Jump to content
Welcome to our new Citrix community!

Help with Configuring Netscaler Authorization for AD Group-Based URL Access with 401 Authentication


Recommended Posts

Hello Community

 

I am working on setting up access control on Citrix Netscaler and facing some challenges. My objective is to restrict access to certain URLs based on user membership in specific Active Directory (AD) groups, and I am looking for guidance on how to best approach this. Here are the details:

 

1. URL and AD Group Mapping:
   - URL: `example.com:8253/service1/` - intended for access only by members of `AD_Group_Service1`.
   - URL: `example.com:8253/service2/` - intended for access only by members of `AD_Group_Service2`.
   - URL: `example.com:8253/service3/` - intended for access only by members of `AD_Group_Service3`.

 

2. Current Setup:
   - Our Netscaler is configured for LDAP authentication with Active Directory.
   - For each AD group, I have set up restrictions using the `memberOf` attribute in the LDAP configuration.
   - I am implementing 401-Based Authentication for users accessing these URLs.

 

3. Challenge:
   - I am looking for a method to create Authorization Policies that effectively link URL access control to specific AD group memberships.
   - The aim is to ensure that each URL can only be accessed by its corresponding AD group members, with the users being prompted for authentication.

 

 

I would greatly appreciate any advice or recommendations on how to configure these Authorization Policies on Netscaler. Insights into alternative methods or configurations that effectively link AD group membership with URL access control, especially in the context of 401 Authentication, would be very helpful.

 

Thanks in advance for your help and expertise!

 

Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...