Citrix Receiver for Windows: Domain Pass-Through Authentication

by | Apr 24, 2017 | Infrastructure

Application virtualization is a common way for organizations to scale enterprise applications to multiple users. It allows employees to access applications from a wide variety of devices and it enables centralized management of workstation applications – particularly attractive in scenarios with a high percentage of remote or branch office workers. In some cases, application virtualization can offer performance benefits. While there are many solutions for application virtualization, Citrix XenApp tends to be the most common.

One of the important factors to success in any technology implementation is the ease of use for your end users. As it relates to application virtualization, you have a great deal of visibility to application performance and you have more control over the application resources. When it comes to accessing the application, most companies rely on Active Directory credentials for authentication. In some cases, users may be required to enter their Windows login credentials multiple times to access a Citrix application. The Citrix Receiver for Windows can help to streamline your users’ experience.

Improved User Experience

Upon logging into Windows, the Citrix Receiver application starts in the background. The Citrix Receiver Single Sign-On (SSO) process passes those same credentials to a Citrix Storefront. Based on the supplied credentials, the Citrix Storefront builds the icons of the published applications that the user has access to. When a user launches an application, the user will not be prompted to enter credentials again. They will not have to browse to a Storefront and sign in to get access to those applications (as long as the back-end farm is on the same or a trusted domain).

The Citrix Storefront can push icons to the locations listed below (the folder names can be easily configured with Group Policies).

  • Citrix Receiver (double-click the Citrix icon in the System Tray)
  • Desktop Folder
  • Start Menu folder

Configuration Details

The StoreFront URL that you connect to with the Receiver should be secured with an SSL certificate and all connections between the Receiver and Storefront should be HTTPS.

You can find more information online about the domain pass-through features at:

Please note: This feature is not a Single Sign-On product. If the application itself requires authentication, then the user may have to enter the credentials that are specific to that application.

Using the Citrix Receiver domain pass-through can make for a much easier, smoother, and friendlier experience, as users need access to published applications or desktops hosted on XenApp or XenDesktop farms.  If you would like assistance implementing this or other Windows features contact us at or 630.832.075.