Category: FAS

  • Notes from the field: The Kerberos chronicles, the one with certificate-based authentication

    If you’ve read my previous Kerberos chronicles blogs you see a trend with the Microsoft patches, hardening updates and with this one the upcoming strong mapping / full enforcement mode of certificate-based authentication. See the following article for explanation: KB5014754—Certificate-based authentication changes on Windows domain controllers – Microsoft Support This one is going to have…

  • Notes from the lab: Citrix StoreFront 2203 and the cannot complete request

    A quick blog regarding my Citrix lab upgrade from Citrix Virtual Apps and Dekstops (CVAD) 1912CU4 to 2203 and the little StoreFront snag I hit. Summary of my setup: Two Delivery controllers Two StoreFront servers cohabitating with Director as well Two FAS servers Two WEM servers One unmanaged VDA worker And a Citrix ADC HA…

  • Notes from the field: Another cannot complete your request with Citrix FAS

    We’ve all seen it time and time again some misconfiguration with Citrix StoreFront and/or Citrix FAS and you’ll be getting the cannot complete your request message in your screen. Digging in the StoreFront logs and you’ll be seeing the most interesting messages of error kind in which you would think am I a rocket professor?…

  • Notes from the field: Citrix FAS request not supported

    On a recent Citrix FAS deployment I’ve encountered the following error: “Request not supported” when logging in to a published application or desktop. Article https://support.citrix.com/article/CTX218941 explains that re-enrollment of the domain controller authentication template or another custom template for Kerberos usage should resolve the error. A little bit of a background on the environment, an…

  • Notes from the field: Citrix FAS SSO not working with invalid CRL

    Recently I got contacted by a customer who had problems performing an SSO to a newly build desktop environment. The setup a greenfield resource domain and forest trust from an existing tenant with a two way trust. Basically everything was correct but the logon from the users would always get terminated at the desktop with…