Hey all, I hope someone has an answer different than what I think it is:
Situation:
We use Azure MFA for our IDP, this is set up as a SAML server on our NetScaler gateway (12.1.49.23) and has been working just fine for receiver for web users connecting through the gateway to StoreFront.
Second factor on gateway is LDAP with passthrough to StoreFront.
We were told by product managers at Citrix that Workspace App (testing with 1809) was going to include native SAML support as long as we were on NetScaler 12.1.48 and higher.
When I punch in the URL in the Workspace App prompt, I get the typical:
I would expect a redirection to Microsoft for authentication but this never happens.
Tried:
Changing the SAML server binding on the NetScaler from redirect to post. Same issue.
Removed the SAML auth policy from the gateway VIP altogether. I get all the way through with LDAP and am able to launch apps.
Basically, I never get a prompt as long as a SAML is the first factor in the stack. Anyone else trying to do this?
Question
John Kalleen
Hey all, I hope someone has an answer different than what I think it is:
Situation:
We use Azure MFA for our IDP, this is set up as a SAML server on our NetScaler gateway (12.1.49.23) and has been working just fine for receiver for web users connecting through the gateway to StoreFront.
Second factor on gateway is LDAP with passthrough to StoreFront.
We were told by product managers at Citrix that Workspace App (testing with 1809) was going to include native SAML support as long as we were on NetScaler 12.1.48 and higher.
When I punch in the URL in the Workspace App prompt, I get the typical:
I would expect a redirection to Microsoft for authentication but this never happens.
Tried:
Changing the SAML server binding on the NetScaler from redirect to post. Same issue.
Removed the SAML auth policy from the gateway VIP altogether. I get all the way through with LDAP and am able to launch apps.
Basically, I never get a prompt as long as a SAML is the first factor in the stack. Anyone else trying to do this?
Thanks...
Link to comment
14 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now