Jump to content
Welcome to our new Citrix community!

User stealing user desktops

Recommended Posts

When you say logging in remotely via the web ... are these external users?

If so, do you have 2-factor authentication enabled?

Are users credentials being compromised? The only way I know of sessions being "stolen" is if the bad actors log in with the same ID.

Link to comment
Share on other sites

Basically a user logs in via external access gateway and they launch there desktop. We do use Safe net along with AD authentication.  What happens is a user logs in and it seems to connect to another users session.  I don't think its user names been compromised we can see users making a connection but it authenticates as another user.

Link to comment
Share on other sites

Open up the authentication daemon to see how the user is authenticating:

Open up a PuTTy session to the NetScaler management IP (make sure you're on the primary - PuTTy will tell you if you're not).

Shell out to the kernel and star the daemon.

> shell

> cat /tmp/aaad.debug

Have the use log in, and you should be able to see who is being authenticated. 

Hit Ctrl-C to exit the daemon.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...