Jump to content


Photo

Integrate WI in AGEE Portal

Started by Enrico Klein , 24 August 2007 - 02:08 PM
19 replies to this topic

Enrico Klein Members

Enrico Klein
  • 36 posts

Posted 24 August 2007 - 02:08 PM

Hi,

I have a demo CAG8.0/NS7000 for testing and I'm trying to get my Presentation Server (WI) icons presented on the CAG portal page. I have the box setup and conencted to the internet and I can logon using my Windows AD account.
How do I get the my WI functionality in the CAG portal?

Our CAG is version NS8.0 build 47.8.

Kind regards,

Enrico Klein
Netherlands



Guest Members

Guest
  • 27 posts

Posted 24 August 2007 - 03:09 PM

Unfortunately I haven't run across a KB article on this. We had the same question during the beta. What we found out is that there's some hacking that needs to be done.

The product team wrote some scripts that can add this functionality to the NS. You'll probably have to contact Citrix support or your TRM/account manager/etc to get the scripts and instructions.

Hopefully this feature will make it into the next RTM build!



Enrico Klein Members

Enrico Klein
  • 36 posts

Posted 28 August 2007 - 09:15 AM

Hi Kerry,

thank you for your reply. I will look around some more.
What I've seen so far doesn't even come close to the portal functionality I have seen in MSAM and AAC.
I guess the VPN and Application Firewall stuff plays a more dominant role.

Kind regards,
Enrico Klein



Douglas Hall Members

Douglas Hall
  • 7 posts

Posted 28 August 2007 - 12:29 PM

Hi Enrico,

We are playing around with a CAG7000 as well. Access to the WI is fairly simple. Create a session policy and set the homepage to be the WI site you want to access and set the Secure Gateway Setting ICA Proxy to be on. Then bind that policy to the virtual server that you want. You will also need to add the relevent Secure Ticket Authority to the Secure Gateway tab of the Virtual Server.

We havent yet managed to get get a portal homepage with a WI section, a browser section and a drive mappings sections as with the Advanced Gateway.

Hope that helps

Doug



Guest Members

Guest
  • 27 posts

Posted 28 August 2007 - 01:17 PM

First, we needed a rebranded login page. Next, we needed a portal page that looked similar to AAC's portal page. Then we ran a script that Citrix made for us to copy those customized pages to the appropriate directories on the boxes (we're using an HA pair). Finally, we created a session policy that 'pointed' to this page.

The end result is that users log in via our customized login page and end up at a portal that looks similar to our AAC portal (but runs a bazillion times faster).

The pages that we ended up modifying are: /netscaler/ns_gui/vpn/index.html (this is the login page, which we customized using standard HTML editing)
/netscaler/ns_gui/vpn/images/ contains the images for our customized login page
/netscaler/ns_gui/vpns/app.html is the page that runs the ActiveX VPN component. We changed the colors, graphics, and hid the "file transfer" button.
/netscaler/ns_gui/vpns/services.html edited to redirect users to /netscaler/ns_gui/vpns/navui/homepage.html
/netscaler/ns_gui/vpns/navui/homepage.html is the portal page. We changed the title in the HEAD section and modified the layout of DIVs so the left side of the page contained our load balanced WI site and the right DIV contained the bookmark frame (/netscaler/ns_gui/vpns/portal/bookmark.html. We also used top-level tabs like AAC did to flip between a page containing OWA and the main portal page.

Now you have to create your WI site and configure it to 3 columns wide, compact view, and change the colors to match your branding of the portal.

This works, but is clumsy. Obviously Citrix needs to get an integrated WI experience into the next release of AGEE.

Until then you have to be very careful of what files you modify. If you trash some, the only 'supported' recovery mechanism is for you to mail your box back to them. The upgrade images do NOT contain any of these HTML pages. This is my way of saying 'be careful and back up all files, lest you mess yourself up'.

Last thing: if you have an HA pair, you have to make these changes on BOTH boxes. Updated files don't get automatically moved around.

I put a screenshot of the end result here: http://tinypic.com/v...hp?pic=5z227fk. I hid identifying stuff like logos and URLs, but you get the idea.

I hope this helps.



Guest Members

Guest
  • 27 posts

Posted 28 August 2007 - 01:23 PM

I forgot to mention a couple of things.

We also have a modified /netscaler/ns_gui/vpn/login.js to support our need for 2 factor authentication.

under /netscaler/ns_gui/vpns/, there's a few interesting files (fs*.html) that deal with file sharing features. If we were to add a pane to our portal for file shares, we'd probably use these as a template.

And a last comment: I have a big beef insofar as this current setup won't allow me to create a different customized portal per VServer that is hosted on the box. I'm going to have to duplicate the entire directory structure to accomplish this. Not very nice, but that's pretty much my only major complaint so far.



michael rutland Members

michael rutland
  • 2 posts

Posted 25 April 2008 - 10:40 PM

I to edited some of the very same files to get the Secure Access Gateway page to look similar to our web interface page, but when I reboot my Netscaler those files are replaced with the originals. How can I stop this from happening?

Any Ideas



Aaron Gayton Members

Aaron Gayton
  • 40 posts

Posted 26 April 2008 - 02:13 AM

Mike.

Theres no nice way to do this but if you have a look at the below support article you can copy them to a non volatile area on the cag and use a startup script to copy the modified ones over top of the original.

http://support.citrix.com/article/CTX115756

The article is for customizing the logon page fields but i'm sure it would work for you.



James Crocker Citrix Employees

James Crocker
  • 1,624 posts

Posted 26 April 2008 - 01:44 PM

This will be in the next release of AGEE (8.1).



Aaron Gayton Members
  • #10

Aaron Gayton
  • 40 posts

Posted 26 April 2008 - 09:25 PM

Any ideas when we can expect 8.1 .



Larry Hou Members
  • #11

Larry Hou
  • 2 posts

Posted 24 September 2008 - 03:54 PM

Hi,
I just read your post, and was wondering how you customized the portal per vserver. I’ve called up the tech support and the tech support said that this is not supported but some people have accomplished this in the forum. Much appreciated if you can provide a detailed instruction on how to accomplish this. Basically I just want to add a customized banner per vserver.

Thank you



Rick Rohne Members
  • #12

Rick Rohne
  • 408 posts

Posted 25 September 2008 - 08:45 PM

Per Vserver does not work for the logon page. The index.html file is the default page for all users.

But you could have different index.html files. You could use 302 redirects on different domain names to have different logon pages.

Once the users are logged on, you can use session policies and groups to customize what the end users see.

It's all basically html, so if you follow the links, you can pretty much do anything, you just need a little skill :)...



Medhi ABDI Members
  • #13

Medhi ABDI
  • 30 posts

Posted 29 September 2008 - 09:52 AM

Hi,

Please just to confirm what i'm reading

You can use AAC-WI in a CAG Edtion Entreprise ?

Is it possible ?

CAG AAC and WI were setup for CAG Advanced Edtion alone, no ?

Thanks



Rick Rohne Members
  • #14

Rick Rohne
  • 408 posts

Posted 29 September 2008 - 02:04 PM

yes



Medhi ABDI Members
  • #15

Medhi ABDI
  • 30 posts

Posted 29 September 2008 - 02:36 PM

Hi,

So now, we can use CAG Entreprise Edition with AAC and WI...

Witch version of CAG we need 8.0 or 8.1 ?

Can we use Live Edit option like for the Advanced Edition ?

And last question...Could someone provide me somes links or any informations for trying to setup this?

Thanks from France !



Paul Blitz Members
  • #16

Paul Blitz
  • 2,348 posts

Posted 29 September 2008 - 03:19 PM

Rick

Are you SURE about that?

I was at a Citrix-hosted 2-day hands-on tech session, and was specifically told that AAC does NOT work with AGEE.

Paul



Rick Rohne Members
  • #17

Rick Rohne
  • 408 posts

Posted 29 September 2008 - 09:16 PM

Sorry, I misread the question.
AAC Server does not integrate. But AAC functionality is biult in (EPA scans, clientless access).
There are some features that are missing, however, such as live edit.



Medhi ABDI Members
  • #18

Medhi ABDI
  • 30 posts

Posted 01 October 2008 - 01:29 PM

Hi,

Aaaarghh, all my dreams...gone...



Larry Hou Members
  • #19

Larry Hou
  • 2 posts

Posted 03 October 2008 - 02:50 PM

Thanks.. you gave me enough information for me to figure out on my own. Basically I used the load balancing feature to setup the redirect. The redirect works for http but I can't setup a redirect for https since the vserver/ports I have to create on the load balancer is already occupied by the sslvpn vserver/port. Is there a way to do this without creating another vip just to redirect https....



Rick Rohne Members
  • #20

Rick Rohne
  • 408 posts

Posted 06 October 2008 - 08:53 PM

This forum is starting to take a left turn. Can you create a new forum for your post?
Also, explain what you are trying to do...