Install and configure
Install Director using the full product ISO Installer for Citrix Virtual Apps and Desktops, which checks for prerequisites, installs any missing components, sets up the Director website, and performs basic configuration. For prerequisites and other details, see the System requirements documentation for this release. This release of Director is not compatible with Virtual Apps deployments earlier than 6.5 or Virtual Desktops deployments earlier than 7. The default configuration provided by the ISO installer handles typical deployments. If Director was not included during installation, use the ISO installer to add Director. To add any additional components, rerun the ISO installer and select the components to install. For information on using the ISO installer, see Install core components in the installation documentation. Citrix recommends that you install using the full product ISO installer only, not the .MSI file.
When Director is installed on the Controller, it is automatically configured with localhost as the server address, and Director communicates with the local Controller by default. To install Director on a dedicated server that is remote from a Controller, you are prompted to enter the FQDN or IP address of a Controller.
Note: Click Add to add the Controller to be monitored.
Director communicates with that specified Controller by default. Specify only one Controller address for each site that you monitor. Director automatically discovers all other Controllers in the same site and falls back to those other Controllers if the Controller you specified fails.
Note: Director does not load balance among Controllers.
To secure the communications between the browser and the Web server, Citrix recommends that you implement TLS on the IIS website hosting Director. Refer to the Microsoft IIS documentation for instructions. Director configuration is not required to enable TLS.
Deploy and configure Director
When Director is used in an environment containing more than one site, be sure to synchronize the system clocks on all the servers where Controllers, Director, and other core components are installed. Otherwise, the sites might not display correctly in Director.
To protect the security of user names and passwords sent using plain text through the network, allow Director connections using only HTTPS, and not HTTP. Certain tools are able to read plain text user names and passwords in HTTP (unencrypted) network packets, which can create a potential security risk for users.
To log on to Director, administrators with permissions for Director must be Active Directory domain users and must have the following rights:
- Read rights in all Active Directory forests to be searched (see Advanced configuration).
- Configured Delegated Administrator roles (see delegated administration and Director).
- To shadow users, administrators must be configured using a Microsoft group policy for Windows Remote Assistance. In addition:
- When installing VDAs, ensure that the Windows Remote Assistance feature is enabled on all user devices (selected by default).
- When you install Director on a server, ensure that Windows Remote Assistance is installed (selected by default). However, it is disabled on the server by default. The feature does not need to be enabled for Director to provide assistance to end users. Citrix recommends leaving the feature disabled to improve security on the server.
- To enable administrators to initiate Windows Remote Assistance, grant them the required permissions by using the appropriate Microsoft Group Policy settings for Remote Assistance. For information, see CTX127388: How to Enable Remote Assistance for Desktop Director.