Home > All, Citrix, CloudGateway, NetScaler, Receiver > Configuring Email-Based Account Discovery for #Citrix #Receiver

Configuring Email-Based Account Discovery for #Citrix #Receiver

Check out this great blog post from Avinash Golusula:

Configuring Email-Based Account Discovery

1     Add DNS Service Location (SRV) record to enable email based discovery

During initial configuration, Citrix Receiver can contact Active Directory Domain Name System (DNS) servers to obtain details of the stores available for users. This means that users do not need to know the access details for their stores when they install and configure Citrix Receiver. Instead, users enter their email addresses and Citrix Receiver contacts the DNS server for the domain specified in the email address to obtain the required information.

To enable Citrix Receiver to locate available stores on the basis of users’ email addresses, configure Service Location (SRV) locator resource records for Access Gateway or StoreFront/AppController connections on your DNS server. If no SRV record is found, Citrix Receiver searches the specified domain for a machine named “discoverReceiver” to identify a StoreFront/AppController server.

You must install a valid server certificate on the Access Gateway appliance and StoreFront/AppController server to enable email-based account discovery. The full chain to the root certificate must also be valid. For the best user experience, install either a certificate with a Subject or Subject Alternative Name entry of discoverReceiver.domain, or a wildcard certificate for the domain containing your users’ email accounts.

To allow users to configure Citrix Receiver by using an email address, you need to add a SRV record to your DNS zone.

  • Log in to your DNS server
  • In DNS > Right-click your Forward Lookup Zone
  • Click on Other New Records
  • Scroll down to Service Location (SRV)
  • Configuring Email-Based Account Discovery
  • Choose Create Record
  • Click in the Service box and enter the host value _citrixreceiver
  • Click in the Protocol box and enter the value _tcp
  • In the Host offering this service box, specify the fully qualified domain name (FQDN) and port for your Access Gateway appliance (to support both local and remote users) or StoreFront/AppController server (to support users on the local network only)

Note: Your StoreFront FQDN must be unique and different from the Access Gateway virtual server FQDN. Using the same FQDN for StoreFront and the Access Gateway virtual server is not supported. Citrix Receiver requires that the StoreFront FQDN is a unique address that is only resolvable from user devices connected to the internal network. If this is not the case, Receiver for Windows users cannot use email-based account discovery. 

2     Checking SRV record using nslookup

You can use nslookup to check if the SRV record is configured correctly in DNS:

  • Open command prompt
  • Type nslookup
  • Type “set type=srv“
  • Type “_citrixreceiver._tcp.mycompany.com“

The response from your external DNS should be something like this:

_citrixreceiver._tcp.mycompany.com SRV service location:

priority = 0

weight = 100

port     = 443

svr hostname = vpndemo.mycompany.com

 

3     Configuration of Netscaler Access Gateway

To allow users to configure Citrix Receiver from a remote location you need to add the StoreFront/AppController URL Session Profile of your Netscaler Access Gateway.

  • Log in to the Netscaler management console
  • In the Access Gateway node, create a new Session Profile or open an existing Session Profile for Native Receivers.
  • Click the Published

Continue reading here!

//Richard

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: