This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information.


Receiver for MAC and Windows failing to add store. 

We observed that removing the response-rewrite policies made it possible to login with LDAP-only in Receiver.
However, we needed two-factor auth and thus had to bind the policies.

With response-rewrite policy bound (the one setting header “X-Citrix-AM-GatewayAuthType” = SMS).
Binding the policy setting “PWDCount=0”, made the Receiver fail.

Entrust - SMS Passcode reported back that if Netscaler version is 12.x, the policy must be replaced with this:
add rewrite policy RWP-RES-REMOVE_2ND_PASSWORD "HTTP.REQ.URL.PATH_AND_QUERY.SET_TEXT_MODE(IGNORECASE).EQ(\"/logon/LogonPoint/index.html\")" RWA-RES- REMOVE_2ND_PASSWORD
and a corresponding action:
add rewrite action RWA-RES-REMOVE_2ND_PASSWORD replace_all "HTTP.RES.BODY(99999)" "\"\\r\\n\"+\n\"<style type=\\\"text/css\\\">\\r\\n\"+\n\"[for=\\\"passwd1\\\"] { display: none;}\\r\\n\"+\n\"#passwd1 { display: none; }\\r\\n\"+\n\"</style>\\r\\n\"+\n\"\\r\\n\"+\n\"</body>\\r\\n\"+\n\"</html>\\r\\n\"" -search "text(\"</body>\n</html>\")" 
 

---

Problem Cause

Incorrect re-write policies on NetScaler

Unable to add the account on Workspace for Mac and Windows