$theTitle=wp_title(" - ", false); if($theTitle != "") { ?>
About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like
14 Mar // php the_time('Y') ?>
Interesting case today: customer uses Imprivate for two factor logon in combination with Citrix XenApp.
Users reported that logons failed after they had changed their password. After contacting the users we learned that this only happened with special characters in the password like ! and +.
To do the actual logon to Citrix Imprivata uses an executable which is actually an AutoIT script compiled to an executable.
After authentication the executable get’s the password from the Imprivata Appliance.
I decompiled the executable to source and read the line that passes the password to XenApp:
1 | ControlSend("Citrix online plug-in", "", "[ID:1004]", $password) |
I then checked the AutoIT documentation for the ControlSend function and learned there’s an extra parameter Flag with a default value of 0. This flags determines how keys are processed.
When Flag = 0 (default), special characters like + are used to indicate moving the cursor or indicate SHIFT. When Flag =1 the keys are send raw which is what we need for the passsword.
I changed the line to:
1 | ControlSend("Citrix online plug-in", "", "[ID:1004]", $password, 1) |
And now it works fine!
One Response for "Imprivata fails to logon with special characters in the password"
goed gedaan man, dat is troubleshooten 🙂
Leave a reply