Adding new AD Domain to Existing XenApp 6 Install

We currently have a XenApp6 farm running that was built when we had a single Domain in the AD Forest. This past weekend we added another AD Domain in the Forest because of an acquisition. My question is how do I get this new domain the ability to log into XenApp? When I look at our deployed applications I can choose the new domain and add the users, but they cannot log in from the web site? I have not tried logging them in on the full blown client yet either where you can specify the domain because I wanted to make sure it works both ways that way they can get in from their corporate computer or home computer. Thanks.
LVL 1
hh_techservicesIT DirectorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

GovvyCommented:
Is there an AD trust between the new domain and the domain the Citrix infra resides in?
0
hh_techservicesIT DirectorAuthor Commented:
Yes. It is in the same forest so the trust is automatically there. I've previously used XenApp at another company where you had to put the domain you were logging into on the login page. Ours currently doesn't have that, so I figured it has to be something easy to change. At least I hope.
0
Carl WebsterCommented:
If the domains are in the same forest there is an implied trust.

When you setup the web interface site(s), did you define a domain restriction?  If so, add your new domain to the list.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

GovvyCommented:
So is the new domain a subdomain of the domain Citrix resides in? If its not a child you would need a shortcut trust
0
GovvyCommented:
0
Carl WebsterCommented:
If the servers(s) your WI is configured to use as XML Brokers are part of the domain, then it should just work.  The users from domain2 should just be able to login to the WI, see their apps and run them.
0
hh_techservicesIT DirectorAuthor Commented:
CarlWebster,

This system was setup by a consultant with my input but I manage it now. I'd imagine when setup we only had one domain so it might have been restricted. Where would I find that at? Is that in the Citrix Delivery Console or is that more on the Web Front End servers? I'm thinking that is it because the domains are fully trusted.  Thanks
0
Carl WebsterCommented:
This is from memory so you might need to look around.

Web Interface
click on site
authentication settings
should have Explicit checked
click the settings or properties box to the right
add your domains (btw, ad1.com and ad1 are technically NOT the same here)
there is another setting where you can select a radio button that says something like username only username@domain, since you have multiple domains select username@domain and then click the button a little lower down.  Enter your domains there and make sure display dropdown is selected.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
hh_techservicesIT DirectorAuthor Commented:
Carl,

Thanks for the info. That is exactly what I was looking for. Just to make sure, is there any other location that needs to change so users from the other domain can login? I'll be adding their new domain to the Explicit area that says allow only these domains. I just didn't know if that is the only location in the Farm that needs to be changed. Thanks again!
0
Carl WebsterCommented:
For a regular WI Site the domains need to be put in those two places.

For a PNAgent/XenApp Services Site, only the first one exists.
0
hh_techservicesIT DirectorAuthor Commented:
This was exactly what was needed.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Citrix

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.