Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.
The SSL Server you have selected is not accepting connections
I have an issue where I am getting two error messages when trying to access a published application through a Citrix access gateway. The application is published through a website on the internet. I have been able to login to the site fine but when it comes to launching the application the citrix progress bar gets so far and displays either 'The SSL Server you have selected is not accepting connections' or 'There is no Citrix SSL server configured on the specified address'. To add some complication to the issue the users that are attempting to access this are on a domain and they are part of different user groups within AD. If the user is part of the administrator group they are able to access the application but if they are not then they get the above error.
Does anyone have an idea why this might be happening. It would appear that it is a permissions issue but I am not sure what permission would dictate this kind of access.
Does anyone have an idea why this might be happening. It would appear that it is a permissions issue but I am not sure what permission would dictate this kind of access.
Asked:
7-
6
2 Solutions
When I think more about it. Your users might not have permission on terminal services.
You might need to add that members/groups into the terminal Services Remote access group on the Citrix Server.
You might need to add that members/groups into the terminal Services Remote access group on the Citrix Server.
I have checked the Administrator account and that is not a member of that group, but I have tried it anyway and it is still failing.
Unfortunately I am not that up to date with Citrix. The information that I have managed to accumulate so far shows that the user is able to login to the site and they are able to downlaod the lauch.ica file ok and it executes alright but it stops about half way with either of the error messages above. I have done some digging and alot of cases have mentioned DNS or FQDN as a possible source of the problem. I believe that I can rule this out as it is working with domain admin account.
Do you have any other ideas as to why this might be occurring?
Unfortunately I am not that up to date with Citrix. The information that I have managed to accumulate so far shows that the user is able to login to the site and they are able to downlaod the lauch.ica file ok and it executes alright but it stops about half way with either of the error messages above. I have done some digging and alot of cases have mentioned DNS or FQDN as a possible source of the problem. I believe that I can rule this out as it is working with domain admin account.
Do you have any other ideas as to why this might be occurring?
If a user can successfully download an ICA file I wouldn't say it's a DNS issue.
I'm still in thoughts that you're having Terminal Services Connection Permission error.
You said:
If the user is part of the administrator group they are able to access the application but if they are not then they get the above error.
Go to Terminal Services in Control Panel on Citrix machine, click the RDP-Tcp connection and hit properties. Check the permissions there and paste your info here.
Also check the ICA-tcp connection permissions and paste that info here.
Regards,
Nik
I'm still in thoughts that you're having Terminal Services Connection Permission error.
You said:
If the user is part of the administrator group they are able to access the application but if they are not then they get the above error.
Go to Terminal Services in Control Panel on Citrix machine, click the RDP-Tcp connection and hit properties. Check the permissions there and paste your info here.
Also check the ICA-tcp connection permissions and paste that info here.
Regards,
Nik
I had not thought of that. You are opening my eyes to new things here
RDP-Tcp Permissions shows access for three user groups. Administrator, System and Users. The first two accounts have full access and the Users account has user and guest access. I have gone into the advanced settings and it shows that the Users account has the Query Information, Logon, Message and Connect access.
ICA-tcp Permissions show Adminstrators and System have full access. The User group has user access and Guest access. We also have other groups called Guest and Everyone that have only Guest access. I have checked the actual permission entries and Admin and System have full access, Users has Query, Logon, Message and connect access. The Guests and Everyone has only got Logon access.
I think that the problem that we are having is that the new user group that we have created has not been added to these permission lists. What are the bare minimum settings that would allow the user to launch the application?
P.S Thanks for all your help so far
RDP-Tcp Permissions shows access for three user groups. Administrator, System and Users. The first two accounts have full access and the Users account has user and guest access. I have gone into the advanced settings and it shows that the Users account has the Query Information, Logon, Message and Connect access.
ICA-tcp Permissions show Adminstrators and System have full access. The User group has user access and Guest access. We also have other groups called Guest and Everyone that have only Guest access. I have checked the actual permission entries and Admin and System have full access, Users has Query, Logon, Message and connect access. The Guests and Everyone has only got Logon access.
I think that the problem that we are having is that the new user group that we have created has not been added to these permission lists. What are the bare minimum settings that would allow the user to launch the application?
P.S Thanks for all your help so far
You can put that group into the local "Remote Desktop Users" Group on the Citrix machine to have easier administration.
Once you do that, add that local RDP group User and Guest Access to ICA-tcp and RDP-Tcp connection.
See if it works.
Regards,
Nik
Once you do that, add that local RDP group User and Guest Access to ICA-tcp and RDP-Tcp connection.
See if it works.
Regards,
Nik
I have made the changes that you suggest but we are still getting the error messages. I am kind of hpoing that you have some more ideas because we ran out sometime this morning.
If you can think of anything else that we can try then please let me know
If you can think of anything else that we can try then please let me know
This group has access to this application, right?
Then it has to be a terminal services permission issue.
Try to give that group more permissions, test it a bit with RDP group locally on Citrix Server.
I'll try to investigate more into this..
Then it has to be a terminal services permission issue.
Try to give that group more permissions, test it a bit with RDP group locally on Citrix Server.
I'll try to investigate more into this..
Try to give that group full permissions on ICA-tcp and RDP-Tcp connections in Terminal Services Manager so we can be sure it's not related to Terminal Services Permissions.
I have tried to access the site outside of Citrix and it works with a minimal access user account. I have then done what you suggested and I have given the user full access for both ICA-tcp and RDP-tcp, but it is still not allowing the user to connect through the ICA connection. I am not really sure what this means as I believe that I have proved that it is a Citrix issue but the ammendments that I have not made has not resolved the issue.
Do you have anymore suggestions
Do you have anymore suggestions
I have looked into this further and done some additonal testing and it wouldm appear that this has been caused by a Group Policy template. Then issue stems from a recent proxy change that we have implemented recently. The connection was attempting to access the site through our old proxy server. I have since changed the settings to direct the connection through the new proxy and all is now working ok.
Many thanks for your help in diagnosing the issue
Many thanks for your help in diagnosing the issue
Hello Martin,
I'm so sorry that I couldn't help you, but I'm glad you've found the solution by yourself. I couldn't find time to investigate your issue a bit more since I had problems with Citrix too for the last two days.
We're having issues with "Connection in progress..." box, where clients can't connect to Presentation Server.
Apparently there are kerberos tickets stuck on the server, since users are not logging off properly. I've found that info somewhere on the net.
Basically, if you restart Citrix farm once a week, there shouldn't be problems with that, but my servers failed to restart last Sunday and now problems emerged.
Will do a servers restart tonight when no one will be connected.
If you wan't we can stay in touch regarding Citrix issues since we're both Citrix admins.
Kind regards,
Nik
I'm so sorry that I couldn't help you, but I'm glad you've found the solution by yourself. I couldn't find time to investigate your issue a bit more since I had problems with Citrix too for the last two days.
We're having issues with "Connection in progress..." box, where clients can't connect to Presentation Server.
Apparently there are kerberos tickets stuck on the server, since users are not logging off properly. I've found that info somewhere on the net.
Basically, if you restart Citrix farm once a week, there shouldn't be problems with that, but my servers failed to restart last Sunday and now problems emerged.
Will do a servers restart tonight when no one will be connected.
If you wan't we can stay in touch regarding Citrix issues since we're both Citrix admins.
Kind regards,
Nik
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
Unfortunatelly we're not using Citrix over Access Gateway so Im not familiar with it although I am Citrix Administrator.
Have you checked this topic?
http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/Citrix/Q_22068583.html
Also, please check this articles:
http://support.citrix.com/article/CTX101716
http://forums.citrix.com/thread.jspa?messageID=707006
Anyway, if this sources don't help, I'll try to find the solution for this as I might need it for future reference too :)