Integrate XenMobile with XenApp and XenDesktop


I’m integrating XenMobile and NetScaler into my XenApp and XenDesktop lab. This is a multi-part blog focusing on the following topics:

With our certificates created and installed, we can now integrate XenMobile with XenApp and XenDesktop.

Encrypt XenApp, XenDesktop and StoreFront communication

With certificates added to our XenApp and XenDesktop environment, we need to modify a few settings so the communication will be encrypted

Configure StoreFront

In the StoreFront console

  1. Select Server Group
  2. Select Change Base URL
  3. Update the url for HTTPS


3.
Select Stores
4.
A message should say

StoreFront is using HTTPS
No certificate associated with this StoreFront server


We must bind the wildcard certificate to the StoreFront web site.

  1. Within IIS Manager, select Sites – Default Web Sites in the left pane.
  2. Select Bindings in the right pane


3.
If https does NOT exist, select Add. If https does exist, select Edit

a. Set type to be https
b.
Select the wildcard certificate in the SSL Certificate entry.


4.
Return to the StoreFront console and refresh the Store. It should now only say StoreFront using HTTPS

We must also modify our delivery controller setup to use HTTPS

  1. In the StoreFront Console, select Stores
  2. Select Manage Delivery Controllers


3.
Select Edit
4.
Modify the Transport Type to HTTPS


Configure Delivery Controllers

We must bind the wildcard certificate to the IIS service so XML traffic is encrypted.  Most likely, the delivery controller will NOT have IIS Manager installed.  The configuration can be accomplished with PowerShell.

  1. Start PowerShell
  2. Run the following commands, modifying the red text as necessary for the domain name of the wildcard certificate:

New-WebBinding -Name “Default Web Site” -IP “*” -Port 443 -Protocol https

Get-ChildItem cert:\LocalMachine\my | where-object {$_.Subject -like “*snpp.local*”} | Select -first 1 | New-Item IIS:\SslBindings\0.0.0.0!443

Test the connection by going to the StoreFront website URL via HTTPs and launch a resource

Configure XenMobile

First we will integrate XenMobile with StoreFront, which in turns gives us access to XenApp and XenDesktop Resoruces.

  1. In a browser, navigate to https://xm01.snpp.local:4443.
  2. Select the gear icon in the upper right corner
  3. Select XenApp and XenDesktop
  4. Enter in the following

    a. Host: storefront.snpp.local
    b.
    Port: 443
    c.
    Relative Path: /Citrix/SNPP/PNAgent/config.xml (Look in the StoreFront console for this information. It will be the XenApp Services URL for the store).
    d.
    Use HTTPS: On


5.
Test connectivity
6.
Save

We also need to configure LDAP for XenMobile.

  1. In the XenMobile Console, select the gear icon in the upper right
  2. Select LDAP
  3. Select Add
  4. Enter in the following

    a. Directory Type: Active Directory
    b.
    Primary Server: 172.16.0.10 (IP Address of domain controller)
    c.
    Port: 389
    d.
    Domain name: snpp.local
    e.
    User Base DN: Filled in automatically
    f.
    Group Base DN: Filled in automatically
    g.
    User ID: ID of admin account
    h.
    Password: Password of admin account
    i.
    Domain alias: snpp
    j.
    Group Catalog Root Context: dc=snpp,dc=local
    k.
    User search by: sAMACcountName


Test

On my android phone (Note: you will need to install the root CA on the phone to trust the servers. The easiest way to get the cert onto the phone is email. Open the cert and the phone will install it)

  1. Connect to WiFi network hosting my lab
  2. Launch Play Store
  3. Download Secure Hub by Citrix
  4. Launch Secure Hub once download and installation completes
  5. Enter in the XenMobile address: xm01.snpp.local


6.
Select Yes, enroll
7.
Enter in username and password (just the user ID, no domain name or email address)


8.
Select Activate
9.
Select Add apps from Store
10.
The XenApp and XenDestkop resources should be visible.


11.
Select an app and launch (Citrix Receiver must be installed)
12. I
n the XenMobile console, in the Manage section, the user and the device should part of the inventory

Daniel (Follow on Twitter @djfeller)
Citrix XenApp and XenDesktop 7.6 VDI Handbook
XenApp Best Practices
XenApp Video

 

Advertisements

One thought on “Integrate XenMobile with XenApp and XenDesktop”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s