Jump to content
Welcome to our new Citrix community!

Hide Password 2 field on Netscaler v13


Recommended Posts

Looking for someone will skills on netscaler 13 customizations. 

 

Just tried for hours to hide the password 2 field without success. All googled rewrite policies didn't worked (e.g. https://support.citrix.com/article/CTX215611, or https://xenit.se/tech-blog/remove-password-2-rfwebui/).

 

Seems that netscaler in version 13 did some changes? 

 

Hope someone is able to help... 

 

Link to comment
Share on other sites

Mayabe I missed something, but it appears just in case you use 2 factor authentication. Anyway, you should use a AAA vServer to authenticate, as the "old" method of authentication won't be there any more in 13.1. Maybe this one could lead into the right direction: https://blog.norz.at/citrix-adc-netscaler-two-factors-from-outside-single-factor-inside/

Link to comment
Share on other sites

Hi Johannes, you are right - I like to use a 2 factor (radius). I know there are many ways to integrate 2 factors (even a nice one with nfactor) - but I need a solution to hide the 2. password field for now. In 13.1 many things will change, that is for sure - but at the moment I only need to solve this "sound simple but is tricky - little" issue. As you can see in  CTX215611 there are ways - I guess also with netscaler 13.0.x - but I have not found them yet. Looking forward getting some options :) Thank you in advance

Link to comment
Share on other sites

25 minutes ago, Carl Stalhood1709151912 said:

Duo is damn cool. I'm using it as well. Okta does the same job. Citrix is using Okta now.

 

2 hours ago, Wolfgang Mundt1709152413 said:

Hi Johannes, you are right - I like to use a 2 factor (radius). I know there are many ways to integrate 2 factors (even a nice one with nfactor) - but I need a solution to hide the 2. password field for now. In 13.1 many things will change, that is for sure - but at the moment I only need to solve this "sound simple but is tricky - little" issue. As you can see in  CTX215611 there are ways - I guess also with netscaler 13.0.x - but I have not found them yet. Looking forward getting some options :) Thank you in advance

My version 13 (and all of the previous ones I used) shows a single password field only. I think, Carl is right.

Link to comment
Share on other sites

  • 2 weeks later...
On 12/9/2020 at 9:23 PM, Carl Stalhood1709151912 said:

Hi Johannes and Carl - thank you for your fast reply. It helped a bit and actually I like to give you a feedback on the options that I have found hiding the 2nd PW field from Netscaler v13.

Actually all rewrite policies did not seem to work anymore, as the RfWebUI seems to do not support them anymore. So I found the following options:

 

First one (not very nice but working) is customizing the gateway_login_form_view.js found in /netscaler/ns_gui/vpn/js and comment the (...==2) field out for the second pw

Issue there is, that with every reboot the change is gone - so I needed to edit rc.netscaler to copy the modified gateway_login_form_view.js to the original folder. 

With this it works quite well.

 

Second one is the use of nfactor. Using e.g. the SingleAuth.xml did the job as only one PW Field is showing up. 

 

I like the 2nd option better so I have implemented this one. 

 

One more question: do someone knows where the diffrent languages for a login-schema are stored? If you look into e.g. SingleAuth.xml you only see the english version and not the others?

Did not find a place where netscalers stores them - did you?

 

Thanks again for your ideas and options!  

Link to comment
Share on other sites

2 hours ago, Wolfgang Mundt1709152413 said:

One more question: do someone knows where the diffrent languages for a login-schema are stored? If you look into e.g. SingleAuth.xml you only see the english version and not the others?

Did not find a place where netscalers stores them - did you?

 

Thanks again for your ideas and options!  

 

I'm sorry, I don't know. The GUI allows to do changes for several languages, so I thought, they all get written into the XML file.

Link to comment
Share on other sites

  • 9 months later...
On 12/21/2020 at 7:14 AM, Wolfgang Mundt1709152413 said:

Second one is the use of nfactor. Using e.g. the SingleAuth.xml did the job as only one PW Field is showing up. 

 

I like the 2nd option better so I have implemented this one. 

Thanks, I came across this and it resolved my issue.

 

(IE my 2FA does a push notification and oddly meant that both the password and passcode field had to be filled with the AD password and it's then trigger a push notification that once accepted would let you login)

 

So I needed to remove that extra field and this worked thanks.

Link to comment
Share on other sites

  • 3 weeks later...

hello. i have a similar issue. i have virtual server with 2 authentication policies- the 1st one, the primary is the LDAP  with authentication checked box and the 2nd  is so call radius also with authentication option checked in it. (the radius is written on node.js). the working schema is like this - a user enters his AD account and AD password, click log on   and after validating the credentials radius sends him a sms code on the mobile phone which is entered on the second screen with a challenge field and press submit.  My issue is that i can not remove the second "password 2" field from home page /the first page/ . the version of netscaler  ADC VPX (200) is NS13.0 71.40.nc. as far as i know my company has payed for standard license so some settings in the netscaler are not available.

 

image.thumb.png.46797a85f5d515182c53d5863d0809a6.pngimage.thumb.png.2f2dded58a35e9f431d7151e6b2fa248.png

 

i wan to add - if i remove the authentication option in LDAP policy the password 2 field disappear but then im facing another problem - the user with expired pass or a temporary one can not log on respectively the option change pass through citrix site became unavailable

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...