Link to home
Start Free TrialLog in
Avatar of snyperj
snyperjFlag for United States of America

asked on

Unable to set up SSON with Citrix Receiver

I am trying to set up Single Sign on for an HP THin Client.

Following the document at the link below, I have downloaded the latest Citrix Receiver for Windows (4.2) to a folder on the c drive called citrix.

I then run an elevated command prompt and change the directory to c:\citrix

I then run the following command:    CitrixReceiver.exe /INCLUDESSON

Nothing happens...
The cursor drops just down to another line of c:\citrix in the command window, but nothing installs...

I am logged into the the Thin Client as the Administrator.

Help! What am I doing wrong?

http://support.citrix.com/article/CTX133982
Avatar of Dirk Kotte
Dirk Kotte
Flag of Germany image

the installation should run.
try to start the installation without parameters. abort if the first message is visible.
works?  if not, redownload the file.
try to use correct upper and lower characrers within the setup command.
" /includeSSON. "
Avatar of snyperj

ASKER

Tried it, it just wont fire.  It wont even fire without the  /includeSSON parameter.

I have downloaded and re-downloaded the 4.2 CitrixReceiver file from citrix.com a couple of times.

If I use and older CitrixReceiverEnterprise.exe file (v3.4), it will run... but I was under the impression from the updated document listed above on the Citrix site, that I could configure SSO with the newest receiver 4.2- but I am starting to think that is not true?
within Receiver 4.2 some SSO installation parameters should be enabled by default.
try to uninstall all old receivers and install the client directly from the citrix website (i use this way successfully this week).

Then you need the GPO (or corresponding registry settings) at the client.
Also you have to add the citrix webInterface/storefront/gateway url#s to the "local intranet" pages within IE.
Avatar of snyperj

ASKER

Ok, so I finally got it to install with the /includeSSON.   I also went into local group policy and changed all the settings listed in steps 7-12 on the below:

http://support.citrix.com/article/CTX133982 

I entered the server URL into receiver, committed the changes to the the Thin client, restarted the Thin Client... no SSO login box appears when I login...

getting closer, but still not there
really working sso has no login-box.
SSo means you login to your windows-workstation (must be a domain member) and the windows logon credentials are passed to the receiver. if this works you see the username at the top of receiver.
Questions:
- your thinclient is domain-member?
- you configure the store within the receiver?

if your thinclient is not a domain-member you need username/password authentication enabled within storefront/webinterface.
please describe the behaviour a little bit more.
Avatar of snyperj

ASKER

Yes- I knew after I posted that ,,,that it was a little misleading.  

The Thin client is part of the domain, however I was logging in as the local Administrator, knowing that the local administrator would not authenticate and thereby causing the Citix login box would to come up because SSO would not work. So I am using that as kind of a backdoor way to see if SSO is trying to fire off.... by not getting the login box when using the local administrator account  I know that it is NOT working.  

I get that login screen on all of our Thin Clients with the 3.4 receiver installed when I login as the local Administrator.

I am clear that this is not SSO...on the 3.4 receiver clients, when a domain user logs in, the citrix apps load to the start menu...  If I login as a domain user on the 4.2 receivier clients- no apps come down.
have you enabled SSO-logon at WI / Storefront server only?
possible you have to allow username/password logon method also.

i knew with 3.4 this was not necessary, but i see this more as a bug than a feature.
possible 4.2 need this setting to present you the logon-box.
Avatar of snyperj

ASKER

I am not sure how to do what you are suggesting...I am sure I have access, but not sure what you mean by

have you enabled SSO-logon at WI / Storefront server only?
 possible you have to allow username/password logon method also.

Can you give me more info please, I REALLY would like to get this working with the 4.2 receiver as this has a major impact on us going forward if I cannot get it working.  

Thanks
do you use webinterface or storefront?
Avatar of snyperj

ASKER

I would guess we use the webinterface, but I am not sure exactly what the difference is?  (storefront?)

We have a XenApp 6.5 farm of 9 servers.  Our laptop users login by way of their web browser with Citrix Receiver 4.2 installed on the laptop.

Our Thin Client users pull the apps directly down to the start menu.  They have been using Citrix Receiver 3.4 but we would like to see it it can be updated to 4.2, so that all users are using 4.2 (or the latest receiver) as we move forward.
webinterface is the point the pnagent/receiver pulls the configuration.
storefront is the successor.
within booth solutions you can configure the possible logon variants.

tomorrow i will try something with the logon options ...
Avatar of snyperj

ASKER

OK, I appreciate your help!
Avatar of snyperj

ASKER

dkotte, anxious to know if you have other suggestions to try?  Thanks.
it works at my installation. i am unable to create a configuration where the authentication dialogue don't occur.

i would suggest to check the authentication settings within webinterface configuration tool.
goto service-site, select correct site (if there are more than one) and check the authentication settings.
There are checkboxes for "explicit" (username/password), "pass-through" and some other.
check "explicit".
Avatar of snyperj

ASKER

I am not familiar with what you mean by webinterface configuration tool?

Is that the same as AppCenter?
Avatar of snyperj

ASKER

I think I found it, but the webinterface does not seem to be configured because I think I should see access to it below , correct?  I don't know, I am confused.  Everything worked great with Receiver 3.4, just cant get it to work with 4.2 and not sure why anything has to be reconfigured just because we updated the receiver software.  So frustrated with Citrix.
xenapp.JPG
check the settings at your thinclient.
there you have a url from where the client gets the configuration.
at this server you have run webinterface or storefront.
Avatar of snyperj

ASKER

The url we enter in receiver is below, (I have replaced our actual domain with 'mydomain')... is this what you mean?

http://citrixterminal.mydomain.com/Citrix/PNAgent/config.xml

I am confused though what I actually need to do or look for on citrixterminal...?
ASKER CERTIFIED SOLUTION
Avatar of Dirk Kotte
Dirk Kotte
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of snyperj

ASKER

our citrix reseller told us Citrix abandoned SSO after 3.4, which explains why I cant get it to work.  Disappointing, but thanks anyway.
the reseller statement is not fully correct i think ...
I use receiver 4.2 with SSO and explicit (username/password) authentication from netscaler gateway.

See the install parameters, there are the SSO options.  
http://support.citrix.com/proddocs/topic/receiver-windows-42/receiver-windows-cfg-command-line-42.html#receiver-windows-cfg-command-line-42