If you have a Citrix Server in your network that internal users access and in turn go via a Proxy Device with authentication, it might be seen in the access Logs that all the Users are coming from a single User credential. This is because the way you have configured the Authentication on the Proxy.

Citrix is a bit different to other services, because all traffic from the Citrix server is coming from the same IP. It will record this and use for reference. Also most commonly the 1st person to use the Citrix Services is used when the Citrix Server receives an Authentication request and uses this for all other transactions.

So what you see is that User A is seen for all transactions which is not good for logging/reporting.

Solution :

A simple solution to this is use a Cookie based authentication method "just for the IP of the Citrix Server(s)." What this does is when a User logins to a Citrix Session, the auth details supplied are bound to a cookie which is held in each of the users browser sessions.