Jump to content
Welcome to our new Citrix community!

ADC-VPX 13.1 AAA-Server with multiple negotiate authentication-policys


Recommended Posts

Hey community,

 

maybe someone got an idea how to solve this:

 

There are 3 top-level domains

a.local

b.local

c.local

 

I have a lb-server with an attached aaa-server. The aaa-server got a correct configured negotiate authentication policy and sso for endusers from a.local for ressource xy is working perfectly.

 

Now I want to give users from b.local and c.local the same possiblity. What I could do is adding 2 additional negotiate-policy to my aaa-server with correct configurations for b.local and c.local, but the enduser would, in the worst case, get two false authentications before reaching "his" correct policy, depending on the priority of the binding.

 

What I'm looking for is some way to get the windows user name before deciding with authentication-policy should be used. That screams for n-factor, what I'm missing is the first factor, getting the windows credentials before doing any authentication at all.

 

I hope my problem ist clear described. Thank you all for reading!

 

Best regards

Christopher

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...