Sorry all....I meant to send that just to Webster :-( On 19 November 2010 13:57, James Rankin <[email protected]> wrote:
> That was a big fat lie the consultants told me. ADFS role is not even > installed on any of the DCs. Honestly these guys are cowboys. I will see if > i can get it installed on one of the DCs to test. > > Cheers, > > On 17 November 2010 17:20, Webster <[email protected]> wrote: > >> James, >> >> >> >> I would like to lab this to see if I can get this working and then write >> an article about it. Can you e-mail me off list with some specifics I can >> use in my testing. Your specifics will of course not be in the article. I >> need to finish an article on XenDesktop 5 first. I am also working on an >> article for using Web Interface to help migrate from older MF/PS/XA versions >> to XA6. But that was going to be for one forest, one tree, one domain. I >> need to know more of your setup so I can test and document a solution for >> you and others. >> >> >> >> Thanks >> >> >> >> >> >> Webster >> >> >> >> *From:* James Rankin [mailto:[email protected]] >> *Subject:* Citrix web interface query >> >> >> >> We have two old Windows 2003 domains with PS3 and PS4 farms respectively. >> We are in the process of migrating the users to a Windows 2008 R2 domain >> running Xen6. We need to keep some of the old applications from the old >> domains available in the new infrastructure via the Program Neighborhood >> Agent, so we have "multi-homed" our new web interface server with >> connections to the old PS3 and PS4 farms. So far, so good. >> >> Problem comes when a user in the new domain logs onto the PNAgent. They >> get an error of "the credentials supplied were invalid". When I remove the >> entries for the legacy farms from the web interface, the user can log in >> fine. So it appears when the PNAgent is submitting the user credentials to >> the legacy domains for validation, they are being rejected somewhere. >> >> Is there anything special that needs to be done to allow the user to log >> into the web interface in this configuration? There is obviously a trust in >> place, so the user in the new domain should be validated by the old ones. I >> *could* just publish up some .ica files for the new users, but that smells >> like an administrative nightmare.... >> >> Any help is appreciated, >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > > > -- > "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into > the machine wrong figures, will the right answers come out?' I am not able > rightly to apprehend the kind of confusion of ideas that could provoke such > a question." > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
