en-US citrix user

Local user name and password

Citrix Workspace App

Supported on: All Citrix Workspace supported platforms

Description

Use this policy to instruct the client to use the same logon credentials (pass-through authentication) for the Citrix XenApp server as the client computer. When this policy is enabled, the client can be prevented from using the current user's logon credentials to authenticate to the remote server by clearing the "Enable pass-through authentication" check box. The client imposes certain restrictions specifying when pass-through authentication can occur (for details, see Citrix eDocs at http://support.citrix.com/proddocs/). If these restrictions are too strict for your environment, select the "Allow pass-through authentication for all ICA connections" check box to bypass the pass-through authentication restrictions. When run in a Novell Directory Server environment, selecting the "Use Novell Directory Server credentials" check box requests that the client uses the user’s NDS credentials. Troubleshooting: To enable pass-through authentication, the client must have been installed by an administrator, and the "Allow Local Credential Pass-through" option must have been selected at that time. Each user can choose to disable pass-through authentication through the client registry settings, the Program Neighbourhood window, or by editing their copy of AppSrv.ini. To enable pass-through authentication, the user's copy of AppSrv.ini must contain the setting "EnableSSonThruICAFile=true".

Registry

HKCU Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials

Value name: UseLocalUserAndPassword

Enabled: UseLocalUserAndPassword = true,false

Disabled: UseLocalUserAndPassword = false

This policy sets several registry values:

SSOnUserSetting
Enabled: SSOnUserSetting = true,false
EnableSSOnThruICAFile
Enabled: EnableSSOnThruICAFile = true

More options available

Options

Enable pass-through authentication
UseLocalUserAndPassword boolean - default: 1
Allow pass-through authentication for all ICA connections
LegacyLocalUserNameAndPassword boolean
Use Novell Directory Server credentials
SSOnCredentialType boolean

REG Builder

BETA

Configure the state and elements to generate .reg, PowerShell, Intune, and SCCM outputs.

These exports replicate the policy's registry effect. Editing the registry directly is not the same as applying the GPO through the management console (no gpupdate, no central reporting). Test before production; HKLM changes require administrator rights.

.reg file

Windows Registry Editor Version 5.00

; Exported from gporais.com
; Policy: Local user name and password
; State: Enabled
; Supported on: All Citrix Workspace supported platforms

[HKEY_CURRENT_USER\Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials]
"UseLocalUserAndPassword"="true,false"
"SSOnUserSetting"="true,false"
"EnableSSOnThruICAFile"="true"
"UseLocalUserAndPassword"=dword:00000001
"LegacyLocalUserNameAndPassword"=dword:00000000
"SSOnCredentialType"=dword:00000000