Jump to content
Welcome to our new Citrix community!

Netscaler Authentication Primary and Secondary

Kim Keith

Recommended Posts

HI Citrix Guys


I have a customer who wants both Radius and LDAP to authenticate on the Netscaler (Dont ask me why)

Currently they have a Radius/2 faktor as primary and no Secondary Authentication, so can i add a LDAP AUthentication as Secondary authentication on the GW VIP so only user can login who are member of the AD group of the Radius authentication and also the AD group of the LDAP group ? and only will be ask to authentication from 2 Faktor. So they users dont see the LDAP authentication ?


Meaning they login as the use to.





Link to comment
Share on other sites

  • 2 weeks later...

Using the classic dual-factor authentication, then when you enable DFA, everyone will then need to use DFA.


It is possible to set LDAP as a "third" authentication method, which means there is no user login, but it sends the user name to LDAP and just does group extraction. So go to the bind point (ie the NG Vserver), add a new authentication policy, select LDAP,  then choose "group extraction" (rather than Primary or Secondary). That might give you what you need.



Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...