Blog, Citrix, StoreFront, Web Interface
0

Web Interface and StoreFront password change problem

In Citrix Web interface and StoreFront web portals users can normally change their expired passwords if feature is enabled. WI and SF can be also configured to allow users to change their password at anytime they want. There is a short steps how to enable it on both WI and SF.

Web interface:

1. Open Citrix Web Interface Management console.

2. Select XenApp Web Site.

3. Select Authentication Methods and Properties.

4. Choose Password Settings and Allow users to change passwords At any time.

5. Optionally you can also set Remind users before their passwords expire setting.

 

StoreFront:

1. Open Citrix StoreFront console.

2. Select Authentication and choose Authentication Method.

4. Choose Manage Password Options and Allow users to change passwords At any time.

5. If you want also to set Remind users before their passwords expire setting. Then edit the file in: C:\intetpub\wwwroot\Citrix\Authentication\web.config

Search line: ” <…> showPasswordExpiryWarning=”Custom” <…> ” and change setting to the “Custom”

 

However recently I came across situation that password reminder worked but users got an error message when tried to change their expired passwords. Self-password reset didn’t worked either and you can see following errors on the Citrix Delivery Services event logs.

sf_error

 

 

 

 

 

 

 

 

 

Event Properties – Event ID:1 Citrix Receiver for Web

 

Reason to this could be that Web Interface or StoreFront servers are on the different network subnets e.g. DMZ and proper firewall rules are not in place. Changing password from the WI and SF requires:

Kerberos Change/Set password ports TCP/UDP 464

To be open in both ways between WI/SF servers and the Domain Controllers. After we had impelemented proper firewall rules to allow that, password change worked properly for the users.

 

[facebook_like_button]

 

 

Views: 5902

Jani Kohonen Visit Website

Jani Kohonen is an author of janikohonen.com and working as a Citrix Consultant and Architect with 17 years of experience in the IT industry. Jani’s been working in the IT industry since 1997 and with Citrix technologies since 2001. He holds several years experience with Microsoft, Citrix, Apple, HP and VMware vendors as well as Server, Application and Desktop virtualization and Mobile technologies. He has done dozens of virtualization design and implementation projects from Small Business to the large global enterprise customers and complex environments. Jani is a Citrix, Microsoft, Apple and ITIL certified specialist. Certifications: MCP, MCSA, MCSE, MCTS, MCITP, HP ASP, HP ASC, HP CSA, HP AIS, HP ASE, VCSP, CCSP, CCA, CCAA, CCEA, CCEE, CCIA, CCP-M, CCE-V, APP, ACA, ACSP, ACTC, ITIL.

Related Posts
Citrix Virtual Desktop Handbook 7.x
NetScaler Gateway – Two-Factor Authentication – How to hide 2nd password field
NetScaler – Restrict SMTP Relay

Leave Your Comment

Your Comment*

Your Name*
Your Webpage