Eddie Santana Posted August 12, 2016 Share Posted August 12, 2016 Netscaler NS11.1 47.14.nc Xenapp 7.9 StoreFront 3.6 Converting to SAML from a working Radius+LDAP environment. User attempts to log in and all seems working until the get to VDA. When users try to login they get "The request is not supported". Once they click "OK" they get presented and "empty" ID. Usually it would say a username. I click on "Other User" and log in with username and password, I log in successfully. Below is the log in the VDA re: SAML -------------------------- [s106] Identity Assertion Logon. Logging in [Certificate: [subject] CN=User1, OU=[NAME], OU=[NAME], DC=[NAME], DC=com [issuer] CN=[NAME]-CA, DC=[NAME], DC=com [serial Number] 4############################# [Not Before] 8/12/2016 9:12:42 AM [Not After] 8/19/2016 9:12:42 AM [Thumbprint] 166########## ] --------------------------- In Citrix Docs it has reference link to smart card setup. Does SMART CARD have to be enabled in any part of the SAML setup? What could be a possible cause? See Attachments for visual. Link to comment
0 Chenxue Wu Posted April 25, 2019 Share Posted April 25, 2019 On 2/20/2017 at 10:13 PM, Patrick Hazen1709157774 said: Solution B in https://support.citrix.com/article/CTX218941 fixed it for us. Also helpful to me. 1 Link to comment
0 Roel Cranen Posted September 23, 2016 Share Posted September 23, 2016 Hi Eddie, did you ever got this fixed? I'm running into the same issue. Link to comment
0 Eddie Santana Posted September 23, 2016 Author Share Posted September 23, 2016 Roel, 1) Make sure your using UPN when passing the SAML from IDP to Netscaler 2) It may be related to Certificate Authority. Add this key to your VDAs HKEY_Local_Machine\System\CurrentControlSet\Control\LSA\Kerberos\Parameters Value Name: UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors Value Type: DWORD Value Data: 1 Let me know if this worked for you Link to comment
0 Patrick Hazen1709157774 Posted February 20, 2017 Share Posted February 20, 2017 Solution B in https://support.citrix.com/article/CTX218941 fixed it for us. 1 Link to comment
Question
Eddie Santana
Netscaler NS11.1 47.14.nc
Xenapp 7.9
StoreFront 3.6
Converting to SAML from a working Radius+LDAP environment.
User attempts to log in and all seems working until the get to VDA.
When users try to login they get "The request is not supported".
Once they click "OK" they get presented and "empty" ID. Usually it would say a username.
I click on "Other User" and log in with username and password, I log in successfully.
Below is the log in the VDA re: SAML
--------------------------
---------------------------
In Citrix Docs it has reference link to smart card setup.
Does SMART CARD have to be enabled in any part of the SAML setup?
What could be a possible cause?
See Attachments for visual.
Link to comment
4 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now