Install Citrix Receiver 4.2 with SSON enabled and STORE0 configured:
In this example:
Users can’t add stores
Citrix DesktopViewer (toolbar) is NOT installed (removed: ADDLOCAL=DesktopViewer)
CitrixReceiver.exe /noreboot /silent /includeSSON ADDLOCAL=ReceiverInside,ICA_Client,SSON,AM,SELFSERVICE,USB,Flash,Vd3d ALLOWADDSTORE=N ENABLE_SSON=Yes STORE0=”STORE_NAME;https://storefront.domain.local/Citrix/Store/discovery;on;STORE_DESCRIPTION“
If HTTP is used instead of HTTPS and you get the following error: Citrix Receiver Error: Your apps are not available at this time … Cannot contact <Storefront store name>
Add Connection Security Mode, HTTP instead of HTTPS:
reg.exe add “HKLM\SOFTWARE\Citrix\AuthManager” /v ConnectionSecurityMode /t REG_SZ /d “Any” /f
Install Citrix Desktop Lock:
msiexec /i “CitrixReceiverDesktopLock.msi” /qn /norestart
Add Citrix StoreFront URL to ‘Trusted Sites’
User Configuration/Policies/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page
Add StoreFront URL to “Site to Zone assignment list” (zone 2)
In IE, change ‘custom level’ of ‘Trusted Sites’, scroll down to ‘User Authentication’, select:
Automatic log-on with current username and password
Or set via GPO: User Confiugration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone/
Configure ‘Logon Options’ to ‘Automatic log-on with current username and password’
Add icaclient.adm to a GPO (or local policy)
Computer Confiugration/Policies/Administrative Templates/Citrix Components/Citrix Receiver/User authentication
Enable Local user name and password (User authentication)
Enable pass-through authentication
Allow pass-through authentication for all ICA connections