Jump to content
Welcome to our new Citrix community!
  • 0

Citrix Federation question


Joseph Abolghasemi

Question

Carl - Question for you.  I'm setting up Citrix Federation to work with Azure AD as an iDP.  I have an on prem AD account lets say that sam account name is jdoe with jdoe@domain1.com as the UPN.  If I create an account in the Azure AD instance that is jdoe@azuredomain.com.  When i put the creds for the Azure account on the Netscaler set up with Federation and the AZURE iDP for SAML, it logs me in and shows me applications that my on prem account jdoe@domain1.com has access to.  It's as if its just matching the SAM account name or UPN before the suffix.  With this being the case i feel like anyone with a federated instance of Azure can create an account with someone else's user name and log in and get see all the apps.  How can we lock down it down so it needs to match the full UPN?

 

Thanks

Link to comment

1 answer to this question

Recommended Posts

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...