Link to home
Create AccountLog in
Avatar of Pau Lo
Pau Lo

asked on

XenApp audits

Sorry to sound naive re citrix, but a few citrix/terminal services basics if I may:

1) When a user logs onto to a PC in the domain, once authenticated, they then (by double clicking a citrix shortcut) launch a citrix session which again prompts for username / password (what is that launcher/software called).

2) Also - if you have a busy network, am I right in thinking there will be a bunch of citrix servers to handle user demand? Is this called a farm?

3) What tool/feature in citrix determines which of the servers you will be logged into? And based on what parameters does it make that decision, i.e. this servers bust log the next lot of users on that server instead

4) By default out the box, do the citrix servers log which users logged on to which citrix servers and at what time? If so where would the logs be held?
ASKER CERTIFIED SOLUTION
Avatar of Carl Webster
Carl Webster
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of Pau Lo
Pau Lo

ASKER

Re 4 if you have 5 xenapp servers are yu going to have to check 5 security logs to see who logged in which when. Or does this load balancer have a log of who accessed which server when?
You will need to check all 5.  XenApp does not provide and centralized logging of what users logged into what server or which users ran which applications from what server or at what time and for how long.
Avatar of Pau Lo

ASKER

Ok one more quick question. Our setup is so you login to your pc via domain creds then you login to citrix creds. So you could access internet explorer via your desktop pc or via the citrix session. Is this type of setup called a specific name in the citrix world, as I assume you can configure the login process to log straight in to a citrix server bypassing the desktop? Do each type of configs have a specific label in the citrix world? And re the second type ie bypassing the desktop what mechanics log you straight into citrix are these scripts or some kind or another tool?
Sounds like you are using PNAgent without pass-through authentication.

I would suggest you start here:

http://support.citrix.com/proddocs/topic/web-interface-impington/wi-library-wrapper-impington.html
Avatar of Pau Lo

ASKER

Thanks carl, re no pass through and pass through, in your experience can you think of any reason or technicla reason why an admin would opt for no pass through authentication as opposed to using pass through. Are there pros and cons to both or issues that may arise when using one or the other which would sway a design decision to use one or the other?
security vs ease of use.  Always a tradeoff.
Avatar of Pau Lo

ASKER

Which is least secure? And why...
If my credentials are automatically passed through to the XenApp server, some would see that as a security risk.
Avatar of Pau Lo

ASKER

As they aren't encrypted?
Unless you use IPSEC I believe they are not encrypted.  I am not 100% positive of that though.  That is why a lot of people require both internal and external users to go thru a Citrix Access Gateway or NetScaler so that everything is encrypted.
Avatar of Pau Lo

ASKER

Ok thanks just to sweep up one final thing:

>.  Various names:  PNAgent, online client, online plugin or Receiver.

Can you tell just from the shortcut on the desktop which of these are being used? Are some of these clients based on where you are connecting from? Ie are some for internal users others external? Or why so many different clients? What do some do offer that others don't?
Citrix is famous for changing names and functionality.  Answering your questions could take a very long time.  Citrix provides client software for all kinds of devices and operating systems.  I would suggest you take a look here:

http://support.citrix.com/proddocs/topic/receiver/rec-receiver-and-plugins.html