Suddenly in my Citrix Virtual Apps environment, my users where unable to connect to a desktop or app session externally using the Citrix Gateway funcionallity in Citrix ADC (former NetScaler). During the sign-in process the user got the following error message: “Cannot Complete your Request”. Yay – thanks for that!
So the troubleshooting begun. The first hit on Google was the following troubleshooting chart from Citrix:
I was pointed towards the StoreFront setup everywhere I looked, but none of the troubleshooting steps helped me out. Instead, I started to go thought Carl Stalhood’s outstanding blog to search for a solution. And as always – Carl had the answer!
It turned out that ADC, in version 13.0 build 64 and newer, no longer sends the user’s credentials to StoreFront making SSO impossible. The ADC disables SSO globally which now needs to be enabled on a per traffic basis due to security reasons. Read more about the change here.
To solve the issue, you have to create a Traffic Policy in ADC to enable SSO. Find out how on Carl’s blog post here.