- This topic is empty.
-
Posts
-
Hello,
We are having a problem with users who’s password has expired. When logging in to their S10 or V10 they aren’t prompted to change their password. I’ve read through multiple faq’s including https://support.wyse.com/OA_HTML/csksxvm.jsp?nSetId=22363&nUsePub=NO&jttst0=4476_50785,50785,-1,0,&jtfm0=_0_0_0_-1_f_nv_&etfm1=&jfn=ZG713AE071D10018D7177E7998E029042DCCD17E7DDDEA744C446515CB38D4897FC481B5AABE0EC0807EEB8106BEF8606C12&oas=j_ToyHtS55gTYyK79U1ehQ..
But when we try this it doesn’t work. I’ve placed the PasswordServer= variable followed by ip-adres, fqdn, or servername, none of them work.when I check my DC logs all I get is a Security audit failure, event 672 with kerberos error code 0x17, which indicates that the user’s password has expired.
The only thing meaningfull is in the system information log on the thin itself. It says the following:
PN Agent sign-on to Servername
Http header: bad response!
PN Agent sign-on failedAnyone any thoughts? I hope I’ve provided sufficient information, so if you require anything additional, just ask.
Thanks in advance
Hi,
Can you post the solution ID from Wyse you looked at, unfortunately the Wyse knowledge base makes dynamic links so you can not cut and past them.
Also, what firmware are you using?
Cheers,
-TTAh didn’t see that 🙂
Knowledgebase article is 15330
Firmware:
V10 6.0.0_20
S10: 5.3.0_106.1 is on it’s way
Have you entered the IP address of one of your Citrix server as a passwordserver?
CG
Yes, I tried with the ip address, with the netbios name, and the fqdn-name, none seem to work.
Does the Citrix Server defined as the password change server allow direct connections to the server desktop or only published applications? You may need to allow direct connections,
Cheers,
-TTIt didn’t allowed direct connections, since we only use applications, but I tested by enabling it, but no difference.
Maybe something wrong in our setup?
Our Wyse boxes use the PNA to connect to a citrix web interface which contains the configuration file. From there the short cuts towards the applications are published.
so I think they always try the PNA logon, and I think the problem is related to this. Anyone any thoughts?
Ahh, now I know the issue.
Unfortunately when you said you used a IP address for the PNagent= value I “assumed” you were pointing directly to the XML service on a DC.
There is an issue where the password changed does not work if you are using WTOS with a PN agent Web Interface site. You will need to contact Wyse support and open a call on this one, it was only brought to my attention recently about this problem. The workaround is not to use the Web Interface site but you will lose zone preferences with the workaround,
Cheers,
-TT(once again i am reminded to never assume 😳 )
- You must be logged in to reply to this topic.