Earlier this year I had to configure the following conversation:
customer: Henry, how can we get rid of the pen calls when in the virtual desktop application
Me: we need to configure the receiver for passthrough and ...
customer (interrupting): Yes, that is what I want. That's it !!!
Me: Well, there are some limitations ...
You see, I knew we could configure pass through but was the question of how to meet this requirement with a Common Access card involved (CAC - Government jargon for Smart Card in the department of defense) and a locked Windows 7 image. That is where the journey began. Please note that happened aforementioned conversation while I spot to do with the customer a NetScaler Gateway Proof of Concept was and considering that I while had enough time to eat out, I accepted the challenge ,
So at the time there was no clear support article that explains how to do that with 2.5 storefront, and the latest version of the receiver. There were a few blogs and older Citrix support article are helped, but I had to piece together some concepts to get it to work. Since someone in technical support created on CTX-support article, how to do it. (Phew !!! This post would have been three times as long and boring!). You can see the article here
Now for the aspect of public sector output. In order to work for CAC / Smart Card, you have to by to check out the steps 'smart card' that should be obvious as you go through it.
but in step 6, you have to allow "local user name and password." I, if am by design not sure, but the Ssonsvr.exe process does not start. The SSONSRV process is required to work for the pass-through. Without it, you are not going anywhere. This is the first thing to check on the Windows endpoint. On the virtual desktop side, has the virtual desktop to have the middleware software. I think that people who know smart cards these days support this already, but I wanted to make clear.
Also, there may not be anything to delay or stop the process as a welcome banner, where the user must click on 'OK' to accept or group policy enforcement CTRL + ALT + DEL. The main reason, there are built-in timeout for safety reasons. These are the reservations and in no way, I propose to go here to IT policies. In some cases, especially in the federal government, changes to the gold master could be an exception or someone assuming require risk. I know that in this specific customer environment, the banner page instead placed on the Storefront page (Here's how to do this.) And the customer filled in modifying the gold master image for their organization, the paper work for the exceptions.
So ... in the end, wanted the customer to get what they. A domain connected Windows 7 endpoint logging virtual applications and virtual desktops powered by XenDesktop 7.5 (BTW, 7.6 is now available!) Without pin prompts. Now, a PIN prompt. The one for the application to the endpoint required. At the end of the day, customer was satisfied with the NetScaler Gateway POC and a PIN request.
0 Komentar