The ICA properties in VMware Identity Manager must include the encryption property set to the same encryption level as configured on the XenApp servers in the farm, otherwise users cannot access their Citrix-published applications or desktops.

Problem

When a user connects to a Citrix-published resource from VMware Identity Manager, the following error message is displayed.
You do not have the proper encryption level to access this Session

Cause

VMware Identity Manager does not set encryption levels. If the encryption level on the XenApp server is set higher than the default setting used in the Citrix Receiver, users see this error.

You must set a higher encryption level in VMware Identity Manager.

Solution

  1. Log in to the VMware Identity Manager console.
  2. Click the Catalog > Virtual Apps tab, then click Settings.
  3. In the left pane, click Citrix XenApp or Citrix XenDesktop, based on your deployment.
  4. Make the following changes in both the ICA Configuration and Netscaler ICA Configuration sections.
    1. In the ICA Client Properties text box, set the encryption level with the following property:
      EncryptionLevelSession=EncRC5-128
      This example sets the encryption level to 128 but you must modify it to the level configured on the XenApp servers.
    2. In the ICA Launch Properties text box, set the encryption level by entering or editing the following property:

      [EncRC5-128]

      DriverNameWin16=pdc128w.dll

      DriverNameWin32=pdc128n.dll

      This example sets the encryption level to 128 but you must modify it to the level configured on the XenApp servers.