Jump to content
Welcome to our new Citrix community!

Netscaler Nfactor with RADIUS RSA, AND azure NPS ( cannot complete your request)


Recommended Posts

Hello 

 

needed your help. I have followed this article to every letter. Point is that client wants to use LDAP as first factor, and use RSA/ azure MFA nps based on group. They want to eventually move away from RSA and move to NPS. 

 

https://blog.markdepalma.com/?p=411

 

i have made the login schemas, policies, POLICY label, AAA server and i am on the login page now for AAA virtual server. LDAP credentials are accepted, and it moves on to either RSA ( based on group) or MFA NPS azure. The end user is able to get the Radius codes for both (RSA and NPS), however when the user puts in the code, the error event ID number 10 comes in Citrix Receiver for Web ( Cannot complete your request) .

 

Hi,

I am unable to login to my Storefront server via my NS Access Gateway 10 via the web address in a browser. I keep getting the message "Cannot Complete your Request" on the webpage. It does connect to the storefront Server it just does not authenticate.

When I check the Storefront Logs I have the following:

 

Log Name:      Citrix Delivery Services
Source:        Citrix Authentication Service
Date:          16/12/2013 16:30:31
Event ID:      8
Task Category: (1005)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      xxxx.xxxx.xxxx.xxxx
Description:
None of the AG callback services responded
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Citrix Authentication Service" />
    <EventID Qualifiers="0">8</EventID>
    <Level>2</Level>
    <Task>1005</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-12-16T16:30:31.000000000Z" />
    <EventRecordID>1904</EventRecordID>
    <Channel>Citrix Delivery Services</Channel>
    <Computer>ievapp05.atrema.deloitte.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>None of the AG callback services responded</Data>
  </EventData>
</Event>
</Event>

 

 

And then

Log Name:      Citrix Delivery Services
Source:        Citrix Receiver for Web
Date:          16/12/2013 15:29:41
Event ID:      10
Task Category: (3001)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      xxxxx.xxxxx.xxxxx.xxxxxx
Description:
A CitrixAGBasic Login request has failed.

 

What am i missing ?  please advise as i have very tight deadlines.

 

 

Thanks

Link to comment
Share on other sites

Are you using SmartAccess or SAML? If not, then you can remove the Callback URL. In StoreFront console > Manage NetScaler Gateways, edit the Gateway. On the Authentication tab, notice the callback URL. You can remove it. 

 

If you need callback, then make sure your StoreFront server can reach the Callback URL.

Link to comment
Share on other sites

Hello Carl

 

Thank you for the prompt reply. i do not think there is, so when we try NPS, we get the code and then we put in the code, and then it tries to detect receiver. then it fails with " Cannot complete your request"

 

when we try RSA, we get the code, and we put in the code.. and then it says invalid code( contact your help desk), even though the code is correct.

 

Any thoughts?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...