Add to collection(s) Add to saved
  1. No category

to - Secure Support

Knowledge Base Article
Subject: Citrix Agent failed to determine the security identities for
Citrix/Metaframe virtual directory
Publish date: February 10, 2010
Revision: 1.0
Author: LR
Reviewed By: Dee E
Classifications:
Enterprise > SafeWord
The information in this article applies to:
-SafeWord RemoteAccess Citrix Web Interface
-Safeword PremierAccess Citrix Web Interface
-SafeWord 2008 Citrix Web Interface
Background
Both the installer and later the configuration dialogs attempt to set directory
permission so that Citrix Web Interface can create agent logs and server
verification files (swec.md5). The reason this is necessary is that by default IIS
applications lack the permissions to write to the file system outside their sandbox.
Problem description
If the process above fails, the following error dialog and possibly event log messages may
appear:
 Failed to determine the security identities for Citrix/Metaframe virtual directory
 Even Logs Messages:
1. Error deregistering authentication module
2. SWEC error in swecDeregister
3. SWEC_STATUS_FILE_ERR - Failure while attempting to write to swec.md5
4. SWEC error in SWECProcessInit
 Any general failure to write swec.md5 message
Steps you take in order to solve the problem:

Once the directory permissions are setup, then the above dialog is benign. The later
updates of SafeWord have fixes for this but it’s still possible for not every
combination to be accounted for.
During this process various things are referenced:
1. The installer attempts to locate the virtual directory WI runs in. This is O/S and WI
version dependent.
Page 1 of 7
© 2009 SafeNet, Inc., and/or Aladdin Knowledge Systems Ltd. All rights reserved.
Information provided is confidential and proprietary to SafeNet, Inc. (“SafeNet”) and Aladdin Knowledge Systems, Ltd. (“Aladdin”). Neither SafeNet nor
Aladdin assume any responsibility or liability for the accuracy of the information contained in this presentation.
Knowledge Base Article





WI 5.x on 2003 is http:// <servername /Citrix/AccessPlatform/auth/login.aspx
WI 4.5 on 2003 is http://<servername>/Citrix/AccessPlatform/auth/login.aspx
CAE 2.0 is http://<servername>/CitrixAccess/auth/login.aspx
WI 4.6 is http://<servername>/Citrix/AccessPlatform/auth/login.aspx
WI 5.x on 2008 is http://<servername>/Citrix/XenApp/auth/login.aspx
See screenshot for manually locating the Virtual Directory in Windows 2008 R2 with
WI 5.x installed: Open IIS Management Console => Citrix => XenApp
See screenshot for manually locating the VD in Windows 2003 with WI 5.x installed.
Open the IIS Management Console => Default Website => Citrix =>
AccessPlatform
2. Once the Virtual Directory is known, the software will attempt to find out what
Application Pool hosts the application.
Page 2 of 7
© 2009 SafeNet, Inc., and/or Aladdin Knowledge Systems Ltd. All rights reserved.
Information provided is confidential and proprietary to SafeNet, Inc. (“SafeNet”) and Aladdin Knowledge Systems, Ltd. (“Aladdin”). Neither SafeNet nor
Aladdin assume any responsibility or liability for the accuracy of the information contained in this presentation.
Knowledge Base Article
Manually this can be done in Windows 2003 by right clicking the Virtual Directory
and selecting properties. The Virtual Directory’s application pool will be found in the
bottom dropdown.
For Windows 2008 Right click on the Virtual Directory->Manage Application>Advanced Settings… or click on Advanced Settings from the Actions menu.
The application pool is the first setting in the dialog that appears.
Page 3 of 7
© 2009 SafeNet, Inc., and/or Aladdin Knowledge Systems Ltd. All rights reserved.
Information provided is confidential and proprietary to SafeNet, Inc. (“SafeNet”) and Aladdin Knowledge Systems, Ltd. (“Aladdin”). Neither SafeNet nor
Aladdin assume any responsibility or liability for the accuracy of the information contained in this presentation.
Knowledge Base Article
3. Next the software attempts to find out the Identity the account runs as.
Open the Application pool settings that the application’s Virtual Directory runs in by
right clicking on the Application Pool and choosing Properties. This will be known as
the Identity the account runs as.
Page 4 of 7
© 2009 SafeNet, Inc., and/or Aladdin Knowledge Systems Ltd. All rights reserved.
Information provided is confidential and proprietary to SafeNet, Inc. (“SafeNet”) and Aladdin Knowledge Systems, Ltd. (“Aladdin”). Neither SafeNet nor
Aladdin assume any responsibility or liability for the accuracy of the information contained in this presentation.
Knowledge Base Article
On Windows 2008 Right click on the Application Pool and select Advanced Settings
(or from Actions).
The Identity the account runs as is in the Identity under Process Model.
Page 5 of 7
© 2009 SafeNet, Inc., and/or Aladdin Knowledge Systems Ltd. All rights reserved.
Information provided is confidential and proprietary to SafeNet, Inc. (“SafeNet”) and Aladdin Knowledge Systems, Ltd. (“Aladdin”). Neither SafeNet nor
Aladdin assume any responsibility or liability for the accuracy of the information contained in this presentation.
Knowledge Base Article
4. Now that we know the Identity the account runs as, the software will make sure that
the account has write permissions to two SafeWord directories. You can add these
by right clicking on the directory->Properties and in the dialog that pops up selecting
the Security Tab and adding the Identity with adequate read/write/modify
permissions.
The two directories are:
 <installdir>\AgentLogs
 <installdir>\ServerVerification
For Example:
C:\Program Files (x86)\Aladdin\SafeWord\ServerVerification
Page 6 of 7
© 2009 SafeNet, Inc., and/or Aladdin Knowledge Systems Ltd. All rights reserved.
Information provided is confidential and proprietary to SafeNet, Inc. (“SafeNet”) and Aladdin Knowledge Systems, Ltd. (“Aladdin”). Neither SafeNet nor
Aladdin assume any responsibility or liability for the accuracy of the information contained in this presentation.
Knowledge Base Article
Should you still see the above error once updating the product and manually editing the
virtual directory permissions, please provide the following information to SafeWord
Support.
 O/S
 Version of Citrix Web Interface installed
 The name of the Virtual Directory Citrix runs in
The application pool’s Identity that the virtual directory resides in
Page 7 of 7
© 2009 SafeNet, Inc., and/or Aladdin Knowledge Systems Ltd. All rights reserved.
Information provided is confidential and proprietary to SafeNet, Inc. (“SafeNet”) and Aladdin Knowledge Systems, Ltd. (“Aladdin”). Neither SafeNet nor
Aladdin assume any responsibility or liability for the accuracy of the information contained in this presentation.
Related documents
Disney Actually Does Teach You Things Submitted by
Disney Actually Does Teach You Things Submitted by
SafeNet Update - Jisc Collections
SafeNet Update - Jisc Collections
Monologues for Aladdin Kids Tips: Memorize it as best as you can
Monologues for Aladdin Kids Tips: Memorize it as best as you can
Aladdin vs. Monkey`s Paw
Aladdin vs. Monkey`s Paw
as docx file - The Hiss & Boo Company
as docx file - The Hiss & Boo Company
Manfred and Denise Caldwell
Manfred and Denise Caldwell
Monkeys Paw vs. Aladdin
Monkeys Paw vs. Aladdin
SafeNet Theatre Presentation
SafeNet Theatre Presentation
Download