Anders Eriksson 2
-
Posts
16 -
Joined
-
Last visited
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Posts posted by Anders Eriksson 2
-
-
Maybe this was something that was supported in older releases. I just saw the need to have this applied.
See example
https://c4rm0.wordpress.com/netscaler-gateway-clientless-vpn-cvpn/
-
-
-
We have exactly the same issue, also running Fslogix.
I didnt deploy latest hotfix for 2112 yet, but will.
-
This is causing a lot of issues, we cannot rely on the end-users to complete the workaround step to connect every day with the RDP Proxy feature.
We were forced to rollback and cannot apply the CVE fix https://support.citrix.com/article/CTX330728
-
Same issue, running Windows 2019 with profile streaming activated and no redirect of desktop.
Were also running VDA 2109 Multisession OS and the users started to report the issue now.
Anyone have the Profile Streaming Exclusion list - directories enabled and added "Desktop"?
I'm going to experience with this to see if it makes any difference.
Made no difference setting Desktop as excluded
-
Hi,
Ive solved the issue, the main issue is that were having a separate ADFS WAP farm and not loadbalancing the proxy servers directly through the Netscaler.
Mainly this causes the WIA (Windows auth prompts) against ADFS.
Get-AdfsProperties |Select -ExpandProperty WIASupportedUserAgents and removing "Trident/7.0" as option solves the issue and form-based auth is working.
Needless to say, we do need to scale the proxy server feature against ADFS in the Netscaler instead. Since the ADFS identifies the traffic as coming internal even though running from an external source. Most guides out there points to having the ADC setup as an Active Directory Federation proxy.
Thanks for helping out
Br Anders
- 1
-
-
Yes, working like expected going through the browser.
Verified with 1912 LTSR Workspaceapp also, same behavior
-
Hi, yes Ive checked that one out when doing the nFactor.
Basically whats differ here, is that were doing SAML authentication against the ADFS environment, where its in this link above going directly against Azure.
I have tried on 2 computers now, same behavior with Workspaceapp 20.2.0.25(2002).
Ive might trying to install an older version, just to see if its the same behavior.
-
Made a new nFactor SAML authentication policy to support form-based authentication through the latest workspace app.
The store URL is accepted but only getting a white screen in the workspace app, Isnt ADFS supported in this kind of scenario and only direct SAML connection with MFA against Azure directly?
Cannot seem to find any proper documentation regarding workspace app and this scenario.
I can see the screen flashing and when its suppose to redirect to the ADFS form-based authentication screen adfs/ls is just a white window in the workspace app.
Web browser based login is working like expected.
See attached screenshot!
Br Anders
-
HI,
Just want to confirm that the environment is now working.
Infact it was mirroring including creating the loginscript that finaly solved and got it working.
Now the VDA hosts can be restarted on daily basis and users can login through all servers, and the autocomplete and password are hanging by.
Thanks alot all for contributing, was trying Google Chrome. But seems Chrome does not support multiple sessions, among same users on the same servers. We have a environment where same user can logon from upto 10 different machines.
BR Anders
-
HI,
I can confirm none of the above are saving password in "Manage your credentials" - "Web Credentials"
Is this really something that is caused by Citrix UPM? Seems the whole credential manager is changed with windows 8.1/windows2012R2. Anyway, this ruins our whole setup, since we have a environment that its absolutely a requirement that users can save their password inside IE11. Its working only on the Current VDA once inside, but upon rebooting or logging onto another VDA, all credentials are gone. I dont really see why you are saying that its working with the above solutons, because it doesnt.
Maybe Im misunderstanding the whole scenario, but Web Credentials are not working for roaming to a central location with citrix UPM. And I belive its the same when running normal Microsoft roaming profiles.
Netscaler enterprise file share
in NetScaler Gateway
Posted
Thanks Paul,
I was thinking to investigate this feature, i'm still on 13.0 so I havent tested it out yet. Perhaps this is an option?
On the Citrix ADC appliance, you can configure Authorization policies for a file share that is hosted on your organization’s network
https://docs.citrix.com/en-us/citrix-adc/current-release/appexpert/appexpert-applications/citrix-adc-gateway-applications.html