Download Citrix Extranet 2.5

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
Document related concepts
no text concepts found
Transcript 
Citrix
™
Extranet
Technical Overview
2.5
What’s New?
 Windows® 2000 and Windows .NET Server
 Client configuration and deployment
Client Lockouts
Access code length and content restrictions
 Web-based administration
Automatic Backup
User Administration
Group Administration
Port range access permissions
 Multiple users on one machine
 LDAP authentication
 Windows 2000/Me/XP Client
 Zero-Install Java™ Client






Windows 2000 and .NET Server
Installation
Client configuration and deployment
With Perl installed
Client configuration and deployment
Client packages
Client configuration and deployment
Change background splash screen
Client configuration and deployment
Launching options
Client configuration and deployment
IPSec
Client configuration and deployment
Smart card reader
Client configuration and deployment
Communication port
Client configuration and deployment
Access code length
Client configuration and deployment
Client lockouts
Client configuration and deployment
Client configuration and deployment
New entries in the “setup.ini” Configuration File
 AccessCodeMinimumLength
 AccessCodeContentRule
 ClientSettingLockout
Client configuration and deployment
Client download
Web-based Administration
The Administrator is able to perform the following
with Citrix Extranet Web Administration.
 Manages users individually or by groups.
 Assigns Web and TCP access permissions.
 Configures On-Line Registration Web form.
 Specifies management levels using administrative
rights functionality.
 Make changes to the Citrix Extranet Server
configuration (sgconf.ini).
Citrix Extranet
Client
w/Extranet Admin
Remote administration
Citrix Extranet
Server(s)
Web-based Administration
Accessing Web Admin remotely
Web-based Administration
In order for Citrix Extranet Web Administration to
be set up properly, the following steps must be
carried out:
 The administrator must register to the Citrix Extranet
Server.
 The administrator must be given access permissions
to use Citrix Extranet Web Administration.
 Once the administration access permissions are
downloaded to the administrator’s Citrix Extranet
Client, the administrator opens a Web browser and
enters the following URL:

http://<address of Citrix Extranet Server>:3900
Web-based Administration
The information entered into Citrix Extranet Web
Administration configures the following files on
the Citrix Extranet Server:
 sgconf.ini
 sgate.acl
 sgate.dny
 sWeb.acl
 sWeb.dny
 ipsec.acl
 adm-gw.acl
 sites.acl
 reginfo.dat
 sgproxy.conf
Web-based Administration
The Configuration Button:
Configure the Citrix Extranet
Server configuration
variables. These variables
are:
 Authentication
 Server Definition
 Dynamic Configuration
 On-Line Registration (OLR)
 Java Client
 Logging
 Destination Configuration
 IPSec
 Radius
 Pager
 LDAP
 Other
Web-based Administration
Authentication Settings
Web-based Administration
System Definition Settings
Web-based Administration
On-Line Registration Settings
Web-based Administration
Destination Configuration Settings
Web-based Administration
LDAP Settings
Web-based Administration
License Information:
Clicking the License Info button in the upper left
pane of the Citrix Extranet Web Administration
page gives the following information:
 Enabled user limits.
 License expiration dates.
 Total enabled users.
 Total users currently logged in.
Web-based Administration
User Administration
Web-based Administration
User Administration:
 User Information
Web-based Administration
User Administration:
 User Configuration
Web-based Administration
Group Administration
Access Permission Wildcarding
Allows specification of a group of Internet
destinations or ports with a single rule.
Matching is done by Citrix Extranet Client and the
Winsock shim.
Permitted in:
 Host field.
In either hostname or IP address formats.
 Port field.

Three types:
 Hostname (DNS) wildcarding.
 Address (IP) wildcarding.
 Port wildcarding and Port Range configuration.
Multiple Users on One Machine
Citrix Extranet 2.5 Client supports multiple
tokens to be stored on the same machine. To add
multiple users on one machine:
 Add a new user token and access code
 Start Citrix Extranet Client for the new user and
perform OLR
 When logging into Citrix Extranet Client after OLR,
choose the new user name.
Multiple Users on One Machine
New user token
Multiple Users on One Machine
New user registration
Multiple Users on One Machine
Renaming user
LDAP Overview
LDAP (Lightweight Directory Access Protocol) is
a directory service where user information is
organized into a directory structure.
 LDAP has two parts, an LDAP client and an LDAP
server.
 The path to the user directory is called the DN
(distinguished name).
LDAP and Citrix Extranet
The basic components of the LDAP
authentication method are organized as follows:
 The CEC/LDAP client
 The CES/LDAP server
 The LDAP server is a third party server
Two options for the type of communication
 Simple authentication
 SSL authentication
Citrix Extranet LDAP Authentication Advantages.
 No tokens stored on the client machine.
 Integrates easily if LDAP authentication is already in
use.
LDAP Login
Citrix
Extranet
CES/LDAP
Server
Citrix
Extranet
Client
CEC/LDAP
Client
The user starts Citrix Extranet
Client and the CEC/LDAP client
requests the CES Server’s
public key.
The CES/LDAP server receives
the request.
User is prompted for LDAP
User DN and password
Citrix Extranet Client
generates authentication key,
creates session key, &
encrypts authentication key, &
login data w/session key. This
package is then encrypted
w/server public key
Client receives success
message and UserID.
LDAP
Server
Server sends public key.
Encrypted
with
Server’s
public key
Decrypts information w/private key
& receives user’s login data,
session key & authentication key.
Forwards login information to LDAP
server using simple or SSL
authentication.
Receives response from LDAP
Server and creates the UserID and
updates the CES auth server
which updates the CES user
database.
Successful authentication message
and UserID are sent to client.
The LDAP server authenticates
the user password via the DN.
Authentication response is sent
to the CES server.
LDAP Authentication – Configuration
Citrix Extranet NT/2000 Server Configuration
 Step 1 – Configure the Citrix Extranet Server to use
LDAP authentication as a registration server.
 Step 2 – Configure Citrix Extranet Server LDAP
options.
 Step 3 – If using SSL for communications between the
Citrix Extranet Server and the LDAP server, add SSL
certificates to the Citrix Extranet Server.
NOTE: Any user accounts must be created on the LDAP server prior to
using Citrix Extranet/LDAP authentication. Consult your LDAP server
documentation for more information.
LDAP Authentication – Configuration
Registration Server
LDAP Authentication – Configuration
LDAP Configuration
LDAP Authentication – Configuration
If using SSL for communications between the
Citrix Extranet Server and the LDAP server, add
SSL certificates to the Citrix Extranet Server.
Use the ldapcrtmgr utility to manage certificates
on the Extranet server.
LDAP Authentication – Configuration
Citrix Extranet Client LDAP Configuration:
 Step 1 – Install Citrix Extranet Client with LDAP
support.
 Step 2 – Ensure that LDAP is the Citrix Extranet Client
default authentication method.
 Step 3 – Start Citrix Extranet Client and authenticate to
the Citrix Extranet Server.
NOTE: Citrix Extranet Client does not require On-Line
Registration (OLR) when LDAP authentication is used.
LDAP Authentication – Configuration
Install Citrix Extranet Client with LDAP support.
LDAP Authentication – Configuration
Ensure that LDAP is the Citrix Extranet Client
default authentication method.
LDAP Authentication – Configuration
First time launch
LDAP Authentication – Configuration
DN and Password
LDAP Authentication – Configuration
Citrix Extranet Client LDAP Options:
Zero-Install
Java Client
Zero-Install Java Client
The Zero-Install Java Client must be configured
on the Citrix Extranet Server before it can be
used. The steps to configure the Java client are:
 Create a keystore file for the SSL certificate.
 Install the Citrix Extranet Server with the Citrix
Extranet Java Client.
 Use Citrix Extranet Web Administration to configure
the Citrix Extranet SSL server.
 Configure your organization’s java applet parameters.
Zero-Install Java Client
Create a keystore file for the SSL certificate.
 In order for the Citrix Extranet Java Client to work, a
keystore file must be created.




The keystore file is created using Keytool. Keytool is a
third party tool used with the Sun Java Software
Development Kit 1.3 or later.
When creating the keystore file, make note of the key
alias name, keystore file name, keystore file password,
and the alias password.
The keystore file contains the SSL certificate for the
Citrix Extranet Java Client. This certificate must be
obtained from a Certificate Authority (CA)
Once the keystore file is created, copy it to a temporary
directory on the Citrix Extranet Server machine.
Zero-Install Java Client
To install the Citrix Extranet Java Client during
the Citrix Extranet Server installation, check the
Java Client check box on the Select Optional
Components installation window.
Zero-Install Java Client
During the installation of the Citrix Extranet
Server, you will be prompted to Enter the FQDN of
the SSL server.
Zero-Install Java Client
Keystore Information
Zero-Install Java Client
Configuring Extranet SSL Server settings
Zero-Install Java Client
Configure java applet parameters
 The Applet Configuration File settings are:

class

archive

cab

UserPage

ServerName

ServerPort

width

height

PARAMETERS
Zero-Install Java Client
Possible security alerts
Netscape Alert
IE Alert
Zero-Install Java Client
Citrix Extranet Java Client Login
Citrix Extranet Client icon
Zero-Install Java Client
Citrix Extranet
®
and MetaFrame
Citrix Extranet Typical Architecture
Citrix Extranet and MetaFrame
Citrix Extranet can be configured to work with
Citrix MetaFrame servers. The steps for this
configuration are:
 Step 1 – Create access permissions so Citrix Extranet
Client users can access a MetaFrame server.
 Step 2 – Configure the ICA client to access the
MetaFrame server via Citrix Extranet Client.
 Step3 – Access the MetaFrame server.
Citrix Extranet and MetaFrame
Create access permissions
Citrix Extranet and MetaFrame
Configure the ICA client
Citrix Extranet and MetaFrame
Access the MetaFrame server:
Related documents
WebInterface
WebInterface
Bild 1 - Global
Bild 1 - Global
Computer - KeehnsPlace
Computer - KeehnsPlace
Example 1 - Sandbox Advisors
Example 1 - Sandbox Advisors
Introducing Internet Marketing
Introducing Internet Marketing
here
here
Connecting to nasoutions
Connecting to nasoutions
What is a Network
What is a Network
Kuldeep Pathak Wintel Server Engineer Mob: 962-044-0010
Kuldeep Pathak Wintel Server Engineer Mob: 962-044-0010
Protocols which provide Remote Desktop
Protocols which provide Remote Desktop
Internet, Intranet and Extranets
Internet, Intranet and Extranets
Indiana University – University Information Systems
Indiana University – University Information Systems