Jump to content

Citrix Netscaler 13.1 IPv6 LDAP

Recommended Posts

Needing some help getting LDAP working via IPv6 on a Netscaler running a current version of the 13.1 firmware.  For the LDAP server if we enter just an IPv6 IP it says under status "IPv6 is not supported".  So under traffic management we created a SERVER that's got the IPv6 of our Domain Controller, but it also doesn't work.  Based on the screenshot, if we do a "ping ABCDC01IPv6" there is no DNS entry for it.  Under the LDAP server section there are only two options: IP or Server.  In DNS we tried adding a manual A record, but IPv6 wasn't supported.  We do have an IPv6 DNS server that is reachable and does resolve, so if we ping abcdc01.domain.local" it'll come back with the correct IPv6 IP address.  Below is a copy of the CLI we attempted to use and a Citrix article that goes in to how it should be done, but still doesn't work.

add authentication ldapAction LDAP_ServerABC -serverName ABCDC01IPv6 -serverPort 389 -ldapBase "dc=domain,dc=local" -ldapBindDn administrator@domain.local -ldapBindDnPassword Password123$ -ldapLoginName sAMAccountName -groupAttrName memberOf -subAttributeName cn -secType PlainText -passwdChange ENABLED



IPv6 configuration on NetScaler just needs to replace the IPv4 configuration with IPv6 Address. Also take care of the following: 
1. Enalbe IPv6PT feature on NetScaler. 
2. SNIP needs proper prefix as part of IPv6 standard. 
3. Add appropriate AAAA Record( IPv6 host record) on DNS 
4. LDAP test connection cannot work with serverIP configured with IPv6 for now, use server name in config as workaround. 
5. For http to https redirection, you need to configure two LB vservers listening to http-80 requests for handling both IPv4 and IPv6 traffic 
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...