Jump to content
  • 0

SAML VDA error-"The Request is not supported"


Eddie Santana

Question

Netscaler NS11.1 47.14.nc

Xenapp 7.9

StoreFront 3.6

Converting to SAML from a working Radius+LDAP environment.

 

 

User attempts to log in and all seems working until the get to VDA.

When users try to login they get "The request is not supported".

Once they click "OK" they get presented and "empty" ID. Usually it would say a username. 

I click on "Other User" and log in with username and password, I log in successfully. 

 

Below is the log in the VDA re: SAML 

 

--------------------------

 
[s106] Identity Assertion Logon.  Logging in [Certificate: [subject]
  CN=User1, OU=[NAME], OU=[NAME], DC=[NAME], DC=com
 
[issuer]
  CN=[NAME]-CA, DC=[NAME], DC=com
 
[serial Number]
  4#############################
 
[Not Before]
  8/12/2016 9:12:42 AM
 
[Not After]
  8/19/2016 9:12:42 AM
 
[Thumbprint]
  166##########
]

 

---------------------------

 

In Citrix Docs it has reference link to smart card setup.

Does SMART CARD have to be enabled in any part of the SAML setup?

What could be a possible cause?

 

See Attachments for visual.

 

 

 

 

 

post-10641159-0-21422000-1471010125_thumb.jpg

post-10641159-0-90640900-1471010148_thumb.jpg

post-10641159-0-63491300-1471010179_thumb.jpg

post-10641159-0-80254100-1471010200_thumb.jpg

Link to comment

4 answers to this question

Recommended Posts

Roel,

 

1) Make sure your using UPN when passing the SAML from IDP to Netscaler

 

2) It may be related to Certificate Authority. Add this key to your VDAs

HKEY_Local_Machine\System\CurrentControlSet\Control\LSA\Kerberos\Parameters

Value Name: UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors 
Value Type: DWORD 
Value Data: 1 

 

Let me know if this worked for you

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...