Hello,
I´am looking for someone who has experience with AD SSO in conjunction with a Terminalsession via Citrix.
We have the following problem:
Until we used Windows 2003 Active Directoy users could connect to the web proxy via IE which comes from Citrix Terminalserver. We saw the users with their own IP address from client. Each user could authenticate itself with AD SSO.
Now with Windows 2008 AD and a newer Citrix version the users come to the web proxy with the ip-adress from the terminalserver. So the AD SSO can not work. The first user who comes to the proxy can do the AD SSO login but all the other users after the first will go to the proxy with the credentials from the first user.
It is like a masquerading. The ip-address from the clients will be masqueraded with the ip-address from termnalserver.
Does anybody use such a construct (I don´t like, but the customer)?
We got the hint from Astaro that Win2k8 doesn´t use NTLM auth, it uses now Kerberos. Maybe that´s why we have that trouble.
This thread was automatically locked due to age.
