There is one issue around leveraging Azure SSO with Citrix Files, the issue is that you need to provide the domain to Citrix Files. After the domain is provided the machine can SSO into the account, however entering the domain is a manual step.
Providing the domain to Citrix Files automatically is trivial to do via GPO but slightly trickier via OMA-URI.
Step 1
Download and install latest version of Citrix Files (http://dl.sharefile.com/cfwin), the installer will also install Group Policy definitions into C:\Program Files\citrix\Citrix Files\PolicyDefinitions (ShareFile for Windows Help | ShareFile)
Step 2
We need to ingest the ADMX file (C:\Program Files\citrix\Citrix Files\PolicyDefinitions\sfwin.admx) into Intune
Field | Value |
---|---|
Name | Citrix Files ADMX Ingestion |
Description | Citrix Files ADMX Ingestion |
OMA-URI | ./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Citrix/Policy/CitrixFilesADMX |
Data type | String |
Value:
<policyDefinitions revision="1.0" schemaVersion="1.0" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<policyNamespaces>
<target prefix="sfwin" namespace="Citrix.CitrixFiles.Policies.SFWindows"/>
<using prefix="windows" namespace="Microsoft.Policies.Windows"/>
</policyNamespaces>
<supersededAdm fileName=""/>
<resources minRequiredRevision="1.0" fallbackCulture="en-us"/>
<categories>
<category name="CATEGORY_USER_SFWIN" displayName="$(string.CATEGORY_SFWIN_NAME)" explainText="$(string.CATEGORY_SFWIN_DESC)"/>
<category name="CATEGORY_MACHINE_SFWIN" displayName="$(string.CATEGORY_SFWIN_NAME)" explainText="$(string.CATEGORY_SFWIN_DESC)"/>
</categories>
<policies>
<policy name="POLICY_ACCOUNT" displayName="$(string.POLICY_ACCOUNT)" explainText="$(string.POLICY_ACCOUNT_HELP)" key="Software\Policies\Citrix\Citrix Files" class="User" presentation="$(presentation.POLICY_ACCOUNT)">
<parentCategory ref="CATEGORY_USER_SFWIN"/>
<supportedOn ref="windows:SUPPORTED_Windows7"/>
<elements>
<text id="TXT_ACCOUNT" valueName="Account" required="true"/>
</elements>
</policy>
</policies>
</policyDefinitions>
Step 3
Create a policy to set a Citrix Files domain
Field | Value |
---|---|
Name | Citrix Files Account Setup |
OMA-URI | ./User/Vendor/MSFT/Policy/Config/Citrix~Policy~CATEGORY_USER_SFWIN/POLICY_ACCOUNT |
Data type | String |
Value:
<Enabled/><data id="TXT_ACCOUNT" value="yourdomain.sharefile.com"/>
Step 4
Assign the policies to a user/group and Citrix Files should automatically sign in on first launch (provided that you have SSO setup)