Have you collected a Fiddler trace to confirm this is an IE issue and not an issue with the app? I would start there.
From: [email protected] [mailto:[email protected]] On Behalf Of Webster Sent: Tuesday, September 22, 2015 8:41 PM To: [email protected] Subject: [NTSysADM] IE10, Intranet Zone and SSO Helping a customer with the last issues in moving from old Citrix XenApp 5 on Server 2003 to XenApp 7.6 running om Server 2012 (not R2). Their consultant quit on them after 3 weeks on the project and I was asked to help get the project completed. They have a web app that requires IE10 that is why Server 2012. They want to use SSO so I have created a User GPO that puts the site in the Intranet zone (Value = 1) with http://*.appsite.com. The policy also has logon with username and password and I have also tried just logon in intranet zone. I have also tried setting a preference for turning off integrated windows auth (as suggested by a couple of google hits). So far, no combination of settings is allowing SSO to work. The site does appear in the intranet zone and if I right-click, Properties on the page, it shows as Intranet zone. If I have "enable integrated windows auth" unselected, I get "The server xxx at SSO requires a username and password. Warning: This server is requesting that your username and password be sent in an insecure manner". If I have "enable integrated windows auth" selected, I get the app's login dialog. When I google "ie 10 intranet zone auto logon", I have tried the first 20 suggestions and no combination of GPO settings has worked yet. What am I missing? Thanks Webster
