We have a CVAD environment, all Windows VDI desktops, but I am now trying to get Linux VDA to work.
Environment:
CVAD 1903 - using VDI exclusively (XenDesktop)
Ubuntu 18.04.3 LTS with VDA 1912 LTSR
Correctly joined to the AD domain using Winbind
Linux VDA is set up correctly and is registered with the broker
Using FAS 1903
FAS setup works correctly for the Windows VDI desktops, SSO into the desktop works using user certificates
Connecting in from external, using NetScaler 12.1
This also works correctly for the Windows VDI desktops, in combination with FAS
When I logon to the desktop, I get a "Invalid Login" message box. I have seen the troubleshooting documentation about this, which mentions it is related to the root CA certificate:
However, the root CA certificate is added correctly. I do have to add that is is an internally signed one, and the FAS servers have a certificate based off of that root CA. I'm not sure if that is the issue.
Question
Koenraad Willems
Hi,
We have a CVAD environment, all Windows VDI desktops, but I am now trying to get Linux VDA to work.
Environment:
Correctly joined to the AD domain using Winbind
Linux VDA is set up correctly and is registered with the broker
FAS setup works correctly for the Windows VDI desktops, SSO into the desktop works using user certificates
This also works correctly for the Windows VDI desktops, in combination with FAS
When I logon to the desktop, I get a "Invalid Login" message box. I have seen the troubleshooting documentation about this, which mentions it is related to the root CA certificate:
https://docs.citrix.com/en-us/linux-virtual-delivery-agent/current-release/configuration/federated-authentication-service.html#troubleshooting
However, the root CA certificate is added correctly. I do have to add that is is an internally signed one, and the FAS servers have a certificate based off of that root CA. I'm not sure if that is the issue.
Here is an excerpt from the hdx log:
Just wondering if anyone has any idea what to look for?
It's not an option to disable FAS, as that is site-wide and this is a production environment.
Thanks,
Koenraad
Link to comment
2 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now