This may help on a high level - http://support.citrix.com/article/CTX101997
In summary, the STA needs IIS to run. There should be a ctxsta.dll in the /scripts directory on the IIS box if it's installed (according to the article) It doesn't have to be in the dmz and can be on a metaframe server. Don K ________________________________ From: Richard McClary <[email protected]> To: NT System Admin Issues <[email protected]> Sent: Tuesday, February 21, 2012 2:39 PM Subject: Dumb Citrix security question - #1 Greetings! For PCI Complaince, I am needing to configure an up-and-running Citrix server through Citrix Secure Gateway. The server is Windows 2003 Server, SP2. The Citrix installation is old – 2007, “Presentation Server”, 4.5. Farm (and the entire Citrix environment) exists on only that one box. I have the software installation for Secure Gateway on a separate machine, which can be moved into our DMZ once I get things figured out... So, Dumb Question #1: I keep seeing references to the Secure Ticket Authority (STA), requesting both the FQDN and the path. Looking at the Presentation Server, I see nothing resembling this. Is it possible that our Citrix server has been up and running these 5 years without STA having been installed? Some documentation says the STA and the presentation server can be on the same machine beginning with 4.5. Still… (If in fact STA is on that server, where would I find the path to it?) Thanks! -- Richard D. McClary Jr Infrastructure Architect, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 [email protected] P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
