You can use Single Sign-on in environments that include XenApp hosted applications, locally installed applications, or both.
In a XenApp deployment, you install the Single Sign-on Plug-in software on each server in the XenApp farm that hosts applications requiring credential authentication. Users access these applications through Citrix connections. The plug-in software on the server determines the application type (Windows, Web, or terminal emulator) and retrieves the appropriate credentials from the local credential store in the user's profile.
You can also install a Single Sign-on Plug-in on each user device. For a XenApp deployment, see the considerations described below. If users run applications that are installed locally on their devices, the Single Sign-on plug-in must be installed on the user device to provide credentials and access to the local applications.
Regardless of whether the Single Sign-on Plug-in is installed on the user device, users can reregister answers to their security questions without being prompted, or synchronize credentials by using Account Association only by using published applications you can give them access to after installing the plug-in on a XenApp server.
Single Sign-on can be used with:
- Access Gateway Advanced Edition (applications are available from XenApp through a web browser)
- Citrix XenApp features:
- Citrix Receiver for Windows
- Citrix Offline Plug-in
- Web Interface