After setting up Enhanced SSO according to https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/domain-passthrough-for-single-sign-on ,  it doesn't work. When trying to launch an application, nothing happens.

When using traditional SSO using the old SSONVR.exe mechanism, there is no issues but there is a need to move away from this method in order to be able to disable MPR notifications on Windows 11 clients.

This issue is a known issue which was caused due to Windows 11 updates, where changes were made to the underlying RCG implementation. These changes broke our Enhanced Domain Passthrough for SSO feature, which in turn have left customers with two equally undesirable options:

1) Re-enable the legacy passthrough authentication option.

2) Keep passthrough authentication disabled and force users to re-enter their credentials in every session they launch.

This issue is documented here - https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/2402-ltsr/whats-new/2402-ltsr-initial-release

 "When you use Enhanced domain pass-through for single sign-on, SSO into the session might fail if the client device or session host is running Windows 11. [HDX-62973]" 

The issue has since been fixed with VDA version CVAD 2407 , CWA version 2405.10. For LTSR Releases the issue has been fixed in CWA 2402 CU2 and CVAD 2402 CU2.

Please note: You will need to on both versions as mentioned above. Only upgrading VDA or CWA alone will not be enough.

Problem Cause

Known Issue which occurred due to changes made on Windows 11 devices