Configuring a Citrix Listed Application Resource Profile (NSM Procedure)

Citrix created published applications to satisfy the need for security. It is dangerous to allow any executable to be run on the server. With published applications, only applications that are allowed to be run are published.

With the Secure Access device, these published applications are displayed on the Secure Access device index page as terminal services bookmarks.

To configure a Citrix listed application resource profile:

  1. In the NSM navigation tree, select Device Manager > Devices. Click the Device Tree tab, and then double-click the Secure Access device for which you want to configure a Citrix listed application resource profile.
  2. Click the Configuration tab, and select Users > Resource Profiles > Terminal Services. The corresponding workspace appears.
  3. Click the New button and the New dialog box appears.
  4. Add or modify settings as specified in Table 24.
  5. Click one:
    • OK—Saves the changes.
    • Cancel—Cancels the modifications.

Table 24: Citrix Listed Application Resource Profile Configuration Details

OptionFunctionYour Action
Settings tab

Name

Specifies a unique name for the resource profile.

Enter the name.

Description

Describes the resource profile.

Enter a description.

Java Support Options

Allows you to enable or disable Java applet support.

Select one of the following options from the Java Support Options drop-down list:

  • Disable Java Support—Disables a Java support for Secure Access device to intermediate traffic.
  • Use Java applet as a fallback mechanism—Allows a Secure Access device to fall back to the applets when other terminal services clients are not available on the user’s system.
  • Always use Java applet—Allows a Secure Access device to store terminal services Java clients directly on the Secure Access device without employing a separate Web server to host them. You can then associate these Java applets with the resource profile and specify that the Secure Access device always use them to intermediate traffic.

Applet to use

Specifies the Java applet that you want to associate with the resource profile.

Select a Java applet from the Applet to use drop–down list.

Applet HTML

Specifies the HTML page definition that includes references to your Java applets.

Enter the HTML page definition.

Note: The maximum size of the HTML that can be specified is 25 KB.

Type

Specifies the terminal service.

Select Citrix Listed Applications option to enable this feature.

Citrix Listed Applications > Settings tab

Citrix XML Service IP and Port

Specifies the IP address and port of the Citrix MetaFrame server where the XML service is running.

Enter the IP address and port of the Citrix MetaFrame server.

  • You do not need to enter the port number if you are using the default value. The default port is 80 (if SSL is selected, the default port is 443).
  • You can enter more than one server. If the connection fails on one server, the next server in the list is used.

Use SSL for connecting to Citrix XML Service

Sends the password through SSL instead of cleartext.

Select the Use SSL for connecting to Citrix XML Service check box to enable this feature.

XML Username

Specifies the username for connecting to the Citrix Metaframe server where the XML service is running.

Enter the username for connecting to the Citrix Metaframe server.

XML Password Type

Specifies static password or variable password.

Select either Variable Password or Password from the drop-down list.

Variable Password

Specifies the variable credentials.

Note: This field is enabled only when you select Variable Password from the XML Password Type drop–down list.

Enter the variable credential such as <USERNAME> and<PASSWORD>.

XML Password

Specifies the XML password.

Note: This field is enabled only when you select XML Password from the XML Password Type drop– down list.

Enter the XML password.

XML Domain

Specifies the domain name for connecting to the Citrix Metaframe server where the XML service is running.

Enter the domain name.

Citrix Listed Applications > Autopolicy: Terminal Services Access Control > Rules tab

Name

Specifies the name of a policy that allows or denies users access to the resource.

Enter a name.

Action

Allows or denies user access to resource.

Select either Allow or Deny from the Action drop–down list.

Resource

Specifies the resource name for which you want to enable access.

Enter the resource name.

Citrix Listed Applications > Bookmarks tab > General tab

Name

Specifies the name of the session bookmark of the resource profile.

Enter the name.

Description

Describes the session bookmark of the resource profile.

Enter a description.

Applications

Specifies the applications you want available to the end user.

Select one of the following options from the Applications drop-down list.

  • ALL applications—Allows all executables on the server to be available to the end user.
  • Subset of selected applications—Allows you to select executables that you want available to the end user.

    Note: This option is disabled when you enter variable credentials, such as <USERNAME> and <PASSWORD> while defining the resource profile.

Selected Applications

Specifies the executables to run.

Enter the executables.

Username

Specifies the username that the Secure Access device should pass to the terminal server. You can enter a static username or a variable.

Enter the username.

Password Type

Specifies a static or variable password. If you select a variable password, then you can use the password stored in the Secure Access device's primary or secondary authentication server, or you can use the domain credentials to pass the user's cached domain credentials to the Windows Terminal server.

Select one of the following options from the Password Type drop-down list:

  • Variable Password—Uses the password stored in the Secure Access device’s primary or secondary authentication server.
  • Explicit Password—Allows you to specify a static password.
  • Use domain credentials—Passes the user’s cached domain credentials to the Citrix Metaframe server (also called pass-through authentication). When you select this option, the Secure Access device uses the Citrix Program Neighborhood client to intermediate the Citrix terminal session.

Variable Password

Specifies the variable password.

Enter the <password> variable. Or use the following syntax to submit the password for the secondary authentication server: <Password@SecondaryServerName> or <Password[2]>.

Explicit Password

Specifies the explicit password.

Enter the explicit password.

Session Reliability and Auto-client reconnect

Keeps sessions active and on the user’s screen when network connectivity is interrupted.

Select the Session Reliability and Auto-client reconnect check box to enable this feature.

Screen Size

Specifies the size of the terminal services window on the user’s workstation.

Select screen size from the drop–down list.

Note: By default, the Secure Access device sets the window size to full screen.

Color Depth

Changes the color-depth of the terminal session data.

Select color depth the drop–down list.

Connect drives

Connects the user’s local drive to the terminal server, enabling the user to copy information from the terminal server to his local client directories.

Select the Connect drives check box to enable this feature.

Connect printers

Connects the user’s local printers to the terminal server, enabling the user to print information from the terminal server to his local printer.

Select the Connect printers check box to enable this feature.

Connect COM Ports

Connects the user’s COM ports to the terminal server, allowing communication between the terminal server and the devices on his serial ports.

Select the Connect COM Ports check box to enable this feature.

Applies to roles

Specifies the roles to which you want to display the session bookmarks.

Select one of the following options from the drop-down list`:

  • All Terminal Service Profile roles—Displays the session bookmark to all of the roles associated with the resource profile.
  • Subset of Terminal Service Profile roles—Displays the session bookmark to a subset of the roles associated with the resource profile. Then select roles from the ALL Selected Roles list and click Add to move them to the Subset of selected roles list.
Settings > Role Selections tab

Roles Selections

Specifies roles to which the resource profile applies.

Note: The Role Selections tab is enabled only when you select Subset of Terminal Service Profile roles option from the Applies to roles drop–down list.

Select the role, and click Add.

Related Documentation