Joost Sannen Posted October 18, 2022 Share Posted October 18, 2022 Hi, I've this basic SAML Authentication Policy bound directly to the Gateway Virtual Server acting the Netscaler as SAML SP. Using 13.1 33.47. When I go to https://FQDN/cgi/samlauth I get this error Http/1.1 Internal Server Error 43549 (status code 500 Internal Server Error) It's the only authentication policy bound. When I switch to a LDAP policy the Gateway is operational. What's wrong with this setup? Link to comment Share on other sites More sharing options...
CarlStalhood Posted October 18, 2022 Share Posted October 18, 2022 Does your Citrix Gateway have AAA Groups configured? If so, then you need to add an LDAP Policy for just group extraction. Link to comment Share on other sites More sharing options...
Joost Sannen Posted October 18, 2022 Author Share Posted October 18, 2022 No, I don't have AAA Groups configured. Link to comment Share on other sites More sharing options...
CarlStalhood Posted October 19, 2022 Share Posted October 19, 2022 Are you doing classic authentication policies instead of nFactor? Try nFactor and see if that helps. 1 Link to comment Share on other sites More sharing options...
Sasi Tzdaka Posted October 20, 2022 Share Posted October 20, 2022 I am using nfactor and i have the same issue after idel 22 hours ago, Carl Stalhood1709151912 said: Are you doing classic authentication policies instead of nFactor? Try nFactor and see if that helps. Link to comment Share on other sites More sharing options...
Gunther De Poortere Posted October 26, 2022 Share Posted October 26, 2022 The error message referenced is pretty generic. You should enable debug logging in your global syslog settings and check in ns.log what exactly the message is when you hit the Gateway vServer, this will provide more insight into what exactly is the problem. Link to comment Share on other sites More sharing options...
Ken Z Posted December 8, 2022 Share Posted December 8, 2022 Sasi originally you said you were using a SAML basic authentication policy bound directly to the VServer (as the only policy), but lower down you say you're using nFactor. These two statements are mutually exclusive? Can you upload a screenshot of your SAML Server Profile? Regards Ken Link to comment Share on other sites More sharing options...
Joost Sannen Posted December 23, 2022 Author Share Posted December 23, 2022 nFactor does work for me. Thanks Carl. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now