SSO logon to Director fail when accessing from outside of Director server computer via Edge/Chrome/Firefox.
( IE or IE mode works fine and any browser on Director server works fine )

User get "An internal error has occurred" error even if credential is manually input.

For Chrome & Edge: 

1. Create registry Key on the computer accessing to Director.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome
HKEY_LOCAL_MACHINE\ Software\Policies\Microsoft\Edge

2. set registry as following
Type:REG_SZ
Name: AuthNegotiateDelegateAllowlist
Value: FQDN of Director server

(Step 2 should be enough but if it doesn't work, do Step3 as well)

3. set registry as following
Type:REG_SZ
Name: AuthServerAllowlist 
Value: FQDN of Director server

4. restart your browser.

Declaimer :Caution! Using Registry Editor incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.


For Firefox
1. open Firefox
2. type "about:config" in address bar.
3. type "network.negotiate-auth.trusted-uris" in search bar and enter FQDN of Director server.
4. type "network.negotiate-auth.delegation-uris" in search bar and enter FQDN of Director server.
(Step 3&4 should be enough but if it doesn't work, do Step 5 as well)
5. type "network.automatic-ntlm-auth.trusted-uris" in search bar and enter FQDN of Director server.
6. restart your browser.

[Note]
Above cofiguration should enable Integrated Windows Authentication.

However, the configuration might change depends on the version of browsers in future.
Visit the support forum or support site of the browsers to confirm the proper setting if it doesn't work.

Problem Cause