Jump to content
Welcome to our new Citrix community!
  • 1

Director 1912 internal error when trying to log in


Tim Emunds

Question

Hello,

since we installed Director 1912 we experience issues when we try to login with Chrome (IE works with SSON): An internal error occured.

We get redirected to http://director.domain.subdomain/Director/LogOn.aspx?ReturnUrl=%2fDirector%2f&cc=true

After many login attempts it suddenly works, but it just annoys every morning.

I already reinstalled and also installed to a new server, the issue persists.


Does anyone have an idea?

 

Thanks!
Tim

Link to comment

12 answers to this question

Recommended Posts

  • 1

We just upgraded to 1912 LTSR over the weekend and are seeing the same behavior.

 

Enabling logging in Director reports "Token or Cookie for antiCSRF validation is either not present or donot match." when attempting to use username and password to log in; however, single-sign on works flawlessly from IE, Chrome, and Chromium Edge.  

 

Check your IIS settings for Authentication and disable the Anonymous authentication setting.  That should resolve it.

  • Like 1
Link to comment
  • 0

No problem Tim.  Out of curiosity, what version of Director did you upgrade from?

 

We had to make a change to the Forms Authentication back I believe when we went to from 7.15 LTSR CU 1 to 1811 for some reason.  It's been a while so the exact reason is escaping me.

 

We recently upgraded directly from 1811 to 1912 LTSR and found that auto-login worked for our normal accounts that had read-only access; however, our administrative accounts would not be able to log in unless they used the auto-login feature.  For us, the Anonymous Authentication had been re-enabled after the installation of Director 1912 for the Director site while the other authentication methods had been left alone.  After we disabled the Anonymous Authentication method for Director, we were able to perform authentication with username and password without issue.

Link to comment
  • 0

I upgraded from 1909 and also installed a new server, experienced the same issue.

In the past I always had Forms- and Windows-Authentication enabled and SSON for our Helpdesk worked fine. Also the manual authentication worked fine in the past with these settings.

 

The anonymous authentication was always disabled as I remember. It's just enabled on the Default Web Site for the Auto-Redirect.

Link to comment
  • 0
On 2/27/2020 at 7:51 AM, Rob Mullens1709157194 said:

Disable Form-Authentication.

The Authentication pane in IIS for the Director site should look like
Anonymous Authentication Disabled
ASP.NET Impersonation Disabled
Basic Authentication Disabled HTTP 401 Challenge
Forms Authentication Disabled HTTP 302 Login/Redirect
Windows Authentication Enabled HTTP 401 Challenge

For those who has Director SSO working.  Did you have to do anything extra in Chrome and Edge, like play policies to allow kerberos auth to director url?   I can only get SSO working with IE (or Edge in IE mode).  I can get chrome working, but as soon as I add that policy, I now have to manage all internal SSO webpages (we have bunch and some use different domain, so can not just wild card it).   Also, for those with SSO working, does it log you on directly into dashboard when you access the site, or do you still need to click to log in without entering credentials?

Thanks. 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...