Problem with Authentication on Citrix Web Interface
Hello Experts!
I have a new installation of XenApp 6 Platinum.
I have installed/configured WI on a separate server running 2K8R2
I have installed/configured XA on a separate server running 2K8R2
no matter what I try, (even after installing, uninstalling, reinstalling, moving from one server to two servers isolating roles, etc.) I am unable to log into the Web Interface internally (I can't externally, either but that's an entirely seperate issue).
I keep getting the following errors:
using "Explicit": The system could not log you on. Ensure that you entered your details correctly and try again. If you are still unable to log on, contact your system administrator as your credentials may be invalid or there may be a problem with the authentication system.
Using "passthrough": Your credentials are invalid. Try again or contact your system administrator.
I believe I have AD prepped and to my knowledge, I have followed instructions to a "T"...I'm at a total loss at this point.
can somone please help me?
thanks in advance!
-Geoffrye
I have a new installation of XenApp 6 Platinum.
I have installed/configured WI on a separate server running 2K8R2
I have installed/configured XA on a separate server running 2K8R2
no matter what I try, (even after installing, uninstalling, reinstalling, moving from one server to two servers isolating roles, etc.) I am unable to log into the Web Interface internally (I can't externally, either but that's an entirely seperate issue).
I keep getting the following errors:
using "Explicit": The system could not log you on. Ensure that you entered your details correctly and try again. If you are still unable to log on, contact your system administrator as your credentials may be invalid or there may be a problem with the authentication system.
Using "passthrough": Your credentials are invalid. Try again or contact your system administrator.
I believe I have AD prepped and to my knowledge, I have followed instructions to a "T"...I'm at a total loss at this point.
can somone please help me?
thanks in advance!
-Geoffrye
amichaell
Did you enter one or more XML Brokers in your Web Interface configuration? Are you entering the domain along with username/password when using Explicit? Do you have Direct configured as your Access Method?
Did you install secure gateway?
or any other gateway?
Is there a firewall between the two servers?
Try to telnet from the WI server to the XA server on the xml port, do you succeed?
or any other gateway?
Is there a firewall between the two servers?
Try to telnet from the WI server to the XA server on the xml port, do you succeed?
ASKER
Hi There.
Direct IS my access method, I have tried with AND without using domain\username & password. Um what do you mean by XML brokers?
Direct IS my access method, I have tried with AND without using domain\username & password. Um what do you mean by XML brokers?
When you configured WI you should have added a Farm and one or more XenApp servers.
ASKER
@amichaell: I did create the farm and a server
What I mean to say is, when you added the Web Interface site did you add your XenApp server(s) to the site's configuration?
ASKER
the screencast attached shows both the VM running WI and the VM running XA (two seperate servers)
let me know if you see anything that looks wrong or should be addressed.
GigaBoyMBZ-404377.flv
let me know if you see anything that looks wrong or should be addressed.
GigaBoyMBZ-404377.flv
We need to see the authentication settings and secure access settings on the "XenApp Web Site" on the WI server.
ASKER
Ok...here is everything for both the XenApp Web Site and the XenAPp Service Site.
Please forgive me if I'm "missing" things or am not totally understanding something...this is all new for me :)
GigaBoyMBZ-404394.flv
Please forgive me if I'm "missing" things or am not totally understanding something...this is all new for me :)
GigaBoyMBZ-404394.flv
Try to allow any domain in domain restrictions, see if it makes a difference.
ASKER
...no dice.
you think it could be something in IIS?
you think it could be something in IIS?
Are there any firewalls between the 2 servers? how about when you log in to the WI server console or RDP, can you log in then?
ASKER
I have the firewalls turned-off between the servers...I can communicate between them, have full access to everything on my domain/network, etc.
I just can't seem to get the WI to talk to AD for authentication (or at least that's my assumption)
I just can't seem to get the WI to talk to AD for authentication (or at least that's my assumption)
From your WI server telnet "XA server" XMLport (i.e. Telnet serverXenApp 8080)
ASKER
"connecting to citrix05-xenapp...Could not open connection to the host, on port 8080: connection failed"
Check the windows firewall on the XA server, obviosly there's something blocking it, check the settings on your XA server Management console > yourfarm > Servers > right click on your XA server > Properties > XML service.
Is it the same as whatever is set in WI farm settings?
Is it the same as whatever is set in WI farm settings?
ASKER
um...when I'm in the "Citrix Delivery Services Console", i don't get a "properties" option when right-clicking on the XA server inside the farm tree and I can't find XML service anywhere...however, this is XenApp 6, so it may be somewhere I can't easily see
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK...I have changed the XML port for both XenApp Web SItes and XenApp Services Sites to 80 (in the WI).
I went into "site maintenance" for both and clicked "repair site"...just in case it would help.
I try to telnet to port 80 on the XAserver and after I enter the command, all I get is a blank command promt screen with a blinking cursor...
I went into "site maintenance" for both and clicked "repair site"...just in case it would help.
I try to telnet to port 80 on the XAserver and after I enter the command, all I get is a blank command promt screen with a blinking cursor...
What do you mean you changed the port, how did you change it in XA? You need to do that incommand.
And that empty window with the blinking curser means the port is open.
And that empty window with the blinking curser means the port is open.
ASKER
In the Web Interface Management, you are able to change the XML port used in the "server farms" options
I realize that the port is open by the blank window; I didn't know if I was supposed to be seeing any activity (i.e. like when telneting into a managed device, etc.) lol...sorry; not sleeping much
I realize that the port is open by the blank window; I didn't know if I was supposed to be seeing any activity (i.e. like when telneting into a managed device, etc.) lol...sorry; not sleeping much
ASKER
ok...I got the login process to work now...
however, when i see lmy available published resources (after logging in), I click on one and the error I get at the top is: "An error occured while trying to access the requested resource"
I swear, if it's not one thing, it's another!
however, when i see lmy available published resources (after logging in), I click on one and the error I get at the top is: "An error occured while trying to access the requested resource"
I swear, if it's not one thing, it's another!
I've had this problem in the past, sometimes restarting the Citrix XML Service can help, also check the load on the servers, in command on the XA server type "qfarm /load" it will give you a number between 0 and 10000, if it's 10,000 you know the load balancer is the problem.
ASKER
there is a "0" following the XAsever name after running afarm /load
After I rebooted both the WI server and XA server, after refreshing/logging-in to the XA web site, at the top of the "Applications" selection area, there is this message:
"Some of your resources have not been reconnected. If this message does not usually appear during your sessions, contact your system administrator. "
After I rebooted both the WI server and XA server, after refreshing/logging-in to the XA web site, at the top of the "Applications" selection area, there is this message:
"Some of your resources have not been reconnected. If this message does not usually appear during your sessions, contact your system administrator. "
ASKER
sorry for the late points, guys...whole thing got put on hold and I'm just now getting back to it.