Install, set up, upgrade, and uninstall
Warning
The StoreFront management console does not open after an upgrade to StoreFront 3.12.1000 (XenApp and XenDesktop 7.15 LTSR CU1) from StoreFront 3.12 (XenApp and XenDesktop 7.15 LTSR), or after an install of StoreFront 3.12.1000. The StoreFront management console displays the error “MMC could not create the snap-in. The snap-in might not have been installed correctly.” To work around this issue, follow the steps described in CTX233206.
Before installing and configuring
To install and configure StoreFront, complete the following steps in order:
-
If you plan to use StoreFront to deliver XenDesktop and XenApp resources to users, ensure that the StoreFront server is joined to either the Microsoft Active Directory domain containing your users’ accounts or a domain that has a trust relationship with the user accounts domain.
Important:
- For single server deployments you can install StoreFront on a non-domain-joined server.
- StoreFront cannot be installed on a domain controller.
-
If not already present, StoreFront requires Microsoft .NET 4.5 Framework, which can be downloaded from Microsoft. You must have Microsoft .NET 4.5 installed before you can install StoreFront.
-
Optionally, if you plan to configure a multiple server StoreFront deployment, set up a load balancing environment for your StoreFront servers.
To use NetScaler for load balancing, you define a virtual server to proxy your StoreFront servers. For more information on configuring NetScaler for load balancing, see Load balancing with NetScaler.
-
Ensure that load balancing is enabled on your NetScaler appliance.
-
For each StoreFront server, create individual HTTP or TLS load balancing services, as appropriate, using the StoreFront monitor type.
-
Configure the services to insert the client IP address into the X-Forwarded-For HTTP header of requests forwarded to StoreFront, overriding any global policies.
StoreFront requires users’ IP addresses to establish connections to their resources.
-
Create a virtual server and bind the services to the virtual server.
-
On the virtual server, configure persistence using the cookie insert method if you have the latest Citrix Receivers installed on all platforms and you have no need to support Android; otherwise, configure persistence on the basis of source IP address. Ensure the Time To Live (TTL) is sufficient to enable users to stay logged on to the server as long as required.
Persistence ensures that only the initial user connection is load balanced, after which subsequent requests from that user are directed to the same StoreFront server.
-
-
Optionally, enable the following features.
- .NET Framework 4.5 Features > .NET Framework 4.5, ASP.NET 4.5
Optionally, enable the following roles and their dependencies on the StoreFront server.
-
Web Server (IIS) > Web Server > Common HTTP Features > Default Document, HTTP Errors, Static Content, HTTP Redirection
-
Web Server (IIS) > Web Server > Health and Diagnostics > HTTP Logging
-
Web Server (IIS) > Web Server > Security > Request Filtering, Windows Authentication
-
On Windows Server 2012 servers:
Web Server (IIS) > Web Server > Application Development > .NET Extensibility 4.5, Application Initialization, ASP.NET 4.5, ISAPI Extensions, ISAPI Filters
On Windows Server 2008 R2 servers:
Web Server (IIS) > Web Server > Application Development > .NET Extensibility, Application Initialization, ASP.NET, ISAPI Extensions, ISAPI Filters
-
Web Server (IIS) > Management Tools > IIS Management Console, IIS Management Scripts and Tools
The StoreFront installer checks that all the features and server roles above are enabled.
-
If you intend the server to be part of a server group, both the StoreFront installation location and IIS website settings, physical path and site IDs must be consistent across them.
-
Optionally, configure Microsoft Internet Information Services (IIS) for HTTPS if you plan to use HTTPS to secure communications between StoreFront and users’ devices.
HTTPS is required for smart card authentication. By default, Citrix Receiver requires HTTPS connections to stores. You can change from HTTP to HTTPS at any time after installing StoreFront, provided the appropriate IIS configuration is in place.
To configure IIS for HTTPS, use the Internet Information Services (IIS) Manager console on the StoreFront server to create a server certificate signed by your domain certification authority. Then, add HTTPS binding to the default website. For more information about creating a server certificate in IIS, see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831637(v=ws.11). For more information about adding HTTPS binding to an IIS site, see https://docs.microsoft.com/en-us/previous-versions/orphan-topics/ws.11/hh831632(v=ws.11).
-
Ensure your firewalls and other network devices permit access to TCP port 80 or 443, as appropriate, from both inside and outside the corporate network. In addition, ensure that any firewalls or other devices on your internal network do not block traffic to any of the unassigned TCP ports.
When you install StoreFront, a Windows Firewall rule is configured enabling access to the StoreFront executable through a TCP port randomly selected from all unreserved ports. This port is used for communications between the StoreFront servers in a server group.
-
If you plan to use multiple Internet Information Services (IIS) websites, after creating the websites in IIS, use the PowerShell SDK to create a StoreFront deployment in each of those IIS websites. For more information, see Multiple Internet Information Services (IIS) websites.
Note: StoreFront disables the management console when it detects multiple sites and displays a message to that effect. -
Use the Citrix StoreFront management console to configure your server.
Install StoreFront
Important
To avoid potential errors and data loss when installing StoreFront, ensure all applications are closed and no other tasks or operations are running on the target system.
From StoreFront 3.12.6000 onwards, to install StoreFront in a custom location for the first time, you must install from the command prompt using the -INSTALLDIR argument to specify the location. See To install StoreFront at a command prompt.
-
Download the installer from the download page.
-
Log on to the StoreFront server using an account with local administrator permissions.
-
Ensure that the required Microsoft .NET 4.5 Framework is installed on the server.
-
Browse the download package, locate CitrixStoreFront-x64.exe, and run the file as an administrator.
Note: On Windows Server 2008 R2 servers, a message may be displayed indicating that the .NET feature will be enabled. If this message appears, click Yes.
-
Read and accept the license agreement, and click Next.
-
If the Review prerequisites page appears, click Next.
-
On the Ready to install page, check the prerequisites and StoreFront components that are listed for installation and click Install.
Before the components are installed, the following roles are enabled if they are not already configured on the server.
-
Web Server (IIS) > Web Server > Common HTTP Features > Default Document, HTTP Errors, Static Content, HTTP Redirection
-
Web Server (IIS) > Web Server > Health and Diagnostics > HTTP Logging
-
Web Server (IIS) > Web Server > Security > Request Filtering, Windows Authentication
-
On Windows Server 2012 servers:
Web Server (IIS) > Web Server > Application Development > .NET Extensibility 4.5, Application Initialization, ASP.NET 4.5, ISAPI Extensions, ISAPI Filters
On Windows Server 2008 R2 servers:
Web Server (IIS) > Web Server > Application Development > .NET Extensibility, Application Initialization, ASP.NET, ISAPI Extensions, ISAPI Filters
-
Web Server (IIS) > Management Tools > IIS Management Console, IIS Management Scripts and Tools
The following features are also enabled if they are not already configured.
- .NET Framework 4.5 Features > .NET Framework 4.5, ASP.NET 4.5
-
-
When the installation is complete, click Finish. The Citrix StoreFront management console starts automatically. You can also open StoreFront from the Start screen.
Note:
From StoreFront 3.12.6000 onwards a restart is required after StoreFront installation.
-
In the Citrix Storefront management console, click Create a new deployment.
- Specify the URL of the StoreFront server in the Base URL box.
- On the Store Name page, specify a name for your store, and click Next.
-
On the Delivery Controllers page, list the infrastructure – the details of the XenApp or XenDesktop services - that is providing the resources you want to make available in the store. You can enter a “dummy” server here; however, no apps will display in the store.
-
Set the Transport type and the Port. You can specify HTTP and port 443 and click OK. Alternatively, copy settings from an existing Web Interface or StoreFront deployment.
-
On the Remote Access page, select None. If you are using NetScaler Gateway, select No VPN Tunnel and enter your gateway details.
-
On the Remote Access page, select Create. Once the store has been created, click Finish.
Your store is now available for users to access through the Citrix Receiver for Web site, which enables users to access their desktops and apps through a webpage.
The URL for users to access the Citrix Receiver for Web site for the new store is displayed. For example: example.net/Citrix/MarketingWeb/. Log on and you will access the new user interface in Citrix Receiver.
CEIP
If you participate in the Citrix Customer Experience Improvement Program (CEIP), anonymous statistics and usage information are sent to Citrix to improve the quality and performance of Citrix products.
By default, you are automatically enrolled in CEIP when you install StoreFront. The first upload of data occurs approximately seven days after you install StoreFront. You can change this default in a registry setting. If you change the registry setting before installing StoreFront, that value will be used. If you change the registry setting before upgrading StoreFront, that value will be used.
Warning
Editing the registry incorrectly can cause serious problems that may require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.
Registry setting that controls automatic upload of analytics (default = 1):
Location: HKLM:\Software\Citrix\Telemetry\CEIP
Name: Enabled
Type: REG_DWORD
Value: 0 = disabled, 1 = enabled
By default, the “Enabled” property is hidden in the registry. When it remains unspecified, the automatic upload feature is enabled.
Using PowerShell, the following cmdlet disables enrollment in CEIP:
New-ItemProperty -Path HKLM:\SOFTWARE\Citrix\Telemetry\CEIP -Name Enabled -PropertyType DWORD -Value 0
Note: The registry setting controls the automatic upload of anonymous statistics and usage information for all components on the same server. For example, if you have installed StoreFront on the same server as the Delivery Controller and decide to opt out of CEIP using the registry setting, the opt out will apply to both components.
CEIP data collected from StoreFront
The following table gives examples of the type of anonymous information collected. The data does not contain any details that identify you as a customer.
Data | Description |
---|---|
StoreFront version | String denoting the installed version of Storefront. For example, “3.8.0.0” |
Stores count | A counter for the number of Stores in the deployment. |
Server Count in server group | A counter for the number of Servers in the Server group. |
Delivery Controller Count per store | List of numeric values indicating the number of Delivery Controllers available for each Store in the Deployment. |
HTTPS enabled | String denoting whether https is enabled for the deployment. “True” or “False”. |
Classic experience enabled for Citrix Receiver | List of Booleans denoting whether “Classic Experience” is enabled for each Web Receiver. TRUE or FALSE for each Web Receiver. |
HTML5 setting for Citrix Receiver | List of Strings denoting the HTML5 Receiver setting for each Web Receiver. “Always”,”Fallback”,”Off” for each Web Receiver. |
Workspace control enabled for Citrix Receiver | List of Booleans denoting whether “Workspace Control” is enabled for each Web Receiver. TRUE or FALSE for each Web Receiver. |
Remote Access enabled for store | List of Strings denoting whether “Remote Access” is enabled for each Store in the Deployment. “ENABLED” or “DISABLED” for each store. |
Gateways count | A counter for the number of NetScaler Gateways configured in the deployment. |
To install StoreFront at a command prompt
-
Log on to the StoreFront server using an account with local administrator permissions.
-
Ensure that all of the requirements for installation of StoreFront are met before installing StoreFront. Refer to Before installing and configuring for details.
-
Browse your installation media or download package, locate CitrixStoreFront-x64.exe, and copy the file to a temporary location on the server.
-
At a command prompt, navigate to the folder containing the installation file and type the following command.
CitrixStoreFront-x64.exe [-silent] [-INSTALLDIR installationlocation] [-WINDOWS_CLIENT filelocation\filename.exe] [-MAC_CLIENT filelocation\filename.dmg] <!--NeedCopy-->
Use the -silent argument to perform a silent installation of StoreFront and all the prerequisites. By default, StoreFront is installed at C:\Program Files\Citrix\Receiver StoreFront\. However, you can specify a different installation location using the -INSTALLDIR argument, where installationlocation is the directory in which to install StoreFront. Note that if you intend the server to be part of a server group, both the StoreFront installation location and IIS website settings, physical path and site IDs must be consistent across them.
By default, if a Citrix Receiver for Web site cannot detect Citrix Receiver on a Windows or Mac OS X device, the user is prompted to download and install the appropriate Citrix Receiver for their platform from the Citrix website. You can modify this behavior so that users download the Citrix Receiver installation files from the StoreFront server instead. For more information, see Make Citrix Receiver installation files available on the server.
If you plan to make this configuration change, specify the -WINDOWS_CLIENT and -MAC_CLIENT arguments to copy Citrix Receiver for Windows and Citrix Receiver for Mac installation files, respectively, to the appropriate location in your StoreFront deployment. Replace filelocation with the directory containing the installation file that you want to copy and filename with the name of the Citrix Receiver installation file. Citrix Receiver for Windows and Citrix Receiver for Mac installation files are included on your StoreFront installation media or download package.
Upgrade StoreFront
To upgrade existing StoreFront 2.0 through 3.x deployments to this version of StoreFront, run the installation file for this version of StoreFront. Releases before StoreFront 2.0 cannot be upgraded directly. Instead, you must first upgrade StoreFront 1.2 to StoreFront 2.0 before upgrading to this StoreFront. Similarly, you cannot upgrade Storefront 1.1 to this StoreFront directly. You must upgrade Storefront 1.1 to StoreFront 1.2 and then again to StoreFront 2.0 before finally upgrading to this StoreFront.
Once the upgrade process is started, it cannot be rolled back. If the upgrade is interrupted or cannot be completed, the existing configuration is removed but StoreFront is not installed. Before starting to upgrade, you must disconnect users from the StoreFront deployment and prevent users from accessing the servers while the upgrade is in progress. This ensures that all StoreFront files are accessible by the installer during the upgrade. If any files cannot be accessed by the installer, they cannot be replaced and so the upgrade will fail, resulting in the removal of the existing StoreFront configuration. StoreFront does not support multiple server deployments containing different product versions, so all servers in a group must be updated to the upgraded version before granting access to the deployment. Concurrent upgrade is not supported for multiple server deployments, servers must be upgraded sequentially. Citrix recommends that you back up your data before upgrading.
Uninstalling StoreFront removes the authentication service, stores, users’ application subscriptions, Citrix Receiver for Web sites, Desktop Appliance sites, and XenApp Services URLs. This means that if you decide to uninstall StoreFront, you must manually recreate your services, stores, and sites when you reinstall StoreFront. Upgrading also enables you to preserve your StoreFront configuration and leaves users’ application subscription data intact so that users do not need to resubscribe to all of their applications.
Upgrading the operating system version on a server running StoreFront is not supported. Citrix recommends that you install StoreFront on a new installation of the operating system.
Important
Before you start the upgrade:
- Close all other applications on the StoreFront server.
- Close all command line and PowerShell windows.
- If you have made modifications to files in
C:\inetpub\wwwroot\Citrix\<StoreName>\App_Data
, such as default.ica and usernamepassword.tfrm, back them up for each store. After the upgrade you can restore them to reinstate your modifications.
**To upgrade existing StoreFront 2.0 through 3.x to this version of StoreFront **
- Disable access to the deployment through the load balancing environment. Disabling the load balancing URL prevents users from connecting to the deployment during the upgrade process.
- Back up all the servers in the server group.
- Remove one of the servers from the existing server group.
- Restart the server you removed.
Note that you can use a parallel load balancer to check the new server group as you build it. The variant that maximizes availability and further minimizes risk involves removing and upgrading only one server from the original server group. You can then build the new group out of new machines rather than machines taken out of the original server group. - Upgrade the server you removed using an admin account with no other installations running and a minimum of other applications.
- Check that the server you removed has upgraded successfully.
- Remove another one of the servers in the existing server group from the load balancer.
- Restart the server you removed for the same reasons noted in Step 1.
- Uninstall the currently installed version of StoreFront and install the new version of StoreFront.
- Join the newly installed server into a new server group consisting of all the upgraded servers and the freshly installed servers, and check they are functioning correctly.
- Repeat Steps 3-10 until the new server group has sufficient capacity to take over from the old server group, point the load balancer at the new server group, and check that it is functioning correctly.
- Repeat Steps 3-10 for the remaining servers, adding each one to the load balancer after each successful upgrade.
Note
- If you want to maximize availability, you can maintain access to the original server group during the upgrade process until the new server group becomes available. To do this;
- Skip Step 1.
- Modify Step 11 to include disabling access to the original server group using the load balancer. Export subscription data from the original server group and import it into the new server group. Enable access to the new server group using the load balancer.
This ensures that any subscription changes made by users after Step 3 and before Step 11 are available in the new server group.
- You can further maximize availability by removing only one server from the original server group and upgrading it, and then building the new server group using new servers rather than servers removed from the original server group. When the new server group is in production, you can retire the old servers.
- Upgrades from StoreFront 2.x to 3.x followed by a propagation to the server group might result in an entry for the pnaAuthenticationStartupModule being added to the authentication configuration file. Because entries can be added only to authentication services that have been enabled for PNA authentication services and PNA password change, the authentication service cannot start, as it’s missing the named start-up module. To work around this issue, remove the entry from the authentication configuration file. By default, the configuration file resides at C:\inetpub\wwwroot\Citrix\<Your_Auth_Service>\web.config.
- Save backups of the web.config file in a different location from the default IIS directory of the store. Do not save backups in, for example, C:\inetpub\wwwroot\citrix\<storename>. Saving backups in the same location as the default IIS directory of the store can interfere with the upgrade of StoreFront.
Configure StoreFront
Note:
During installation and upgrade, members of the local admin group are copied to an internal CitrixStoreFrontAdministrators group. This gives users who already belonged to the local admin group, when StoreFront was last installed or upgraded, the ability to use the StoreFront management console to configure StoreFront server groups and perform related propagation and replication tasks. If you later add users to the local admin group, you must manually copy them to the CitrixStoreFrontAdministrators group before they can use the StoreFront management console to configure StoreFront server groups and perform related propagation and replication tasks. If you add a currently logged in user to the CitrixStoreFrontAdministrators group, they need to log out and log in again to use the StoreFront management console.
When the Citrix StoreFront management console first starts, two options are available.
- Create a new deployment. Configure the first server in a new StoreFront deployment. Single-server deployments are ideal for evaluating StoreFront or for small production deployments. Once you have configured your first StoreFront server, you can add more servers to the group at any time to increase the capacity of your deployment.
- Join existing server group. Add another server to an existing StoreFront deployment. Select this option to rapidly increase the capacity of your StoreFront deployment. External load balancing is required for multiple server deployments. To add a new server, you will need access to an existing server in the deployment.
Uninstall StoreFront
In addition to the product itself, uninstalling StoreFront removes the authentication service, stores, Citrix Receiver for Web sites, Desktop Appliance sites, and XenApp Services URLs, and their associated configurations. The subscription store service containing users’ application subscription data is also deleted. In single-server deployments, this means that details of users’ application subscriptions are lost. However, in multiple server deployments these data are retained on other servers in the group. Prerequisites enabled by the StoreFront installer, such as the .NET Framework features and the Web Server (IIS) role services, are not removed from the server when StoreFront is uninstalled.
- Log on to the StoreFront server using an account with local administrator permissions.
- On the Windows Start screen or Apps screen, locate the Citrix StoreFront tile. Right-click the tile and click Uninstall.
- In the Programs and Features dialog box, select Citrix StoreFront and click Uninstall to remove all StoreFront components from the server.
- In the Uninstall Citrix StoreFront dialog box, click Yes. When the uninstallation is complete, click OK.