Graham Hirst
asked on
Citrix user AD.
We have a Domain User, that has been login in to a Citrix Environment on one of our data centres. We have recently moved their environment to a new data centre, since the move, the user is now able to log on to the new Citrix environment, (Incorrect password or Credentials. Both environment are using the same AD domain, if I create a copy of the user to a new AD account, I am able to log in to both instances of Citrix. Does anyone have any idea as to why original account doesn't not work now?
Any advice would be great.
James Glen
FSI Cloud Ltd.
Any advice would be great.
James Glen
FSI Cloud Ltd.
I'm confused by your post. You say you are able to login to both environments. What is failing?
ASKER
Hi Keelyn
We have a Citrix Environment in a Datacentre we call DC4 and a new one in another Datacentre that we call DC5, on both datacentres we have an AD that is replicating. If we use the URL to access Citrix on DC4, we have no problems, using the same credentials to access through the DC5 Citrix, we get incorrect credentials. I have made a copy of the user, not changing any setting in AD and I can log on to both DC4 and DC5 with the newly created user. As they are both using the same AD domain, the credentials are the same. But as I said on DC5 it just comes up incorrect credentials.
Hope this make a little more sense.
Kind Regards
James Glen
We have a Citrix Environment in a Datacentre we call DC4 and a new one in another Datacentre that we call DC5, on both datacentres we have an AD that is replicating. If we use the URL to access Citrix on DC4, we have no problems, using the same credentials to access through the DC5 Citrix, we get incorrect credentials. I have made a copy of the user, not changing any setting in AD and I can log on to both DC4 and DC5 with the newly created user. As they are both using the same AD domain, the credentials are the same. But as I said on DC5 it just comes up incorrect credentials.
Hope this make a little more sense.
Kind Regards
James Glen
Thank you, makes a lot more sense. Can you please provide the exact error message you are receiving? Also, where is the login taken place (i.e. StoreFront, Receiver, VDi, etc.)?
ASKER
It just states Incorrect username or password in StoreFront. Appreciate your assistance.
Can you login as an Administrator and check the event log to see what the failure reason for their login is?
looks like the AD-sync don't work for this user...
do you move the user within AD (to another OU)?
do you use netscaler and point to a specific LDAP-Path...?
If you set a new password within DC5 ... is the user able to logon now within DC5?
do you move the user within AD (to another OU)?
do you use netscaler and point to a specific LDAP-Path...?
If you set a new password within DC5 ... is the user able to logon now within DC5?
ASKER
Hi Dirk
Thank you for your assistance.
We do use Netscaler and we do point it to a specific LDAP Path, but we know this is working as we have other users that are able to authenticate.
The weird thing is, that if we change the password in the DC5 AD, the user can the use that password to get in to the DC4 side, but still cannot log in on the DC5.. Very confusing. I am going to try looking in the Event log as Keelyn suggested and see if I can provide more information, but I have never encountered anything like this before..
James Glen
Thank you for your assistance.
We do use Netscaler and we do point it to a specific LDAP Path, but we know this is working as we have other users that are able to authenticate.
The weird thing is, that if we change the password in the DC5 AD, the user can the use that password to get in to the DC4 side, but still cannot log in on the DC5.. Very confusing. I am going to try looking in the Event log as Keelyn suggested and see if I can provide more information, but I have never encountered anything like this before..
James Glen
current versions of netscaler has a great authentication logging.
try to check this..
Configuration / "authentication" below "NetScaler Gateway"
try to check this..
Configuration / "authentication" below "NetScaler Gateway"
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.