The Ultimate Citrix Install Guide 		 
 DABCC Home  |    MIAB eBook   |    Citrix Tips   |   MIAB 4.0   |    MIAB 3.0   |    MIAB 2.1   |    MIAB 1.0   |    Sponsors   |   Quotes    |    Site Map
PROJECT MANAGEMENT
1. Project Management Overview
2. Project Management Methodology
3. Tips for Making Meetings Effective

ANALYSIS PHASE
1. Analysis Phase Overview
2. Vision / Project Scope (Statement of Work)
3. Project Plan
4. Infrastructure Assessment
5. Proof of Concept
6. Analysis Phase Checkpoint

DESIGN PHASE
1. Design Phase Overview
2. Server Design
3. MetaFrame Access Suite Design
4. Infrastructure Design
5. Design Phase Checkpoint

IMPLEMENTATION PHASE
1. Implementation Phase Overview

2. Prepare the Network Environment
2. 1. Create Required Network Shares
2. 2. Firewall Modifications
2. 3. Throttling Port Speed and Duplex Settings
2. 4. Add Users to a Terminal Services Environment
2. 5. Create Required Citrix Specific User Groups

3. Install Operating System(s) for MetaFrame XP
3. 1. Installing Microsoft Windows 2000
3. 2. Installing Microsoft Windows Server 2003

4. MetaFrame IMA Data Store Installation & Configuration
4. 1. How to Install & Configure Microsoft SQL Server 2000
4. 2. How to Install and Configure Microsoft SQL Desktop Edition (MSDE)

5. Install MetaFrame XP Server w/ Feature Release 3
5. 1. How to Remap MetaFrame XP Server Driver Letters
5. 2. Installing MetaFrame Feature Release 3 on Windows 2000
5. 3. Installing MetaFrame Feature Release 3 on Windows Server 2003
5. 4. Installing MetaFrame XP HotFixes
5. 5. How to Add Licenses through the Management Console for MetaFrame XP

6. Install “Image” Applications

7. Rapid Server Deployment
7. 1. How to Clone a Citrix MetaFrame XP Server
7. 2. How to Create a Network Boot Disk

8. Configure MetaFrame XP Farm Wide Settings
8. 1. Recycling Operating Systems
8. 2. MetaFrame XP Delegated Administration
8. 3. How to Create a Zone & Move MetaFrame XP Servers to it
8. 4. How to Set a Server’s Preference for Data Collector Elections
8. 5. MetaFrame XP User Policies
8. 6. How to Implement Automatic ICA Client Updates
8. 7. Client Drive Mapping
8. 8. How to Implement Client to Server Content Redirection
8. 9. How to Implement Server to Client Content Redirection
8. 10. Configure ICA Keep-Alive
8. 11. Configure SpeedScreen Browser Acceleration

9. Install “Manual” Applications
9. 1. How to Install and Configure Microsoft Office 2000
9. 2. How to Install and Configure Microsoft Office XP
9. 3. How to Install and Configure Microsoft Office 2003

10. MetaFrame Conferencing Manager 2.0
10. 1. How to Install the Conference Organizer Service
10. 2. How to Install the Conference Room
10. 3. How to Install Conferencing Manager User Interface
10. 4. How to Specify the License Type through the CM Configuration Tool
10. 5. How to Add Users to the Conferencing Manager
10. 6. Microsoft Exchange Server Integration
10. 7. Troubleshooting

11. Publishing Resources through the Management Console
11. 1. How to Publish an Application
11. 2. How to Publish Content
11. 3. How to Publish Application from a Shortcut
11. 4. How to Publish the Printer Folder
11. 5. How to Publish Windows Explorer

12. How to Configure the Printing Environment
12. 1. Set the proper expectations
12. 2. Setup the Print Environment
12. 3. Create Printer Compatibility Driver Mappings
12. 4. Set Printer Bandwidth Limits for Client Auto-Created Printers
12. 5. How to use Project Compatibility automate Driver Mapping
12. 6. How to Manually Connect a Client Printer within an ICA Session

13. Install MetaFrame Secure Access Manager 2.0
13. 1. Install MetaFrame Secure Access Manager on Windows 2000 Server
13. 2. Install MetaFrame Secure Access Manager 2.0 on Windows Server 2003
13. 3. How to Install MetaFrame Secure Access Manager 2.0 Service Pack 1
13. 4. Install the Access Management Console on MetaFrame XP or a Workstation
13. 5. Create an Access Center
13. 6. Configure the Access Center
13. 7. Customizing MetaFrame Secure Access Manager
13. 8. How to Configure Internet Explorer for a Secure Access Center

14. Install Web Interface 2.1
14. 1. How to Install Web Interface 2.1 (Clean Install)
14. 2. How to Upgrade a NFuse Server to Web Interface 2.1
14. 3. Web Interface 2.1 Web Administration Tool
14. 4. How to Customize Web Interface 2.1
14. 5. How to Repair Web Interface 2.1

15. Install SSL Certificates and Secure IIS Server
15. 1. How to install and configure the IIS Lockdown Tool (version 2.1)
15. 2. How to Enable SSL on an IIS Web Server
15. 3. How to Force the use of SSL Encryption on a IIS Web Site

16. Install Secure Gateway 2.0 for MetaFrame
16. 1. Pre-installation Check List
16. 2. How to Install and Configure the STA Component
16. 3. Install the Secure Gateway Service
16. 4. Secure Gateway for MetaFrame Management Tools

17. MetaFrame XP Remote Administration Tools
17. 1. Management Console for MetaFrame XP
17. 2. Citrix Web Console (CWC)

18. ICA Clients
18. 1. How to Install the ICA Win32 Program Neighborhood Agent
18. 2. How to Install the ICA Win32 Web Client
18. 3. How to Configure the ICA Java Client
18. 4. How to Utilize the ICA Program Neighborhood Pass-Through Client
18. 5. Citrix ICA Client 6.20 for OS 9.X
18. 6. Citrix ICA Client 6.30 for OS 10.x

19. Microsoft Terminal Services Licensing
19. 1. Summary of Licensing Options in Windows 2000 Server
19. 2. Summary of the licensing options in Microsoft Windows Server 2003

20. Implement Windows System Policies
20. 1. MIAB Administrative Template Overview
20. 2. How to Create an Administrative Template to Hide Drives
20. 3. Implementing Windows 2000 Active Directory Group Policies
20. 4. Implementing Windows NT, Terminal Server 4.0 System Policies

21. How to Install and Configure MetaFrame Password Manager
21. 1. Prepare the Directory Service
21. 2. Install and Configure the MetaFrame Password Manager Console
21. 3. Deploy the MetaFrame Password Manager Agent
21. 4. On-Going Maintenance

22. Implementation Phase Checkpoint

READINESS PHASE
1. Readiness Phase Overview
2. Testing your New MetaFrame Access Suite Environment
3. Pilot Implementation
4. Rollout Any Remaining Servers
5. Implement Change Management Policies and Procedures
6. Readiness Phase Checkpoint

ROLLOUT PHASE
1. Rollout Phase Overview
2. End-User Training
3. Administrator Training
4. Go Live!
5. Rollout Phase Checkpoint

APPENDIX
1. Additional Resources
2. MIAB3.0.ZIP - Files Explained

2. 2.        Firewall Modifications

If end-users will be connecting to the Citrix MetaFrame Access Suite via the Internet, firewall modification might be necessary.

If you will be using Secure Gateway for MetaFrame 2.0 then TCP port 443 is the only port required to be open for client to server communications on any of the firewalls in your environment. Please refer to the Secure Gateway section of this document later on in this project for more information on what port might be required to be open in a DMZ environment.

If the SSL Relay service is used for ICA connections then TCP port 443 is the only port that is required to be open.

If during the Design Phase you assigned someone other than yourself with the responsibility for firewall modifications then you will need to get with the appropriate party to verify the appropriate modifications are taking place. After all, it is your project and you are ultimately responsible to the complete outcome. You will also be required to document any changes made that affect the MetaFrame deployment and included them in with the complete project documentation.

The following is a list of Citrix-related TCP and UDP ports that may need to be opened on firewalls and routers:

Port

Description

TCP - 80

Default port for unsecured Web Interface web servers and or TCP+HTTP browsing (XML port) and or Secure Gateway for MetaFrames Secure Ticket Authority (STA) unsecured port.

 

TCP - 443

Default port for Secure Gateway for Windows, SSL Relay Service, ICA connections using SSL+HTTPS browsing and secure connections to a Web Interface web server) This is the only port need to be open on an external firewall for secure connections to a MetaFrame Access Suite environment utilizing the Secure Gateway for Windows technology.

 

TCP - 1494

Default ICA port, this can be changed if necessary. This port is not necessary to be open on the external firewall if you will be utilizing Secure Gateway for Windows.

 

UDP - 1604

This port is very rarely used today and only used if you will not be utilizing Web Interface or TCP+HTTP browsing. (highly not recommended)

 

TCP 2512

Citrix Independent Management Architecture (IMA) server to server communications. This port only needs to be open on a firewall if you will be communicating from server to server across a WAN. In this case you would secure the traffic with a point to point VPN or equivalent WAN security mechanism.

TCP 2513

Management Console for MetaFrame XP communication to the IMA Data Store. It is recommended to publish the Management Console in a MetaFrame XP session if you will be crossing into unsecured wires.

For more information regarding commonly used TCP/IP ports numbers, please refer to the following support articles.

Windows NT, Terminal Server, and Microsoft Exchange Services Use TCP/IP Ports: (Q150543) http://support.microsoft.com/default.aspx?scid=kb;en-us;150543

Information About TCP/IP Port Assignments (Q174904) http://support.microsoft.com/default.aspx?scid=kb;en-us;174904

TCP Ports and Microsoft Exchange: In-depth Discussion (Q176466) http://support.microsoft.com/default.aspx?scid=kb;EN-US;176466


DABCC Site Map | Legal Notice | Privacy Statement | All Rights Reserved for DABCC, Inc.