Users unable to sign-in to Citrix web interface
We have an new MetaFrame installation with multiple Active Directory trusted domains. The domain where the Citrix install is located has a group with all the accounts from the other domains, and that is the Citrix access group. The problem where experiencing is that some of the users located in these other domains cannot login, and receive the following error message:
"The supplied credentials could not be validated. Either they are incorrect, or there is a problem with the authentication system. Try again, or contact your help desk or system administrator for help."
The logs on the server show the following:
===
Security:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 533
Date: 6/23/2008
Time: 3:11:48 PM
User: NT AUTHORITY\SYSTEM
Computer: VECTORABWCTX
Description:
Logon Failure:
Reason: User not allowed to logon at this computer
User Name: DELETED
Domain: DELETED
Logon Type: 2
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: VECTORABWCTX
Caller User Name: NETWORK SERVICE
Caller Domain: NT AUTHORITY
Caller Logon ID: (0x0,0x3E4)
Caller Process ID: 2348
Transited Services: -
Source Network Address: -
Source Port: -
Application Log:
Event Type: Error
Event Source: Web Interface at c:\inetpub\wwwroot\Citrix\
Event Category: None
Event ID: 0
Date: 6/23/2008
Time: 3:11:48 PM
User: N/A
Computer: VECTORABWCTX
Description:
All of the configured XML Services for farm "VECTORAGRESSO" failed to respond to this XML transaction. [Log ID: d69893f9]
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
AND
Event Type: Error
Event Source: Web Interface at c:\inetpub\wwwroot\Citrix\
Event Category: None
Event ID: 0
Date: 6/23/2008
Time: 3:11:48 PM
User: N/A
Computer: VECTORABWCTX
Description:
An error of type "IMA" with an Error ID of "0x80000001" was reported by the XML Service at address "http://VECTORAGRESSO:8080/scripts/wpnbr.dll [com.citrix.xml.NFuseProto
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
===
Now all the errors are recorded around the same time, so I believe there related. I've done some digging and figured out this all seems to be related to the citrix XML service.
"The supplied credentials could not be validated. Either they are incorrect, or there is a problem with the authentication system. Try again, or contact your help desk or system administrator for help."
The logs on the server show the following:
===
Security:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 533
Date: 6/23/2008
Time: 3:11:48 PM
User: NT AUTHORITY\SYSTEM
Computer: VECTORABWCTX
Description:
Logon Failure:
Reason: User not allowed to logon at this computer
User Name: DELETED
Domain: DELETED
Logon Type: 2
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: VECTORABWCTX
Caller User Name: NETWORK SERVICE
Caller Domain: NT AUTHORITY
Caller Logon ID: (0x0,0x3E4)
Caller Process ID: 2348
Transited Services: -
Source Network Address: -
Source Port: -
Application Log:
Event Type: Error
Event Source: Web Interface at c:\inetpub\wwwroot\Citrix\
Event Category: None
Event ID: 0
Date: 6/23/2008
Time: 3:11:48 PM
User: N/A
Computer: VECTORABWCTX
Description:
All of the configured XML Services for farm "VECTORAGRESSO" failed to respond to this XML transaction. [Log ID: d69893f9]
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
AND
Event Type: Error
Event Source: Web Interface at c:\inetpub\wwwroot\Citrix\
Event Category: None
Event ID: 0
Date: 6/23/2008
Time: 3:11:48 PM
User: N/A
Computer: VECTORABWCTX
Description:
An error of type "IMA" with an Error ID of "0x80000001" was reported by the XML Service at address "http://VECTORAGRESSO:8080/scripts/wpnbr.dll [com.citrix.xml.NFuseProto
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
===
Now all the errors are recorded around the same time, so I believe there related. I've done some digging and figured out this all seems to be related to the citrix XML service.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks.
The users have permissions to log on locally to serverm but still are unable to login. For now I'm having all users login to Citrix with accounts I've created in another domain.
The users have permissions to log on locally to serverm but still are unable to login. For now I'm having all users login to Citrix with accounts I've created in another domain.
Note that the "Log On Locally" permission has to be on all of the Web Interface server's XML sources, not just the Citrix server.
http://support.citrix.com/article/ctx107935
This may also help:
http://support.citrix.com/article/CTX107683
The login issue can be due to the user not having rights to the Presentation Server acting as the XML server configured in the farm settings.