Jump to content


Photo

Citrix Single Sign-On License and Edition

Started by Waddhanak Invong , 22 November 2011 - 10:13 AM
9 replies to this topic

Waddhanak Invong Members

Waddhanak Invong
  • 21 posts

Posted 22 November 2011 - 10:13 AM

Hi, i hope you can brief me about SSO for XenApp. Now i got some questions that make me stuck to work with SSO.

*1. Citrix License: Now i use XenApp Enterprise with Evaluation. Does Single Sign-on can work with Enterprise and Evaluation license?*

2. If it can, Does Single sign-on is a separate product from XenApp? I mean it will require to buy License or product to install on another server for connect with XenApp?

I used XenApp server and want to work with SSO but so long still now working. I use Central Store NTFS network share. Now my problem is when use go to lunch application on WI, they account will log-out. On Folder People of Central store also do not cache users information when user access to application.

Could you help to clear this problem come from?

Thank,
Phearak

Attached Files



Carlos Diz Citrix Employees

Carlos Diz
  • 255 posts

Posted 22 November 2011 - 11:42 AM

Hello,

Nowadays SSO is more a XA feature than a product.

As per below you will need specific license unless you run Platinum Edition of XA

http://support.citrix.com/proddocs/topic/passwordmanager-5-0/pm-licensing-requirements-v48.html

Regarding your technical question, it might be worth to start a specific thread for it.



Waddhanak Invong Members

Waddhanak Invong
  • 21 posts

Posted 22 November 2011 - 03:35 PM

Carlos, thank for your support,

You mean that, if i want to use single sign-on i must use XA Platinum Edition, right?

If XA Enterprise Edition not work with SSO why it's feature installed during we install XenApp?
It make me confuse.

Now i want to download XA Platinum Edition to use.But on Citrix web site do not allow XA Platinum Edition to download. I want to make sure it can work well with SSO. How to to get this edition?

Please help to guide me!

Thank,



Carlos Diz Citrix Employees

Carlos Diz
  • 255 posts

Posted 22 November 2011 - 04:54 PM

Hello, I believe this is the case.

In the past you could purchase stand-alone Single Sign-on licenses, but I think this is no longer a possibility.

However Platinum license will give you more features besides SSO:

http://support.citrix.com/proddocs/topic/xenapp5fp-w2k8/ps-gs-intro-xenapp-editions.html

Edited by: Carlos Diz on Nov 22, 2011 11:54 AM



Waddhanak Invong Members

Waddhanak Invong
  • 21 posts

Posted 24 November 2011 - 09:17 AM

Hi Carlos,

Ask your advice i have install new XenApp with Platinum edition and license.

I have tried to configure SSO, but still now work.

I used NTFS Network sharing for Central Store. I have connected Sing sign-on console on XenAppCenter.

For web authentication i use explicit. When clients access to WI of XenApp its always prompt for users and password. Some time i used pass through authentication but still require users and password after user lunch application on WI.

*How to connect Clients machine to Single Sign-on Service on XenApp server?*

I want to use window authentication, we don't need to type users and password again and again on WI of XenApp.

Please help to advice solution for this case!

Thank for advance,



Carlos Diz Citrix Employees

Carlos Diz
  • 255 posts

Posted 24 November 2011 - 09:51 AM

Hi,

I believe you might be confusing SSO (Former Password Manager)
http://support.citrix.com/proddocs/topic/technologies/pm-library-wrapper.html

And SSO authentication also know as pass through authentication.
http://support.citrix.com/article/CTX368624

Using SSO 5 (former Password Manager) you will have to create an Application Definition using the application definition wizard.
Then create a User Definition for the users you want this to be applied, and assign a "Domain Policy"

If you want SSO to submit credentials to your Web Interface, I suppose you can use Password Manager for it, but you can use passthrought authentication for this.

If the above does not apply, please explain step by step the process you follow and also let's take it one authentication at a time (i.e. Web interface authentication issue might not be the same as when an application launched AFTER you have authenticated on Web Interface)



Waddhanak Invong Members

Waddhanak Invong
  • 21 posts

Posted 24 November 2011 - 02:31 PM

Dear Carlos,

you are right, i think i got confusing. But i have try in both ways but still now work. Let me tel you step by step:

1. Pass through authentication:* After i install XenApp and public application, I start configure web by use pass through authentication. On client Machine i install CitrixOnlinePluginFull.exe. than i add ADM file and Enable username and password on local GPO. When users access to WI, it will direct to public application but when user lunch application form require authentication will appear. *So why it still ask for user and pass? how to resolve it?

*2. SSO (Former Password Manager)*. After i install XenApp and public application, i started install Central store by NTFS Network Sharing. Than on AppCen of XA Server i started configure SSO console. Than i tried to add application Define wizard but this step i still not sure on what i do is correct or not but at the end i get application define. Than i start to install CintrixSSOplugin.exe for client and Server.
When client tried to access to WI, system still prompt for users and password. So how to solve it?

Please help to verify of 1 and 2, and verify of missing step for each? which is you think i should choose to do?

Thank for advance,



Carlos Diz Citrix Employees

Carlos Diz
  • 255 posts

Posted 24 November 2011 - 06:11 PM

Hello,

Since this thread belongs to the Password Manager I will go ahead with this part.

So the first thing would be to verify that password manager is well configured.

I would start creating an application definition for a simple web application that requires login (i.e. e-mail or similar)

They usually are very simple:

Username
Password
OK button

Follow
http://support.citri...rapper-v48.html

to create an application definition like this.
Use the default Form.

Once you have this application defined, you can move to the next step, and assign it to a test user.



Carlos Diz Citrix Employees

Carlos Diz
  • 255 posts

Posted 24 November 2011 - 06:11 PM

Hello,

Since this thread belongs to the Password Manager I will go ahead with this part.

So the first thing would be to verify that password manager is well configured.

I would start creating an application definition for a simple web application that requires login (i.e. e-mail or similar)

They usually are very simple:

Username
Password
OK button

Follow
http://support.citri...rapper-v48.html

to create an application definition like this.
Use the default Form.

Once you have this application defined, you can move to the next step, and assign it to a test user.


Helpful Answer

Waddhanak Invong Members
  • #10

Waddhanak Invong
  • 21 posts

Posted 26 November 2011 - 03:35 PM

Hi Carlos,

Thank for your helpful.From begin i got confused with SSO and Pass through Authentication. So i wash alot of time for it.

We have requirement for XenApp users authentication. Normally after we log in to window with AD users and if we want access to WI of XenApp we need to type user AD again. How to pass this step by users acess to publish application on WI without type AD useres again and again?* *Does SSON can fill up with my Requirement?

I have tried to use pass-through authentication call SSON. This step when we apen WI of XenApp it will direct to applcation without retype users again, but if lunch application it will prompt for users authentication again. How to solve this problem?
I have tried to solve this problem by follow with reference: http://forums.citrix.com/thread.jspa?threadID=243538&start=0&tstart=0.* At the end it still not work. Everytime I lunch application it will not prompt for users and password but my AD account was locked out. *Does we need any Hotfix?

Please help to advice me again to complete this case!

Thank for advance!

Attached Files