Product Documentation

Configuring App Controller to Provide STA Tickets for WorxMail

Oct 08, 2015

App Controller provides a ticketing service that is similar to the Secure Ticket Authority (STA) in XenApp and XenDeskop. WorxMail uses the ticketing service to allow users to stay connected for long periods of time without requiring them to authenticate multiple times.

App Controller and NetScaler Gateway work together to provide the ticketing service for users' connections. You configure settings on NetScaler Gateway and then configure policy settings for WorxMail on App Controller.

To allow connections through NetScaler Gateway, you must configure the following on the appliance:

  • Virtual server that uses the SOCKS protocol for ICA connections
  • STA

When you configure the STA on NetScaler Gateway, you add the App Controller IP address or fully qualified domain name (FQDN) as the STA to the URL. For example, https://myApp_Controller/ where myApp_Controller is the IP address or FQDN of App Controller. You also need to define ports 80 and 443 to allow connections. For more information about configuring the STA in NetScaler Gateway, see Configuring the Secure Ticket Authority on NetScaler Gateway.

You configure the following settings in App Controller:

  • WorxMail Exchange Server that is the FQDN of the Exchange server in the internal network.
  • WorxMail user domain that is your domain name.
  • Background network services that is a list of servers and ports. An empty list implies that users do not have access to background services.
  • Background services ticket expiration that is the amount of time before the ticket expires. Enter the number of days that the ticket is valid.
  • Background network service gateway is the alternate virtual server address and port on NetScaler Gateway that is used to connect by using the SOCKS protocol.

Tickets issued by App Controller are not intended for one time use. The setting Background services ticket defines how long the ticket is valid. When WorxMail sends the ticket to NetScaler Gateway for SOCKS connectivity, WorxMail might append a #fqdn:port parameter to the end of the ticket to identify to which server and port App Controller prefers to connect.

To configure WorxMail ticketing in App Controller

This procedure assumes that you have already installed WorxMail in App Controller.

  1. In the App Controller management console, click the Apps & Docs tab.
  2. Do one of the following:
    • To open WorxMail for iOS, in the navigation pane, click iOS MDX.
    • To open WorxMail for Android, in the navigation pane, click Android MDX.
  3. In the details pane, click WorxMail and then click the pencil icon in the dialog box.
  4. Click Next until you come to the Policies page.
  5. Under Application Settings, do the following:
    1. In Worx Exchange Server, type the path to your Exchange server in the secure network.
    2. In Worx user domain, type the domain name.
    3. In Background network services, enter the servers and ports. You can use the format serverFQDN:port or serverIPaddress:port . Use a comma as a separator between servers and ports.
    4. In Background services ticket expiration enter the number of days the ticket is valid. The default is 168 hours (7 days).
    5. In Background network service gateway enter the FQDN or IP address of the NetScaler virtual IP address and the port number.
  6. Click Save.