![]() If a client certificate for RTME authentication is found in the registry, RTCL skips to step 7. If that fails, RTCL will prompt the user for credentials. Note: Even if no stored credentials are available, RTCL will attempt the next step with built-in Windows authentication. (Optional) Lync writes the credentials and the client certificate to the credential store and the system registry using secure encryption for storing the password.Ĭitrix HDX RealTime Connector (RTCL) attempts to read the stored Lync credentials from its own location in the registry and from the Windows system. Lync captures the user credentials, authenticates with Web Services and retrieves a client certificate. The preceding diagram illustrates the following process: ![]() The following Sign-in Process Architecture outlines the process architecture and communication flows during the authentication and sign-in process between Lync, the HDX RealTime Connector for Lync, and the HDX RealTime Media Engine, when client certificate authentication was enabled by Lync administrators. Sign-On Process with Client Certificate Authentication In some cases this requires that the RTCL have access to the user’s username and password. To create this certificate, RTCL must itself authenticate with the Microsoft Lync Web Services using either: To enable client certificate authentication, RTCL must interact with the Web Services component of the Microsoft Lync Front end server to create a security certificate for the RTME to use in authentication with Lync. Kerberos authentication is supported for Windows endpoints (only).Authentication using NTLM or Kerberos are the fallback methods that are used by RTME when client certificate authentication is not enabled by Lync administrators.This type of authentication is also the only method supported for Office 365 Lync accounts. Authentication using a client certificate is the preferred method that mostly results in SSO experience without additional credential prompts to the user.RTME supports two authentication methods that might result in different user experience with authentication: The job of the RealTime Connector for Lync (RTCL) running in the Windows environment on XenApp/XenDesktop is to collect the user credentials and send them (encrypted) to the RTME. The important thing to note is that the HDX RealTime Media Engine (RTME) running on the end-user terminal device must successfully authenticate with the Lync Front End or Edge server in order to enable optimized calling. Note: This article does not apply to HDX RealTime Optimization Pack 2.x since in this second-generation architecture, authentication to the Skype for Business Server is handled exclusively by the Skype for Business client using the context of the user’s authentication to the Windows operating system on XenApp/XenDesktop. It describes the mechanism that is used to successfully authenticate with Microsoft Lync and the requirements that this places on the customer's configuration of Microsoft Lync. If everythng is working fine, then you can use it.This article contains information about the sign-on and authentication process for the Citrix HDX RealTime Optimization Pack 1.8 for Microsoft Lync / Skype for Business (in Lync UI mode). From here, you can enter test data and select Test verify the output of your endpoint. To test your endpoint, go to the Test tab.In the Deployment logs tab, you can find the detailed deployment logs of your real-time endpoint. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |