Forum Discussion

Mark_22062's avatar
Mark_22062
Icon for Nimbostratus rankNimbostratus
May 02, 2012

Citrix Receiver on iOS

I have configured an APM to access our Citrix XenApp environment. Through a browser it works well, prompting the user for a username, password and a passcode (SecurID Token).

 

 

The APM is configured as follows:

 

 

Logon Page > SecureID > AD Auth (using a session variable) > Allow

 

 

When configuring the Citrix Receiver on the iOS device, I've configured it as "Access Gateway", configured all the authentication details and selected to use a Security Token.

 

 

The application verifies the settings and saves the config and attempts to login, prompting for the passcode. It then returns with a "Password Change Required" (even though the AD account password has not expired). Filling in this form, then returns with "The password has been updated, please log on again" (according to AD the user account password has not been changed). It then prompts for the passcode again and successfully logs on.

 

 

However, when you then logoff and attempt to log on again, this time prompting for the password and passcode, it fails with "The credentials provided have expired."

 

 

Looking at the various session logs it seems to fail because of user inactivity or errors, the bad password count on the AD account indicates the password was incorrect.

 

 

Has anyone else had issues with setting up APM for Citrix Receiver?

 

 

  • F5 Support have come through, many thanks Yasu. It appears that the logon field that captures the AD password has to be password1.

     

     

    apm policy agent logon-page /Common/Citrix-APM__citrix_apm_act_logon_page_ag {

     

    app-service /Common/Citrix-APM_.app/Citrix-APM_

     

    customization-group /Common/Citrix-APM__citrix_apm_act_logon_page_ag

     

    field-type3 password

     

    post-var-name2 password1

     

    post-var-name3 password

     

    sess-var-name2 password1

     

    sess-var-name3 password

     

    }

     

     

    "Variable Assign" also has to be changed as follows:

     

    apm policy agent variable-assign /Common/Citrix-APM__citrix_apm_act_variable_assign_ag {

     

    variables {

     

    {

     

    expression "mcget {session.logon.last.password1}"

     

    varname session.logon.last.password

     

    }

     

    }

     

    }