Smart Card Logon - An authentication error has occurred

Okay, heres the situation I need some guidance with. I replaced our Citrix servers with new servers and built the new Citrix set-up from scratch. I have 1 Web Interface 4.5, 1 Secure Gateway 3.1, and 1 Presentation Server 4.5.

It is setup for smart card logon, and if you go to the WI website from a domain computer at work, you get right in.

However, if you logon on from a domain computer at work with local credentials or a computer outside of the network you get the following error, An authentication error has occurred. Please contact your administrator. Log ID:.

The event log shows this error: "A logon attempt has been made by an authenticated user. If this problem persists, attempt a repair of the site using the Access Management Console

Explicit logon with username and PW works fine.

IIS is set to "Negotiate,NTLM"

What am I forgetting to set? Thanks for any help offered.
Who is Participating?
DanaWilliamsConnect With a Mentor Author Commented:
The fix was in IIS on the Web Interface. Go to properties on the Web Sites folder, go to the Directory Security tab, under Secure communications, check Enable the Windows directory service mapper.

If this works for a user loged into a machine using a domain account and not using a local account then the implication is that CITRIX is doing pass-through authentication and grabbing the credentials of the logged in user.  Apparently you have access enabled for domain users.  The same would hold true for the machines outside of the network ... the user accounts that the users are logged in with will not be domain accounts.

I presume you are associating the smart card with a specific user ID.  It would seem to me that you want to detect the account that is connecting and if a domain account use those credentials and if not then you want to prompt for credentials.  Or you just ask for credentials ALL the time.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.