If a Citrix-published application or desktop does not contain valid users, sync to VMware Identity Manager does not work.
Problem
All Citrix-published applications and desktops in a Site must contain valid users. If a user or group is deleted and that user or group is not removed from a Citrix-published resource, the Citrix application or desktop shows an orphaned SID. This stops the sync to VMware Identity Manager from working.
You can use the following API to check the issue:
http://CitrixBrokerFQDN:80/IB/API/RestServiceImpl.svc/hznxenapp/admin/entitlements?computerName=IBFQDN&xenappversion=VersionNumber&appName=applicationName
The resulting file contains empty resources. Example output:
"[{\"IncludedUsers\":\"DomainName\\\\USERNAME:User$S-1-5-21-1097426297-1557994628-1672037986-53944:Group\"}]"
Cause
Some published applications or desktops in the Site do not contain valid users.
Solution
Ensure that all Citrix-published applications and desktops within a Site contain valid users.