[THIN] Re: Pass Through Authentication via ICA Client

  • From: "TheThin" <TheThin@xxxxxxxxxxxxxxxxxxxxx>
  • To: "Walter, Chris" <christopher.walter@xxxxxxx>,<thin@xxxxxxxxxxxxx>
  • Date: Fri, 30 Apr 2004 17:29:14 -0400

Thanks Chris.  I will take a look at this Monday morning.  This is
great!  Much easier than re-installing the whole thing!

-----Original Message-----
From: Walter, Chris [mailto:christopher.walter@xxxxxxx]=20
Posted At: Friday, April 30, 2004 5:20 PM
Posted To: TheThin
Conversation: [THIN] Pass Through Authentication via ICA Client
Subject: FW: [THIN] Pass Through Authentication via ICA Client


Hi There,

For some reason I am not allowed to post to the list anymore so I will
reply to you directly.  I just went through this over the past few weeks
and changed this on 4000 desktops using the login script.  Your missing
piece is
the PnsSon service in the Registry.  =20

Here I the script I used.  I used this in conjunction with the SU
utility since my users didn't have admin access to the desktops.  I to
called Citrix and they told me it couldn't be done.  Showed them!  If
you want post this to the list in case anybody else needs it.  Just
remember if you put it in a login script it will write to the registry
but it won't take affect until the next time they log on.

Hope this helps,

Chris Walter
CGI / Bell Mobility

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D=3D=3D
=3D=3D=3D=3D=3D=3D=3D=3D

$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\NetworkP
rovi
der\Order", "ProviderOrder","LanmanWorkstation,PnSson",REG_SZ)
$appsrvU=3D"%userprofile%\applic~1\icaclient\appsrv.ini"
$appsrvD=3D"c:\docume~1\defaul~1\applic~1\icaclient\appsrv.ini"
$pnd=3D"c:\docume~1\defaul~1\applic~1\icaclient\pn.ini"


$x =3D WriteProfileString("$appsrvU", "WFClient", "SSOnUserSetting", =
"On")
$x =3D WriteProfileString("$appsrvU", "Metaframe",
"UseLocalUserAndPassword",
"On")

$x =3D WriteProfileString("$appsrvD", "WFClient", "SSOnUserSetting", =
"On")
$x =3D WriteProfileString("$appsrvD", "Metaframe",
"UseLocalUserAndPassword",
"On")


$x =3D
AddKey("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson")
$x =3D
AddKey("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\NetW
orkP
rovider")
$x =3D
AddKey("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\Enum
")

$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson"
,
"IsEnabled","1",REG_DWORD)
$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson"
,
"Type","4",REG_DWORD)
$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\
Netw
orkProvider", "Class","2",REG_DWORD)
$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\
Netw
orkProvider", "Name","Citrix Single Sign-on",REG_SZ)
$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\
Netw
orkProvider", "ProviderPath","C:\Program Files\Citrix\ICA
Client\pnsson.dll",REG_SZ)

$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\
Enum
", "0","Root\LEGACY_PNSSON\0000",REG_SZ)
$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\
Enum
", "Count","1",REG_DWORD)
$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\
Enum
", "NextInstance","1",REG_DWORD)
$x =3D
WriteValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PnSson\
Enum
", "Service","PnSson",REG_SZ)

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D=3D=3D
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

-----Original Message-----
From:   TheThin [SMTP:TheThin@xxxxxxxxxxxxxxxxxxxxx]
<mailto:[SMTP:TheThin@xxxxxxxxxxxxxxxxxxxxx]>=20
Sent:   Friday April 30, 2004 2:45 PM
To:     thin@xxxxxxxxxxxxx <mailto:thin@xxxxxxxxxxxxx>=20
Subject:        [THIN] Pass Through Authentication via ICA Client

I have a large number of client computers (350-500) that were originally
installed to not allow Pass-Through Authentication. They were installed
with a 6.x client and then upgraded to 7.1.  I want to enable this
feature and have been struggling to come up w/ .ini files that enable
it.  Is their a registry setting for this somewhere?  I don't want to
have to script a complete un-install, re-install of the client unless
absolutely necessary. What I have found is that if I take a workstation
and fully remove the client and then re-install it, pass through
authentication works fine. Deleting all the .ini file from the user's
profile. But if I take the wfclient.ini, pn.ini, and appsrv.ini from
that workstation to another, pass through authentication will not work.
The check box to allow it won't even light up in the GUI. =20
I know the SSOnUserSetting=3DOff setting is involved, but I haven't been
able to figure out what other settings are involved.  Any help would be
appreciated.  I found several CTX articles that are related to pass
through authentication, but the are for troubleshooting problems not how
to configure the client.
********************************************************
This week's sponsor - Emergent Online
Emergent delivers end-to-end solutions for private and public sector
clients. From centralized application management, business continuity,
outsourcing, to application development, security, and messaging
solutions. http://www.go-eol.com/index.asp
<http://www.go-eol.com/index.asp>=20
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm <http://thin.net/links.cfm>=20
***********************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm <http://thin.net/citrixlist.cfm>=20
********************************************************
This week's sponsor - Emergent Online
Emergent delivers end-to-end solutions for private and public sector clients. 
From centralized application management, business continuity, outsourcing, to 
application development, security, and messaging solutions.
http://www.go-eol.com/index.asp
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

Other related posts: