The App Controller virtual machine (VM) runs on Citrix XenServer, Microsoft Hyper-V, or VMware ESXi. You can use XenCenter or vSphere management consoles to install App Controller 2.8.
Before installing App Controller, you must do the following:
- Install XenServer or VMware ESXi on a computer with adequate hardware resources.
- Install XenCenter or vSphere on a separate computer. The computer that hosts XenCenter or vSphere connects to XenServer or VMware ESXi host through the network.
- Install Windows Server 2008 R2 or Windows Server 2012 with Hyper-V enabled, role enabled, on a computer with adequate system resources. While installing the Hyper-V role, be sure to specify the network interface cards (NICs) on the server that Hyper-V will use to create the virtual networks. You can reserve some NICs for the host.
This section details the following steps for installing App Controller on XenServer, Hyper-V, or VMware:
- Downloading the virtual image.
- Installing the VM on XenServer and setting the properties for App Controller in XenCenter.
- Installing App Controller on VMware ESXi and using vSphere to allocate virtual hardware components to App Controller, such as memory and virtual CPUs.
- Installing App Controller on Hyper-V.
- Configuring the IP address and subnet mask, default gateway, DNS servers, and Network Time Protocol (NTP) servers for App Controller by using the XenCenter or vSphere command-line console.
When you finish configuring App Controller network settings by using the command-line console, you log on to the App Controller management console. Then, you configure the following network settings:
Optionally, you can change the settings you configured by using the command-line console in the wizard. These settings include:
After you configure App Controller system settings, to complete the configuration, App Controller retrieves the groups and members of the groups from the specified Base DN in Active Directory. When the retrieval is complete, App Controller logs off. You can log on again to continue configuring App Controller features.
Downloading the Virtual Image for App Controller
You can download the App Controller virtual image from the Citrix web site. The virtual image contains the package that you need in order to install App Controller on XenServer, VMware, or Hyper-V.
For the XenServer installation, the virtual image is a file with the file name extension of .xva.
For the VMware installation, the virtual image is a file with the file name extension of .ova.
For the Hyper-V installation on Microsoft Server 2008 R2, the virtual image is a ZIP file with the file name extension of .vhd.
Setting the App Controller IP Address for the First Time
After you install the App Controller virtual machine (VM) and configure the initial settings by using the command-line console, you can configure additional App Controller network settings in the App Controller management console. To open the management console, type https://AppControllerIPaddress:4443/ControlPoint in the address bar of the web browser. For example, type https:// 10.20.30.40:4443/ControlPoint. The user name is administrator and the password is password. When you log on to the management console for the first time, the Configure wizard appears prompting you to configure settings that include the following:
- Administrator password
Note: Make sure that the email address is part of the base DN that you configure in the Active Directory settings.
- App Controller host name, IP address, subnet mask, and default gateway
Note: You can also configure an IP address for App Controller if you want a different IP address than what you configured by using the command-line console.
- Active Directory settings
Note: In the Configure wizard, you can add, create, or remove certificates on the Active Directory page. The option to configure certificates from the Active Directory page only appears when you configure App Controller for the first time in the management console. After you run the Configure wizard for the first time, you can then manage certificates from the Settings tab in the management console.
- Network Time Protocol (NTP) server and time zone
- DNS server settings
- Workflow email settings
Important: For workflows to work correctly, when you add users to Active Directory, you must enter the first name, last name, and email in the user properties. If you do not configure users in Active Directory with this information, App Controller cannot synchronize these individuals. When users attempt to start an app, users receive a message that they are not authorized to use the app.
After you configure and save the remaining network settings in the management console, App Controller retrieves users from Active Directory and then logs off. If you changed the password, log on again with the new password.
Important: If you have a large number of users or groups, it might take a few hours for App Controller to retrieve users. You cannot make any changes to App Controller until this process is complete. If you close the browser, interrupt the synchronization and then restart the Configure wizard in another web browser, your settings are not saved. Citrix recommends that you allow the Active Directory synchronization to complete. When you configure the App Controller settings for the first time, you can enter a group domain name (DN) that speeds the synchronization of Active Directory membership with App Controller.
If you need to make changes to system settings at a later time, you can access the Settings tab. You can configure or reconfigure the following on the Settings tab:
- Active Directory settings, such as IP address, administrator email and password, and base DN
- Administrator settings that allows you to change the password for the management console and the command line console
- Support options that allows you to configure GoToAssist user assistance settings.
- Branding that allows you to upload your own Portable Network Graphics (png) to mobile devices
- Certificates where you can install root, intermediate, and server certificates on App Controller
- Deployment settings for StoreFront or NetScaler Gateway
- Domain Name Server such as a DNS or WINS server
- GoToAssist settings for email or phone support
- Log transfer that sends logs to a server in your network
- Network connectivity that are the App Controller network settings
- NTP server that contains the settings for a Network Time Protocol server
- Receiver email template where you can send emails to your users to download Receiver
- Receiver updates
- Release management that allows you to upload software upgrades, patches, and application connectors
- Store credentials where you can save the user name, password, and device ID for the Google Play Store
- SysLog server settings
- Workflow email which is the administrator email settings for workflows
- XenMobile MDM where you configure connection settings to XenMobile Device Manager
Changing the App Controller Settings
- In the App Controller management console, click Settings at the top of the page.
- In the left pane, under System Configuration, click one of the options to configure the settings.
After you complete App Controller configuration, you can configure roles, users, applications, and application categories for single sign-on (SSO). You can do the following:
- Refresh users from Active Directory.
- Add roles to map which Active Directory groups receive access to applications.
- Add web and SaaS applications to App Controller from the provided connector catalog.
- Upload mobile apps to App Controller.
- View a user device inventory in which you can erase and stop erasing application data and documents from a device, lock and unlock a device, or delete a device from the inventory.
- Retrieve mobile app information by configuring mobile links.
- Add links to commonly used web sites including Internet and intranet sites.
- Create access to applications that are not in the catalog for SSO by using either HTTP Federated Formfill or SAML connectors.
- Download certificates for use with some SAML applications.
- Create user accounts automatically based on Active Directory group membership.
- Assign users to applications based on their role within the organization.
- Add categories to which you can add applications.
- Connect StoreFront to App Controller. When users connect with Citrix Receiver, they can see the application list, subscribe to applications, and access applications seamlessly.
- Configure ShareFile settings for user data and documents.
- Download a CR (.cr) file that configures Receiver on the user device. You can send this file to users in an email. The .cr file contains all of the settings that Receiver needs to connect to App Controller.