Policy

Local user name and password

Citrix Workspace

Back to User authenticationBack to main
Local user name and password
Jump to overview

Policy overview

Key metadata and intent for this policy.

Category
Citrix Components > Citrix Workspace > User authentication
Supported on
All Citrix Workspace supported platforms

Use this policy to instruct the client to use the same logon credentials (pass-through authentication) for the Citrix XenApp server as the client computer. When this policy is enabled, the client can be prevented from using the current user's logon credentials to authenticate to the remote server by clearing the "Enable pass-through authentication" check box. The client imposes certain restrictions specifying when pass-through authentication can occur (for details, see Citrix eDocs at http://support.citrix.com/proddocs/). If these restrictions are too strict for your environment, select the "Allow pass-through authentication for all ICA connections" check box to bypass the pass-through authentication restrictions. When run in a Novell Directory Server environment, selecting the "Use Novell Directory Server credentials" check box requests that the client uses the user’s NDS credentials. Troubleshooting: To enable pass-through authentication, the client must have been installed by an administrator, and the "Allow Local Credential Pass-through" option must have been selected at that time. Each user can choose to disable pass-through authentication through the client registry settings, the Program Neighbourhood window, or by editing their copy of AppSrv.ini. To enable pass-through authentication, the user's copy of AppSrv.ini must contain the setting "EnableSSonThruICAFile=true".

Internal name
Policy_LocalCredentialsLockdown
Computer
Policy_LocalCredentialsLockdown_1
User
Policy ID
94d0e71755e9
Elements
3

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
EnableSSOnThruICAFile
REG_SZ
HKLM
HKCU
HKLM
HKCU
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
SSOnUserSetting
REG_SZ
HKLM
true,false
HKCU
true,false
HKLM
HKCU
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
UseLocalUserAndPassword
REG_SZ
HKLM
true,false
HKCU
true,false
HKLM
HKCU
Computer
Path
Software\Policies\Citrix\ICA Client\SSON
Value name
Enable
REG_SZ
HKLM
HKLM
Registry location
Type REG_SZ · Both
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
EnableSSOnThruICAFile
Hive
HKLM
Enabled value
Disabled value
Hive
HKCU
Enabled value
Disabled value
Registry location
Type REG_SZ · Both
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
SSOnUserSetting
Hive
HKLM
Enabled value
true,false
Disabled value
Hive
HKCU
Enabled value
true,false
Disabled value
Registry location
Type REG_SZ · Both
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
UseLocalUserAndPassword
Hive
HKLM
Enabled value
true,false
Disabled value
Hive
HKCU
Enabled value
true,false
Disabled value
Registry location
Type REG_SZ · Computer
Path
Software\Policies\Citrix\ICA Client\SSON
Value name
Enable
Hive
HKLM
Enabled value
Disabled value

Policy elements

Inputs and configuration options exposed by this policy.

ScopeElementTypeRegistry mappingConstraints & behaviorCopy
Allow pass-through authentication for all ICA connections
ID Part_LegacyLocalUserNameAndPassword_Enable
boolean
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
LegacyLocalUserNameAndPassword
Type
REG_SZ
Options: true (), false ()
True: Set value = "" · False: Set value = ""
Use Novell Directory Server credentials
ID Part_NovellCredentials
boolean
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
SSOnCredentialType
Type
REG_SZ
Options: true (NDS), false (Any,NT,NDS)
True: Set value = "NDS" · False: Set value = "Any,NT,NDS"
Enable pass-through authentication
ID Part_LocalCredentialsLockdown_Enable
boolean
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
UseLocalUserAndPassword
Type
REG_SZ
Options: true (true,false), false ()
True: Set value = "true,false" · False: Set value = ""
Allow pass-through authentication for all ICA connections
Both · Type boolean
Registry mapping
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
LegacyLocalUserNameAndPassword
Type
REG_SZ
Details
Options: true (), false ()
True: Set value = "" · False: Set value = ""
Use Novell Directory Server credentials
Both · Type boolean
Registry mapping
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
SSOnCredentialType
Type
REG_SZ
Details
Options: true (NDS), false (Any,NT,NDS)
True: Set value = "NDS" · False: Set value = "Any,NT,NDS"
Enable pass-through authentication
Both · Type boolean
Registry mapping
Path
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Logon\Local Credentials
Value name
UseLocalUserAndPassword
Type
REG_SZ
Details
Options: true (true,false), false ()
True: Set value = "true,false" · False: Set value = ""