Jump to content
Welcome to our new Citrix community!

Receiver AM_ERROR_AUTH_NETWORK_ERROR with DNS switch


Peyton Creery

Recommended Posts

Environment: Production (Prod) and Disaster Recovery (DR)

 

I have Citrix Receiver on a HP Laptop (running a locked-down version of Debian) for users and it works fine until our environment is switched to DR

 

Scenario (Environment in Prod):

no store added

storebrowse -l

 

no /etc/hosts set

 

adding prod and dr remote.domain.com is good

storebrowse -a http://remote.domain.com

storebrowse -a http://drremote.domain.com

 

listing is good

storebrowse -E http://remote.domain.com

storebrowse -E http://drremote.domain.com

 

running & connecting is good

storebrowse -L "Connector.Windows 10 Users" http://remote.domain.com

storebrowse -L "Connector.Windows 10 Users" http://drremote.domain.com

 

delete to start from scratch (and to log out of selfservice account)

storebrowse -d http://store.domaincorp.com/citrix/domain/discover/

storebrowse -d http://drstore.domaincorp.com/citrix/domain/discover/

 

Both Desktop Applications work

 

BUT: when remote.domain.com is added in /etc/hosts and points to drremote.domain.com's ip    (to simulate DR DNS transition)
/etc/hosts:

96.46.116.195    remote.domain.com

 

storebrowse -a http://remote.domain.com
or
storebrowse -a http://store.domaincorp.com/citrix/domain/discover/

Quote

Error adding store:AM_ERROR_AUTH_NETWORK_ERROR[65275]

 

Prod Workspace (Desktop App pointing to remote.domain.com) No longer works

Quote

Cannot add the store at the given URL
Exit Code: 235
Error: Error adding store:Specified store not found[65275]

 

DR Workspace Desktop App (pointing do drremote.domain.com) still works
 

What I have tried

I have tried to clear DNS cache with:

/etc/init.d/networking force-reload

 

I have also attempted to import certificates without any result... At least I think I did.

I exported 3 certs from remote.domain.com & drremote.domain.com via Firefox and copied them to $ICAROOT/keystore/cacerts & intcerts

then ctx_rehash & tried with c_rehash

 

Enable logging in:

$ICAROOT/config/AuthManConfig.xml

via https://support.citrix.com/article/CTX217630

 

Logs located at
~/.ICAClient/logs/*.latest

 

AuthManSvr.latest log show these lines that stand out (there are too many other lines to add so I just selected a couple):

Quote

Wed 18 Dec 2019 08:28:05 <<<<< T:.   .   .   .   .   .   .   .   .   .   .   Throwable created: CInteractionRequiredException: Gateway logon is not allowed if the interactive flag isn't set
Wed 18 Dec 2019 08:28:05     > T:.   .   .   .   CAuthenticationContextError::ConvertExceptionToErrorCodeOrRethrow
Wed 18 Dec 2019 08:28:05       T:.   .   .   .   .   Processing exception, type='Interaction required exception' description='Gateway logon is not allowed if the interactive flag isn't set'
Wed 18 Dec 2019 08:28:05       T:.   .   .   .   Returning AMResult: 0xfef9 (authError='AuthContextError_InteractionNotAllowed')
Wed 18 Dec 2019 08:28:05 *ERR* T:.   CitrixAuthManagerSDK::AMResult CitrixAuthManagerSDK::LinuxAuthManSvr::destroyAuthHttpRequest(CitrixAuthManagerSDK::AMHttpHandle) could not find unkown handle 14


 

 

Has anyone else seen this issue?

It may be a Netscaler Configuration issue that I am aware of but I am not sure.

 

storebrowse -v

Version 18.10.0.11

 

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...