You cannot access this session because you are not the brokered user.
In this scenario:
- On-prem AD users where migrated to Azure ADDS
- Individual users are specified to allow access to application
- Credential from Azure ADDS is used to logon at Citrix Cloud Workspace URL
Additionally, you will see following error in DDC trace where DDC or Broker is unable to find or lookup the SID in Azure ADDS:
xxxxxxx,1,yyyy/mm/dd hh:mm:ss.xxxxx,xxxx,xxxx,x,BrokerDAL,1,Error,'AccountNameCache::TrySyncUniversalClaimsForAccount: ERROR SID:S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXXXX not found using Identity API Exception:Citrix.Fma.Sdk.Identity.Interface.IdentityLookupFailureException: The lookup failed as the domain 'S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX' could not be located ---> Citrix.Fma.Sdk.Identity.Interface.IdentityNotFoundException: [customer id] Specified domain 'S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX' was not found in: [Name:domainname.com NetBiosName:domainname SID:S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX]
The Broker expects the user SID from Azure AADS and not the one from On-prem Active Directory
Citrix Cloud Gateway As Idp
Okta is an integrated identity management and mobility management service that securely and simply connects people to their applications from any device, anywhere, at anytime. Built from the ground up in the cloud, Okta is delivered with an unwavering commitment to customer success. Okta gives Enterprise IT teams the ability to dramatically improve the end-user experience, while achieving the management control necessary to accelerate the secure adoption of cloud and mobile technologies. The result is greater employee and partner productivity, increased revenue and supply chain efficiency, and improved compliance. Product development teams in digital businesses and cloud service providers can leverage the Okta platform to seamlessly authenticate, federate, manage and secure their users. The result is faster time to market for their apps and products, more rapid and secure enterprise adoption and improved developer productivity. The Okta service provides a deeply integrated experience across directory services, single sign-on, strong authentication, provisioning, mobility management, and reporting. It runs in the cloud on a secure, reliable, extensively audited platform and integrates with on premises applications, directories, and identity management systems.
Okta Citrix Cloud Access
For more information visit our website at: http://www.okta.com