Citrix ICA Client Authentication Fails when using explicit proxy


<< Back to Knowledge Search

Solution

Overview

When using Windows 7 client and Windows 2008 for Active Directory and BCAAA, Citrix ICA fails to pass authentication. This happens because ICA is not compatible with the security levels set in Windows 2008 and Windows 7.

The problem is the Attribute: Target Name in the NTLMv2 response is set incorrectly by the ICA client software to InetSvcs (see screenshot below.

Cause
Resolution

WORKAROUNDS

  1. Update ICA to Citrix Receiver 4, where the issue is resolved.
     
  2. Install BCAAA onto a Windows 2003 member server.
     
  3. Use IWA Direct. With IWA Direct, the ProxySG will join the domain and query the Active Directory directly. IWA Direct is available in SGOS 6.3 or later.

 

Workaround
Additional Information
Bug Number
InQuira Doc IdKB5219
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 4, SGOS 5, SGOS 6
Topic      Authentication, BCAAA
Article Number      000008572
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat