An article by Vindhya Gajanan from Citrix Blogs
Anonymous (unauthenticated) user session support
A new feature of XenDesktop 7.6.
Instead of requiring users to log into Citrix Receiver with Active Directory user credentials, a combination of network security and authentication within the application itself is relied upon.
Anonymous Session Support -refers to running sessions as a set of pooled, local user accounts.
1. This feature is popular in XenApp in the healthcare industry, since their applications typically have server back-ends with their own logons, separate from users’ AD accounts. Thus, the Windows account running the client application is irrelevant.
2, Anonymous Session support consists of a pool of local user accounts that are managed by XenDesktop and typically named AnonXYZ, where XYZ is a unique 3-digit value.
More information on Anonymous Session Support feature is available here.
With anonymous sessions, the end user will not know the actual username.}
Each anonymous session is assigned a random name such as ANON001, ANON002, etc.,
1, Citrix Director helps administrators to view details of each session of XenApp via User Search. But here is the catch, how to view details of anonymous user session as they do not use Active Directory credentials for the session and the end user has no way to know what the username is?
2, The Helpdesk Admin needs a way to be able to search for the user’s specific anonymous session, return the Help Desk view and User Details views in order to follow their standard troubleshooting processes.
The new functionality introduced for Citrix Director 7.6
It can be leveraged to view details of anonymous user sessions. Typically, the end user will know the name of their endpoint as many times there is a sticker attached to the screen or device with the device (endpoint) name. When the end user calls into the help desk, they can now tell the Help Desk admin the endpoint name so the Help Desk administrator can start the troubleshooting process using Director.
1, Sessions running on a particular endpoint device can be viewed through Endpoint Search functionality.
2, Administrators can search for the client device and a list of all the sessions launched by that particular client are provided (as shown in the below screenshot), from which the administrator can choose the required session to view details of that session.
3, Searching for an endpoint can be expensive across a large number of sites.
In order to improve performance, we have provided the ability to “group” endpoints. This is accomplished via the Director Config Tool, which restricts the search within a defined group. How do you group endpoints? All you have to do is run the Director Config Tool, select /createsitegroups, provide the IP and a name and your done! Once the configuration is complete, the “Select a group” option will be available as part of the search view.
Note: Endpoint Search results include all clients from which a session is launched irrespective of whether the session is an anonymous user session or not.
If Director is monitoring multiple sites, the landing page after login will have search option for endpoint.
Within another view of Director, administrators can search for endpoint sessions using the new Search button on the ribbon bar of Director: