Jump to content
Welcome to our new Citrix community!
  • 0

SmartAccess VAD 1912 LTSR from XenApp 6.5

Troy Hite1709161553


Current environment:

VAD 1912 LTSR + Netscaler Gateway 12.1 recently upgraded from a XenApp 6.5 environment.


My main question seems simple. In XenApp 6.5 you had the ability on an app-by-app basis to allow access through the Netscaler. Obviously in the latest versions of VAD you can only control this at the delivery group level. I know I'll need to use session policies on the Netscaler but I cannot find a way to do the following:


If a user is a member of an AD security group, allow them access into the delivery group via the Netscaler. Otherwise, no other users can access the applications through the Netscaler. Any help would be appreciated.

Link to comment

4 answers to this question

Recommended Posts

  • 0

You can configure a LDAP Search Filter in your NetScaler Policy/Server to restrict to one AD group.


Or, you can add a AAA Group to NetScaler that matches the AD group name (case sensitive). Bind a new Session Policy to the AAA Group. And then use the name of that Session Policy in your Access Control filters.

Link to comment
  • 0

Ok, but what about the session profile? Do I just assign that to one of the two default profiles that were created with the vserver? Do I create a blank one? I want it so regardless if they're using the client or the web they can get in through the Netscaler if they are members of that group. 


I have already configured the Access Policy on the delivery group as follows:



Session Policy:


And it's bindings to the AAA group that match the AD group name:



Still just doesn't seem to be working, I'm guessing something with the session profile?


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...