Tuesday, January 27, 2009

citrix 11 client and pass-through authentication

Another fun one for citrix. The settings for the client application have moved around a few places. Basically starting at version 10 they moved from the appserv.ini to the registry. The issue I found, was with the new version 11 client. If you right click the system tray icon and select options.. you should see a drop down box for "prompt user" or "pass-through authentication". If you don't.. reboot (the single sign on piece needs a reboot after client install, but doesn't ask for it for some reason). If after a reboot you still don't see it.. you need to get a new client install package (that's another blog for another time). Now say you have it in the drop down, but need to set it for your whole network.. well the registry setting isn't easy to find. There are a number of registry settings that look like they should work like:
HKLM\Software\Citrix\PNAgent]"EnablePassThrough" set to 1.
While this setting does have some play (if it's set to 0 things definitely won't work), it's not the end all be all of enabling pass-through.

This little sucker is the one that eluded me for some time:
HKEY_CURRENT_USER\Software\Citrix\PNAgent]"Configuration Model 000"

The contents of that key is what is modified when you change the drop down box from "prompt user" to "pass-through authentication". The contents is a hex bunch of crap as far as i can tell. I'll be testing if I can just drop this key on all my machines and walla .. or if I have to come up with 3-4 different ones based on difference variables.. (maybe the type of machine matters? the user account?, the full moon?.. just not sure what makes up that key exactly yet).

1 comment:

Anonymous said...

I'm also annoyed by this. Did you figure out how it worked? The Config URL and ServerURL have moved around a bit from 10.0 and 10.1 and 10.1.150 - annoying!