Jump to content

Recommended Posts

Posted

Greetings,

After  configuring nfactor on citrix gateway ( ldap first factor + radius second factor)

Storefront shows cant complete request error , event veiwer has the following error logs:

Event 10 :Ag basic login failed 403 forbidden

Event 7: sign-on failed because the credentials failed verification

 Single sign-on creds option is ticked under AD schema profile

 

Posted

Hello @Amin Herbawi,

 

if you’re writing about AD Schema, I think you’re using an nfactor authentication via AAA vServer.  If you do that and using a sequel AD, then Radius authentication, it’s important to save the AD Password to use it later for SSO. This is course NetScaler is using the last credentials - which is the correct username but the radius code as password!

For security reasons, it is also a better choice to first check the radius and check the LDAP as a second factor.  Otherwise, it’s possible that an external attack will lock AD accounts! For configuration in this way, take a look here https://support.citrix.com/s/article/CTX579561-configuring-gateway-nfactor-authentication-with-radius-first-ldap-second?language=en_US

Best regards,

Michael

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...