So the last couple of days I’ve been struggling with users having issues when trying to add an account in Citrix Receiver/Workspace on their local computer.
The issue showed up after upgrade from Citrix AD 12.0 > 12.1 (latest build)..
Logging in via web browser and iOS devices worked as normal – but when trying to add the account to the native Workspace/receiver app the got the error:
“Your account cannot be added using this address…..etc”
When adding the account in the normal field as shown here:
The user was prompted with logon via the embedded browser in workspace app – the form accepts the credentials then resets and gives the error about not beeing able to adde the account with the given address.
Crawling through various log files after enabling logging did not show much
NetScaler logging showed the credentials and radius beeing accepted.
Checking various session profiles and policies gave nothing – everything was as they should be – making brand new ones to test gave the same result.
In this setup AAA group and AAA authentication server are beeing used, due to various tenants with seperate Storefront stores, authentication etc exists in the backend. This also means there is a need for seperate session policies/profiles for these tenants.
Because of this AAA groups are used, and session policies are bound at these groups – pr tenant, and default authentication group on the authentication policies are defined to match authentication>AAA group>session policy.
This also means no need for session policies directly on the Citrix GW since AAA groups define this based on the authenticated user.
This has worked from day one before the upgrade to 12.1.
Beeing stubborn enough with the digging, and pretty much out of ideas, I found that binding a session policy directly to the Citrix GW solved the problem.
After binding a session policy with the correct store directly on the Citrix GW, dicovery from the receiver went as normal.
I could not find anything about this in Citrix eDocs or around forums etc, and this was not needed before the upgrade to 12.1.
So that’s something to keep in mind if you run into the same issue.
Consultant manager & SME @ iteam, localized in Kristiansund, Norway.
Focused on EUC, security, mobility, virtualization, management and a modern workplace. Highly specialized around RDS/Citrix/EUC/Mobility.