Citrix ICA Client Authentication Fails when using explicit proxy

Solution

Overview

When using Windows 7 client and Windows 2008 for Active Directory and BCAAA, Citrix ICA fails to pass authentication. This happens because ICA is not compatible with the security levels set in Windows 2008 and Windows 7.

The problem is the Attribute: Target Name in the NTLMv2 response is set incorrectly by the ICA client software to InetSvcs (see screenshot below.

Cause
Resolution

WORKAROUNDS

  1. Update ICA to Citrix Receiver 4, where the issue is resolved.
     
  2. Install BCAAA onto a Windows 2003 member server.
     
  3. Use IWA Direct. With IWA Direct, the ProxySG will join the domain and query the Active Directory directly. IWA Direct is available in SGOS 6.3 or later.

 

Workaround
Additional Information
Bug Number
InQuira Doc IdKB5219
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat