Thursday, July 31, 2008

Citrix Users Report Login Issue on Unix Workstation

A few days ago, one of our remote Citrix workstation users reported a login issue. Here was the error message displayed on the client interface.

"Your account is configured to prevent you from using this computer."

To fix the issue, I confidently used the "tried and true" procedure described below. At the same time, I was “showing” someone else how to address the issue. I was quite surprised when the procedure didn't work. The registry key values were not displaying in the right pane. The only thing showing up was the tree structure, no data. After awhile, I realized the regedt32 editor was not set to “View->Tree and Data”; it was only set for “View->Tree” structure. After making the trivial adjustment, we ran through the procedure without incident.

Here is the procedure - Source: MS Help and Support

Part 1: Disable the Security Policy
Disable the following Group Policy setting on either the default domain or the domain controller organizational unit:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Shut down your system immediately if unable to log security audits
You can find this policy on the default domain policy, default domain controller policy, and local security policy.

Note: After you disable the security policy, you must also remove the security policy registry key.

Back to the top
Part 2: Edit the CrashOnAuditFail Registry Key
1. Click Start, and then click Run.
2. In the Open box, type regedt32.exe, and then click OK.
3. Click the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail
4. In the right pane, double-click CrashOnAuditFail.
5. In the Value data box, type 0 (zero), and then click OK.
6. Click Start, and then click Run.
7. In the Open box, type secedit /refreshpolicy machine_policy /enforce, and then click OK to apply the new security setting.
8. Restart your server.

No comments: