You can provide Workspace ONE users access to Citrix-published resources by integrating your Citrix deployment with Workspace ONE Access (formerly called VMware Identity Manager). Citrix-published resources include applications and desktops within Citrix XenApp and XenDesktop server farms. Desktops are also referred to as Citrix-published delivery groups.
You manage Citrix-published applications and desktops in the Citrix administrative interface. You also set user and group entitlements in the Citrix interface, not in the Workspace ONE Access service. You must sync these users and groups to the Workspace ONE Access service from Active Directory before integrating with the Citrix server farms.
To integrate Citrix server farms with Workspace ONE Access, you create one or more virtual app collections in the Workspace ONE Access console. The collections contain the configuration information for the server farms as well as sync settings.
You can set up a sync schedule for each collection to regularly sync resources and entitlements from the Citrix server farms to the Workspace ONE Access service.
After you integrate the Citrix server farms, you can view the synced resources and entitlements in the Workspace ONE Access console. You can also edit ICA session settings, such as the settings that control resolution or compression. You can configure the settings globally for all the Citrix resources in the Workspace ONE Access catalog, or for individual Citrix resources.
End users can launch Citrix-published applications and desktops from the Intelligent Hub app or portal. They install Citrix Receiver on their systems and devices to access the resources to which they are entitled.
- Workspace ONE Access supports Citrix XenApp 6.0 and 6.5, XenApp and XenDesktop 7.x, and Citrix Virtual Apps and Desktops 7 1808 and 1912.
Note: XenApp 5.x is no longer supported.
- Workspace ONE Access supports Citrix StoreFront API 2.6 and later.
- Supported operating systems for the Integration Broker, the Workspace ONE Access component that communicates with the Citrix server farm, are Windows Server 2012 R2 and Windows Server 2016.
- Integration Broker version requirements:
Workspace ONE Access (VMware Identity Manager) Service or Connector Version Integration Broker Version Supported Workspace ONE Access Cloud service 19.03.0.1 Workspace ONE Access 20.10 19.03.0.1 VMware Identity Manager Connector 19.03.0.1 19.03.0.1 Workspace ONE Access 20.01 19.03 VMware Identity Manager 19.03 19.03 VMware Identity Manager Connector 19.03 19.03
Supported Authentication Methods
- Smart Card
- HTML 5
- 2 factor authentication
- SAML authentication (Citrix FAS)
Workspace ONE Access supports the following XenApp and XenDesktop features.
- Application and desktop launch with Citrix StoreFront API 2.6 and later
- Application group functionality
Workspace ONE Access supports the application group feature introduced in XenApp and XenDesktop 7.9. Application groups are a logical grouping of applications and desktops, and entitlements can be provided at the application group level.
- External launch with NetScaler
- Disabling applications on the XenApp and XenDesktop server
If the administrator disables an application on the XenApp or XenDesktop server, the application is hidden in Workspace ONE Access.
- Limiting visibility for an application
This feature sets the visibility for an application. Workspace ONE Access honors the entitlements set at the application level.
- Showing an application to the entire delivery group
In XenApp and XenDesktop, visibility for an application can be set to Show this application to entire delivery group. The application inherits the entitlements from the delivery group.
- Entitlements at the desktop level
Workspace ONE Access honors entitlements for desktops that are set at the desktop level.
- Static desktop sync and launch
Static desktops configured in XenApp and XenDesktop can be synced and launched from Workspace ONE Access.