Jump to content
Welcome to our new Citrix community!

ADC VPX 13 - FormSSO with kerberos


Recommended Posts

Hey!

 

I'm currently struggling with following scenario, it would be great if someone could help me with this:

 

I'm using adc vpx for sso for exchange 2016, using traffic-policies and an FormSSO-policy.

 

The user gets a Form-based authentication screen and has to enter his username and password on the netscaler, the traffic and session-policies handles the rest - so far so easy.

 

The AAA-server uses a LDAP as its authentication policy. Thats why it's working.

 

I want now switch the LDAP policy with a negotiate-policy. The policy itself is working, but the FormSSO-policy isn't working anymore. 

 

In the logs I can see the the username gets correctly extracted. I think the problem is that the variable aaa.user.passwd doesn't get populated while using a negotiate policy, or maybe just with a hash value and not the "entered" password.

 

What I've tried is to put a ldap-policy as next factor with authentication disabled, so far no success.

 

The only possible solution I can think of is switchen owa to kerberos, I wanted to ask if somebody got a better solution before taking this step.

 

Thank you all und best regards

Chris

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...