Jump to content

Add temporary filters on NetScaler for testers


Robert Boluchi

Recommended Posts

Hello Everybody,

We have released a new application on production. We have sent the URL to only our Pilot-Testers so that only pilot-testers should be able to log on. We use NetScaler and SSO for loging on our users.

However if a user (not Pilot-Tester) knows the URL he/she can log on to the site. How we make the application visible only for Pilot-Testers? Is it possible to add a Filter based on the subnet the Pilot_testers belong to? So that only users with a specific IP-Address will be able to log on to that specific application but they still are able to sign on to other applications. 

 

Thanks.

Link to comment
Share on other sites

Create an AD group for the pilot testers, and then create an AAA group on the NetScaler exactly (case-sensitive) matching the name of the AD group.

Then bind your session policy to only the AAA group (and not to the gateway vServer). Anyone not in the group will not be able to log in.

Link to comment
Share on other sites

32 minutes ago, Sam Jacobs said:

Create an AD group for the pilot testers, and then create an AAA group on the NetScaler exactly (case-sensitive) matching the name of the AD group.

Then bind your session policy to only the AAA group (and not to the gateway vServer). Anyone not in the group will not be able to log in.

 

Thanks Sam,
Do the pilot-testers still be able to access other applications?

Link to comment
Share on other sites

  • 1 month later...

In the past I have set up a second VIP (the primary VIP was disabled for users until testing was being done) pointing to the backend Prod servers, then get my testers to use their local host file to add the primary URL pointing to the second VIP.

 

Once testing was completed they can remove the host file entry and enable the primary VIP again.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...