Suddenly getting: Your computer does not meet the minimum requirements for accessing corporate resou, in the Advanced Access Control / Citrix Access Gateway forum on BrianMadden.com

All of a sudden we're getting the following error on our CAGs:

"Your computer does not meet the minimum requirements for accessing corporate resources securely. Contact the system administrator for assistance"

This has been working fine, and we haven't made any changes. It happens when it's trying to display the Login Point, I'm not even getting to any authentication yet. There are no defined endpoint anaylisis scans, the site is in my trusted sites list, and the policy for displaying the login point has been set to yes. So I'm really perplexed. I appreciate any help. Here's the oh so helpful event viewer logs:




AccessPoint := 8ee94839-4247-4a86-b0c3-6f9c970be61f
EndUserSubjectCommonName :=
EndUserSubjectOrganization :=
EndUserSubjectOrganizationalUnit :=
EndUserCertificatePresent := false
CanShowLogonPage := False

There was a change in the way the "Entire Network" resource works. Originally it was a default resource that couldn't be deleted and contained your whole network. The changed it (in 4.2?) where it is still a default resource that can't be deleted but by default it is set to Deny. So if users were getting in via this resource I'd check that.
I believe 4.5 will not have the Entire Network resource at all. You will need to create it yourself (if you want users to access your entire network)

Did you try to restart COM on the AAC Server?
I've had the same issue and it was due to the SQL Server being rebooted...

Very weird but true...

Regards

Andrea

I've rebooted all the boxes including the SQL server, no joy. We're giving them direct access into a WI page so there's not any other resources that they need.

Forgot to log in ;)

Here's the log entry from the CAG as well:


(09/26/06 09:42:05): 2:server:aacd:: request: https://10.5.1.21:0/CitrixLogonPoint/External%20Users/themes/default/style/default.css
(09/26/06 09:42:05): 2:server:aacd:: request: https://10.5.1.21:0/CitrixLogonPoint/External%20Users/themes/default/images/Msam_Logo.gif
(09/26/06 09:42:05): 2:server:aacd:: request: https://10.5.1.21:0/CitrixLogonPoint/External%20Users/themes/default/images/Citrix_Logo.gif
(09/26/06 09:45:00): 2:server:aacd:: request: https://10.5.1.21:0/
(09/26/06 09:45:00): 2:server:aacd:: next page validation failed.
(09/26/06 09:45:00): 2:server:aacd:: Expected page: Disallowed.aspx?ff=full
(09/26/06 09:45:00): 2:server:aacd:: Requested page: https://10.5.1.21:0/CitrixLogonPoint/External Users
(09/26/06 09:45:00): 2:server:aacd:: request: https://10.5.1.21:0/
(09/26/06 09:45:00): 2:server:aacd:: request: https://10.5.1.21:0/CitrixLogonPoint/External%20Users/
(09/26/06 09:45:00): 2:server:socket:: ssl_conn_reuse_node retrieved from cache

I saw this when the Logon Point was trying to update the client and could not, once I turned the client update off on the logon point, the error went away. The web client was deployed from the WI page instead.

Thanks, client update is already disabled though :(

I get the same problem the same as you after I upgrade cag 4.2 to 4.2.3 this moning, any solution?

Interesting... I also upgraded from 4.2 to 4.3, but it was a week or so ago. I was working up until 10:25 yeaterday and at 2:25pm it stopped working. I've rebuilt the login points several times, deleted them out and recreated them, etc; Still not working :(

After I upgrade it, I get some other error message, so I restarted the PS4 server. After that, I get this error. I removed all resoure, access policy, and login point, then rebuild them again, this error is gone.

How did you remove the default login point? I tried to do that, but it wouldn't let me remove the default one.

I tranfered the defaul login page to a diffrent one (samplelogin page), then removed the defaul login page.

Well, tried that... new error. I'm not resolving the login page at all. Here are my current entires:


(09/27/06 09:44:03): 1:controller:socket:: ssl client session reused
(09/27/06 09:44:03): 2:controller:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:03): 1:controller:socket:: ssl client session reused
(09/27/06 09:44:03): 2:controller:aacd:: Cluster Config:
(09/27/06 09:44:03): 2:controller:aacd:: default guid: 30f7a6e0-c399-4e2b-b36d-133ddc4b2c8c
(09/27/06 09:44:03): 2:controller:aacd:: default logon point found: External
(09/27/06 09:44:03): 1:controller:load_setupd: : committing OS files to disk
(09/27/06 09:44:03): 1:controller:load_setupd: : writing nameserver configuration file
(09/27/06 09:44:03): 1:controller:load_setupd: : writing network configuration file
(09/27/06 09:44:03): 1:controller:load_setupd: : writing IF0 configuration file
(09/27/06 09:44:03): 1:controller:load_setupd: : writing IF1 configuration file
(09/27/06 09:44:03): 0:controller:load_setupd: : writing bootloader configuration file
(09/27/06 09:44:03): 1:controller:load_setupd: : writing snmp configuration file
(09/27/06 09:44:03): 0:controller:load_setupd: : writing ODBC configuration file
(09/27/06 09:44:03): 0:controller:load_setupd: : writing static-routes configuration file
(09/27/06 09:44:03): 0:controller:load_setupd: : writing HOSTS configuration file
(09/27/06 09:44:03): 2:controller:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:03): 1:controller:socket:: ssl client session reused
(09/27/06 09:44:03): 1:controller:load_setupd: : committing OS files to disk
(09/27/06 09:44:03): 1:controller:load_setupd: : writing nameserver configuration file
(09/27/06 09:44:03): 1:controller:load_setupd: : writing network configuration file
(09/27/06 09:44:03): 1:controller:load_setupd: : writing IF0 configuration file
(09/27/06 09:44:03): 1:controller:load_setupd: : writing IF1 configuration file
(09/27/06 09:44:03): 0:controller:load_setupd: : writing bootloader configuration file
(09/27/06 09:44:04): 1:controller:load_setupd: : writing snmp configuration file
(09/27/06 09:44:04): 0:controller:load_setupd: : writing ODBC configuration file
(09/27/06 09:44:04): 0:controller:load_setupd: : writing static-routes configuration file
(09/27/06 09:44:04): 0:controller:load_setupd: : writing HOSTS configuration file
(09/27/06 09:44:04): 2:controller:registry: : cannot load registry //runtime/S0/config/registry
(09/27/06 09:44:04): 0:server:kerneld: : reloading configuration...
(09/27/06 09:44:04): 0:server:kerneld: : syncing configuration...
(09/27/06 09:44:05): 0:server:socket:: SSL server certificates WILL be validated on backend connections
(09/27/06 09:44:05): 0:server:socket:: default access without trusted root CA ALLOWED; will not solicit client certificates from SSL/TLS clients
(09/27/06 09:44:05): 0:server:socket:: socket: setting client certificate verification mode for context
(09/27/06 09:44:05): 2:server:registry: : cannot load registry //runtime/S0/config/registry
(09/27/06 09:44:05): 2:server:sta_proto: : STA HOST = https://ctxz1dc01.mlnusa.com:443/Scripts/CtxSta.dll
(09/27/06 09:44:05): 2:server:sta_proto: : STA HOST ID = STAAE657D802666
(09/27/06 09:44:05): 1:server:safeword_proto: : Error configuring authentication module: Can not open configuration file: //runtime/S0/config/safeword.cfg
(09/27/06 09:44:05): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:05): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:06): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 2:server:aacd:: Cluster Config:
(09/27/06 09:44:06): 2:server:aacd:: default guid: 30f7a6e0-c399-4e2b-b36d-133ddc4b2c8c
(09/27/06 09:44:06): 2:server:aacd:: default logon point found: External
(09/27/06 09:44:06): 2:server:aacd:: node count 0
(09/27/06 09:44:06): 0:server:aacd:: syncing logonpoint white list...
(09/27/06 09:44:06): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:06): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 2:server:aacd:: setting up cache whitelist for logon point: External...
(09/27/06 09:44:06): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:06): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 2:server:aacd:: server request failed [ctxz1ac01.mlnusa.com:443]
(09/27/06 09:44:06): 2:server:aacd:: try next server [ctxz1ac01.mlnusa.com:443]
(09/27/06 09:44:06): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:06): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 2:server:aacd:: server request failed [ctxz1ac01.mlnusa.com:443]
(09/27/06 09:44:06): 2:server:aacd:: try next server [ctxz1ac01.mlnusa.com:443]
(09/27/06 09:44:06): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:06): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 2:server:aacd:: server request failed [ctxz1ac01.mlnusa.com:443]
(09/27/06 09:44:06): 2:server:aacd:: try next server [ctxz1ac01.mlnusa.com:443]
(09/27/06 09:44:06): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:06): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 2:server:aacd:: server request failed, aborting...
(09/27/06 09:44:06): 2:server:aacd:: failed to get cache resource for logon point: SampleLogonPoint
(09/27/06 09:44:06): 0:server:aacd:: done syncing logonpoint white list...
(09/27/06 09:44:06): 0:server:aacd:: verifying cache entries...
(09/27/06 09:44:06): 0:server:aacd:: done verifying cache entries...
(09/27/06 09:44:06): 2:server:socket:: ssl_conn_reuse_node retrieved from cache
(09/27/06 09:44:06): 1:server:socket:: ssl client session reused
(09/27/06 09:44:06): 0:server:kerneld: : sync complete
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:23): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/
(09/27/06 09:44:24): 2:server:aacd:: request: https://10.5.1.21:0/

Talked with Citrix for a while.They say it's database corruption, and sure enough when I restored a DB backup from before the error it seems ok. Weird!