Solved

Citrix single sign on / pass-thru authentication prompts for credentials

Posted on 2008-10-15
3
7,441 Views
Last Modified: 2008-10-21
I have a Windows XP SP2 client trying to connect to a published app on a Windows 2003 server running Citrix Metaframe XPe using the local user name and password with pass-thru authentication.  PASS-THRU AUTHENTICATION WORKS ON EVERY SINGLE COMPUTER EXCEPT THIS ONE.  I've checked the following:

* Ensured that ICA Settings/General tab, "Pass-Through Authentication" and "Use local credentials to log on" are both checked.

* Ensured that Properties/Logon Information tab, "local user" radio button is selected and that "Pass-through Authentication" is checked.

* Confirmed that there are no local policies blocking this feature.  Changed local policy object Local Computer Policy / Computer Configuration / Administrative Templates / Citrix Components / Presentation Server Client / User Authentication / Local user name and password from "Not Configured" to "Enabled" to lock in pass-through authentication, denying the user the ability to change this to user-specified credentials.

* In separate tests, added the following lines to the C:\Documents and Settings\%username%\Application Data\ICAClient\appsvr.ini file.

EnableSSOnThruCAFile=On  to the WFClient portion of appsrv.ini.    
SSOnUserSetting=On was already in there.

0
Comment
Question by:zaphod_beeblerox
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 2

Assisted Solution

by:Ron9909
Ron9909 earned 100 total points
ID: 22733965
Could you check the properties of the ICA connection through the Citrix Connection Configuration utility and make sure that the 'prompt for password' check box is cleared?  Inherit user config should be checked there also.

I know you said you've checked the policy, but can you also check under:
Computer Config > Administrative Templates > Windows Components > Terminal Services > Encryption and Security as there is a further option here for prompt user on connection.
0
 

Accepted Solution

by:
zaphod_beeblerox earned 0 total points
ID: 22736653
Thank you Ron9909, but that setting is already set to Not Configured.
Upon further investigation, I found that ssonsvr.exe was not running and was not starting.  

I eventually found that the Intel wireless software was causing the problem. I fixed it by changing the order of the items in the following registry keys:

HKLM\System\CurrentControlSet\Control\NetworkProvider\Order\ProviderOrder
and
HKLM\System\CurrentControlSet\Control\NetworkProvider\HWOrder\ProviderOrder

The setting had been:

RDPNP,LanmanWorkstation,WebClient,IntelNetProvCredMan,PnSson

and I changed it to:

RDPNP,LanmanWorkstation,WebClient,PnSson,IntelNetProvCredMan

After logging off and logging back on, ssonsvr.exe started successfully, and pass-thru worked!

It appears that you can also change the Provider Order by going into Network Connections. Select Advanced...Advanced settings, then Provider Order tab and move Citrix single sign on higher up.
0
 
LVL 1

Expert Comment

by:jcneil4
ID: 25026598
Thank you zaphod_beeblerox!!!  This has been plaguing me for a long time and i couldnt figure it out!  This worked like a charm ;-)
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Upgrade View 5.1.2 to Horizon 7 3 107
Doubt. 2 87
fans of one ProLiant randomly(?) speeding up to 100%!? 15 146
Run Server 2012 on PowerEdge 2950 13 27
The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring. SCOM monitors:   Windows or UNIX/LinuxNetwo…
Hyper-convergence systems have taken the IT world by storm and have quickly started to change our point of view of how the data center should and could be architected. In this article, I’ll explain the benefits of employing a hyper-converged system …
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…
The viewer will learn how to create two correlated normally distributed random variables in Excel, use a normal distribution to simulate the return on different levels of investment in each of the two funds over a period of ten years, and, create a …

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question