[THIN] Re: Solved - Neoware and ICA Connections

  • From: Adam.Baum@xxxxxxxxxxxxxx
  • To: thin@xxxxxxxxxxxxx
  • Date: Mon, 17 Mar 2003 11:02:31 -0700

While changing the anonymous setting fixed the problem, I am not quite sure
why.  In my setup, server A is the TS license server and I was trying to
attach to server B.  Server B is configured to point to server A for TS
licenses.  With anonymous restricted, why can I connect to server A and not
to server B?  It's as if server B won't pass an anonymous request for a
license, but server A will accept them (directly).  I figure restrict
anonymouse is restrict anonymous.  Shouldn't matter where the request came

                      Durflinger"              To:       <thin@xxxxxxxxxxxxx>   
                      <cdurflinger@neng        cc:                              
                      roup.com>                Subject:  [THIN] Re: Solved - 
Neoware and ICA Connections                              
                      Sent by:                                                  
                      03/15/2003 11:32                                          
                      Please respond to                                         

That's an interesting implication.  If I'm correct, this sets the
RestrictAnonymous value in the Registry, correct?  Setting
RestrictAnonymous to the '2' value (no anonymous connections) is one of
the recommendations I've seen made often by security-minded folks, with
the caveat that it breaks Win9x connections.

If it breaks thin client connectivity as well, dang.=20

Connor Durflinger
Sr. Network Engineer
New England Network Group
tel: 781.397.0990  x 18

HI All,

Solved the problem this morning.  The event log on the 'bad' server
showed that it could not issue TS licenses.  Going through the typical,
'how does one get a license' process led me down the road of checking
for restrictions on anonymous connections.  Sure enough, we had locked
it down too tight.

The local policy in question can be found under  Security Options.  Set
"Additional restrictions for anonymous connections" policy to 0 or 1.  1
worked for us.

Adam.Baum@xxxxxxxxxxxxxx                  To:thin@xxxxxxxxxxxxx
HI All,

I am experiencing an odd problem on our Neoware Capio 610 units.  I have
a published desktop load balanced across two servers.  I can never seem
to connect on the first try.  The Neos try to connect and end up back at
the Neo connection manager screen.  Connecting a second time works.
Also, when I try to connect directly to one of the servers, it fails.
The ICA client on my pc has no problem connecting either to the
published desktop or the server.

I am thinking that my connections problem are related to a single
I have no problem direct connecting to the second server.  I only have
problems with the first (the data collector) and the published desktop.
I am thinking that when I have problems with the published desktop, it
is really occurring at the first server.

I am using the same ID to connect all server, but it shouldn't matter
because the problem occurs before I receive the logon screen.

W2K SP2 XPe FR2.

Any ideas?

PS_ I am only using the Capio 610 as thin client devices.  All
connections are via PCs.

This Week's Sponsor - RTO Software / TScale
TScale increases terminal server capacity. 
Get 30-40% more users per server to save $$$ and time. 
Add users now! - not more servers. If you're using Citrix, 
you must learn about TScale!  Free 30-day eval:

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:

Other related posts: