Environment
NetIQ SecureLogin
NSL 8.1
NSL 8.5
Citrix receiver and XenApp
Situation
Citrix receiver Single Sign On to Citrix XenApp fails and users are prompted for a password when SecureLogin is installed
Customer expects to use Citrix SSO to pass credentials to Citrix XenApp. This does not work when SecureLogin is installed.
SecureLogin breaks Citrix's own pass-through authentication.
Problem does not occur if Citrix Receiver is installed before SecureLogin is installed.
Resolution
Edit the network provider list and move the Citrix provider (PnSson) ahead of the SecureLogin network provider (slADCredMan)
Edit the ProviderOrder value in the registry at
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
and
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkProvider\HwOrder
Or use control panel as shown below (it may be necessary to press and release the "Alt" key to make the tool bar appear so that "Advanced" can be selected) :
Cause
Problem is specific to the sequence of installation and the resulting order of Network providers. This problem occurs when SecureLogin is installed before the Citrix receiver is installed. SecureLogin is placed ahead of Citrix in the network provider list.
Observed:
1. When Citrix receiver is installed (with include SSO option) after NSL installation, the following Network provider order is displayed:
- "SecureLogin SSO Credential Manager" 1st and
- "Citrix Single Sign-on" next.
Due to which, SSONSVR.EXE (citrix SSO module) failed to load.
2. When SecureLogin is installed after Citrix receiver the Network provider order displayed
- "Citrix Single Sign-on" 1st and
- "SecureLogin SSO Credential Manager" next,
SSONSVR.EXE loaded without problem.