With the SecureLogin Citrix components installed, SecureLogin provides a seamless passthrough of GINA credentials (for example, username and password) from the client to the server. The GINA credential pass-through operates anytime that the terminal server presents a GINA login panel. If the credentials that the user uses to log in to the client match the credentials of the terminal server, the credentials are automatically passed for the user.
If the stored credentials don't match, SecureLogin captures the error and presents a new login panel for the user to complete. SecureLogin detects which GINA is running on the terminal server and requests the appropriate information. For example, if SecureLogin detects that the terminal server has the Novell ClientTM installed, SecureLogin presents the following dialog box:
After the user completes the dialog box, SecureLogin saves the information as a hidden application (platform) within the SecureLogin datastore directory (and local cache if applicable). The next time the user accesses the terminal server, the credentials are retrieved from the hidden application and seamlessly passed to the terminal server.
Passthrough Authentication fails with Citrix Metaframe Presentation* Server displaying an error message.
If SecureLogin is installed on a Citrix Metaframe Presentation Server 3.0, passthrough authentication might not be successful. This occurs if you set up the following configuration on the Citrix server:
When you attempt a Citrix client connection with the Citrix server, the error message Unable to find Novell Login window. Press Cancel to stop finding or Retry to continue is displayed with the window title SLAA Citrix Server for Novell.
If you click Retry, SecureLogin enters the user credentials in the Novell Login dialog box and passthrough continues normally. If you click Cancel, SecureLogin exits and the Novell Login dialog box prompts you to enter credentials (manually).
Ensure the following:
Name | Type | Data |
---|---|---|
AutoDetect |
REG_SZ |
0 |
protocol |
REG_SZ |
ICA |
When SecureLogin attempts to locate Novell GINA to provide passthrough credentials, if for some reason the server is running the Citrix GINA (ctxgina.dll), it fails to find the Novell Login window. To resolve this, change the default GINA to Novell GINA (nwgina.dll) under the registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.
Name | Type | Data |
---|---|---|
GinaDLL |
REG_SZ |
C:\windows\system32\nwgina.dll |
Changing the GINA might make certain Citrix capabilities nonfunctional.
SecureLogin enters the password, but not the username.
Slina.dll failed to find the Novell client login window. Therefore, though the password is passed through, username is not, resulting in the Windows Security message Failed to login to the Windows Workstation.
Starting with version 4.9, Novell Client displays the version on the title bar (highlighted in the image below) of the Novell Login dialog box.
Slinas.dll on the Citrix server looks for the Novell Login dialog box with the title Novell Login, whereas the Novell Client post-4.9 versions (as in the above case) also suffixes the version details to the title.
The title string is determined by a registry key. You can edit this in the Citrix server itself.
On the Windows task bar, click Start > Run.
Type regedit in the Open field.
The Registry Editor is displayed.
WARNING: Any improper registry editing can damage the system functionality. Therefore, be careful when making any registry change.
In the left panel, click HKEY_LOCAL MACHINE > SOFTWARE > Novell > NetWareWorkstation > CurrentVersion.
In the right panel, click Title.
The Edit String dialog box is displayed.
Change the value data to Novell Login.
Click OK.
If necessary, create the following registry values:
Name | Type | Data |
---|---|---|
ProductName |
REG_SZ |
Novell Login |
IMPORTANT: If Novell Client is removed and then reinstalled or updated, the client installation program might change the title value data. Therefore, if any change is made to Novell Client on a Citrix/Terminal server, you should validate the title value data.
To verify if the slinac.dll is registered properly, do the following:
Registry Check: Ensure that slinac.dll is copied to Sys32 on your workstation.
Notepad Script: To ensure that the SecureLogin client is able to read the workstation login credentials and store them in the ?sys variables, create a notepad.exe script to echo the values to a new notepad document.
slnmas.dll: Ensure that slnmas.dll is not installed on your workstation. If it is installed, delete it and restart the workstation.
All the Citrix manual configuration (and related) files are available in the following path of the SecureLogin 3.51.2 CD:
SecureLogin_cd\SecureLogin\Tools\Citrix Manual Configuration\Citrix
Use these files to manually configure Citrix passthrough and to troubleshoot passthrough authentication.