I have this single FAS server that works just fine with my on prem Citrix. I can see from the event logs as well as from Issuing CA that it obtains certificates for users and everything works.
But this works only with my onprem Citrix. When I try to use this same FAS server with my Citrix Cloud POC (AAD) I get always the event ID 103 in FAS Application log.
And yes, FAS is enabled in the Citrix cloud and FAS server is added to resourse location. Checks are just fine. FAS server version is the newest, i.e. 10.0.0.2.
exact error is:
[S103] Server [CC:60da6poppfzr] requested UPN [user.name@domain.aad] SID S-1-5-21-3676925492-572991883-3269444322-1312, but lookup returned SID S-1-5-21-2053793227-2943714206-3195920420-14243. [correlation: cc#37424020-c340-4bd0-99aa-55d76feee3f7]
Problem is somehow related to account SIDs, I have AAD ghost accounts on my on prem domain. AAD accounts are used to login to Azure. On prem domain is completeley different domain, so users are not synced to anywhere, as said on prem domain has only ghost accounts from the AAD.
Also no trusts, because I want to use federation.
Can't find any info about this error with G, only that this is one of the FAS errors.
Question
oraat
I have this single FAS server that works just fine with my on prem Citrix. I can see from the event logs as well as from Issuing CA that it obtains certificates for users and everything works.
But this works only with my onprem Citrix. When I try to use this same FAS server with my Citrix Cloud POC (AAD) I get always the event ID 103 in FAS Application log.
And yes, FAS is enabled in the Citrix cloud and FAS server is added to resourse location. Checks are just fine. FAS server version is the newest, i.e. 10.0.0.2.
exact error is:
[S103] Server [CC:60da6poppfzr] requested UPN [user.name@domain.aad] SID S-1-5-21-3676925492-572991883-3269444322-1312, but lookup returned SID S-1-5-21-2053793227-2943714206-3195920420-14243. [correlation: cc#37424020-c340-4bd0-99aa-55d76feee3f7]
Problem is somehow related to account SIDs, I have AAD ghost accounts on my on prem domain. AAD accounts are used to login to Azure. On prem domain is completeley different domain, so users are not synced to anywhere, as said on prem domain has only ghost accounts from the AAD.
Also no trusts, because I want to use federation.
Can't find any info about this error with G, only that this is one of the FAS errors.
Any info/experience about this error ?
thanks,
6 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now