Results 1 to 2 of 2
  1. #1
    Join Date
    Sep 2001
    Chicago, Illinois, USA

    Unanswered: Uniquely identifying who logged-in to the MSSQL Server via Citrix

    Customer has a third-party HR/payroll/accounting program that uses MSSQL as it's backend.

    Program has its own internal security and a successful login is recorded in one of its tables.

    Customer wants to audit any changes made to certain critical tables and wants to tie the changes to the the third-party user login stored in that login table.

    I have put a trigger on that login table to record in another table, whenever a new record is created, the third-party user login AND the net_address (IP address).

    With subsequent changes to critical tables the customer wants to monitor, I can determine the IP address of the process and cross-reference, via that IP address, to the third-party user login I previously recorded.

    Works great.

    Problem is, however, that the customer uses Citrix for offsite sessions. Each Citrix session accessing MSSQL Server reports the Citrix Server's IP address to MSSQL Server, not the originating client's IP address. In other words, there may be 10 people using a CITRIX server and all ten will have the same IP address, rendering my logic above useless.

    A long-shot here, but has anyone ever dealt with Citrix communcations with MSSQL and uniquely identifying those connnections?

    Maverick Software Design

    (847) 864-3600 x2

  2. #2
    Join Date
    Feb 2004
    In front of the computer
    Provided Answers: 54
    When the user logs into Citrix, they will have an AD Authenicated Login which should be unique (no two users ought to use the same AD Login). That can be accessed by SQL Server as Suser_Sname() for auditing purposes.

    In theory, theory and practice are identical. In practice, theory and practice are unrelated.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts