Settings
Web Form Wizard
Redirect to Windows Application Configuration
Advanced Settings Dialog Box for Web Applications
To create a detection match entry
Terminal Emulator Type Application Definitions
Gathering the Information Required for Terminal Emulator Application Definitions
Form Definition Process
Name Form
Identify Form
To add a text-match qualification entry
Set Field Detection Rules
To add a field entry
Configure Other Settings
Advanced Settings for Terminal Emulator-Based Applications
Considerations for Terminal Emulator Type Definitions
Terminal Emulation Support
Mfrmlist.ini Field Definitions
Creating User Configurations
Default User Configuration Properties
To specify a domain controller for an existing user configuration
To create a user configuration
Choose Applications
Configure Plug-in Interaction
Advanced Settings
Configure Licensing
Select Data Protection Methods
Select Secondary Data Protection
Enable Self-Service Features
Locate Service Modules
Synchronizing Credentials by Using Account Association
Choosing and Configuring a Domain to Host the Credential Synchronization Module
To configure the credential synchronization features in the host domain
To manually synchronize application definitions among domains
To configure Account Association user settings in other domains
To configure Account Association in the plug-in software
To reset user data
To delete user data
To prompt users to reregister
To set a user configuration priority
Assigning a User Configuration to Different Users
Upgrading Existing User Configurations
User Authentication and Identity Verification
Overview of Identity Verification Methods
If Users Switch among Multiple Primary Authentication Methods
Managing Question-Based Authentication
Confirming User Identity Using Question-Based Authentication
Considerations
Question-Based Authentication Workflow
Designing Security Questions: Security Versus Usability
Managing Your Questions
To create new security questions
To set a default language
To add or edit text for existing questions
To add, remove, or change the order of the security questions in the questionnaire
To create a security question group
To edit a security question group
To select one or more question for key recovery
To enable security answer masking
To make your questionnaire backward compatible
To check for backward compatibility
Allowing Users to Reregister Answers to Their Security Questions
Allowing Users to Manage Their Primary Credentials with Account Self-Service
Overview of Self-Service
Using Automatic Key Management with Self-Service
Summary of Self-Service Implementation Tasks
To reset self-service user registration
User Experience
Using Provisioning to Automate Credential Entry
Summary of Provisioning Tasks
Generating a Credential Provisioning Template
Editing the Provisioning Template
The cpm-provision Tag
The user Tag
The add Command
The modify Command
The delete Command
The remove Command
The reset Command
The list-credentials Command
To process your provisioning template
Tuning Credential Provisioning Processing
Hot Desktop: A Shared Desktop Environment for Users
Summary of Hot Desktop Tasks
Hot Desktop Start Up and Shut Down Process Flow
Troubleshooting Hot Desktop User Startup
Creating a Hot Desktop Shared Account
Guidelines for the Hot Desktop Shared Account
Requirements for Applications Used with Hot Desktop
Controlling How Applications Behave for Hot Desktop Users
The Session.xml File
startup_scripts
shutdown_scripts
Launching Applications Using Session.xml
The Process.xml File
shellexecute_processes
persistent_processes
transient_processes
User Configuration Settings for Hot Desktop
To install Hot Desktop
To uninstall Hot Desktop
To enable terminal services after you uninstall Hot Desktop
To enable multiple sessions
To view Hot Desktop profiles
To disable AutoAdminLogon Support
To change the Hot Desktop shared account password
To shut down a Hot Desktop workstation
Interacting with Other Citrix Products
Hot Desktop Information on the Web
Operations
Logging Single Sign-on Events
Mfrmlist.ini File
Single Sign-on Plug-in Software Does not Submit Credentials
Web-Based Applications
Terminal Emulator-Based Applications
Supporting Terminal Emulators
To configure emulator support
Single sign-on Plug-in Software Does not Start
Creating a New Signing Certificate
Signing, Unsigning, Re-signing, and Verifying Data
Signing Data (-s)
Re-signing Data (-r)
Unsigning Data (-u)
Verifying Data (-v)
Displaying Help (-h)
Enabling and Disabling the Data Integrity Service on Single Sign-on Plug-in Software
Removing Deleted Objects from Your Central Store
Moving Data to a Different Central Store
Migrating Data to a New Central Store
Exporting Application Definitions
To back up the service
To restore the service
Single sign-on 4.8 Settings Reference
User Configurations
Basic Agent Interaction
allow users to reveal all passwords in Logon Manager
force re-authentication before revealing user passwords
allow users to pause agent
notify user when agent synchronization fails
automatically detect applications and prompt user to store credentials
automatically process defined forms when the agent detects them
time between agent re-authentication requests
Agent User Interface
display computer name in notification icon ToolTip
show notification icon
specify the length of time the agent delays credential submission
set the default columns and column order in Logon Manager
Client-Side Interaction
enforce password matching during initial credential setup
log Citrix Password Manager events using Windows event logging
delete user’s data folder and registry keys when the agent is shut down
enable users to cancel credential storage when a new application is detected
limit the number of days to keep track of deleted credentials
Synchronization
allow users to update agent settings
synchronize every time users launch recognized applications or Logon Manager
allow Password Manager Plugin to operate when unable to reconnect to central store
specify the time between automatic synchronization requests
allow user credentials to be accessed through the Credential Synchronization Module
Account Association
allow users to associate accounts
provide default service address
allow users to edit service address
provide default domain
allow users to edit domain
allow users to remember password
Application Support
detect client-side application definitions
enable support for terminal emulators
time interval in which the agent checks the terminal emulator for changes
number of domain name levels to match
Hot Desktop
session settings script path
lock time-out
session time-out
enable session indicator
enable graphic
Licensing
license server name
use default value (for license server port number)
named user licensing (Enterprise and Advanced Editions only)
concurrent user licensing (Enterprise and Platinum Editions only)
allow license to be consumed for offline use
continue without validating licensing information
Data Protection Methods
do you need to regulate account administrator access to user data?
for improved user experience upon logon events, please select all data protection methods that apply
users’ authentication data
allow smart card PINs
allow protection using blank passwords
Microsoft Data Protection API
Smart Card Certificate
Use data protection as in Password Manager 4.1 and previous versions
Secondary Data Protection
prompt users to verify identity
prompt user to enter the previous password
prompt user to select the method: previous password or security questions
do not prompt users; restore primary data protection automatically over the network
Self-Service Features
allow users to reset their primary domain password
allow users to unlock their domain account
Key Management Module
service location (Key Management Module)
Provisioning Module
use provisioning
service location (Provisioning Module)
Application Definitions
Application Forms
agent submits this form automatically
Application Icon
application icon
Advanced Detection
process only the first logon for this application
process only the first password change for this application
Password Expiration
run script when password expires
use Citrix Password Manager expiration warning
Password Policies
Basic Password Rules
minimum password length
maximum password length
maximum number of times a character can occur
maximum number of times the same character can occur sequentially
Alphabetic Character Rules
allow lowercase characters
password can begin with a lowercase character
password can end with a lowercase character
minimum number of lowercase characters required
allow uppercase characters
password can begin with an uppercase character
password can end with an uppercase character
minimum number of uppercase characters required
Numeric Character Rules
allow numeric characters
password can begin with a numeric character
password can end with a numeric character
minimum number of numeric characters required
maximum number of numeric characters allowed
Special Character Rules
allow special characters
password can begin with a special character
password can end with a special character
minimum number of special characters required
maximum number of special characters allowed
allow special characters
Exclusion Rules
exclude the following list of characters or character groups from passwords
do not allow application user name in password
do not allow portions of application user name in password
number of characters in portions
do not allow Windows user name in password
do not allow portions of Windows user name in password
number of characters in portions
Password History and Expiration
new password must not be the same as previous password
number of previous passwords remembered
use the password expiration settings associated with the application definitions
number of days until password expires
number of days to warn user before password expires
Test Password Policy
test the compliance of a manually created password
generate a random policy-compliant password
generate and test a number of unique policy-compliant passwords
Logon Preferences
allow user to reveal password for applications
force user to re-authenticate before submitting application credentials
number of logon retries
time limit for number of retries
Password Change Wizard
allow users to choose a system-generated password or create their own password
only allow users to create their own password
only allow users to choose a system-generated password
generate a password and submit it to the application without displaying the Password Change Wizard
Application Definition Extensions
Plug-in Software Operation
Identification Extensions
To define an identification extension
Action Extensions
To define an action extension
Implementer Requirements
Enabling Logging
Virtual Key Codes for Windows, Web and Terminal Emulator-based Applications
Codes for VTabKeyN (Windows and Web)
Codes for VirtualKeyCode and VKEY (Windows and Web)
Virtual Key Codes for HLLAPI-Compliant Terminal Emulators
Account Self-Service
Using the Account Self-Service Feature
Using Licenses
To create an Account Self-Service-Only user configuration
Preparing the Computer Running the Plug-in Software
To update the Single sign-on ssoShell.exe shortcut
To add a self-service registration shortcut to the Start menu
To remove the Single sign-on shortcut
To remove the Single sign-on plug-in shortcut from the Startup folder
Single sign-on Provisioning Software Development Kit (SDK)
The Provisioning Module
Provisioning and the Plug-in Software
Provisioning Secondary Credentials
Application Groups
Error Codes
Summary of API Functions
Provisioning a Single Application - addRequest
batchRequest - Running a Batch
Deleting a Credential - deleteRequest
Deleting a User - deleteRequest
Querying for Targets - listTargetsRequest
Obtaining a List of Applications Available to a User - lookupApplicationRequest
Obtaining a List of Applications for which Credentials are Stored - lookupRequest
Retrieving Secondary Credentials - lookupRequest
Modifying a Credential - modifyRequest
Resetting a User - resetRequest
Namespace Elements
Authentication-Token Element - ctxs:authentication-token
Application Element - ctxs:application
Credential Element - ctxs:credential
XenApp for UNIX
Citrix XenApp 4.0, with Feature Pack 1, for UNIX
Citrix XenApp 4.0, with Feature Pack 1, for UNIX Readme
XenApp for UNIX Administration
Introducing XenApp for UNIX
Key Features
What’s New in Feature Pack 1 for Version 4.0?
UNIX Command-Line Conventions
Getting Started Quickly
Deploying XenApp for UNIX
Before You Begin Installing
System Requirements
Hardware Requirements
Software Requirements
SSL Relay Requirements
Euro Currency Symbol Support
Installing XenApp
Creating the Administrator Users and Group
Installing XenApp Using the Installer Script
Performing an Unattended Install
Performing an Unattended Install on Solaris
Performing an Unattended Install on HP-UX
Performing an Unattended Install on AIX
After Unattended Installation
Setting the Paths to XenApp Commands
Configuring User Access to Commands
Configuring Administrator Access to Commands
Setting the Path to the man Pages
Starting and Stopping XenApp
About Client Keyboard Support
Configuring Non-English Keyboard Support
Configuring Event Logging
Removing XenApp
What to Do Next
Introducing Server Farms
Server Farm Components
Communication between Servers in a Farm
Multiple Farms and Subnet Considerations
Integrating with Other XenApp Servers
Creating a Server Farm
Joining a Server Farm
Moving a Server to a Different Farm
Troubleshooting Joining a Server Farm
Removing a Server from a Farm
Renaming a Server
Identifying Servers in a Farm
What to Do Next
Licensing XenApp for UNIX
Licensing XenApp for UNIX: An Overview
Configuring Communication with the License Server
Publishing Applications and Desktops
Why Publish Applications?
Publishing Applications for Explicit or Anonymous Use
Publishing an Application, Shell Script, or Desktop
Publishing Applications
Publishing a Shell Script
Publishing a Desktop
Publishing a Java Application
Publishing a UNIX Command-Line Application
Publishing an Application on a UNIX Server of Different Architecture
Specifying a Working Directory for Published Applications
Publishing an Application to Accept Parameters from the Plugin
Displaying Published Application Details
Maintaining Published Applications
Changing the Settings of a Published Application
Displaying and Changing the Icon File
Specifying Default Settings for Published Applications
Configuring User Access to Published Applications
Managing the Servers that Publish an Application
Deleting a Published Application from All Servers
Enabling and Disabling Published Applications
Creating a New Published Application from Existing Details
Renaming a Published Application
Restricting Connections to Published Applications Only
Configuring an Initial Program
Publishing Preconfigured Applications for Anonymous Use
Managing Servers, Users, and Sessions
Displaying Information about Users and Sessions
Displaying More Details or Details in a Different Format
About the Display
Displaying Information about Servers on the Network
Ending a Session
Logging off from a Session
Disconnecting a Session
Connecting to a Disconnected Session
Resetting a Session
Reconnecting to Load Balanced Sessions
Shadowing a User’s Session
Starting Shadowing
About Shadowing and the Clipboard
Ending Shadowing
Sending Messages to Users
Printing
Displaying Client Printers or Printer Ports
Printing from a Command Line
Printing from Applications
Troubleshooting Printing
Connecting to a Remote Server from an ICA Session
Configuring XenApp for UNIX
Configuring the Server
Controlling Logon Settings
Setting the Number of Permitted ICA Connections
Disabling New Logons
Controlling Behavior for Disconnected or Broken Connections
Enabling or Disabling Printing for Users
Enabling or Disabling Clipboard Mapping
Providing Additional Graphics Clipboard Support
Enabling or Disabling Shadowing
Controlling Time-Out Behavior
Allowing Users to Log on without a Home Directory
Configuring Mouse-Click Feedback for High Latency Connections
Generating and Using Server Configuration Details
Screensaver Setting Recommendations
Customizing the Appearance of XenApp
Customizing the Login Screen
Changing the Window Manager
Troubleshooting the ctxwm Window Manager
Changing the Font Path
Configuring X Server Settings
Configuring Backing Store
Interactive Performance Tuning
Configuration Required for Fixes to Take Effect
Fixing the Disappearing Text Cursor Problem
Enabling the Left-Hand Keypad of SPARC Keyboards
Fixing the Disappearing X Cursor Problem
Fixing Screen Refresh Problems
Fixing NUM LOCK Problems
Fixing Java Application Splash Screen Problems
Disabling Color Cursor Support
Disabling Scrollmouse Support
Color Depth Limitations
Multimonitor Display Limitations
Advanced Topics
Configuring Anonymous Users
Displaying Anonymous User Settings
Configuring Anonymous User Settings
Changing the Number of Anonymous Users
Changing the Naming of Anonymous User Accounts
Setting an Idle Time-Out Period
Specifying a Particular Shell for Anonymous Users
Specifying User Ids for Anonymous Users
Troubleshooting Anonymous User Accounts
Configuring XenApp Security
Security Overview
Default Security Settings
Displaying Security Settings for a Function
Configuring Security Settings
To change a global security setting
To configure security for a user
To configure security for a group of users
To inherit a security setting
Examples
XenApp for UNIX and the ICA Browser Service
Controlling the Master Browser
Manipulating Master Browser Elections
Introducing a New Server
Biasing the Results of Elections
Configuring the ICA Browser
Starting and Stopping the ICA Browser
If a Server Uses Multiple Network Interface Cards
Load Balancing Published Applications
Load Balancing a Group of Servers
Tuning Load Balancing
Troubleshooting Load Balancing
Configuring ICA Gateways
Using ICA with Network Firewalls
ICA Browsing with Network Address Translation
Configuring the TCP/IP Port Number
Configuring Session Status Logging
Configuring the Operating System for a Large Number of Connections
Configuring a Solaris System
Changing the Number of Pseudo-Terminals
Increasing File Limits
Increasing the Number of Concurrent CDE Sessions
If the Database Gets Corrupted
Configuring an HP-UX System
Configuring an AIX System
Changing the Number of Pseudo-Terminals
Increasing the Number of Processes Per User
Configuring Non-English Language Support
Which Locales Provide Non-English Language Support?
Limitations of Non-English Language Support
Changing the Locale
Troubleshooting Non-English Language Support
Using the Citrix XML Service
Getting Started with the Citrix XML Service
Starting and Stopping the Citrix XML Service
Configuring the Server Port
Configuring the XML Service for Use with SSL Relay
Configuring DNS Address Resolution
Using Client Drive Mapping
Enabling Client Drive Mapping
Configuring Access to Specific Drives
To configure access to specific drives for every user
To configure access to specific drives for a particular trusted user
To configure access to specific drives for a particular untrusted user
Disabling Client Drive Mapping
Features and Limitations of Client Drive Mapping
How Does Client Drive Mapping Work?
File Names
File Permissions
File Attributes
File Formats
Troubleshooting Client Drive Mapping
Client Drive Mapping Does not Work
“Invalid Directory” or “Stale File” Error Messages
Problems Accessing and Updating Files
A File Looks Different when Displayed in an ICA Session
NFS Error Messages
Command Reference
XenApp Commands
ctx3bmouse
ctxalt
ctxanoncfg
ctxappcfg
ctxbrcfg
ctxcapture
ctxcfg
ctxconnect
ctxcreatefarm
ctxdisconnect
ctxfarm
ctxgrab
ctxjoinfarm
ctxlogoff
ctxlpr
ctxlsdcfg
ctxmaster
ctxmount
ctxmsg
ctxprinters
ctxqserver
ctxqsession
ctxquery
ctxquser
ctxreset
ctxsecurity
ctxshadow
ctxshutdown
ctxsrv
XML Service Commands
ctxnfusesrv
SSL Relay for UNIX Administration
Introducing SSL Relay
Overview of Security, SSL, and Cryptography
Understanding the Threats to Secure Communications
Using SSL to Tackle Security Threats
Comparing SSL with Citrix SecureICA
About Cryptography
Getting Started - A Summary of the Steps
To get SSL Relay up and running
What to Do Next
Planning Your SSL Relay Deployment
Choosing an Appropriate Security Solution
Obtaining a Digital Certificate
Determining the Certificates Required
Using SSL with Load Balancing
Where Do I Get Certificates From?
Configuring ctxssl Access to Commands
Generating or Renewing a Certificate
To generate a CSR file
Sending a Certificate Signing Request file to a CA
Preparing for an Attack on Your Security
Planning the Renewal of Expired Certificates
What to Do Next
Installing Digital Certificates
Protecting the Private Key
Installing a Server Certificate on a Server
To install a server certificate requested using ctxcertreq
To install a server certificate not requested using ctxcertreq
Example - the CA emails the server certificate as one file
Example - the CA emails the server certificate as two files
Installing a Root Certificate
What to Do Next
Configuring SSL Relay
To enable or disable SSL Relay
Configuring SSL Relay Ready for Use
To configure SSL Relay ready for use
To start the SSL Relay
To stop the SSL Relay
Displaying a TCP Port’s Configuration
To display summary information for all the ports
To display a particular port’s configuration
Changing the SSL Relay Configuration
To add a new TCP port
To edit a port’s configuration
To move a port’s configuration
To copy a port’s configuration
To remove a port’s configuration
Managing Your Server Certificates
To display server certificate information
To export a certificate to another server
To remove a stored certificate
SSL Relay Command Reference
ctxcertmgr
ctxcertreq
ctxsslcfg
Glossary
XenApp 5 Feature Pack for Windows Server 2003
Release Notes for XenApp 5.0 Feature Pack
Readme for XenApp 5 for Windows Server 2003
Getting Started with Citrix XenApp
Before You Begin
New Product and Feature Names
Media Kit Contents
Introducing Citrix XenApp 5
XenApp Product Editions
New Features and Changes in XenApp 5
New Features, Capabilities, and Changes in the XenApp 5 Feature Pack
XenApp Feature Overview
Hosted Application Delivery and Features
Application Streaming
Citrix Receiver and Merchandising Server
XenServer Virtualization Platform
Load Testing Services
Provisioning Services
Profile Management
Service Monitoring
SmartAuditor
Secure Application Access
Branch Optimization
Single Sign-on
EasyCall Voice Services
Workflow Studio Orchestration
Getting Up and Running with XenApp 5
Using XenApp to Manage Applications
Preparing to Create the Farm
Licensing This Release
Installing XenApp 5
Installing Additional Features
Running Mixed Farms
System Requirements for XenApp 5.0 for Windows Server 2003
Planning Your XenApp Deployment
Farm Terminology and Concepts
Farm Hardware Considerations
Remapping Drive Letters
Planning for Applications and Server Loads
Assessing Applications for XenApp Compatibility
Evaluating Application Delivery Methods
Placing Applications on Servers
Deciding How Many Farms to Deploy
Planning Infrastructure Servers
Planning the XenApp Data Store
Connecting to the Data Store
Database Server Hardware Performance Considerations
Replication Considerations
Planning for Configuration Logging and IMA Encryption
Planning for Data Collectors
Planning for WANs by Using Zones
Planning for the Web Interface and XML Broker
Planning for Application Streaming
Designing Terminal Services User Profiles
Planning for Accounts and Trust Relationships
Recommendations for Active Directory Environments
Planning for System Monitoring and Maintenance
Planning for Shadowing
Securing Delivery and Access
Planning for Supported Languages and Windows MUI Support
Planning for Passthrough Client Authentication
Planning a Successful User Experience
Integrating Other XenApp Features and Technologies
Choosing an Installation Method
XenApp Installation
Building a XenApp Farm
Preparing Your Environment
Creating a Farm
Choosing the Edition
Choosing an Installation Category
Selecting Components
Enabling and Configuring Passthrough Client Authentication
Installing the License Server
Specifying the Farm Name, Data Store, Zone, and Credentials
Enabling and Configuring IMA Encryption
Specifying the Citrix License Server
Enabling and Configuring Session Shadowing
Configuring the Citrix XML Service Port
Adding Users to the Remote Desktop Users Group
Joining a Server Farm
Upgrading or Migrating an Existing Server Farm
Provisioning Servers and Configuring XenApp
Provisioning Farm Servers
Cloning XenApp Servers
To clone a server
Configuring Infrastructure Servers After Setup
Configuring XenApp after Installation
Custom XenApp Installation
Generating an Installation Log File
Preparing for Custom XenApp Installations
Installing XenApp by Modifying Windows Installer Packages
Applying Transforms to Setup
Performing an Unattended Installation with an Answer File
XenApp Windows Installer Properties Reference
XenApp Setup Properties for Create Farm and Join Farm
CTX_ADDLOCAL
CTX_CONFIGMGR_USER
CTX_CONFIGMGR_USER_PASSWORD
CTX_CPSVC_SERVICE_USER_NAME
CTX_CPSVC_SERVICE_USER_PASSWORD
CTX_IGNORE_MCM
CTX_IMA_PROTECTION_ENABLE
CTX_MALOO_SERVICE_USER
CTX_MALOO_SERVICE_USER_PASSWORD
CTX_MF_ADD_ANON_USERS
CTX_MF_ADD_LOCAL_ADMIN
CTX_MF_CREATE_FARM_DB_CHOICE
CTX_MF_CREATE_REMOTE_DESKTOP_USERS
CTX_MF_DOMAIN_NAME
CTX_MF_ENABLE_VIRTUAL_SCRIPTS
CTX_MF_FARM_SELECTION
CTX_MF_INDIRECT_JOIN_DOMAIN_NAME
CTX_MF_INDIRECT_JOIN_PASSWORD
CTX_MF_INDIRECT_JOIN_USER_NAME
CTX_MF_JOIN_FARM_DB_CHOICE
CTX_MF_JOIN_FARM_SERVER_NAME
CTX_MF_JOIN_FARM_SERVER_PORT
CTX_MF_LIC_CHOICE_FOR_CREATE
CTX_MF_LIC_CHOICE_FOR_JOIN_OR_UPGRADE
CTX_MF_LICENSE_SERVER_NAME
CTX_MF_LICENSE_SERVER_PORT
CTX_MF_LICENSE_SERVER_PORT_DEFAULT
CTX_MF_LOCAL_DATABASE
CTX_MF_MSDE_INSTANCE_NAME
CTX_MF_NEW_FARM_NAME
CTX_MF_ODBC_DRIVER
CTX_MF_ODBC_PASSWORD
CTX_MF_ODBC_USER_NAME
CTX_MF_ONLY_LAUNCH_PUBLISHED_APPS
CTX_MF_SERVER_TYPE
CTX_MF_SHADOW_PROHIBIT_NO_LOGGING
CTX_MF_SHADOW_PROHIBIT_NO_NOTIFICATION
CTX_MF_SHADOW_PROHIBIT_REMOTE_ICA
CTX_MF_SHADOWING_CHOICE
CTX_MF_SILENT_DSNFILE
CTX_MF_USER_NAME
CTX_MF_XML_CHOICE
CTX_MF_XML_PORT_NUMBER
CTX_MF_ZONE_NAME
CTX_PROTECT_KEY_PATH
CTX_PROTECT_KEY_TYPE
CTX_PROTECT_NEW_KEY_PATH
CTX_RDP_DISABLE_PROMPT_FOR_PASSWORD
CTX_REMOVE_WI_TURNKEY
CTX_SERV_MALOO_LOGON
CTX_SERV_PRINTER_LOGON
CTX_USE_EXISTING_JRE
INSTALLDIR
REBOOT
REINSTALLMODE
XenApp Windows Setup Properties Script Examples
Data Store Database Reference
Microsoft Access Database
Microsoft SQL Server Express Database
Microsoft SQL Server Database
Oracle Database
IBM DB2 Database
Creating a DSN File for XenApp Setup
Maintaining and Recovering a XenApp Data Store
Migrating a Farm Data Store
Migrating a Farm Data Store from MSDE to SQL Server Express
XenApp Administration
Management Consoles and Other Tools
Choosing the Console or Tool to Use
To start the console
Displaying Items in the Console
The Console User Interface
Performing Tasks with the Console
To view zones
Enabling Citrix Administrators to Manage Farms Remotely
XenApp Advanced Configuration and Presentation Server Console
Managing Citrix Administrators
Delegating Tasks to Custom Administrators
Publishing Resources
Publishing Resources for Users
To publish a resource using the Publish Application wizard
To select a resource type and delivery method
To configure locations of published applications
To configure locations of published content
To disable command-line validation
Configuring Content Redirection
To enable content redirection from server to client
To configure content redirection from client to server
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Making Virtual IP Addresses Available to Applications
How Virtual IP Addressing Works
Configuring Virtual Loopback
Binding Applications
To determine whether an application needs to use virtual IP addresses
To make virtual IP addresses available to applications running in sessions
To assign virtual IP address ranges to servers
To enable application processes to use virtual IP addresses or virtual loopback
To supply client IP addresses to published applications on a server
To make a virtual loopback address available to applications running in sessions
To enable or disable virtual loopback for a farm
To configure virtual IP addresses and virtual loopback on an individual server
Working with XenApp Policies
Creating XenApp Policies
Applying XenApp Policies
Configuring Policy Rules
To configure policy rules
Using Multiple Policies
Using Citrix policies with Active Directory
Prioritizing Policies and Creating Exceptions
Determining Which Policies Apply to a Connection
Resolving Search Results that Partially Match Criteria
Troubleshooting Policies with Conflicting Rules
Disabling, Reenabling, and Deleting Policies
Changing Settings Based on User Location
Configuring Policies and Filters for Web Access
Enabling Scanners and Other TWAIN Devices
To enable TWAIN redirection
Managing Session Environments and Connections
Defining User Environments in XenApp
Controlling the Appearance of User Logons
Controlling Access to Devices and Ports
Mapping Client Drives
Mapping Client COM Ports and Audio
Configuring Audio for User Sessions
To enable or disable audio for published applications
Limiting Bandwidth for Audio Throughput
To configure audio compression and output quality
Enabling Support for Microphones and Speakers
Setting Up for Digital Dictation Devices
Ensuring Session Continuity for Mobile Workers
Maintaining Session Activity
Configuring Session Reliability
Configuring Automatic Client Reconnection
Configuring ICA Keep-Alive
Managing and Monitoring XenApp Sessions
Monitoring Session Status
Viewing User Sessions
Viewing User Sessions with the Shadow Taskbar
To view user sessions with the console
Enabling Logging for Shadowing
Enabling User-to-User Shadowing with Policies
Managing User Sessions
To terminate processes in a user’s session
To display session properties
To connect to a user’s session from Program Neighborhood
To reset a session
To log off from a session
To send a message to one or more users
Controlling Client Connections in XenApp
Preventing Specific Client Connection Types
Specifying Connection Limits
Limiting Connections to a Server Farm
Sharing Sessions and Connections
Limiting Application Instances
Logging Connection Denial Events
Controlling Connections with Terminal Services Configuration
Preventing User Connections during Farm Maintenance
Optimizing User Sessions for XenApp
Optimizing Web Page and Email Responsiveness
Effects of Restricting Animations in Internet Explorer
SpeedScreen Browser Acceleration Limitations
Configuring SpeedScreen Browser Acceleration
Optimizing Audio and Video Playback
Configuring SpeedScreen Multimedia Acceleration
Optimizing Flash Animations
Optimizing Throughput of Image Files
Optimizing Display of Image Files
Optimizing Keyboard and Mouse Responsiveness
Configuring SpeedScreen Latency Reduction
Adjusting SpeedScreen Latency Reduction for an Application
To configure latency reduction settings for input fields in an application
To create exception entries for non-standard input fields in an application
Configuring ICA Display Settings
To configure ICA browser settings for a server
Securing Server Farms
Securing Access to Your Servers
Securing the Data Store
Securing Client-Server Communications
Using SecureICA
Enabling SSL/TLS Protocols
To configure session data encryption
To set a policy for ICA encryption
Configuring SSL/TLS Between Servers and Clients
Task Summary for Implementing SSL Relay
Obtaining and Installing Server and Root SSL Certificates
Choosing an SSL Certificate Authority
Acquiring a Signed SSL Certificate and Password
To enable the SSL Relay and select the relay credentials
Using the SSL Relay with the Microsoft Internet Information Service (IIS)
Configuring the Relay Port and Server Connection Settings
To add a server to the destination server list
To change the port for a server listed in the destination server list
To run the SSL Relay on port 443 without using HTTPS
Configuring the Ciphersuites Allowed by the SSL Relay
Using the Secure Gateway
Using the Secure Ticket Authority
Securing Network Communications
Configuring TCP Ports
Using Proxy Servers
Configuring Authentication for Workspace Control
Using Smart Cards with Citrix XenApp
Smart Card Requirements
Configuring XenApp for Smart Cards
Configuring Kerberos Logon
To enable Citrix XML Service DNS address resolution
To disable Kerberos logon to a server
Logging Administrative Changes to a XenApp Farm
Setting up the Configuration Logging Database
Defining Database Permissions for Configuration Logging
To configure the connection to the Configuration Logging database using the Configuration Logging Database wizard
To configure a SQL Server database for configuration logging
To configure an Oracle database for configuration logging
To set Configuration Logging properties
Delegating the Administration of Configuration Logging
To view Configuration Logging properties
Clearing Entries from the Configuration Logging Database
Generating Configuration Logging Reports
Encrypting Sensitive Configuration Logging Data
Copying the key to a local computer
To generate a key and enable IMA encryption on the first server in a farm
To load a key on subsequent servers in the farm
To store the key on a network location
Changing Farms
Enabling IMA Encryption Features
XenApp Service Account Privileges
Maintaining Server Farms
Displaying and Organizing Your Farm
Organizing Your Farm Display in the Console
To configure general farm properties
To search for objects in your farm
Connecting to a Remote Server Console
To connect to a server’s published desktop
To connect directly to a server's desktop
To limit the number of server connections per user
To disable and re-enable server logons
Enabling Local Browsers with Published Applications
Restarting Servers at Scheduled Times
To repair a XenApp installation
Changing XenApp Farm Membership
Removing and Reinstalling XenApp
To uninstall XenApp
To force the uninstallation of XenApp
To remove a server from the farm
To rename a XenApp server
Monitoring Server Performance with Health Monitoring & Recovery
Enabling and Disabling Health Monitoring & Recovery
Modifying Health Monitoring & Recovery Test Settings
To modify the Health Monitoring & Recovery Tests settings for farms or a server
Adding Health Monitoring & Recovery Tests
Developing Custom Health Monitoring & Recovery Tests
Getting Health Monitoring & Recovery Alerts
Using Citrix Performance Monitoring Counters
Optimizing Server Performance
Managing CPU Usage
Enabling CPU Utilization Management
Managing Virtual Memory Usage
Enabling Memory Utilization Management
Scheduling Virtual Memory Optimization
To create a memory optimization schedule
Excluding Applications from Memory Optimization
To exclude additional applications from memory optimization
Optimizing Simultaneous Logon Performance
Managing Farm Infrastructure
Maintaining the Local Host Cache
Tuning Local Host Cache Synchronization
Refreshing the Local Host Cache
Recreating the Local Host Cache
Data Collectors and Elections
Specifying Backup Data Collectors
Enhancing the Performance of a Remote Group of Servers
To configure zones in your farm
Updating Citrix License Server Settings
To specify a default license server for a farm
To specify a license server for individual servers
To set the product edition
Setting the Citrix XML Service Port
To configure the Citrix XML Service port for a server
To manually change the XML Service port to use a port different from IIS after installation
To manually configure Citrix XML Service to share the TCP port with IIS
Understanding XenApp Printing
Introduction to Windows Printing Concepts
Local and Remote Print Job Spooling
XenApp Printing Concepts
Overview of Client and Network Printing Pathways
Provisioning Printers for Sessions
Auto-Creating Client Printers
Auto-Creating Network Printers
Letting Users Provision Their Own Printers
Device or Session-Based Print Settings
Device-Based Print Settings
Controlling Printing Settings and User Preferences
Setting Default Printers
Printing and Mobile Workers
Optimizing Printing Performance by Routing
Managing Printer Drivers
Planning Your Printing Configuration
Default Printing Behavior
Printing Policy Configuration
Printing Security
Purchasing Printing Hardware
Configuring and Maintaining XenApp Printing
Configuring Printing
Configuring Printer Autocreation Settings
Configuring Citrix Universal Printing
Configuring Auto-Creation for DOS and Windows CE Clients
Configuring Network Printers for Users
To import printers from a network print server
To import printers from other domains
To assign printers using the Session printers policy rule
To add a network printer while configuring the Session printers rule
To specify a default printer for a session
To edit the printer settings in the sessions policy
To configure server local printers
Configuring Printers for Mobile Workers
Changing Network Print Job Routing
Providing Tools for User Provisioning
To store users’ printer properties
To synchronize properties from the printer
Controlling Printer Driver Automatic Installation
Configuring Universal Printer Drivers on Farm Servers
Mapping Client Printer Drivers
Increasing Printing Speed and Session Performance
Updating Network Print Server Information
Replicating Printer Drivers Across a Farm
Replicating Printer Drivers Manually
Replicating Printer Drivers Automatically
Displaying Printers
Displaying Printers Using the Network Printing Pathway
Displaying Printers Using the Client Printing Pathway
Displaying Drivers
XenApp Commands Reference
ACRCFG
ALTADDR
APP
AUDITLOG
CHANGE CLIENT
CHFARM
To move a server to a new server farm using SQL Server Express
CTXKEYTOOL
CTXXMLSS
DRIVEREMAP
DRIVEREMAP64
DSCHECK
DSMAINT
ENABLELB
ICAPORT
IMAPORT
MIGRATETOSQLEXPRESS
QUERY FARM
QUERY PROCESS
QUERY SESSION
QUERY TERMSERVER
QUERY USER
TWCONFIG
Policy Rules Reference
Policy Rules: Quick Reference Table
Bandwidth Folder
Visual Effects Folder
SpeedScreen Folder
Session Limits and Session Limits (%) Folder
Client Devices Folder
Resources Folder
Audio Folder
Drives Folder
Optimize Folder
Other Folder
Ports Folder
PDA Devices folder
Maintenance Folder
Printing Folder
Client Printers Folder
Drivers Folder
User Workspace Folder
Connections Folder
Content Redirection Folder
Shadowing Folder
Configuring User Shadowing
Permissions to Shadow Users
Time Zones Folder
Citrix Password Manager Folder
Streamed Applications Folder
Security and Encryption Folders
Performance Counters Reference
Citrix CPU Utilization Mgmt User Counters
Citrix IMA Networking Counters
Citrix Licensing Counters
Citrix MetaFrame Presentation Server Counters
ICA Session Counters
Secure Ticket Authority Counters
Application Streaming
Components for Application Streaming
Creating Application Profiles
Targets Overview
Service Pack Level
System Drive Letter
Operating System Language
Managing Isolation Environment Rules
Types of Isolation Environment Rules
Restrictions and Limitations for Rules
Creating Isolation Environment Rules for a Target
To create an isolation environment rule
To modify a rule
Using Environment Variables to Construct Rules
Preparing a Workstation for Profiling Applications
Known Limitations for Profiling
To install the profiler
To start the profiler
To disable and enable profile signing
Creating a Profile and Its Initial Target
To create a profile and target
To install multiple applications through Advanced Install
To set user profile security
To install Internet Explorer plug-ins
To include files and folders in a target
To include registry settings
To choose an installation program for the application
To run an application in the profiler
To select applications for listing in the profile
To sign a profile
Editing Profiles
To view profile information
To edit the profile name, description, or location
To view details about applications in a profile
To view File Type Associations set in a profile
To check for launch prerequisites
To check for prerequisite registry entries
To check prerequisite applications and files
To specify pre-launch and post-exit scripts
To add a target to a profile
To resolve target conflicts
To delete a folder from a profile
To delete a target from a profile
To resolve invalid shortcuts
Editing Targets
To edit the target name and description
To modify the application properties in the target
To modify the operating system and language properties of a target
To check for launch prerequisites for a target
To specify pre-launch and post-exit scripts for a target
To update a target
To remove an old version of an updated target
Profile Contents on the Server
Manifest File
Targets
Digital Signature
Icons
Scripts
Managing Streamed Applications
Publishing Streamed Applications
Streaming Applications to Client Devices
Accessing Applications from a XenApp Server
To publish an application for streaming
To select a streaming delivery method
To specify a farm-wide policy for delivery
To enable event logging and a trust relationship to the client
Configuring Offline Access
To set the license period for offline users
To renew offline licenses
Indirect Membership to the Offline Access User List
Experiencing Offline Access
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Managing the XenApp Streaming Plug-in
XenApp Streaming Plug-in Overview
Managing the XenApp Streaming Plug-in
To install the XenApp Streaming Plug-in
To configure the cache size of the streaming plug-in
To deploy the XenApp Streaming Plug-in
To configure an .MSI package using transforms
To deploy the XenApp Streaming Plug-in to client devices through Active Directory
To deploy applications to client devices
To clear the streamed application cache on user devices
Enterprise Management
Management Pack for Microsoft Operations Manager 2000
Management Pack for Microsoft Operations Manager 2005
Management Pack Features
The Management Pack and the Providers
Citrix Views in the Management Pack
Health Monitoring Views
Discovery Views
Deployment Topology View
State View: the Citrix Server and Citrix Licensing Roles
XenApp Managed and Unmanaged Computers
About Citrix Computer Groups
To install or upgrade the Management Pack for MOM 2005
Management Pack Post-Installation Tasks
Security Considerations for the Management Pack
Troubleshooting Query Errors in MOM
Configuring Topology Discovery
To specify server farm and zone computer groups
To configure Citrix Administrators as MOM operators
To change the format of net send messages
Configuring and Enabling Site-specific Rules for MOM 2005
Too Many Disconnected Sessions
Idle Sessions
Too Many Active Sessions
Sample Published Application Load
To open the Access Management Console from the MOM Operator Console
To change the Access Management Console path with the MOM Administrator Console
Installation Manager
Network Manager for Citrix Presentation Server
Resource Manager
Managing Providers and WMI
XenApp Provider Overview
Licensing Provider Overview
Installing the XenApp Provider
Installing the Licensing Provider
Starting the Provider Services
Security Considerations
Uninstalling the Providers
WMI Schema
XenApp Provider WMI Schema (Part 1 of 3)
XenApp Provider WMI Schema (Part 2 of 3)
XenApp Provider WMI Schema (Part 3 of 3)
Citrix Licensing Provider WMI Schema
Load Manager
Working with Load Manager Rules
List of Load Manager Rules
Working with Load Evaluators
Viewing and Modifying Load Evaluator Properties
Creating Load Evaluators
Assigning Load Evaluators to Servers and Applications
Copying Load Evaluators
Deleting Load Evaluators
Scheduling Server Availability
Monitoring Server Loads
Logging Load Manager Activity
Setting the Frequency of Information Updates
Viewing Usage Reports
Secure Gateway
Citrix XenApp Components That Work with Secure Gateway
Secure Gateway Features
System Requirements for Secure Gateway
System Hardware Requirements
Citrix Products Compatibility with Secure Gateway
Certificate Requirements
Planning a Secure Gateway Deployment
Deploying the Secure Gateway in a Single-Hop DMZ
Running the Web Interface behind the Secure Gateway in the Demilitarized Zone
Locking Down Internet Information Services
Running the Web Interface Parallel with the Secure Gateway
Setting Up the Web Interface and the Secure Gateway in a Single-Hop Demilitarized Zone
Deploying the Secure Gateway in a Double-Hop DMZ
Setting Up the Secure Gateway and the Secure Gateway Proxy in a Double-Hop DMZ
Publishing the Web Address for the Secure Gateway in a Double-Hop Demilitarized Zone
Setting Up and Testing a Server Farm
Installing the Secure Ticket Authority
Testing Your Deployment
Installing and Configuring the Secure Gateway and Secure Gateway Proxy
Upgrading Secure Gateway or Secure Gateway Proxy
Using Firewall Software with the Secure Gateway or Secure Gateway Proxy
Installing the Secure Gateway or Secure Gateway Proxy
To install the Secure Gateway or Secure Gateway Proxy
Configuring the Secure Gateway or Secure Gateway Proxy
To start the configuration wizard manually
To select a configuration level (Secure Gateway)
To select a configuration level (Secure Gateway Proxy)
Task Summary for Secure Gateway, Advanced or Standard Configuration
Task Summary for Secure Gateway Proxy, Advanced or Standard Configuration
To select a server certificate
To configure secure protocol settings
To configure inbound client connections
To configure outbound connections
To configure an access control list for outbound connections
To configure servers running the Secure Gateway Proxy
To add the Secure Ticket Authority details
To configure connection parameters
To configure logging exclusions
To add the Web Interface server details
To configure the logging parameters
To complete the configuration
To stop the Secure Gateway/Secure Gateway Proxy service
To uninstall the Secure Gateway
Managing the Secure Gateway
Viewing Session and Connection Information with the Secure Gateway Console
Viewing Secure Gateway Performance Statistics
To view the Secure Gateway performance statistics
Performance Counters Available for the Secure Gateway
Generating the Secure Gateway Diagnostics Report
Viewing the Secure Gateway Events
Viewing the Secure Gateway Access Logs
Secure Gateway Configuration Wizard
Secure Gateway Optimization and Security Guidelines
Configuring Firewalls for the Secure Gateway
Ensuring High Availability of the Secure Gateway
Load Balancing Multiple Secure Gateway Servers
Load Balancing an Array of the Secure Gateway Proxy
Certificate Requirements for Load Balancing Secure Gateway Servers
Using Load Balancers and SSL Accelerator Cards with Secure Gateway Servers
Coordinating Keep-Alive Values Between the Secure Gateway and Citrix XenApp
Setting Connection Keep-Alive Values and the Secure Gateway
Improving Security (Recommendations)
Preventing Indexing by Search Engines
Troubleshooting the Secure Gateway
To check your certificates
Client Connections Launched from IP Addresses in the Logging Exclusions List Fail
Load Balancers Do Not Report Active Client Sessions if Connections Are Idle
Performance Issues with Transferring Files Between a Client Device and a Citrix XenApp Server
Gateway Client Connections Fail When Using Windows XP Service Pack 2
Failed Client Connections to the Secure Gateway Result in Duplicate Entries in the Secure Gateway Log
Placing the Secure Gateway Behind a Reverse Web Proxy Causes an SSL Error 4
Run the Secure Gateway Parallel to the Reverse Web Proxy
Use a Network Address Translator Instead of a Reverse Web Proxy
Digital Certificates and the Secure Gateway
Understanding Cryptography
Types of Cryptography
Combining Public Key and Secret Key Cryptography
Understanding Digital Certificates and Certificate Authorities
Certificate Chains
Certificate Revocation Lists
Deciding Where to Obtain Certificates
Obtaining and Installing Server Certificates
Obtaining and Installing Root Certificates
Support for Wildcard Certificates with the Secure Gateway
Using the Secure Gateway Proxy in Relay Mode
Modes of Operation for the Secure Gateway Proxy
How Relay Mode Works
Installing the Secure Gateway Proxy in Relay Mode
To install the Secure Gateway Proxy in relay mode
To configure the Secure Gateway in relay mode
Configuring Plug-ins for Secure Gateway
To configure plug-in connections to the Secure Gateway Proxy
To configure all application sets for the plug-in to connect to the Secure Gateway Proxy
To test the Secure Gateway relay mode
To start or stop the Secure Gateway Proxy Service manually
SmartAuditor
Example Usage Scenarios
Getting Started with SmartAuditor
Planning Your Deployment
Security Recommendations
Installing Certificates
Scalability Considerations
Important Deployment Notes
Pre-Installation Checklist
To install SmartAuditor
Automating Installations
Uninstalling SmartAuditor
To configure SmartAuditor to play and record sessions
Granting Access Rights to Users
Creating and Activating Recording Policies
Using System Policies
Creating Custom Policies
To create a new policy
To modify a policy
To delete a policy
To activate a policy
Understanding Rollover Behavior
To disable or enable recording
To configure the connection to the SmartAuditor Server
Creating Notification Messages
Enabling Custom Event Recording
To enable or disable live session playback
To enable or disable playback protection
To enable and disable digital signing
To specify where recordings are stored
Specifying File Size for Recordings
Viewing Recordings
To launch the SmartAuditor Player
To open and play recordings
To search for recorded sessions
To play recorded sessions
To use events and bookmarks
To change the playback display
To display or hide window elements
To cache recorded session files
To change SmartAuditor Servers
Troubleshooting SmartAuditor
Verifying Component Connections
Testing IIS Connectivity
Troubleshooting Certificate Issues
SmartAuditor Agent Cannot Connect
SmartAuditor Server Cannot Connect to the SmartAuditor Database
Sessions are not Recording
Searching for Recordings in the Player Fails
Troubleshooting MSMQ
Unable to View Live Session Playback
To change your communication protocol
Reference: Managing Your Database Records
Glossary
XenApp 5 Feature Pack 2 for Windows Server 2003
Readme for XenApp 5 Feature Pack 2 for Windows Server 2003
Getting Started with XenApp 5 Feature Pack 2
Media Kit Contents
Introducing Citrix XenApp 5
XenApp 5 Feature Pack 2 Product Editions and Features
New Features in XenApp 5 Feature Pack 2
XenApp Feature Overview
Hosted Application Delivery and Features
Service Monitoring
Application Streaming
Branch Optimization
Citrix Online Plug-in
Citrix Receiver and Merchandising Server
EasyCall Voice Services
Load Testing Services
Profile Management
Provisioning Services
Secure Application Access
Single Sign-on
SmartAuditor
Workflow Studio Orchestration
XenServer Virtualization Platform
Getting Up and Running with XenApp 5
Building a XenApp Farm
Licensing This Release
Installing Additional Features
System Requirements for XenApp 5 Feature Pack 2 for Windows Server 2003
Planning Your XenApp Deployment
Farm Terminology and Concepts
Farm Hardware Considerations
Remapping Drive Letters
Planning for Applications and Server Loads
Assessing Applications for XenApp Compatibility
Evaluating Application Delivery Methods
Placing Applications on Servers
Deciding How Many Farms to Deploy
Planning Infrastructure Servers
Planning the XenApp Data Store
Connecting to the Data Store
Database Server Hardware Performance Considerations
Replication Considerations
Planning for Configuration Logging and IMA Encryption
Planning for Data Collectors
Planning for WANs by Using Zones
Planning for the Web Interface and XML Broker
Planning for Application Streaming
Designing Terminal Services User Profiles
Planning for Accounts and Trust Relationships
Recommendations for Active Directory Environments
Planning for System Monitoring and Maintenance
Planning for Shadowing
Securing Delivery and Access
Planning for Supported Languages and Windows MUI Support
Planning for Passthrough Client Authentication
Planning a Successful User Experience
Integrating Other XenApp Features and Technologies
Choosing an Installation Method
XenApp Installation
Building a XenApp Farm
Preparing for XenApp Installation
Creating a Farm
Specifying the Data Store Database and the Zone Name
Enabling and Configuring IMA Encryption
Enabling and Configuring Session Shadowing
Configuring the Citrix XML Service Port
Adding Users to the Remote Desktop Users Group
Joining a Server Farm
Upgrading or Migrating an Existing Server Farm
Provisioning Servers and Configuring XenApp
Provisioning Farm Servers
Cloning XenApp Servers
To clone a server
Configuring Infrastructure Servers After Setup
Configuring XenApp after Installation
Custom XenApp Installation
Generating an Installation Log File
Preparing for Custom XenApp Installations
Installing XenApp by Modifying Windows Installer Packages
Applying Transforms to Setup
Performing an Unattended Installation with an Answer File
XenApp Windows Installer Properties Reference
XenApp Setup Properties for Create Farm and Join Farm
CTX_ADDLOCAL
CTX_CONFIGMGR_USER
CTX_CONFIGMGR_USER_PASSWORD
CTX_CPSVC_SERVICE_USER_NAME
CTX_CPSVC_SERVICE_USER_PASSWORD
CTX_IGNORE_MCM
CTX_IMA_PROTECTION_ENABLE
CTX_MALOO_SERVICE_USER
CTX_MALOO_SERVICE_USER_PASSWORD
CTX_MF_ADD_ANON_USERS
CTX_MF_ADD_LOCAL_ADMIN
CTX_MF_CREATE_FARM_DB_CHOICE
CTX_MF_CREATE_REMOTE_DESKTOP_USERS
CTX_MF_DOMAIN_NAME
CTX_MF_ENABLE_VIRTUAL_SCRIPTS
CTX_MF_FARM_SELECTION
CTX_MF_INDIRECT_JOIN_DOMAIN_NAME
CTX_MF_INDIRECT_JOIN_PASSWORD
CTX_MF_INDIRECT_JOIN_USER_NAME
CTX_MF_JOIN_FARM_DB_CHOICE
CTX_MF_JOIN_FARM_SERVER_NAME
CTX_MF_JOIN_FARM_SERVER_PORT
CTX_MF_LIC_CHOICE_FOR_CREATE
CTX_MF_LIC_CHOICE_FOR_JOIN_OR_UPGRADE
CTX_MF_LICENSE_SERVER_NAME
CTX_MF_LICENSE_SERVER_PORT
CTX_MF_LICENSE_SERVER_PORT_DEFAULT
CTX_MF_LOCAL_DATABASE
CTX_MF_MSDE_INSTANCE_NAME
CTX_MF_NEW_FARM_NAME
CTX_MF_ODBC_DRIVER
CTX_MF_ODBC_PASSWORD
CTX_MF_ODBC_USER_NAME
CTX_MF_ONLY_LAUNCH_PUBLISHED_APPS
CTX_MF_SERVER_TYPE
CTX_MF_SHADOW_PROHIBIT_NO_LOGGING
CTX_MF_SHADOW_PROHIBIT_NO_NOTIFICATION
CTX_MF_SHADOW_PROHIBIT_REMOTE_ICA
CTX_MF_SHADOWING_CHOICE
CTX_MF_SILENT_DSNFILE
CTX_MF_USER_NAME
CTX_MF_XML_CHOICE
CTX_MF_XML_PORT_NUMBER
CTX_MF_ZONE_NAME
CTX_PROTECT_KEY_PATH
CTX_PROTECT_KEY_TYPE
CTX_PROTECT_NEW_KEY_PATH
CTX_RDP_DISABLE_PROMPT_FOR_PASSWORD
CTX_REMOVE_WI_TURNKEY
CTX_SERV_MALOO_LOGON
CTX_SERV_PRINTER_LOGON
CTX_USE_EXISTING_JRE
INSTALLDIR
REBOOT
REINSTALLMODE
XenApp Windows Setup Properties Script Examples
Data Store Database Reference
Microsoft Access Database
Microsoft SQL Server Express Database
Microsoft SQL Server Database
Oracle Database
IBM DB2 Database
Creating a DSN File for XenApp Setup
Maintaining and Recovering a XenApp Data Store
Migrating a Farm Data Store
Migrating a Farm Data Store from MSDE to SQL Server Express
XenApp Administration
Management Consoles and Other Tools
Choosing the Console or Tool to Use
To start the console
Displaying Items in the Console
The Console User Interface
Performing Tasks with the Console
To view zones
Enabling Citrix Administrators to Manage Farms Remotely
XenApp Advanced Configuration and Presentation Server Console
Managing Citrix Administrators
Delegating Tasks to Custom Administrators
Publishing Resources
Publishing Resources for Users
To publish a resource using the Publish Application wizard
To select a resource type and delivery method
To configure locations of published applications
To configure locations of published content
To disable command-line validation
Configuring Content Redirection
To enable content redirection from server to client
To configure content redirection from client to server
Managing Application Properties
To rename a published application
To configure locations of servers for published resources
To specify locations of applications for streaming
To enable an application for offline access
To configure user access to applications
Granting Access to Explicit or Anonymous Users
To configure shortcuts for user devices
To configure access controlled by the Access Gateway
To associate published applications with file types
To update file type associations
To configure alternate profiles
To pass parameters to published applications
To reduce user privileges for a streamed application
To configure application limits and importance
To configure audio and encryption options for published applications
To configure application appearance
To disable or enable a published application
To delete a published application
To move a published application to another folder
To duplicate published application settings
To export published application settings to a file
To import published application settings from a file
Making Virtual IP Addresses Available to Applications
How Virtual IP Addressing Works
Configuring Virtual Loopback
Binding Applications
To determine whether an application needs to use virtual IP addresses
To make virtual IP addresses available to applications running in sessions
To assign virtual IP address ranges to servers
To enable application processes to use virtual IP addresses or virtual loopback
To supply client IP addresses to published applications on a server
To make a virtual loopback address available to applications running in sessions
To enable or disable virtual loopback for a farm
To configure virtual IP addresses and virtual loopback on an individual server
Working with XenApp Policies
Creating XenApp Policies
Applying XenApp Policies
Configuring Policy Rules
To configure policy rules
Using Multiple Policies
Using Citrix policies with Active Directory
Prioritizing Policies and Creating Exceptions
Determining Which Policies Apply to a Connection
Resolving Search Results that Partially Match Criteria
Troubleshooting Policies with Conflicting Rules
Disabling, Reenabling, and Deleting Policies
Changing Settings Based on User Location
Configuring Policies and Filters for Web Access
Enabling Scanners and Other TWAIN Devices
To enable TWAIN redirection
Managing Session Environments and Connections
Defining User Environments in XenApp
Controlling the Appearance of User Logons
Controlling Access to Devices and Ports
Mapping Client Drives
Mapping Client COM Ports and Audio
Configuring Audio for User Sessions
To enable or disable audio for published applications
Limiting Bandwidth for Audio Throughput
To configure audio compression and output quality
Enabling Support for Microphones and Speakers
Setting Up for Digital Dictation Devices
Ensuring Session Continuity for Mobile Workers
Maintaining Session Activity
Configuring HDX Broadcast Session Reliability
Configuring Automatic Client Reconnection
Configuring HDX Broadcast Keep-Alive
Managing and Monitoring XenApp Sessions
Monitoring Session Status
Viewing User Sessions
Viewing User Sessions with the Shadow Taskbar
To view user sessions with the console
Enabling Logging for Shadowing
Enabling User-to-User Shadowing with Policies
Managing User Sessions
To terminate processes in a user’s session
To display session properties
To connect to a user’s session from Program Neighborhood
To reset a session
To log off from a session
To send a message to one or more users
Controlling Client Connections in XenApp
Preventing Specific Client Connection Types
Specifying Connection Limits
Limiting Connections to a Server Farm
Sharing Sessions and Connections
Limiting Application Instances
Logging Connection Denial Events
Controlling Connections with Terminal Services Configuration
Preventing User Connections during Farm Maintenance
Optimizing User Sessions for XenApp
Optimizing Web Page and Email Responsiveness
Effects of Restricting Animations in Internet Explorer
HDX 3D Browser Acceleration Limitations
Configuring HDX 3D Browser Acceleration
Optimizing Audio and Video Playback
Configuring HDX MediaStream Multimedia Acceleration
Optimizing Flash Content
Optimizing Throughput of Image Files
Optimizing Display of Image Files
Optimizing Keyboard and Mouse Responsiveness
Configuring SpeedScreen Latency Reduction
Adjusting SpeedScreen Latency Reduction for an Application
To configure latency reduction settings for input fields in an application
To create exception entries for non-standard input fields in an application
Configuring HDX Broadcast Display Settings
To configure HDX Broadcast browser settings for a server
Securing Server Farms
To prevent users from pasting from the server clipboard
Securing Access to Your Servers
Securing the Data Store
Securing Client-Server Communications
Using SecureICA
Enabling SSL/TLS Protocols
To configure session data encryption
To set a policy for ICA encryption
Configuring SSL/TLS Between Servers and Clients
Task Summary for Implementing SSL Relay
Obtaining and Installing Server and Root SSL Certificates
Choosing an SSL Certificate Authority
Acquiring a Signed SSL Certificate and Password
To enable the SSL Relay and select the relay credentials
Using the SSL Relay with the Microsoft Internet Information Service (IIS)
Configuring the Relay Port and Server Connection Settings
To add a server to the destination server list
To change the port for a server listed in the destination server list
To run the SSL Relay on port 443 without using HTTPS
Configuring the Ciphersuites Allowed by the SSL Relay
Using the Secure Gateway
Using the Secure Ticket Authority
Securing Network Communications
Configuring TCP Ports
Using Proxy Servers
Configuring Authentication for Workspace Control
Using Smart Cards with Citrix XenApp
Smart Card Requirements
Configuring XenApp for Smart Cards
Configuring Kerberos Logon
To enable Citrix XML Service DNS address resolution
To disable Kerberos logon to a server
Logging Administrative Changes to a XenApp Farm
Setting up the Configuration Logging Database
Defining Database Permissions for Configuration Logging
To configure the connection to the Configuration Logging database using the Configuration Logging Database wizard
To configure a SQL Server database for configuration logging
To configure an Oracle database for configuration logging
To set Configuration Logging properties
Delegating the Administration of Configuration Logging
To view Configuration Logging properties
Clearing Entries from the Configuration Logging Database
Generating Configuration Logging Reports
Encrypting Sensitive Configuration Logging Data
Copying the key to a local computer
To generate a key and enable IMA encryption on the first server in a farm
To load a key on subsequent servers in the farm
To store the key on a network location
Changing Farms
Enabling IMA Encryption Features
XenApp Service Account Privileges
Maintaining Server Farms
Displaying and Organizing Your Farm
Organizing Your Farm Display in the Console
To configure general farm properties
To search for objects in your farm
Connecting to a Remote Server Console
To connect to a server’s published desktop
To connect directly to a server's desktop
To limit the number of server connections per user
To disable and re-enable server logons
Enabling Local Browsers with Published Applications
Restarting Servers at Scheduled Times
To repair a XenApp installation
Changing XenApp Farm Membership
Removing and Reinstalling XenApp
To uninstall XenApp
To force the uninstallation of XenApp
&n