Hotfix WI540MSI002 - For Citrix Web Interface 5.4 for Windows

Hotfix WI540MSI002 - For Citrix Web Interface 5.4 for Windows

book

Article ID: CTX130660

calendar_today

Updated On:

Description

Filename: WI540MSI002.zip
For: Web Interface 5.4 (Microsoft Internet Information Services)
For operating system requirements, see Citrix eDocs, the Citrix Product Documentation Library.

Replaces: All previous releases
Date: November, 2011
Language: English (US)
Readme version: 1.00

Readme Revision History

VersionDateChange Description
1.00November, 2011Initial release

Important Note(s)

  • Caution! This release may require you to edit the registry. Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
  • This release is based on Version 5.4 of the Web Interface. Any known issues in Version 5.4 of the product, except for the specific issues resolved in this release, still apply.

Where to Find Documentation

This document describes the issue(s) resolved by this release and includes installation instructions. For additional product information, see Citrix eDocs, the Citrix Product Documentation Library.

New Fixes in This Release

  1. As part of silent installations of the Web Interface (Run: WebInterface.exe –noui), the Citrix ICA File Signing Service fails to start.

    [From WI540MSI002 ][#253426]

  2. Attempts to customize/override the defaults of the following XenApp Web Site settings in the Delivery Services Console fail to write to the WebInterface.conf file. As a result, the custom settings are not honored. Moreover, after closing and reopening the console, the console incorrectly displays the custom settings rather than the default settings actually in place:

    • Enable Socket Pooling
    • Socket Timeout
    • Attempts made to contact the XML Service

    [From WI540MSI002 ][#254548]

  3. When using Receiver for BlackBerry 2.0, seamless applications fail to launch; only published desktops launch.

    [From WI540MSI002 ][#255124]

  4. Attempts to upgrade a Web Interface site from Version 5.3 to Version 5.4 can cause an exception in the Citrix Delivery Services Protocol Transition Service and fails with the following errors:

    • During the upgrade:
      "An error occured while attempting to upgrade the existing site at <...>. A remote invocation of the Web Interface site management utility returned an unexpected error. This site will be removed. You can recreate the site using the web interface management console."
    • When attempting to modify the configuration of the service:
      "An error occurred while attempting to modify the Protocol Transition Service configuration."
    • When attempting to create a new Web Interface site pointing to the Access Gateway and configured for smart card pass-through authentication:
      "An error occurred while attempting to upgrade the existing site at <...>. Unable to configure Access Gateway authentication: An error occurred creating the configuration section handler for citrix.deliveryservices/certficationmnager: Could not load file or assembly citrix.deliveryservices.security.configuration."
    • When attempting to manually start the service:
      "Could not start the Citrix delivery Services Protocol Transition Service service on local computer."
      "The service did not respond to Start or Control request in a timely fashion."

    [From WI540MSI002 ][#255964]

  5. In load-balanced environments, attempts by users to reauthenticate to the Web Interface fails unless the users clear their cookies and then restart their Web browser.

    [From WI540MSI002 ][#257087]

  6. Attempts to launch applications can fail when the Web Interface site is added to the Trusted Sites zone and the session window size is set to "No preference."

    [From WI540MSI002 ][#258077]

  7. This enhancement allows you to leverage Kerberos authentication for XenApp Services sites. Previously available only for XenApp Web sites, Kerberos authentication can provide significant gains in logon times, especially when using smart cards. Tests indicate that this configuration can reduce logon times from 45 seconds to around ten seconds.

    To enable this enhancement, you must perform the following steps:

    Configuring Kerberos Delegation:

    Configure the Web Interface server, the XML Broker, and the XenApp server as follows (minimal setup):

    - WI server

    • Trust this computer for delegation to specified services only
    • Use any authentication protocol
    • http/XML broker FQDN

    - XML broker

    • Trust this computer for delegation to specified services only
    • User Kerberos only
    • HOST/XML broker FQDN
    • HOST/XA server FQDN

    - XA server

    • Trust this computer for delegation to specified services only
    • Use Kerberos only
    • cifs/Domain controller FQDN
    • ldap/Domain controller FQDN
    • HOST/XML broker FQDN
    • HOST/XA server FQDN

    Note: You may need to configure additional service types for other components such as ProtectedStorage for Single sign-on.

    Configuring the Authentication Point:

    1. At the Web Interface Management Console, create the XenApp Services site and then close the console.
    2. Open the the WebInterface.conf file (located at %SystemDrive%\Inetpub\wwwroot\Citrix\PNAgent\conf) and edit the original entry on Line 45 to read :

      AuthenticationPoint=WebServer

      and then save your change.
    3. Reopen the Web Interface Management Console, and under Authentication, verify Authentication Point = At Web server and then, under Authentication Methods, select one of the following:

      - "Smart card" (if using smart card; this includes smart cards from non-domain joined clients) - or -

      - "Pass-through" with "Use Kerberos only" (if using local username and password from a domain joined client)

    [From WI540MSI002 ][#260119]

  8. Attempts to launch a published application from the Web Interface can fail and the following Javascript error message appears. The issue occurs when the parent and child frames are from different origins or domains:

    "Resource link is not available"

    [From WI540MSI002 ][#260861]

  9. A XenApp Services site configured for user roaming does not display any error message when a user enters invalid credentials.

    [From WI540MSI002 ][#261217]

  10. This is a feature enhancement to allow users to authenticate to the Web Interface using a smart card from Apple Macintosh computers.

    [From WI540MSI002 ][#LA0438]

Fixes from Replaced Hotfixes

No hotfixes were replaced by this release.

Installing This Release

  • This version is packaged as a .zip file containing the replacement WebInterface.msi file. For more information about deploying msi files, see Microsoft article 884016 or visit the Microsoft Web site and search on keyword msiexec.
  • For installation instructions, see Citrix eDocs, the Citrix Product Documentation Library.

Powered by Wolken Software