How to configure Citrix through iChain (non-java ICA client)

  • 3002218
  • 18-May-2006
  • 27-Apr-2012

Environment

Novell iChain 2.3
Citrix Presentation Server 3.0
Citrix Presentation Server 4.0

Situation

How to configure Citrix to work with iChain.

Resolution

Create an accelerator for the Nfuse server:

  1. Enable the accelerator.
  2. Add a name for the Nfuse accelerator.
  3. Add a DNS name for the accelerator.
  4. Select either "Forward host name sent by browser to the web server" or "Alternate host name" (this should be the DNS name that the backend Citrix server is expecting).
  5. Enable authentication and pick an authentication profile.
  6. Add the Citrix NFuse server IP under "Web server addresses" and the correct port for the backend Citrix NFuse server (usually port 80).
  7. Check the IP that will be used for the accelerator under"Accelerator IP addresses" and specify the listening port for the accelerator (usually port 80).
  8. Enable Secure Exchange (optional step).
  9. Click "OK" button and then click on "Apply" button.


Create an accelerator to tunnel the ICA traffic to the MetaFrame server:

  1. Enable the accelerator.
  2. Add a name for the accelerator.
  3. Add the DNS name for the accelerator (you can use the same DNS name as the Nfuse accelerator or a different DNS name).
  4. Select either "Forward host name sent by browser to the web server" or "Alternate host name" (this should be the DNS name that the backend Citrix server is expecting).
  5. Make sure that "Enable Authentication" is NOT enabled.
  6. Add the Citrix MetaFrame server IP (or if you have a farm all the server IP addresses) under  "Web server addresses" and the correct port for the backend Citrix MetaFrame server (usually port 1494).
  7. Check the IP that will be used for the accelerator under"Accelerator IP addresses" and specify the listening port (you'll either need to specify a different Accelerator IP address or if you use the same accelerator IP address specified for the Nfuse Accelerator you will need to use a different port like port 81).
  8. Click "OK" button and then click on "Apply" button.
  9. Go to the iChain command line interface and type:
    "set accelerator tunnelauthforica=yes", hit enter, then type "apply" and hit enter.


Add protected resources:

  1. Open ConsoleOne, open the ISO (iChain Service Object) and click on the "Protected  Resources" tab.
  2. Add the protected resources for the Nfuse accelerator and for the MetaFrame accelerator (nfuse.citrix.com/*, mf.citrix.com/*).  Set as restricted or secure (if secure make sure ACL object is properly configured.)

Citrix Server Settings:

  1. On the Presentation Server Console:  Go to properties of the farm (right-click on the farm) and disable session reliability (if not disabled it will show up in the ICA file as CGPAddress=*2598).
  2. On the Citrix Web Interface Console (found under management consoles) go to client side proxy setting and change it from Auto to Client defined (use client proxy settings).



Formfill Policies:


MetaFrameLogin
nfuse.citrix.com/Citrix/MetaFrame/default/login.aspx










through NFuse -->

NFuseICArewrite
nfuse.citrix.com/Citrix/MetaFrame/default/launch.*



[WFClient]


[WFClient]
ProxyHost = mf.citrix.com:80
ICHAIN-TOKEN = 30


ProxyType=None


ProxyType=Secure


Address=172.16.10.1


Address=mf.citrix.com




through NFuse -->


Example of a rewritten ICA file:

[Encoding]
InputEncoding=ISO8859_1

[WFClient]
ProxyHost =mf.citrix.com:80
ProxyType=Secure
ProxyUsername=9e77acb2a87c46078df500f9
ProxyPassword=209384b517e42ce96db301e38d6349dfa8bc8ab2
Version=2
ClientName=WI_N97t_PYPiUHqx3zi
TransportReconnectEnabled=On

RemoveICAFile=yes

ProxyTimeout=30000

[ApplicationServers]
Notepad=

[Notepad]
Address=mf.citrix.com:1494
InitialProgram=#Notepad
LongCommandLine=
DesiredColor=2
Launcher=WI
TransportDriver=TCP/IP
WinStationDriver=ICA 3.0

ProxyTimeout=30000

AutologonAllowed=ON
Username=Administrator
Domain=\3D68CB1E6DA7EF02
ClearPassword=308B0262FDC7DE

ClientAudio=On

DesiredHRES=640
DesiredVRES=480
TWIMode=On

SessionsharingKey=2-basic-basic-CITRIX-Administrator-TestFarm

[EncRC5-0]
DriverNameWin16=pdc0w.dll
DriverNameWin32=pdc0n.dll

[EncRC5-40]
DriverNameWin16=pdc40w.dll
DriverNameWin32=pdc40n.dll

[EncRC5-56]
DriverNameWin16=pdc56w.dll
DriverNameWin32=pdc56n.dll

[EncRC5-128]
DriverNameWin16=pdc128w.dll
DriverNameWin32=pdc128n.dll

[Compress]
DriverNameWin16=pdcompw.dll
DriverNameWin32=pdcompn.dll

Additional Information

For more information on troubleshooting visit: https://www.novell.com/coolsolutions/appnote/2562.html

Feedback service temporarily unavailable. For content questions or problems, please contact Support.