Setup profiles for StoreFront stores
Prerequisites
To create profiles for a StoreFront store, the administrators need to meet the following prerequisites:
- Verify Citrix Workspace app version
- StoreFront server requirement
- Configure Cloud Connector or Connector Appliance for Active Directory Management
- Configure registration tool
Verify Citrix Workspace app version
| Citrix Workspace app platform | Minimum supported version | User group rules | Device Posture rules | Network Location rules |
|---|---|---|---|---|
| Windows | 2405 | Yes | No | No |
| Mac | 2405.11 | Yes | No | No |
StoreFront server requirement
The minimum required version of the StoreFront server is 2203.0.3000.14.
Configure a Cloud Connector or Connector Appliance for Active Directory Management
The Citrix Cloud Connector™ and Connector Appliance are Citrix components that serve as a channel for communication between Citrix Cloud and your resource locations. It enables the use of Active Directory forests and domains within resource locations, thereby allowing administrators to access the AD group information for managing configuration profiles.
- To learn more about Citrix Cloud Connector, see Citrix Cloud Connector in the Citrix Cloud product documentation.
- To learn more about Connector Appliance, see Connector Appliance for Cloud Services in the Citrix Cloud product documentation.
Configure registration tool
Administrators need to download and run a registration tool on the StoreFront server. The registration tool installs a certificate that establishes trust between the StoreFront server and Client app management. As a result, information about the user’s AD group can be found and that allows configuration of profiles.
The process involves the following steps:
- Generate a registration tool.
- Download and run the registration tool.
- Validate the registration tool.
Generate a registration tool
The registration tool is an executable file that needs to be run on the StoreFront server hosted within the organization. This registers GACS as a trusted service to access AD group information.
To generate the registration tool, do the following:
- Navigate to Client app management > Stores.
- Select your StoreFront URL, and click Create profile.
- On the Manage configuration profiles screen, click Generate to generate the registration tool.
Download and run the registration tool
Download the registration tool
When the registration tool is generated, the Download option becomes enabled, allowing the administrator to download the tool. When the administrator clicks the Download option, the registration tool is downloaded in an executable format.
Note:
The registration tool is downloaded as a
.zipfile bundled with a README file. The README file provides detailed instructions to download and run the registration tool.
Run the executable file
Once the registration tool is downloaded, the administrator can then run the registration tool to install a certificate on the StoreFront server hosted within the organization. This certificate allows the server to trust GACS for the configuration Profile Management.
When you run the registration tool, you can decide whether to run the tool on a single store or all stores of the StoreFront server. Once you run the tool, it modifies the web.config file of the StoreFront store’s authentication service, which registers GACS as a trusted service.
Note:
The IIS restarts when the
web.configfile is modified due to the successful execution of the registration tool.
Validate registration tool
Following the successful execution of the registration tool, a .zip file is downloaded containing an acknowledgment file and a text file. The text file provides the following information extracted from the StoreFront server:
- Public Certificate: The public certificate enables Client app management to process incoming secondary tokens issued by the StoreFront server to provide authenticated, profile-based settings to the client endpoint devices running Citrix applications.
- Configuration Values: Various configuration values related to the store are extracted to maintain consistency and ensure that the store operates correctly after any changes or recovery steps.
The administrator has to validate whether the certificate registration is successful by following these steps:
- Upload the acknowledgment file.
-
Click Validate.
Once the validation of certificate registration is successful, the Registration validated message appears.
- Click the Close button.
- Click Create Profile and the Edit configuration profile screen appears.