Citrix

Produktdokumentation



Ganzes Dokument herunterladen

Configuring Single Sign-On by Using Application Connectors

Oct. 08, 2015

With App Controller, you can provide users with single sign-on (SSO) to your mobile, enterprise, web, and SaaS applications. You can enable applications for SSO by using the application connector templates found in the App Controller catalog. You can also enable some applications for user account management.

An application in App Controller is either a simple or complex application. If you configure a simple application, you can edit the label or accept the default name. If you are running multiple instances of the application in your network, you must change the label to make it easier to identify the application. With some applications, you can activate an application connector for SSO more than one time with different names. For example, you can configure the application named Box twice with the names as Box1 and Box2. If you have already configured an application, rename the application before you configure another connector.

If you add a complex application, you can edit the application name and the logon web address. If the application is an SaaS application, you do not need to change the web address. If the application is a hosted application in your internal network, you change the web address to match the deployed application.

You configure an application connector by providing the following parameters:

  • Different names (optional). For example, you configure two instances of the Box application connector, each with a unique name. Not all applications allow you to configure multiple instances.
  • Description of the application.
  • Web address by using the fully qualified domain name (FQDN), such as https://app.bill.com.
  • Location of the application, either on the Internet or in your internal network.
  • Credentials for SSO. Users can use the application credentials or Active Directory credentials.
  • Category for the application. Categories allow you to organize applications in Citrix Receiver. When users log on, they can double-click the category and then start the application.
  • A group of users to which you want to assign the application.
  • Workflow approval settings for all applications that includes specifying the individuals who can approve the user account.
  • Application policies for each app you configure in App Controller.

If an application is available for SSO only, when you finish configuring the preceding settings, you save the settings and the application appears on the Apps & Docs tab in the App Controller management console. If an application is available for user account management, you select the check box to enable user management and then configure additional settings. The settings include:

  • Service account
  • Automatic account creation
  • User name and password rules

For more information about creating user accounts for an application, see xmob-appc-add-apps-provconnector-con.html#clg-appc-add-apps-provconnector-b-con.

To activate an application connector in App Controller for SSO only

  1. In the management console, click the Apps & Docs tab.
  2. Under Apps & Docs > APPS, click Web & SaaS and then in the right pane, click the plus (+) symbol.
  3. From the catalog, click an application.
  4. In the Configure App dialog box, in App Name, keep the default name or enter one of your own.
  5. In Description, keep the default description for the application or choose one of your own.
  6. If applicable, in URL, type the Web address of the application or keep the default address.
  7. Select App is hosted in internal network if the application is running on a server in your internal network.
    Note: If users connect from a remote location to the internal app, they must connect through NetScaler Gateway. Selecting this check box adds the VPN keyword to the application and allows users to connect through NetScaler Gateway.
  8. Select Use Active Directory for SSO. When you select this option, users Active Directory credentials are used automatically for logging on.
  9. Select Require app installation if users connect to the app from a mobile device. When you select this option, when users connect from an iOS or Android device, the app downloads and then installs on the device.
  10. In Category, select a category.
  11. In Assigned role, select the role to which you want to assign the application.
  12. Click Next.
  13. If the application requires approvals for users, in Workflow, click Requires approval. You can either create a new workflow or use an existing workflow.
  14. To use an existing workflow, in Create new workflow, select the workflow, and then click Next.
  15. To create a new workflow, in Workflow name type a name for the workflow and in Description, type a description of the workflow. Click Next.
  16. On the Policies page, configure the policies and then click Save.
Back to Top