?
Solved

WYSE ThinOS Device & Citrix XenApp 6.5 Not Authenticating

Posted on 2014-04-18
15
Medium Priority
?
1,335 Views
Last Modified: 2014-06-09
Site A:
WYSE Device boots, connects to FTP server for wnos.ini and presents ThinOS login screen. Login to domain is submitted and auto-connects to Citrix XenApp 6.5 published desktop/app successful.

SITE B:
WYSE device boots, connects to FTP server for wnos.ini and immediately restarts (restart by network) and then boots back up to ThinOS login screen. Domain credentials are not accepted by Citrix message is returned.

Site A and B are connected by SonicWall site VPN tunnel with no firewall rules for lan-to-vpn zones. Also, all servers reside a site A. Lastly, both WYSE devices pull the same wnos.ini file.

;GENERAL
;**********************************************************************
TimeZone='GMT - 05:00' ManualOverride=yes TimeZoneName="Eastern Standard Time" DayLightName="Eastern Daylight Time"
signon=yes
privilege=HIGH
SysMode=VDI
;Desktop=wellmorewallpaper.BMP 
#TimeZone="GMT - 05:00" 
#ManualOverride=yes 
#TimeZoneName="(GMT-05:00) Eastern Time (US & Canada)"
#Daylight=yes 
#Start=030207 
#End=110108 
#TimeServer=nist1-ny.ustiming.org 
#timeformat="12-hour format" 
#dateformat="mm/dd/yyyy"
AutoSignoff=yes

;**********************************************************************
;NETWORK
;**********************************************************************
BootpDisable=yes
DisableDomain=yes
DomainList="cgcgw"
DomainName=cgcgw

;**********************************************************************
;ICA/CITRIX
;**********************************************************************
PnliteServer=192.168.1.26 AutoConnectList="Wellmore:wellmoredesktop" ReconnectAtLogon=2
autoload=1
;connect=ica
;IcaBrowsing=HTTP 
;description="Wellmore Desktop" 
;icon=default
;autoconnect=yes
;username=" " 
;password=" " 
;browserip=192.168.1.26
;application="Wellmore Desktop"
;autoconnect=1
;reconnect=0
;TcpTimeOut=200
;Sessionconfig=all unmapusb=no mapdisks=yes 
;IcaBrowsing=UDP
seamless=yes
ReconnectFromButton=2 Timeout=30 
;Desktop" Timeout="30"

Open in new window

0
Comment
Question by:Lee Seeman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
15 Comments
 
LVL 24

Expert Comment

by:Dirk Kotte
ID: 40011084
possible the packets are to big for the tunnel?
0
 

Author Comment

by:Lee Seeman
ID: 40012398
I don't believe it is a packet size issue over the VPN tunnel;

Some more background:

Remote Site B only has the aforementioned issue when booting to the above noted wnos.ini file, which points to a new XenApp 6.5 farm. Local Site A is fine though.

However, the same WYSE device at Remote Site B when pointed at an older wnos.ini (below) file for a Citrix PS 4.5 farm, boots fine and auto-connects to Citrix PS 4.5 published desktop. Therefore, I don't think its packet size...

connect=ica \
description="Citrix Array" \
icon=default \
username=" " \
password=" " \
domainname=cgcgw \
browserip=192.168.1.33 \
application="Wellpath Array Desktop" \
autoconnect=1 \
reconnect=0 \
TcpTimeOut=200

Open in new window


I did un-comment the 'TcpTimeout=200' statement in the new wnso.ini file to see if that has any impact...
0
 

Author Comment

by:Lee Seeman
ID: 40018442
Any help would appreciated...
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:Lee Seeman
ID: 40027045
Anyone one a take a stab at this to help us narrow down the possibilities?
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 40090968
Are both site devices connected to the same WI/Storefront? Or each site has its own?
0
 

Author Comment

by:Lee Seeman
ID: 40098694
All sites connect to the same Citrix WI server. The only difference is, the FTP credentials used. Anonymous connects them to the default wnos.ini file and the login with username 'xenapp' connects them to the aforementioned wnos.ini customized for XenApp 6.5 WI.
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 40102717
I see that  domainname is mentioned in the WNOS.ini file for the PS 4.5, but not mentioned in the WNOS.ini file pertaining to the XenApp 6.5.

Can you add the domainname parameter to your new .ini file.
0
 

Author Comment

by:Lee Seeman
ID: 40105486
Mutawadi, The DomainName value is set in both from what I can see:

CITRIX XENAPP 6.5 WNOS.INI  :
#
# This file provides an example of an environment where all users
# will log on following processing of this file.  Each user will
#
# The following directive allows the Winterm 1200LE to attempt to
# locate code files on the FTP server and to update the current 
# code on the device if the version on the server is different.
#
#autoload=1
#
# The following URL specifies a bitmap file which overlays the top
# left part of the sign-on dialog box.  It can be used to present a 
# company logo, special instructions for the day (of limited length)
# or any other desired customization. The WT1200LE will attempt to
# locate the file in the directory named bitmap, directly under the
# directory named wnos, which contains this file.
#
# formurl=blazer.bmp
# resolution=1024X768
#
# The following directive causes the WT1200LE to use a different
# FTP server. This overrides and replaces the fileserver in the
# local network setup and/or the one obtained from DHCP option 161.
# It will be used from the time this directive is processed until
# the value in the local user interface is manually edited, until a
# new value is obtained from a DHCP server on reboot, or until
# another fileserver directive is processed.  Until reset using one
# of the named methods, the new value will persist across reboots
# and power cycle events.  The argument may be either an IP address
# or a DNS name.
#
FileServer=192.168.1.31
#
# The following directive causes the WT1200LE to access a different
# path on the FTP server.  This overrides and replaces the path in
# the local network setup and/or the one obtained from DHCP option
# 162.  Its characteristics are the same as the fileserver 
# directive.  When this is actually used, the directory name wnos
# will be appended to the rootpath before use.  For instance,
# (assuming that the DHCP server does not supply values for options
# 161 and 162) immediately after the reboot following the processing
# of these two directives the WT1200LE will start an FTP session
# with fileserv.wyse.com and attempt to retrieve
# /blazer/wyse/wnos/wnos.ini
#
#RootPath=wyse
#
# The following directives specify the global connections that
# will be present on all user desktops or in all user Connect Lists
# following sign-on.
#
# The following directive will, when activated, establish a 
# connection to a specific ICA server.  Note that the directive is
# continued onto multiple lines.  Continuation is accomplished by 
# putting the following characters at the end of lines to be 
# continued:
#
# \<Enter>
#
# This only works if there is no space between the \ and the
# <Enter> character; the line will not be continued otherwise.  The
# function of each of the arguments is:
#
#     connect=ica      Specifies that this is a connect statement
#                      and that the type of connection is ICA, 
#                      (currently, ICA is the only supported
#                      connection type). This must be the first
#                      item specified on the line.
#     description="x"  Text to appear either under the icon on the
#                      WT1200LE desktop or in the Connect List.
#                      The text must be surrounded by double
#                      quotation marks if it contains spaces or
#                      punctuation.
#     icon=default     The bitmap to be used for the WT1200LE
#                      desktop display.  The argument is either
#                      default or a file name.  If a file name is
#                      specified, it must be located in the bitmap
#                      directory under the wnos directory on the
#                      FTP server.
#     host=IP          The IP address or DNS name of the ICA server
#                      to be contacted when this connection is
#                      established.
#     username=me      The username on the server that runs the
#                      published application.  The username
#                      determines the privileges and default
#                      directory used on the server.
#
# Since the following connection omits the password and domainname
# fields, the client will attempt to perform a login using no
# password and the default domain (whatever was last used on that
# system).  This will probably fail and present the user with
# a login dialog box.  This is more secure than putting passwords
# into a file on an FTP server, which can be downloaded by anyone.
#
# terminal will shutdown once users logoff ICA

[b]CITRIX PS 4.5 FARM WNOS.INI :[/b]

;**********************************************************************************************************
;GENERAL
;**********************************************************************************************************
TimeZone='GMT - 05:00' ManualOverride=yes TimeZoneName="Eastern Standard Time" DayLightName="Eastern Daylight Time"
signon=yes
privilege=HIGH
SysMode=VDI
;Desktop=wellmorewallpaper.BMP 
#TimeZone="GMT - 05:00" 
#ManualOverride=yes 
#TimeZoneName="(GMT-05:00) Eastern Time (US & Canada)"
#Daylight=yes 
#Start=030207 
#End=110108 
#TimeServer=nist1-ny.ustiming.org 
#timeformat="12-hour format" 
#dateformat="mm/dd/yyyy"
AutoSignoff=yes

;*****************************************************************************************************
;NETWORK
;************************************************************************************************
BootpDisable=yes
DisableDomain=yes
DomainList="cgcgw"
DomainName=cgcgw

;**********************************************************************************************************
;ICA/CITRIX
;**********************************************************************************************************
PnliteServer=192.168.1.26 AutoConnectList="Wellmore:wellmoredesktop" ReconnectAtLogon=2
autoload=1
;connect=ica
;IcaBrowsing=HTTP 
;description="Wellmore Desktop" 
;icon=default
;autoconnect=yes
;username=" " 
;password=" " 
;browserip=192.168.1.26
;application="Wellmore Desktop"
;autoconnect=1
;reconnect=0
TcpTimeOut=200
;Sessionconfig=all unmapusb=no mapdisks=yes 
;IcaBrowsing=UDP
seamless=yes
ReconnectFromButton=2 Timeout=30 
;Desktop" Timeout="30"

;**********************************************************************************************************
;PRINTING
;**********************************************************************************************************
SessionConfig=ALL 
VUSB_PRINTER=Yes 
Printer=LPT1 Enabled=yes 
Name="Brother PCL5e Driver" 
PrinterID="Brother PCL5e Driver" 
Class=PCL5 
Enabled=yes 
EnabledLPD=no 

;*************************************
;RDP
;*************************************

Open in new window


CITRIX PS 4.5 WNOS.INI :
#
# This file provides an example of an environment where all users
# will log on following processing of this file.  Each user will
# have (potentially) a different desktop display of available
# connections.  Each user may have a different password for
# authentication.
#
# The user desktop displayed following sign-on will be a combination
# of connections specified here (global) and connection specified
# in their individual environment specifications.  Winterm 1200LE
# is capable of accepting up to 16 connection definitions, total.
# Those defined globally will be displayed first, followed by those
# specified for the individual. If the sum of the number of
# connections in the two files exceeds sixteen only the first
# sixteen will be processed.
#
# The following directive enables the use of the sign-on dialog box.
#
signon=0
privilege=HIGH
#
# The following directive allows the Winterm 1200LE to attempt to
# locate code files on the FTP server and to update the current 
# code on the device if the version on the server is different.
#
autoload=1
#
# The following URL specifies a bitmap file which overlays the top
# left part of the sign-on dialog box.  It can be used to present a 
# company logo, special instructions for the day (of limited length)
# or any other desired customization. The WT1200LE will attempt to
# locate the file in the directory named bitmap, directly under the
# directory named wnos, which contains this file.
#
# formurl=blazer.bmp
# resolution=1024X768
#
# The following directive causes the WT1200LE to use a different
# FTP server. This overrides and replaces the fileserver in the
# local network setup and/or the one obtained from DHCP option 161.
# It will be used from the time this directive is processed until
# the value in the local user interface is manually edited, until a
# new value is obtained from a DHCP server on reboot, or until
# another fileserver directive is processed.  Until reset using one
# of the named methods, the new value will persist across reboots
# and power cycle events.  The argument may be either an IP address
# or a DNS name.
#
#FileServer=192.168.1.31
#
# The following directive causes the WT1200LE to access a different
# path on the FTP server.  This overrides and replaces the path in
# the local network setup and/or the one obtained from DHCP option
# 162.  Its characteristics are the same as the fileserver 
# directive.  When this is actually used, the directory name wnos
# will be appended to the rootpath before use.  For instance,
# (assuming that the DHCP server does not supply values for options
# 161 and 162) immediately after the reboot following the processing
# of these two directives the WT1200LE will start an FTP session
# with fileserv.wyse.com and attempt to retrieve
# /blazer/wyse/wnos/wnos.ini
#
#RootPath=wyse
#
# The following directives specify the global connections that
# will be present on all user desktops or in all user Connect Lists
# following sign-on.
#
# The following directive will, when activated, establish a 
# connection to a specific ICA server.  Note that the directive is
# continued onto multiple lines.  Continuation is accomplished by 
# putting the following characters at the end of lines to be 
# continued:
#
# \<Enter>
#
# This only works if there is no space between the \ and the
# <Enter> character; the line will not be continued otherwise.  The
# function of each of the arguments is:
#
#     connect=ica      Specifies that this is a connect statement
#                      and that the type of connection is ICA, 
#                      (currently, ICA is the only supported
#                      connection type). This must be the first
#                      item specified on the line.
#     description="x"  Text to appear either under the icon on the
#                      WT1200LE desktop or in the Connect List.
#                      The text must be surrounded by double
#                      quotation marks if it contains spaces or
#                      punctuation.
#     icon=default     The bitmap to be used for the WT1200LE
#                      desktop display.  The argument is either
#                      default or a file name.  If a file name is
#                      specified, it must be located in the bitmap
#                      directory under the wnos directory on the
#                      FTP server.
#     host=IP          The IP address or DNS name of the ICA server
#                      to be contacted when this connection is
#                      established.
#     username=me      The username on the server that runs the
#                      published application.  The username
#                      determines the privileges and default
#                      directory used on the server.
#
# Since the following connection omits the password and domainname
# fields, the client will attempt to perform a login using no
# password and the default domain (whatever was last used on that
# system).  This will probably fail and present the user with
# a login dialog box.  This is more secure than putting passwords
# into a file on an FTP server, which can be downloaded by anyone.
#
# terminal will shutdown once users logoff ICA


SysMode=VDI

# Desktop=wellmorewallpaper.BMP \

TimeZone='GMT - 05:00' ManualOverride=yes TimeZoneName="Eastern Standard Time" DayLightName="Eastern Daylight Time"

#TimeZone="GMT - 05:00" \
#ManualOverride=yes \
#TimeZoneName="(GMT-05:00) Eastern Time (US & Canada)"
#Daylight=yes \
#Start=030207 \
#End=110108 \
#TimeServer=nist1-ny.ustiming.org \
#timeformat="12-hour format" \
#dateformat="mm/dd/yyyy"


connect=ica \
description="Citrix Array" \
icon=default \
username=" " \
password=" " \
domainname=cgcgw \
browserip=192.168.1.33 \
application="Wellpath Array Desktop" \
autoconnect=1 \
reconnect=0 \
TcpTimeOut=200

#Printer Settings
SessionConfig=ALL \
VUSB_PRINTER=Yes \
Printer=LPT1 Enabled=yes \
Name="Brother PCL5e Driver" \
PrinterID="Brother PCL5e Driver" \
Class=PCL5 \
Enabled=yes \
EnabledLPD=no 

#connect=rdp \
#description="All Applications" \
#icon=default \
#username=" " \
#password=" " \
#domainname=mfound1.local \
#host=192.168.11.243 \
#autoconnect=0 \
#reconnect=0
#TcpTimeOut=200

#connect=rdp \
#description="ABS/GAIN" \
#icon=default \
#username=" " \
#password=" " \
#domainname=mfound1.local \
#host=192.168.1.208 \
#autoconnect=0 \
#reconnect=0
#TcpTimeOut=200

Open in new window

0
 
LVL 23

Accepted Solution

by:
Ayman Bakr earned 2000 total points
ID: 40105803
I see, but I realize that the position of the domainname in the new WNOS.ini file is different from that in the old. I wonder if this might be causing the issue.

Try placing the domainname parameter below the connect=ica just like in the old WNOS.ini file.
0
 

Author Comment

by:Lee Seeman
ID: 40111389
Gotcha; will give it a whirl....
0
 

Author Comment

by:Lee Seeman
ID: 40117353
After moving the domainname statement down under the connect=ica statement, it worked on one so far. We will test 2x more and update this accordingly.

Thank you Mutawadi
0
 

Author Closing Comment

by:Lee Seeman
ID: 40121800
Thank you very much for the fix!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines why you need to choose a backup solution that protects your entire environment – including your VMware ESXi and Microsoft Hyper-V virtualization hosts – not just your virtual machines.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question