Create an unauthenticated store
Use the Create Store task to configure additional unauthenticated stores to support access for unauthenticated (anonymous) users. You can create as many unauthenticated stores as you need; for example, you can create an unauthenticated store for a particular group of users or to group together a specific set of resources.
Remote access through a Citrix Gateway cannot be applied to unauthenticated stores.
To create an unauthenticated store, you identify and configure communications with the servers providing the resources that you want to make available in the store.
In multiple server deployments, use only one server at a time to make changes to the configuration of the server group. Ensure that the Citrix StoreFront management console is not running on any of the other servers in the deployment. Once complete, propagate your configuration changes to the server group so that the other servers in the deployment are updated.
Add desktops and applications to the store
On the Windows Start screen or Apps screen, locate and click the Citrix StoreFront tile.
Select the Stores node in the left pane of the Citrix StoreFront management console and, in the Actions pane, click Create Store.
On the Store Name page, specify a name for your store, select Allow only unauthenticated (anonymous) users to access this store, and click Next.
Store names appear in Citrix Receiver under users’ accounts, so choose a name that gives users information about the content of the store.
On the Delivery Controllers page, list the infrastructure providing the resources that you want to make available in the store. Click Add.
In the Add Delivery Controller dialog box, specify a name that will help you to identify the deployment and indicate whether the resources that you want to make available in the store are provided by Citrix Virtual Apps and Desktops, or by XenApp 6.5. (Note XenApp 6.5 has reached End of Life (EOL) and is now covered by the Extended Support Program.) When assigning Delivery Controllers, ensure that you are only using those which support the anonymous apps feature. Configuring your unauthenticated store with Controllers that do not support this feature may lead to no anonymous apps being available from the store.
To make desktops and applications provided by XenApp 6.5 farms available in the store, add the names of each individual server in the farm to the Servers list. Specify multiple servers to enable fault tolerance, listing the entries in order of priority to set the failover sequence. For Citrix Virtual Desktops sites, give details of Controllers. For XenApp 6.5 farms, list servers running the Citrix XML Service.
Select from the Transport type list the type of connections for StoreFront to use for communications with the servers.
To send data over unencrypted connections, select HTTP. If you select this option, you must make your own arrangements to secure connections between StoreFront and your servers.
To send data over secure HTTP connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS), select HTTPS. If you select this option for Citrix Virtual Apps and Desktops servers, ensure that the Citrix XML Service is set to share its port with Microsoft Internet Information Services (IIS) and that IIS is configured to support HTTPS.
If you are using HTTPS to secure connections between StoreFront and your servers, ensure that the names you specify in the Servers list match exactly (including the case) the names on the certificates for those servers.
- Specify the port for StoreFront to use for connections to the servers. The default port is 80 for connections using HTTP and 443 for HTTPS connections. In the case of Citrix Virtual Apps and Desktops servers, the specified port must be the port used by the Citrix XML Service.
- Click OK. You can configure stores to provide resources from any mixture of Citrix Virtual Apps and Desktops deployments. Repeat Steps 4 to 9, as necessary, to list additional deployments providing resources for the store. When you have added all the required resources to the store, click Create.
Your unauthenticated store is now available for use. To enable user access to the new store, Citrix Workspace app must be configured with access details for the store. There are a number of ways in which you can provide these details to users to make the configuration process easier for them. For more information, see User access options.
Alternatively, users can access the store through the Receiver for Web site, which enables users to access their desktops and applications through a web page. By default with unauthenticated stores, Receiver for Web displays the applications in a folder hierarchy that includes a breadcrumb path. The URL for users to access the Receiver for Web site for the new store is displayed when you create the store.
When you create a new store, the XenApp Services URL is enabled by default. Users of domain-joined desktop appliances and repurposed PCs running the Citrix Desktop Lock, along with users who have older Citrix clients that cannot be upgraded, can access stores directly using the XenApp Services URL for the store. The XenApp Services URL has the form
http[s]://serveraddress/Citrix/storename/PNAgent/config.xml, where serveraddress is the FQDN of the server or load balancing environment for your StoreFront deployment and storename is the name you specified for the store in Step 3.
In StoreFront configurations where the web.config file has been configured with the parameter LogoffAction=”terminate”, Citrix Receiver for Web sessions accessing this unauthenticated store will not terminate. Typically, the web.config file can be found at
C:\inetpub\wwwroot\Citrix\storename\, where storename is the name specified for the store when it was created. To ensure these sessions terminate properly, the XenApp server being used by this store must have the Trust XML requests option enabled as shown in Configuring the Citrix XML Service Port and Trust.