Access

CTX-Blog

powered by Ecki's Place

July 12, 2008

AAC tuning, part 4

To adjust the look of an AAC LogonPoint at the CI of a company is not as easy as it is with a Citrix Web Interface deployment. In the following PDF i will show you a way to get there anyway.

The howto is written in german. A translation into english is not available at the moment. Since the pdf utilizes a lot of pictures, you might be able to understand it anyway. As soon as i find the time, i will provide a translated version. Until then, you can download the german version here: AAC4_5_CustomizeLogonPoint_Rev1.1_DE.pdf

This is, what your LogonPoint could look like after reading this document:
Angepasster LogonPoint - LoginAngepasster LogonPoint - Portal

Additional documentation about customizing an AAC LogonPoint can be found here:

  • Basic Customization of the Advanced Access Control 4.x Logon Point
  • How to Customize the Default View for Web Interface 4.6 When it is Embedded in Access Gateway Advanced Edition
  • And here you can find a currently very interesting article about AAC and FireFox 3.0:

  • Access Interface Appears Incorrectly with Firefox 3.0
  • Regards
    Ecki

    May 7, 2008

    AAC hotfix AAC450W003 and CAG hotfix 4.5.7 available

    A few days ago, Citrix released the hotfixes AAC450W003 and hotfix AG2000_v457. Beside a couple of bug fixes, there are some really interesting things in these releases:

    Hotfix AAC450W003 invalidates some parts of my last posting in “AAC tuning, part 3”. A couple of months ago, i asked Citrix to allow customers to change the caption of the RADIUS input box on the logon page. In my last article i showed a way to change the caption easily for RSA and SafeWord deployments and pointed out a way to change the text with a little script in case of another RADIUS solution. However this solution had some unwanted side effects and so i’m glad that Citrix came up with a solution for all deployments. The procedure described in the first section of “AAC tuning, part 3” stays valid but is now applicable for all RADIUS deployments too, given you installed hotfix AAC450W003 correctly.

    Vista is now supported with AAC 4.5, but it is still beta. This means, that you are now able to check Vista clients through EPA-scans, provided by Citrix. My first tests have been successfull. CAUTION: If you use EPA-scans from EPAFactory/Accario you have to wait for an update from Accario to support AAC 4.5 HF03. This should be available around the 20th of Mai.

    The list of supported AV scanner and personal firewalls has become a little longer. McAfee 8.5i, Symantec AVE 10.0, Symantec Endpoint Protection 11.0 and Trend Micro 8.0 are now officially supported at last.

    The download and readme for AAC can be found here: CTX117123, AAC45W003

    The download and readme for CAG 4.5.7 can be found here: CTX117123, Hotfix AG2000_v457

    Regards
    Ecki

    November 15, 2007

    Access Gateway hotfix 4.5.6

    Citrix released HotFix 4.5.6 of the Access Gateway Standard, which eliminates another couple of bugs. Before the update to version 4.5.6 the number of connections from the Secure Access Client and Citrix Presentation Server Clients could be different in the Real-Time Monitor or on the Statistics tab in the Administration Tool. Another fix adresses this issue: When users are logged on to the Advanced Access Control option through the Access Gateway, when users logoff, the session is not disconnected. Users must manually disconnect by right-clicking the Secure Access Client and selecting Disconnect.

    If the Access Gateway appliance is upgraded to version 4.5.6, and Access Gateway Advanced Edition with hotfix AAC450W001 is installed on a server in the internal network, users are prompted to install the ActiveX control each time a connection is created. Currently, the file web.config has the following at the end of the file:

    <add key="SACCodebase" value="net6helper.cab#version=4,5,0,122" />
    </appSettings/>
    </configuration/>

    The version number needs to be changed to the correct version and build number for 4.5.6, which is 4,5,6,111.

    The full list of fixes and the download can be found here.

    Regards
    Ecki

    May 2, 2007

    Secure Access Client Command Line Parameters

    It is a little known fact, that the Secure Access Client (4.2 and later, including net6vpn.exe) offers some interesting command line parameters. I will therefore present them here. The most intersting part is the ability to automate installation of the client via software deployment or simple batch script.

    Note: These parameters are case-sensitive.

    The following parameters are available:

    • -C Configure the Virtual Private Networking (VPN) client–bring up the GUI configuration screen
      Example: “CitrixSAClient.exe –C”
    • -H Connect to a specific server address and port (Syntax: -H SERVER_IP:PORT)
      Example: “CitrixSAClient.exe –H 192.168.1.1:443”
    • -p Connect with a proxy IP address and port (Syntax: -p PROXY_IP:PORT)
      Example: “CitrixSAClient.exe –p 192.168.1.1:8080”
    • -i Install the client. This is used in combination with other parameters for silent installations
      Example: “CitrixSAClient.exe –i”
    • -D Sets the URL for the desktop icon for Advanced Access Control mode (Syntax: -D AG_AAC_URL)
      Example: “CitrixSAClient.exe -D https://cag.company.com”
    • -Q Quiet mode parameter–this can only be used during an install (-i) or uninstall (-U). It must appear before all other parameters
      Example: “CitrixSAClient.exe –Q”
    • -U Uninstall the VPN client and drivers
      Example: “CitrixSAClient.exe –U”
    • -v Shows the version of the client you are launching
      Example: “CitrixSAClient.exe –v”

    Below is a syntax example for a silent installation with Advanced Access Control integration:
    CitrixSAClient.exe –Q –D https://AG_AAC_URL –i

    A silent installation for Access Gateway Standard would look like that:
    CitrixSAClient.exe –Q –H [AG_SYSTEM_FQDN]:[AG_SYSTEM_PORT] –i

    From CTX108757.

    Regards
    Ecki

    |