busted Regards,
Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: James Rankin [mailto:kz2...@googlemail.com] Sent: Friday, November 19, 2010 8:59 AM To: NT System Admin Issues Subject: Re: Citrix web interface query Sorry all....I meant to send that just to Webster :-( On 19 November 2010 13:57, James Rankin <kz2...@googlemail.com<mailto:kz2...@googlemail.com>> wrote: That was a big fat lie the consultants told me. ADFS role is not even installed on any of the DCs. Honestly these guys are cowboys. I will see if i can get it installed on one of the DCs to test. Cheers, On 17 November 2010 17:20, Webster <carlwebs...@gmail.com<mailto:carlwebs...@gmail.com>> wrote: James, I would like to lab this to see if I can get this working and then write an article about it. Can you e-mail me off list with some specifics I can use in my testing. Your specifics will of course not be in the article. I need to finish an article on XenDesktop 5 first. I am also working on an article for using Web Interface to help migrate from older MF/PS/XA versions to XA6. But that was going to be for one forest, one tree, one domain. I need to know more of your setup so I can test and document a solution for you and others. Thanks Webster From: James Rankin [mailto:kz2...@googlemail.com<mailto:kz2...@googlemail.com>] Subject: Citrix web interface query We have two old Windows 2003 domains with PS3 and PS4 farms respectively. We are in the process of migrating the users to a Windows 2008 R2 domain running Xen6. We need to keep some of the old applications from the old domains available in the new infrastructure via the Program Neighborhood Agent, so we have "multi-homed" our new web interface server with connections to the old PS3 and PS4 farms. So far, so good. Problem comes when a user in the new domain logs onto the PNAgent. They get an error of "the credentials supplied were invalid". When I remove the entries for the legacy farms from the web interface, the user can log in fine. So it appears when the PNAgent is submitting the user credentials to the legacy domains for validation, they are being rejected somewhere. Is there anything special that needs to be done to allow the user to log into the web interface in this configuration? There is obviously a trust in place, so the user in the new domain should be validated by the old ones. I *could* just publish up some .ica files for the new users, but that smells like an administrative nightmare.... Any help is appreciated, ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
