Yeah, that's what I always do. I have two PNAngent (XenApp Services) sites. One for client machines and another for the XenApp desktops. This also gives you the ability to control the Desktop and Start Menu shortcuts differently in both environments. As per your other e-mail....once you log in to the XenApp server, your credentials are passed through to the Online Plugin. This is the single-sign on I was referring to. So at this point your domain membership issue is irrelevant. Cheers, Jeremy. From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jackson, Aaron Sent: Wednesday, 24 November 2010 6:25 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Online Plugin Question with Xenapp Desktops Hi Jeremy - I figured out what you are saying...... I needed to build another site with pass-through enabled and reference it for the online plugin on the xenapp server. thanks, -AJ office 919.493.4700 ext 2946 cell 919.257.8563 From: Jackson, Aaron Sent: Tuesday, November 23, 2010 2:40 PM To: thin@xxxxxxxxxxxxx Subject: RE: Online Plugin Question with Xenapp Desktops Hi Jeremy - forgive me I'm a citrix newbie.....from what I have read and played with I'm thinking that would only work if the client PC/user is part of the same domain, yes or no? In our case we have two distinct untrusted domains. We want the credentials that they enter on the Web Interface to be passed on to the online plugin on the XenApp server desktop. thanks, -AJ office 919.493.4700 ext 2946 cell 919.257.8563 From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeremy Saunders Sent: Tuesday, November 23, 2010 1:11 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Online Plugin Question with Xenapp Desktops Hi Aaron, It should be single sign-on if you've configured authentication methods to ONLY use pass-through on the PNAgent (XenApp Services) site of the Web Interface server. If it still prompts users, then this is usually related to IE security and proxy settings, as the online plugin will use the IE settings by default. There are a couple of different ways to address this... - The easiest by far is to set the Client-Side Proxy setting on the PNAgent (XenApp Services) site of the Web Interface server to none. This will be pushed down to the client, so traffic will go direct. - You could also ensure you are excluding the Web Interface server(s) in you proxy config. This does not work as expected if you are using a wpad.dat to auto configure the Proxy settings. Regardless of the proxy setting, you also need to add your Web Interface site as a Trusted Site. Cheers, Jeremy. From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jackson, Aaron Sent: Wednesday, 24 November 2010 1:19 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Online Plugin Question with Xenapp Desktops Hi - we are building out a new environment for a hosted client and they want to use hosted desktops. We normally we only provide clients with seamless apps so I'm not sure how to set this up. So far I have figured out how auto launch the desktop from the WI and we have cleaned up and locked down the start menu. We are using the plugin to populate the start menu with the apps that the users access too. My current obstacle is getting the online plugin not to prompt the end user for their credentials since they already entered them at the WI login screen. Do I need to setup Single Sign On or is there a GPO/Reg Key I can apply? Also am I on the right track or should I do this another way? Thank you, Aaron Jackson Sr. IT Systems Administrator TMW Managed Services TMW Systems Inc. Office: 919.493.4700 ext 2946 Cell 919.257.8563 Url: www.tmwsystems.com IT not aligning to your business needs? Let us help. http://www.tmwsystems.com/managed-services ________________________________ Confidentiality and Privilege Notice This document is intended solely for the named addressee. The information contained in the pages is confidential and contains legally privileged information. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply email. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you. ________________________________ ##################################################################################### Confidentiality and Privilege Notice This document is intended solely for the named addressee. The information contained in the pages is confidential and contains legally privileged information. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply email. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you. #####################################################################################