Jump to content

Jeff Riechers

Members
  • Posts

    776
  • Joined

  • Last visited

  • Days Won

    39

Posts posted by Jeff Riechers

  1. You would probably would have to setup some form of nfactor to get the username first, run that through ldap nfactor to get the group membership, then based on the group membership send them to oauth for actual authentication.  You would have 2 different oauth policies with necessary default group assignments to route traffic.

  2. If a CA change took place you will need to do a few things.

    1. Regenerate certs for the FAS servers.

    2. Have Domain Controllers fully trust the new CA (easiest method is to generate new LDAP certs from the new CA)

    3. Have the new CAs Root and Intermediate replicated out to all machines on the domain that use FAS, like VDA, FAS, Storefront, etc.

    Check the Citrix Delivery Services Log on the Storefront server, and the Event Logs on the VDA for more info on what needs to be done.

    • Like 1
  3. Have an odd issue.  Some Windows 10 users are getting the latest round of Windows Updates and when they open Workpace App, that has been configured with the store up until this point, they are prompted to enter the address or email to setup a store.  We look in the registry and we see all the proper registry settings.  Has anyone else experienced this problem?  It's only some machines, not all that see this happening.

  4. Back at this same message after last year.  And I found the answer.

    It wasn't that hotfix at all.  It was daylight savings time.

    With Server 2016 if your reboot a machine after daylight savings time has shifted forward,  without updating the underlying image with the knowledge of DST shift, then your machine account password reset process will crash out.  You have to open your image, allow it to adjust the DST flag, then re-seal it and send it out.  

    So last year when this came up, we updated the image with that reg entry, but that was not it.  It was just the update process that fixed it.

    Doesn't happen on Server 2022 or 2019.

     

×
×
  • Create New...