I keep getting eventlog entries on the delivery controller saying that plaintext password was used.
This happens during log on through Netscaler and whenever I start a published application.
Setup is Win2019, Citrix 1912 CU2, Netscaler 13
What I've already done to secure communication channels:
- Bind certificate to IIS on Storefront servers for Default Website port 443, but kept default port 80
- Set communication with DDC on each SF-Store to HTTPS
- Install certificate on DDC
- Register certificate with brokerservice.exe (netsh http add sslcert...)
- On Netscaler set STA to https for Citrix Gateway Virtual server
- LDAP policies (LDAP server) authentication is set to SSL, Port 636
What am I missing ? Do I need to enforce SSL at some point?
Thanks a lot
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Event ID: 4624
Task Category: Logon
Level: Information
Keywords: Audit Success
User: N/A
Computer: DDC.MyDomain
Description:
An account was successfully logged on.
Question
Sabine Ludewig1709156713
Hi guys,
I keep getting eventlog entries on the delivery controller saying that plaintext password was used.
This happens during log on through Netscaler and whenever I start a published application.
Setup is Win2019, Citrix 1912 CU2, Netscaler 13
What I've already done to secure communication channels:
- Bind certificate to IIS on Storefront servers for Default Website port 443, but kept default port 80
- Set communication with DDC on each SF-Store to HTTPS
- Install certificate on DDC
- Register certificate with brokerservice.exe (netsh http add sslcert...)
- On Netscaler set STA to https for Citrix Gateway Virtual server
- LDAP policies (LDAP server) authentication is set to SSL, Port 636
What am I missing ? Do I need to enforce SSL at some point?
Thanks a lot
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Event ID: 4624
Task Category: Logon
Level: Information
Keywords: Audit Success
User: N/A
Computer: DDC.MyDomain
Description:
An account was successfully logged on.
Subject:
Security ID: NETWORK SERVICE
Account Name: DDC$
Account Domain: MyDomain
Logon ID: 0x3E4
Logon Information:
Logon Type: 8
Restricted Admin Mode: -
Virtual Account: No
Elevated Token: Yes
Impersonation Level: Impersonation
New Logon:
Security ID: MyDomain\MyUser
Account Name: MyUser
Account Domain: IBLZ
Logon ID: 0x838503BF
Linked Logon ID: 0x0
Network Account Name: -
Network Account Domain: -
Logon GUID: {AnyGUID}
Process Information:
Process ID: 0xd24
Process Name: D:\Program Files\Citrix\Broker\Service\BrokerService.exe
Network Information:
Workstation Name: DDC
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
Link to comment
1 answer to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now