- This topic is empty.
-
Posts
-
Hello,
In my config I’m using the parameter PasswordServer in case user passwords are expired. Authentication is done via NTLM on the Domain Controller.
As PasswordServer I’m using the main citrix server.In our Test VLAN everything works fine. We have set that the user must create a new password at next login. User tries to log in, a message appears that the password needs to be renewed and a Windows session is opened which allows to change the password. Then the Windows session is automatically logged off.
Now we’re experiencing problems from another VLAN. We tried exactly the same, but instead no message appears on the Wyse, that the password needs to be changed. In the WTOS eventlog I’ve found the entry:
citrix signon: no such file or directory
Does anyone of you know what Wyse is trying to access from the Citrix server? The network dept assured me that there is no Firewall between the two VLANs and the Citrix server. Could it be a setting on the Citrix server itself?
Thanks in advance for any ideas.
I would like to know some different things.
Why are you using NTLM authentication and do not authenticate directly to your Citrix environment?
When doing latter you can remove the Passwordserver parameter from the wnos.ini and enable password change on the Citrix system and all should be good.CG
@ConfGen wrote:
…
When doing latter you can remove the Passwordserver parameter from the wnos.ini and enable password change on the Citrix system and all should be good.CG
I have a question about this. How do you “enable password change on the Citrix system” ? I am having trouble with this on my C10LE winterms that our company uses. Users with Expired or “must-change” domain password are unable to do so from the thinOS login. Users get an error:
Citrix sign-on failed
I have been working hard for the last three days to resolve this problem and looking in the Wyse support site is no help because they offer solutions that don’t work, such as adding the passwordserver parameter.
Wyse self-service site portal is confusing and it’s hard to find what you are looking for unless you have been in there before and know what to click on.
Go to Products – Wyse ThinOS and search for a document called “Password change in a Citrix environment ” on this website.
CG
@ConfGen wrote:
Go to Products – Wyse ThinOS and search for a document called “Password change in a Citrix environment ” on this website.
CG
I realize this is an old thread but I have come here because our Wyse Thin OS devices (running 7.0.1_33) suddenly stopped enabling logons for those with expired passwords or must change password on next logon option set on their account.
WE had this fixed before using the following settings in our WNOS.INI file:
Signon=ntlm DisableGuest=yes
Passwordserver=”10.201.8.33;10.201.8.34″ Connect=RDPedit: these IP addresses correspond to domain controllers
Now today we discovered that this is no longer working so I want to figure out how to make the ICA form of this work on the devices. I already checked out the document you referenced above but this refers to a delivery services console and a web interface management console which I don’t have. I’m on PS 4.5 in a total Win2k3 environment.
Any pointers you can give me are appreciated. I do have an “Access Management Console” and depending on where I log in with that I have some different options but I saw nothing like the screenshot provided in that document you provided.
Thanks for your help. I’m really stuck this time on this one.
Even with PS4.5 you have a “Citrix Web Interface Management” console. Check Start-Programs-Citirix-Management Console. If it is not there you can install the console easily from your installation media.
There you have to right click your PNAgent site and select “Authentication Methods” followed by “Properties”. The rest is the same as documented in the PDF.CG
I was able to RDP into the server that my xenapp client points to for its published desktops and streamed apps and found the Access Management Console. From there, I drilled down through Citrix Resources -> Configuration Tools -> Web Interface -> (PNAGENT SITE)->Config.xml and from there I could Right-click on the xml and choose “Configure Authentication Methods.” This allowed me to see a box that was similar to what you had in the screenshot. I verified that I already had the enable password change on server option enabled.
So, now I just need to figure out how to switch from NTLM to ICA password changes. Simply taking out these two lines
Signon=ntlm DisableGuest=yes
Passwordserver="10.201.8.33;10.201.8.34" Connect=RDPand replacing them with
Signon=1 DisableGuest=yesis not sufficient. Thanks, ConfGen, for your help.
You need SignOn=yes or =1 and PNliteServer=your_Pnagent_site
Along with the correct PNAgent site config we already discussed, it should work fine.
CG
- You must be logged in to reply to this topic.