| It might be desirable to customize the default Web Interface web site to allow additional functionality to achieve greater security, better performance to obtain the vision of the deployment. The following are just a few modifications to the default Web Interface site. Do note that these sites are unsupported so be careful and I recommend making backup copies of any files you modify or replace. The following is an example of a custom Web Interface 2.1 login page. 
Note: The following customizations can be found in the WI Add-Ons folder of the extracted MIAB3.0.ZIP.
NFuse 1.61, 1.71 and Web Interface 2.1 has the ability to be branded with custom text and graphics to customize the out of the box web site. The following sections describe how to make for settle changes that will gave far in creating a better, much richer end-user experience. The following is an example of a custom Web Interface 2.1 application list page. 
The ability to customize the text found on the Web Interface web pages are configured through a single file, the NFUSE.TXT file located in the default NFuse directory. (C:\program files\Citrix\NFuse\) In order to change the verbiage of the Web Interface screens all you need to do is change the text behind certain sections. i.e., LoginTitle, Welcome, PleaseLogin. After making changes to the nfuse.txt file you will need to restart the IIS services. 1. Click Start click Run type: iisreset and click OK. 2. Verify that all the nesacary services started. IMPORTANT! Be VERY careful when editing this file. For disaster recovery purposes, make a copy of the NFuse.txt file before editing. The following is the default nfuse.txt file. 
Customizing graphics is a little harder than text as you really dont have a lot to work worth unless you customize the .asp code or VBS code of the default Web Interface web site, however we do have a one option. In the \Inetpub\wwwroot\Citrix\MetaFrameXP\site\media folder found under your web root of the Web Interface web server, you will find all the graphics found on the default site. The two key files are as follows: citrix.jpg This graphic is the Citrix logo found on the button right hand side of the default web site. 
nfusehead.jpg This graphic is the Web Interface 2.1 banner found over the login box and list of enumerated applications. 
Important! Be very care when editing the above graphics or any graphic found in the media folder. If you change the size of it might adversely affect the Web Interface web site. You will want to make a backup copy of any file you will edit for disaster recovery purposes. 1. In order to change the graphics on the default Web Interface web site just edit the graphic file located in the \Inetpub\wwwroot\Citrix\MetaFrameXP\site\media folder found under your web root of the Web Interface with you favorite graphic editor. Be very careful not to change the size of the graphic. 
2. Click Start click Run type: iisreset and click OK. 3. Verify all necasary secives started sucessfully.
ConnSpeed 2.0 gives you the ability to tune ICA for three types of connections associated with variable types of bandwidth and latency. In version 2.02, Ive made a few additions / corrections to the Low template.ica file. 
The connection speed settings are as follows: 1. High Fully Functional 2. Medium - No audio or client printing and the session is limited to 256 colors 3. Low - No Audio or client printing, COM port redirection and the session is limited to 256 colors. The following defines how to install ConSpeed 2.02. 1. Copy template_low.ica, template_med.ica, and template_high.ica to web interface installation directory. The default location is C:\Program Files\Citrix\NFuse. 2. Copy the CHTMLLogin.vbs, CLogin.vbs, and launch.vbs files to the serverscripts directory of the web interface web site. The default location is: c:\inetpub\wwwroot\Citrix\MetaFrameXP\site\include\serverscripts. Note: You should back up the original copies of these files prior to replacing them with the customized files. 3. Edit the NFuse.txt file under web interface installation directory. Add a line to the bottom of this file as follows: ConnSpeed=Connection Speed The parameter ConnSpeed is used to retrieve the corresponding string to describe the connection speed drop down box. 4. Restart the World Wide Web Service. Notes: To see where customizations have been made search on "Citrix Consulting." To change the text in the Connection Speed drop down box open CHTMLLogin.vbs and edit the text between the option tags for the <select> named "ConnSpeed." The Java Client Fall Back scripts allow you to configured WI to automatically use the Java client if the user does not have an ICA client already installed. This prevents the users from getting that annoying message for an application to open the .ica file with. This allows the user to still install the native client and use that one, but if they forget or don't have access to it they will fall back to the Java client." Installation: Unzip and copy the two files into the Web Interface's \include\serverscripts directory and restart the IIS service. The following defines how to modify Web Interface to display a Java pop-up note to notify them the Java client is being downloaded to their machine and that it could take a few seconds. Add the following lines in the HTML Head of the file appembed.asp (The default location is \wwwroot\Citrix\MetaFrameXP\site). .<SCRIPT LANGUAGE="JAVASCRIPT"> <!-- display message for impatient users alert ("You are now downloading the Java Archives necessary\n" + "to run the zero-footprint ICA Client. The files are approx. 700K in size,\n" + "and may therefore take some time to download, especially over a dial-up modem."); // --> </SCRIPT>
14. 4. 6 How to Hide Publish Applications Folders from Being Displayed in the App List The following defines how to edit Web Interface to hide a folder from being displayed in a Web Interface application list. This modification requires additional files that can be found in \Utilities\WI Add-Ins\HiddenFolders.zip of the extracted MIAB3.0.ZIP file. The package consists of the following files: The readme HiddenFolders.asp (the main code) HiddenFolders.txt (the list of folders to hide) Modified applist.inc Modified applinks.inc The following defines how to add the modification to a Web Interface web site. 1. Place the file HiddenFolders.txt in the following directory: C:\Inetpub\wwwroot\Citrix\MetaFrameXP\site 2. In C:\Inetpub\wwwroot\Citrix\MetaFrameXP\site\include, back up the files: applist.inc and applinks.inc then place the enclosed applist.inc, applinks.inc, and HiddenFolders.asp into the include directory. 3. Add the following line to your NFuse.txt file (C:\Program Files\Citrix\NFuse\NFuse.txt): HiddenFolders=HiddenFolders.txt 4. Click Start click Run and type IISRESET and click OK. .
The following defines how to edit Web Interface to only allow authorized users access to Web Interface This modification requires additional files that can be found in \Utilities\WI Add-Ins\AuthorizedUsers.zip of the extracted MIAB3.0.ZIP file. 1. Place the file AuthorizedUsers.txt in the directory: \Citrix\MetaFrameXP\site
2. Add the file AuthorizedUsers.asp to \Citrix\MetaFrameXP\site\include\ServerScripts Directory.
3. In \Citrix\MetaFrameXP\site\include\ServerScripts, back up the file CLogin.vbs, and replace with the one attached. If you'd rather not just copy the entire file, you can just modify (after backing up) your version of CLogin.vbs by adding the INCLUDE on the first line, and adding the block of 4 lines of code beginning at line 342 dated 08-06-2003.
4. Add the following 2 lines to your NFuse.txt file
AuthorizedUsers = AuthorizedUsers.txt
NotAuthorized = You are not authorized to use
this application. Please see your
system administrator.
The first line is the file which contains the list of your
authorized users. The second line contains the message that an unauthorized user would receive
(feel free to modify it).
5. Click Start click Run and type IISRESET and click OK.
14. 4. 8 How to Bypass SecureID for internal User The following defines how to modify a Web Interface 2.1 site to allow a specific IP range (internal users) to bypass SecureID authentication. 1. Add the routine to determine whether your user is internal or not and placed it in serverscripts\include.vbs.
Function isInternalUser
' Get the Client IP from the ServerVariable.
Dim ipaddress
ipaddress=request.servervariables("REMOTE_ADDR")
' Check if its a internal User (192.168. /Proxy)
Dim isInternalUser
if ipaddress = "Single_Proxy_IP"
OR InStr(ipaddress,"192.168.") > 0 then
' Its a internal or the Proxy IP
isInternalUser = TRUE
else
' Its a external IP
isInternalUser = False
end if
End Function
2. At the top of the routine Login, in CHTMLLogin.vbs add:
' If internal user, skip SecurID passcode display
Dim skipSecurID
if isInternalUser then
skipSecurID = True
else
skipSecurID = False
end if
3. Later, in the same routine, when the code checks whether it should ask for the SecurID Passcode, change:
If page.bSecurIdEnabled Then Call box("password", "Passcode", "passcode", 32)
to:
If page.bSecurIdEnabled And (SkipSecurID = False) Then Call box("password", "Passcode", "passcode", 32)
4. Finally, in routine authenticate, in CExplicitAuthentication.vbs, you don't want to check SecurID if an internal user, so right before:
' Do SecurID check if necessary
If page.bSecurIdEnabled And Not skipSecurId Then
add:
' for internal users don't use RSA SecurID
if isInternalUser then skipSecurID = True
|