After downloading a new version of Citrix Receiver and installing it, I discovered that the single sign-on (SSO) functionality that used to “just work”, had stopped working.
After hunting through the Local Group Policy Editor, the registry, and the folder in which Citrix was installed, I was able to put together the following instructions. Completing these steps fixed my problem, however, the fole locations may vary somewhat depending on how your Windows and Citrix installations are configured.
Note: The person executing these steps will need local admin rights on the PC.
- Add the following site(s) to the Local Intranet zone in Internet Options. (These will be specific to your organization.)
- http://yourcitrixwebportal.com
- https://yourcitrixwebportal.com
In Internet Explorer, go to Tools –> Internet options.
On the Security tab, click โLocal intranetโ in the โSelect a zoneโฆโ area.
Click the Sites button, and on the next dialog box, click the Advanced button.
Add each site above by pasting or typing the URL into the โAdd this websiteโฆโ field and click the Add button for each one. The checkbox requiring HTTPS should be unchecked.
Click Close, OK.Click the Advanced tab on the Internet Options box. Make sure the โEnable Integrated Windows Authenticationโ checkbox is checked. If not, check it. (You will also need to reboot the PC if this setting is changed after closing Internet Options.)
Click OK to close Internet Options. - Copy files from the Citrix Receiver client into the appropriate Windows folder to enable Citrix Group Policies.
- Copy CitrixBase.admx and receiver.admx from โC:\Program Files (x86)\Citrix\ICA Client\Configurationโ to โC:\Windows\PolicyDefinitionsโ
- Copy CitrixBase.adml and receiver.adml from โC:\Program Files (x86)\Citrix\ICA Client\Configuration\en-USโ to โC:\Windows\PolicyDefinitions\en-USโ
- Click Start –> Run –> type gpedit.msc in the search field and hit Enter to open the Local Group Policy Editor. Find the โUser authenticationโ folder in the left pane under Local Computer Policy –> Computer Configuration –> Administrative Templates –> Citrix Components –> Citrix Receiver. Click โUser authenticationโ to display its settings in the right pane. In the right pane, double click โLocal user name and passwordโ. Click the Enabled radio button, and make sure that the โEnable pass-through authenticationโ and โAllow pass-through authentication for all ICA connectionsโ checkboxes are checked. Click OK to close the โLocal user name and passwordโ settings box. Close the Local Group Policy Editor.
- Reboot the PC.
- When opening the Citrix app you may see a box asking to Permit or Block access to local resources. Check the checkbox and select Permit.