Publishing an internal site to only be accessed through Citrix and not locally

We are currently running Citrix Presentation Server 4.5 and we have an internal site that only works on IE 6. We are in the process of upgrading our local machine to Windows 7 and it will be setup to use IE 8. Since this internal site is not configured to run on anything other then IE6 we are wanting to find an easier way to re-direct our customers to use Citrix instead. We currently publish this site as an available application but since we want to prevent the users from accessing this site internally on their local machines we need a way to force them to use Citrix. We are currently using an IE redirect application that if this address is typed into the browser locally it will be blocked and an error reminding them to use the publsihed application version will be displayed.

I know with content redirection we can set the site to redirect them to use their local browser I just wasn't sure if this could be configured to go the opposite way. If this address is entered it would launch it on Citrix. Any assistance is appreciated.

I will offer max points for a solution since this is currently a big deal here at my place or work. Thanks.
Who is Participating?
TreyBcoolConnect With a Mentor Commented:
From your posting:
"We are currently using an IE redirect application that if this address is typed into the browser locally it will be blocked and an error reminding them to use the publsihed application version will be displayed."

So that message is a web page. When that message/webpage posts to the user - you would just redirect the user to your WI site. So create a new WI site, enable pass through (on your xenapp servers you may need to import the icaclient.adm file and enable pass through there as well
Pass through is under the user authentication portion. The icaclient.adm file is already on your xenapp servers - find it in program files\citrix\icaclient\configuration - on the server run gpedit.msc - click on administrative templates and import this adm file and enable pass through.

Then on your new WI site that you are redirecting to, enable pass through. What version of WI are you running? This site here has WI customizations for auto launching a specific app

However, if you are running WI5.x - then in the webinterface.conf file we can specify to autolaunch an app.
Your first step - the web page that your current error message is being posted, set in there to auto redirect you to your new WI site.
So you are already using PNAgent on their local PC to place an IE6 web browser - where the app name is called whatever that website URL is?
You could embed an ICA file for the ie6 browser on this page
"an error reminding "
With pass through authentication it should launch right in.
Or even better maybe, you could even just make that error message webpage a redirect to a WI site with pass through enabled and auto launch the IE6 browser to that web app. Lots of easy options on this one. You may have to do a custom WI site that auto launches that browser if you dont want your normal WI site to auto launch. You can do it on the same WI server - now its managed in the webinterface.conf file or for older sites you can follow this
tonyenorAuthor Commented:
Yes we are using the local PNA agent on the machines and they will have access to the application from the outside from the already published application pointing to this site using Web Interface. Yes the published application is currently being used and when they launch it it opens up the page using IE 6 that is installed on the Citrix server hosting that application.

I guess what I am trying to accomplish is similiar to what content redirection does with file types you can put in an extension like .doc, or .xls. If someone tries to open an application with a .doc extension Citrix is then opened to launch this application or file. I want this same behavior to happen with this internal site. I don't want them to be able to access it locally on their machines using their local browser and to force them to only use Citrix.

I guess I am just confused on what exactly you are suggesting us to do. The zip files through me off.
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

So, the applications you see in your current WI site or PNA site are .ica files. One option is to embed a .ica file that represents your IE6 site onto your current error message page and when the user hits that page it auto opens the ica file which in turn opens IE6. However, probably the best thing to do would be to make your error message page redirect your users to a WI site that auto launches your IE6 ica file.
tonyenorAuthor Commented:
I apologize for appearing clueless at the moment. How would I go about creating a WI site that would auto launch this site? That seems like the best route to go since it would be pretty much seamless to the users without them having to click onto another link. However I am having trouble determining how to create a site to do this within Web interface.
tonyenorAuthor Commented:
Okay got it. I will give that a try. Thanks so much for your assistance.

We are running version for Web Interface
tonyenorAuthor Commented:
Here is our HTML file we are trying to edit but I can't get the PNA file to link successfully in here. Any ideas?
Ths is what I tried and no luck. This can not be this difficult
file:///c:\Program Files (x86)\Citrix\ICA Client\pnagent.exe" /CitrixShortcut: (1) /QLaunch "SMT Portal"

if I copy the actual shortcut into work and open it launches successfully. However if I used the above hyperlink it does not work. Aggghhh please help if you can.
<title>Portal requires IE6</title>
<body bgcolor="silver">
Internet Explorer 6 is required.
The browser you are using has been identified as a different IE version or a non-IE browser. Portal requires IE6 to function properly.
Please access Application via the Portal or by using IE6. Contact the help desk if you have questions.


Open in new window

Hmmm, I hadnt thought about doing it with PNAgent. I was thinking the easiest thing to do, so your users dont have to log in or anything, would be to put a link to a web interface site, with pass through authentication as the default authentication and have it autolaunch the IE6. What would happen is the users would click the http://webinterface_auto_launch url, pass through would take the credentials they logged into the pc with and then from there an ica file would be generated for IE6 and auto launched. But, I guess if PNAgent is already logged in locally with all their apps, then there may just be a way to invoke the IE6 from there, good idea. You are saying it works if you click that link in word, but not in internet explorer.
I am thinking something like

<a href="file:////c:\Program Files (x86)\Citrix\ICA Client\pnagent.exe /CitrixShortcut: (1) /QLaunch SMT Portal">Launch IE6</a>

is what you will need to do.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.