Symptoms
Attempting to configure Web Interface for Microsoft SharePoint with Access Gateway with Advanced Access Control 4.2 fails with an access denied message.
Cause
In order for Web Interface for SharePoint to work with Advanced Access Control, you must have the Microsoft SharePoint Portal Server version of SharePoint with the service configured. Also, the Microsoft Single Sign-on Service for Web Interface for SharePoint and the end-user must have stored their credentials in the Microsoft Single Sign-on Service.
Resolution
- Configure Web Interface for SharePoint through the Web Interface for SharePoint Administration site, as shown below:
Note that only “Enable single sign-on using SharePoint” is enabled. Only this setting is valid if Web Interface for SharePoint detects Advanced Access Control.
- Under the SharePoint single sign-on section, fill in the display name, which can be any text that end-users will recognize as relating to them requiring their Presentation Server credentials and also an email address.
- Click Create to change the display to the following:
- Once the administrator tool looks like the above image, go to the page with the Web Part and log on. If the following error message is returned, then the logon user credentials are not stored.
- Click on the link or the key and you are taken to a SharePoint generated page as follows:
- On this page, fill in your credentials as User Identifier = domain\password and the correct password and then click OK. You should go back to the original page and you should be able to see your applications as follows:
Note: For the yellow key icon to appear, edit the Citrix Presentation server Web Part and select the Test for Single Sign On option. See page 34 of the Web Interface for Microsoft SharePoint Administrator's Guide for information on how to modify the appearance of the Web Part.
More Information
Refer to CTX108349 – Web Interface for Microsoft SharePoint Administrator's Guide for additional information.
