Thats not what was asked tho' - inh your example you're using the full client and the full client supports passthrough, because only the full client (and PN Agent) enables the integrated logon service. You can't do an integrated logon if all you have is the web client. _____ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Greg Reese Sent: 05 January 2006 02:02 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Pass-through authentification for WI - can I do it without a SSO product? sure. it is on pg 58 and 59 in the Wi admin guide. I messed with it using WI 4 and PS 4 with the v9 client but I think any client above 6 will do it. the keys are: Installing the full win32 client and choosing yes when it asks about using pass through. then you have to edit the appsrv.ini file for each client. in the [wfclient] section add: EnableSONThruICAFile=On SSOnUserSetting=On from there you enable in on the web interface site and you are done. I edit the config files myself but the gui will do it too. there are some other catches. If a user has not authenticated into your domain and tries to hit the web interface (like a home user) they don't get promoted for credentials and can't get in. I suggest making a second Wi site for these people and link to it from the logged off page so if users have trouble with pass through, they can still manually enter their credentials. I have some kix scripts that can tweak the appsrv.ini file and fix the client if you did not pick yes to the pass through question when it was installed. I don't have them where I am at the moment or else I would go ahead and post them. Greg On 1/4/06, Guzzo, Mark A (Mark) <guzzo@xxxxxxxxxx> wrote: Hello Greg, Can you be so kind as to share that info with the list as I too would like to do this. Thanks... M a r k G u z z o Utility Infrastructure Services Citrix Administrator Lucent Technologies 2601 Lucent Ln, Lisle, IL 60532-3640 RM:52N15 W/F:630.979.9731 -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto: <mailto:thin-bounce@xxxxxxxxxxxxx> thin-bounce@xxxxxxxxxxxxx] On Behalf Of Greg Reese Sent: Wednesday, January 04, 2006 3:31 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Pass-through authentification for WI - can I do it without a SSO product? this can be done. You have to tweak a couple settings on the client but it's simple enough. I have some notes on it I will send you. Greg On 1/4/06, Jen hen < jen.work@xxxxxxxxx <mailto:jen.work@xxxxxxxxx> > wrote: Is there any way to set up the web client (ver 9.0) to do complete pass-though on the web interface (ver 4.0)?? I know we can do it with the PN or PNA, but we would rather use the web interface. We don't want to use an SSO product if we don't have to. Page 48 (caution section) of the WI admin guide talks about some cookie setting from web to client device that enables pass-through. Of course they don't go into detail - any ideas?? Is this an appsrv.ini setting?? TIA! Jennifer Henske Mercy Health System ************************************************ For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: //www.freelists.org/list/thin ************************************************