Sabine Ludewig1709156713 Posted February 14, 2023 Share Posted February 14, 2023 Hi there we would like o use Netscaler Gateway with Kerberos Authentication instead of LDAP and I'm looking for the right documentation. I'm a bit confused by the variuos methods (Delegation, Impersonation, Contrained delegation). Would this be the correct way https://support.citrix.com/article/CTX236593/how-to-configure-netscaler-gateway-for-kerberos-constrained-delegation ? Thanks Link to comment Share on other sites More sharing options...
Marion Bauer1709159214 Posted February 28, 2023 Share Posted February 28, 2023 Hi, if you are doing Kerberos Authentication you need to delegate the authentication to netscaler gateway and implement Citrix FAS to get the SSO Experience to the Desktop. Kerberos Constraint Delegations works perfectly for websites. Cause in case of kerberos Auth at the citrix gateway netscaler doesn't know the users password and therefore can't pass it on to storefront. You still can list the applications in storefront (if Trust Requests sent to XML Service is set to true and the Authentication in Storefront is delegated to netscaler) but starting a desktop/Application will result in a Login Prompt. In Kerberos Constraint Delegation was used with XenApp 6.5 (don't know exactly how) and since 7.x there is Citrix FAS. Best Regards, Marion Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now