no adfs or anything else in the mix that i am aware of. webster
Sent using OWA for iPad ________________________________ From: [email protected] <[email protected]> on behalf of Richard Stovall <[email protected]> Sent: Tuesday, September 22, 2015 9:11:29 PM To: [email protected] Subject: Re: [NTSysADM] IE10, Intranet Zone and SSO Is there anything else like ADFS in the mix? On Sep 22, 2015 9:42 PM, "Webster" <[email protected]<mailto:[email protected]>> wrote: Helping a customer with the last issues in moving from old Citrix XenApp 5 on Server 2003 to XenApp 7.6 running om Server 2012 (not R2). Their consultant quit on them after 3 weeks on the project and I was asked to help get the project completed. They have a web app that requires IE10 that is why Server 2012. They want to use SSO so I have created a User GPO that puts the site in the Intranet zone (Value = 1) with http://*.appsite.com. The policy also has logon with username and password and I have also tried just logon in intranet zone. I have also tried setting a preference for turning off integrated windows auth (as suggested by a couple of google hits). So far, no combination of settings is allowing SSO to work. The site does appear in the intranet zone and if I right-click, Properties on the page, it shows as Intranet zone. If I have "enable integrated windows auth" unselected, I get "The server xxx at SSO requires a username and password. Warning: This server is requesting that your username and password be sent in an insecure manner". If I have "enable integrated windows auth" selected, I get the app's login dialog. When I google "ie 10 intranet zone auto logon", I have tried the first 20 suggestions and no combination of GPO settings has worked yet. What am I missing? Thanks Webster
