- 知识库 - 文江博客 " />

Get started, install, and configure the License Server 编辑

Important:

  • We do not support running third party vendor daemons on the Citrix License Server, or the Citrix vendor daemon on third party license servers.

  • We recommend that you run the latest version of the License Server. We do not provide hotfixes for License Server components and don’t support older License Servers with newer products. The latest version of the License Server often contains resolutions to issues appearing in earlier versions. When you upgrade or install new Citrix products, upgrade the licensing components as well. New License Servers are backward compatible and support older products and license files. However, new products often require the newest License Server to check out licenses correctly. You can find the latest version from the Citrix Downloads site.

    To see the new features in this release, go to What’s new.

  • We don’t support installing the License Server from a UNC path (\\\server\share). Install the License Server from a local copy.

Step 1 Review your prerequisites

Ensure you review the system requirements before you install and configure your License Server.

Step 2 License your product

Licensing your product includes the following steps:

  1. Ensure that you have the latest License Server version.
  2. Verify the system requirements.
  3. Install licensing.
  4. Obtain license files from My Account or if you have a license code, use the Citrix Licensing Manager.
  5. Install your Citrix product (or, if already installed, restart the Citrix products for the new licenses to be recognized).
  6. Configure product-side licensing communication settings that were not set during the product installation, if applicable. This configuration includes setting the correct product-edition in the product. For more information, see Licensing elements and Services.

Ensure that the product-side edition setting correctly matches the licenses you have purchased. For example, if you purchased Premium edition licenses, ensure that the edition setting in the product indicates Premium and not Advanced.

For an overview of the licensing components and process, see Technical overview and Licensing elements.

Important:

The License Server does not require domain membership. You can install the License Server in a workgroup and still perform all licensing functions on behalf of Citrix products. To manage Citrix Licensing Manager users having Active Directory users or groups, the users must be part of a domain. Otherwise, use local Windows users and groups.

Step 3 Check your security and firewall

Security considerations

We recommend that you upgrade the License Server to the latest version when you upgrade or install new Citrix products. The new License Servers are backward compatible and support older products and license files. Each time a new License Server is released, it might contain better security features than in previous versions. We also recommend the following security considerations when you configure your environment.

  • Configure the License Server environment so that only authorized administrators on a trusted network can access the Citrix Licensing Manager. You achieve this outcome by using an appropriately configured network or host-based firewall.
  • When using the Citrix Licensing Manager, avoid visiting untrusted websites or clicking untrusted URLs.

Important:

Citrix License Server uses Microsoft Active Directory for authentication. Citrix strongly recommends that you implement good security practices in Microsoft Active Directory (like account lockout and password management) to securely deploy Citrix License Server. For more information, see the Account lockout threshold and Password must meet complexity requirements articles.

Firewall considerations

Determine if you require a firewall between the License Server and any product servers before installing licensing. Firewall considerations can impact where you install the License Server.

If you have hardware firewalls in your environment, you must create the necessary rules manually.

If there is a firewall between your product and the License Server, configure port numbers. This configuration process entails:

  • Determining which port numbers to change. You can change port numbers during the installation process or afterward.
  • Opening up the firewall ports. Open any ports on the firewall that you changed so that traffic can flow. Current releases configure the built-in firewall automatically.
  • Changing the product-side settings. Configure your Citrix product to use the same port numbers as in the Citrix Licensing Manager. If you do not change the port number referenced in the product, the product cannot contact the License Server. You can change the product-side settings during and after installation of the product. See your product documentation for information about these settings.

For more information about allowing registered URLs and ports through the firewall and a list of open URLs, see Register and remove registration with Citrix Cloud.

Step 4 Install licensing components, server, and certificate

Note:

During installation, localized characters in the installation path can cause the installation to fail. Accept the default installation path or type only ASCII alphabetic letter characters for the installation directory.

You can install licensing components on a separate, dedicated server or on a server they share with another application. Alternatively, you can use a web or application server. However, the locations mentioned later in this article are less resource intensive. If you are running fewer than 50 servers or 10,000 licenses, you can install the License Server on the same server as your product. To determine if relocation of the License Server to another system is necessary, monitor CPU and memory load (lmgrd.exe and CITRIX.exe).

Important:

Use the CitrixLicensing.exe file for all future installations, except for Active Directory deployments. In that case, use the .msi. Ensure that both .exe and .msi files are present for the installation.

Install the License Server and console using the graphical interface

  1. Download the License Server from Citrix downloads and start the License Server installer, CitrixLicensing.exe, as an administrator or a member of the administrators group.
  2. Follow the installer on the GUI to accept the destination folder. Licensing components are installed in C:\Program Files\Citrix\Licensing on a 32-bit computer and C:\Program Files (x86)\Citrix\Licensing on a 64-bit computer.
  3. On the Configure page, accept, or change the default port numbers used by licensing components. Choose whether to allow the installer to configure the Windows Firewall exception. If needed, you can change the port numbers after the installation. If you choose to finish the installation without configuring the License Server, restart the CitrixLicensing.exe installer. You can also use the License Server Configuration tool to configure the settings after the installation. Open the configuration tool from: C:\Program Files\Citrix\Licensing\LS\resource\Licensing.Configuration.Tool.exe.
    • License server port number is 27000
    • Vendor daemon port number is 7279
    • Citrix Web Services for Licensing port number is 8083
  4. The License Server adds the default administrator for the Citrix Licensing Manager based on how you are logged on. If you are in a domain, the License Server adds the installing user (domain\user) as a default License Server or a Citrix Licensing Manager administrator. If you are a local Windows user, the License Server adds the installing user (computer\user) as a default administrator account. The BUILTIN\administrator group, which allows any administrator to manage licensing, is added by default. You can remove BUILTIN\administrators to restrict licensing to specified users.
  5. Choose to start the Citrix Licensing Manager and whether to join the Citrix Customer Experience Improvement Program.

Install licensing using the Windows command line

Important:

The Citrix Service Provider program requires Customer Experience Improvement Program (CEIP) and Call Home. If you are a Citrix Service Provider, you cannot disable CEIP or Call Home. Citrix collects basic licensing data as necessary for its legitimate interests, including license compliance. For more information, see Citrix Licensing Compliance.

When using the CitrixLicensing.exe command to install licensing, set properties by adding Property=value on the command line anywhere except between an option and its argument.

Ensure that you run the command line with administrator privileges. To start the command prompt with elevated privileges, choose Start, right-click Command Prompt, and choose Run as administrator. The following sample command line installs licensing in silent mode. Add the properties you want to set. Type the command in one line without returns. The following example is in multiple lines because of space limitations.

CitrixLicensing.exe /quiet /l install.log INSTALLDIR=installdirectory WSLPORT=port_number LSPORT=port_number VDPORT=*port_number CEIPOPTIN=value

Where:

  • /quiet specifies a silent (quiet) installation.
  • /l specifies the log file location
  • INSTALLDIR is the location where the License Server executable is stored. Optional parameter. The default is c:\program files\citrix\licensing or c:\program files (x86)\citrix\licensing.
  • WSLPORT is the port number used for Citrix Web Services for Licensing. Optional parameter. The default is 8083.
  • LSPORT is the port number used for the License Server. Optional parameter. The default is 27000.
  • VDPORT is the port number used for the vendor daemon. Optional parameter. The default is 7279.
  • CEIPOPTIN specifies whether, or how, to opt in to the Citrix Customer Experience Improvement Program (CEIP) or Call Home. Optional parameter. The default is NONE.

    • DIAGNOSTIC - Call Home
    • ANONYMOUS - CEIP
    • NONE

You can change the CEIP and Call Home choice using the Citrix Licensing Manager.

Using the command line to install licensing for an Active Directory deployment

When using the msiexec command to install licensing, set properties by adding Property=”value” on the command line anywhere except between an option and its argument. Clustering is not supported in the .msi.

Note:

Ensure that you run the command line with administrator privileges. To start the command prompt with elevated privileges, choose Start, right-click Command Prompt, and choose Run as administrator.

The following sample command line installs licensing in silent mode and creates a log file to capture any information about this operation. Add the properties you want to set after the switches.

Type the command in one line without returns. The following example is in multiple lines because of space limitations.

msiexec /I ctx_licensing.msi /l*v install.log /qn INSTALLDIR=installdirectory LICSERVERPORT=port_number VENDORDAEMONPORT=port_number MNGMTCONSOLEWEBPORT=port_number WEBSERVICESLICENSINGPORT=port_number CEIPOPTIN=value

Where:

  • /l*v is the location of the setup log. Optional parameter.
  • /qn specifies a silent (quiet) installation.
  • INSTALLDIR is the location where the License Server executable is stored. Optional parameter. The default is c:\program files\citrix\licensing or c:\program files (x86)\citrix\licensing.
  • LICSERVERPORT is the port number used for the License Server. Optional parameter. The default is 27000.
  • VENDORDAEMONPORT is the port number used for the vendor daemon. Optional parameter. The default is 7279.
  • WEBSERVICESLICENSINGPORT is the port number used for the Citrix Web Services for Licensing. Optional parameter. The default is 8083.
  • CEIPOPTIN specifies whether, or how, to opt in to the Citrix Customer Experience Improvement Program (CEIP) or Call Home. Optional parameter. The default is NONE.

    • DIAGNOSTIC - Call Home
    • ANONYMOUS - CEIP
    • NONE

You can change the CEIP and Call Home choice using the Citrix Licensing Manager.

Using the command line to enable or disable the License Management Service

The License Management Service operates automatically within the License Server and allows for electronic reporting of basic licensing data. You can opt for manual reporting after installation by disabling License Management Service. For information on manual reporting, see Reporting options.

Syntax:

ctx_license_management_service.exe (-enable | -disable | -query)

Where:

  • -enable enables electronic reporting of basic licensing data. The first upload to Citrix occurs seven days after you install the License Server.
  • -disable disables electronic license reporting of basic licensing data. If you disable electronic license reporting, you agree to manual reporting.
  • -query displays the current configuration.

Manually install a certificate used by the Citrix Licensing Manager and Web Services for Licensing

Note:

Use this procedure if you don’t want to use the self-signed certificate that is generated during installation.

To install a certificate, there are three steps:

  1. Obtain a .pfx file, which contains the certificate and private key. You can use one of two methods to obtain the .pfx file.
  2. Extract the certificate and private key from the .pfx file.
  3. Install the certificate and private key on to the License Server.

How to obtain the .pfx file using a domain certificate - Method 1

Log on to a server in the domain, open the MMC, and follow these steps:

  1. Create a directory c:\ls_cert to hold the exported .pfx file.
  2. Add the Certificate snap-in by selecting File > Add/Remove Snap-in > Certificates > Computer account > Local computer.
  3. In the left pane under Certificates, right-click Personal and choose All Tasks > Request New Certificate, and then Next.
  4. In the Certificate Enrollment Policy wizard, choose Active Directory Enrollment Policy, and then Next. Select the check box next to Computer, and select Details to the right.
  5. Select Properties and on the General tab, type a friendly name and description.
  6. On the Subject tab, under Subject Type, choose Common name from the Type menu. Type a friendly name in the text box, choose Add, and then Apply.
  7. On the Extensions tab, choose Key usage from the menu. Add Digital signature and Key encipherment to the Selected options box.
  8. On the Extended Key Usage menu, add Server Authentication and Client Authentication to the Selected options box.
  9. On the Private Key tab and under the Key options menu, ensure that the Key size is 4096. Select the Key Exportable check box, and then Apply.
  10. On the Certification Authority tab, ensure that the CA check box is selected, and then OK > Enroll > Finish.
  11. In the Certificates console, select Personal > Certificates, choose the certificate you built. Select All Tasks > Export > Next, and select the Yes, Export the Private Key radio button, and then Next.
  12. Under Personal Information Exchange - PKCS #12(.PFX), select the check box to include all certificates, choose Next, create a password, and choose Next.
  13. Click Browse, navigate to C:\ls_cert and type server.PFX, and then follow the wizard to finish.

How to obtain the .pfx file sending a request to a certificate authority (CA) – Method 2

These steps might vary based on your Certificate Authority.

  1. Log on to the License Server, open the MMC, and follow these steps:

    1. Add the Certificate snap-in by selecting File > Add/Remove Snap-in > Certificates > Computer account > Local computer.
    2. In the left pane under Certificates, right-click Personal and choose All Tasks > Advance Operations > Create Custom Request, and then Next.
    3. In the Certificate Enrollment Policy wizard, choose Proceed without enrollment policy under Custom Request, and then Next.
    4. On the Custom request screen, choose (No template) CNG key from the menu and PKCS#10 for the Request format, and then Next.
    5. On the Certificate Information screen, choose Details and then Properties.
    6. On the General tab, type a friendly name and description.
    7. On the Subject tab, under Subject name, choose Common name, and type a value in the text box.
    8. On the Extensions tab, choose Key usage from the menu, add Digital signature and Key encipherment.
    9. On the Extensions tab, choose Extended Key usage from the menu, add Server Authentication and Client Authentication.
    10. On the Private Key tab, under Cryptographic Service Provider, choose RSA, Microsoft Software Key Storage Provider (the default). From the Key options menu, ensure that the key size is 4096, select the Key Exportable check box, and then Apply.
    11. Save the file to a .req file, submit the .req file to a Certificate Authority (CA), and save the .cer file.
  2. In the MMC, under Certificates, right-click Personal and choose All Tasks > Import. In the Import wizard, select the .cer file.
  3. Create a directory c:\ls_cert to hold the exported .pfx file.
  4. In the Certificates console, choose Personal > Certificates, and choose the certificate you imported. Select All Tasks > Export > Next, and select the Yes, Export the Private Key radio button and Next.
  5. Under Personal Information Exchange - PKCS #12(.PFX), select the check box to include all certificates, choose Next, create a password, and then choose Next.
  6. Choose Browse, navigate to C:\ls_cert and type server.PFX, and then follow the wizard to finish.

How to extract the certificate and private key

This step requires OpenSSL or another tool that allows you to extract the certificate and private key from a .pfx file. The version of OpenSSL shipped with the License Server does not support extracting certificates and private keys. For information about downloading OpenSSL, go to www.openssl.org. Citrix recommends installing OpenSSL on a separate workstation to perform these steps:

  1. Navigate to the <openssl directory>\bin folder.
  2. Run openssl pkcs12 -in C:\ls_cert\server.pfx -out server.crt -nokeys

    Note:

    The License Server uses only the .crt certificate format.

  3. Type the password created during the export process (password).
  4. Run openssl pkcs12 -in C:\ls_cert\server.pfx -out server.key -nocerts -nodes
  5. Type the password created during the export process (password).

How to install the .crt and .key files on the License Server

Windows - Web Services for Licensing:

  1. Stop the Citrix Web Services for Licensing service.
  2. Copy the server.crt and server.key created earlier in this procedure to c:\program files (x86)\citrix\licensing\WebServicesForLicensing\Apache\conf\.
  3. Start the Citrix Web Services for Licensing service.

Windows - License Administration Console:

Note:

  • License Administration Console was removed from Windows License Server v11.16.6.0 build 31000 and onwards. For more information, see What’s new.
  • License Server VPX still uses the License Administration Console.
  1. Stop the Citrix licensing service.
  2. Copy the server.crt and server.key created earlier in this procedure to c:\Program Files (x86)\Citrix\Licensing\LS\conf.
  3. Start the Citrix licensing service.

Step 5 Configure a proxy server

You can use a proxy with the Citrix Licensing Manager, CEIP, and Call Home. When you configure a proxy server, requests to download licenses and upload Call Home data are sent through a proxy server.

Important:

Citrix Licensing components requiring outward bound web communications can inherit network proxy settings using Windows automatic proxy detection. We do not support authenticated proxies. For more information about Windows automatic proxy detection, see WinHTTP AutoProxy Functions.

How to configure a proxy server manually

  1. Edit the SimpleLicenseServiceConfig.xml file, which is in the <Citrix Licensing>\WebServicesForLicensing directory.
  2. Add a line of xml to the file in the format <Proxy>proxy server name:port number</Proxy>

Important:

The .xml tags are case-sensitive.

    <Configurations>
      <EncoreConfiguration>
        <SamplingPeriod>15</SamplingPeriod>
        <RetentionTime>180</RetentionTime>
        <Enabled>true</Enabled>
      </EncoreConfiguration>
      <Proxy>10.211.55.5:808</Proxy>
    </Configurations>
<!--NeedCopy-->

Next steps

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:29 次

字数:30301

最后编辑:7 年前

编辑次数:0 次

更多

友情链接

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文