• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2486
  • Last Modified:

Smart Card Logon - An authentication error has occurred

Okay, heres the situation I need some guidance with. I replaced our Citrix servers with new servers and built the new Citrix set-up from scratch. I have 1 Web Interface 4.5, 1 Secure Gateway 3.1, and 1 Presentation Server 4.5.

It is setup for smart card logon, and if you go to the WI website from a domain computer at work, you get right in.

However, if you logon on from a domain computer at work with local credentials or a computer outside of the network you get the following error, An authentication error has occurred. Please contact your administrator. Log ID:.

The event log shows this error: "A logon attempt has been made by an authenticated user. If this problem persists, attempt a repair of the site using the Access Management Console

Explicit logon with username and PW works fine.

IIS is set to "Negotiate,NTLM"

What am I forgetting to set? Thanks for any help offered.
1 Solution
If this works for a user loged into a machine using a domain account and not using a local account then the implication is that CITRIX is doing pass-through authentication and grabbing the credentials of the logged in user.  Apparently you have access enabled for domain users.  The same would hold true for the machines outside of the network ... the user accounts that the users are logged in with will not be domain accounts.

I presume you are associating the smart card with a specific user ID.  It would seem to me that you want to detect the account that is connecting and if a domain account use those credentials and if not then you want to prompt for credentials.  Or you just ask for credentials ALL the time.
DanaWilliamsAuthor Commented:
The fix was in IIS on the Web Interface. Go to properties on the Web Sites folder, go to the Directory Security tab, under Secure communications, check Enable the Windows directory service mapper.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now