Posted   by 

Citrix Receiver Google Chrome



  1. Citrix Receiver For Chrome Browser
  2. Google Chrome And Citrix Receiver
  3. Google Classroom
  4. Citrix Receiver Download For Google Chrome
  5. Citrix Receiver Google Chrome
downloadWhy can't I download this file?
4. Click “Launch Application” button, the expected output is, “Just a moment, we’re detecting if…” and then automatically redirects to Storefront resource enumeration page with resources listed, or Storefront login page (you might need to re-enter user credential and click “Logon” button).
Important Note:
  • If “Just a moment, we’re detecting if…” webpage doesn’t auto redirects to enumeration/login page of storefront, please click “Detect again” button to try again.
  • If “Just a moment, we’re detecting if…” webpage doesn't redirect to storefront web page, it means the configuration for Citrix WebHelper invoked mode failed. In this situation, user can click “Already installed” to continue, Chrome will work in Citrix WebHelper NOT invoked mode.

5. In Storefront resource enumeration page, click an application icon. If “External Protocol Request” dialog window pops up. It indicates Chrome is working at WebHelper.exe invoked mode.

Citrix Receiver For Chrome Browser


Otherwise, It will work in non-invoked mode. Where it will download ICA file for the resource.Google
6. Check 'Remember my choice' to avoid repeated External protocol request popup and Click “Launch Application” button, the application should be launched by Receiver successfully even with CST enabled.

Additional Resources

CTX218929: Unable to launch application from Chrome via Netscaler Gateway with client selective trust (CST) enabled
downloadWhy can't I download this file?Google Chrome And Citrix Receiver

Main components involved in this are:

  • XenDesktop 7.9 with FAS enabled

  • Google Admin console

  • Active Directory Federation Services (AD FS) and

  • Citrix NetScaler Gateway

Instructions

Installing XenDesktop

Install XenDesktop 7.9 and configure Federated Authentication Service. Refer Citrix Documentation - Federated Authentication Service for more details.

Configuring Active Directory Federation Services (AD FS) and Google Admin Console

  1. Install and configure Active Directory Federation Service (AD FS) from server manager roles on any Windows 2K8 R2 or Windows 2K12 R2 server. Ensure that, AD FS and AD are not on the same machine.

  2. Configure AD FS URL in Google Admin console for Single Sign-on as follows:

    • Enable Single Sign-on in Google Apps. Log in to your administration console at
      http://www.google.com/a/your-domain/. Click Security->Set up Single Sign-on (SSO)

    • This will take you through to a configuration screen. Select Enable Single Sign-on,
      and enter the following values:
      Sign-in page URL: https://adfs.yourdomain.com/adfs/ls/
      Sign-out page URL: https://adfs.yourdomain.com/adfs/ls/
      Change password URL: https://sts.yourdomain.com/startersts/users/password.aspx

    • Verification certificate: Upload the AD FS Token Signing cert (.cer file) which can be obtained from the AD FS 2.0 Management Console (under Service > Certificates). Click Upload.

    • Select “Use a domain specific issuer”.

    • Enter network addresses in the Network masks textbox.

    • Single sign-on is configured and enabled. Note that the settings take effect immediately. However, it does not affect your login to the Admin Console – that is always accessed by manual login, so that you can get and disable Single Sign-on again.

  3. Configure SAML Single Sign-on policies on Google Admin Console, refer https://support.google.com/chrome/a/answer/6060880 for more details.

  4. Configuring AD FS
    ​• Open the AD FS 2.0 Management Console and navigate to Relying Parties section.

    1. Click Add Relying Party Trust

    2. Choose Enter data about the relying party manually

    3. Provide a name for the trust (so that you can easily identify it)

    4. Select AD FS 2.0 profile

    5. Select Enable support for the SAML 2.0 WebSSO protocol and enter /acs'>https://www.google.com/a//acs in the Relying party SAML 2.0 SSO service URL textbox.

    6. Enter google.com/a/<your-domains the Relying party identifier

    7. Complete the wizard steps

    8. Click on the newly added item and select Properties. Click on the Signature tab and Click Add:

    9. Add the Token Signing Certificate – it must the AD FS Token Signing Certificate you uploaded to the Google Admin Console AD FS.

    10. Click OK.

    11. Click Edit Claim Rules and click Add Rule:

    12. From the Claim rule drop-down, select Transform an Incoming Claim.

    13. Provide a Name to the rule, select E-Mail Address as the Incoming Claim Type, set the Outgoing claim type to Name ID and the Outgoing name ID format to Email:

    14. Complete the Wizard steps.

    • Go to your Active Directory. Go to properties of user for whom you want to enable Single sign on and then add the google domain email address of that user in Email field.

    • Go to your Active Directory. Go to properties of user for whom you want to enable Single sign on and then add the google domain email address of that user in Email field.

Configuring Citrix NetScaler

Google Classroom

  • Configure NetScaler SAML to work with AD FS. Before this make sure, XenDesktop works with NetScaler without SSON or FAS configuration.. Refer, http://support.citrix.com/article/CTX133919 to configure NetScaler SAML with AD FS
  • On successful completion of all the above steps, you are redirected to AD FS page on entering the SF URL

Configuring Single Sign-on on Chromebook

Citrix Receiver Download For Google Chrome

  • Chromebook should be a managed Chromebook
  • Install and configure SAML SSO for Chrome app extension on Chrome devices. Refer to the Google website for more information. This extension retrieves SAML cookies from browser and provides to Citrix Receiver. This extension needs to be configured with the following policy to allow Receiver to get SAML cookies:
    {
    'whitelist' : {
    'Value' : [
    {
    'appId' : 'haiffjcadagjlijoggckpgfnoeiflnem',
    'domain' : 'saml.yourcompany.com'
    }
    ]
    }
    }
  • If you are repackaging Citrix Receiver for Chrome, change the appId. In addition, change the domain to your company's SAML IdP domain.
  • Configure Receiver to user NetScaler Gateway configured for SAML logon. This enables users to use the NetScaler Gateway configured for SAML logon.
  • Login to Chromebook using managed user which will redirect you to AD FS page for the first time. user has to enter the password twice for the first time.
  • After successful login, you can access the XenDesktop resources without having to re-enter the credentials. providing any credentials.

Citrix Receiver Google Chrome

Go through following demo on, how the user experience looks like, https://www.youtube.com/watch?v=Zv6tCSaCnIU.