downloadWhy can't I download this file?Citrix Password PolicyCitrix Workspace Password Change Citrix Workspace Passcode Software ![Login Login](/uploads/1/0/5/3/105317507/923049090.png)
Citrix Password Policy
This guide will walk you through how to active Citrix Workspace. You are enrolled in Archpass Duo, but the system doesn't recognize your login, even if it's correct. This is most likely your first time using Citrix Workspace since vLab was put behind Archpass. We currently have a configuration bug that messes up the login on first try. A single place to simplify delivery of Citrix technologies. Provide secure access to apps, data and IT tools. Deploy on any cloud or infrastructure.
Applicable Products
- Citrix ADC
- Citrix Virtual Apps and Desktops Service
![Login Login](/uploads/1/0/5/3/105317507/923049090.png)
Symptoms or Error
Citrix Workspace Password Change
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information.
Receiver for MAC and Windows failing to add store.
Receiver for MAC and Windows failing to add store.
Solution
We observed that removing the response-rewrite policies made it possible to login with LDAP-only in Receiver.
However, we needed two-factor auth and thus had to bind the policies.
With response-rewrite policy bound (the one setting header “X-Citrix-AM-GatewayAuthType” = SMS).
Binding the policy setting “PWDCount=0”, made the Receiver fail.
Entrust - SMS Passcode reported back that if Netscaler version is 12.x, the policy must be replaced with this:
add rewrite policy RWP-RES-REMOVE_2ND_PASSWORD 'HTTP.REQ.URL.PATH_AND_QUERY.SET_TEXT_MODE(IGNORECASE).EQ('/logon/LogonPoint/index.html')' RWA-RES- REMOVE_2ND_PASSWORD
and a corresponding action:
add rewrite action RWA-RES-REMOVE_2ND_PASSWORD replace_all 'HTTP.RES.BODY(99999)' 'rn'+n'<style type='text/css'>rn'+n'[for='passwd1'] { display: none;}rn'+n'#passwd1 { display: none; }rn'+n'</style>rn'+n'rn'+n'</body>rn'+n'</html>rn' -search 'text('</body>n</html>')'
However, we needed two-factor auth and thus had to bind the policies.
With response-rewrite policy bound (the one setting header “X-Citrix-AM-GatewayAuthType” = SMS).
Binding the policy setting “PWDCount=0”, made the Receiver fail.
Entrust - SMS Passcode reported back that if Netscaler version is 12.x, the policy must be replaced with this:
add rewrite policy RWP-RES-REMOVE_2ND_PASSWORD 'HTTP.REQ.URL.PATH_AND_QUERY.SET_TEXT_MODE(IGNORECASE).EQ('/logon/LogonPoint/index.html')' RWA-RES- REMOVE_2ND_PASSWORD
and a corresponding action:
add rewrite action RWA-RES-REMOVE_2ND_PASSWORD replace_all 'HTTP.RES.BODY(99999)' 'rn'+n'<style type='text/css'>rn'+n'[for='passwd1'] { display: none;}rn'+n'#passwd1 { display: none; }rn'+n'</style>rn'+n'rn'+n'</body>rn'+n'</html>rn' -search 'text('</body>n</html>')'