tylital520 Posted November 12, 2020 Share Posted November 12, 2020 Hi, is there a way to achieve the following somehow with nFactor: User enters the gateway URL and sees a login scheme with a username field. After she has entered the username and clicked log on, username is matched to a string (I tried this but it won't work: AAA.USER.LOGIN.NAME.EQ("string")), or to a local AAA user account on ADC. If it matches the nFactor authentication proceeds to next condition/factor. So the username would be checked before e.g. LDAP authentication or fetching user groups from LDAP. Link to comment Share on other sites More sharing options...
tylital520 Posted November 12, 2020 Author Share Posted November 12, 2020 Ok, I just found this: https://www.citrix.com/blogs/2020/08/27/lessons-from-the-field-nfactor-otp-and-multiple-domains/ So basically I could check the username with this? And this would be NO_AUTHN policy if I just want to check the username? AAA.LOGIN.USERNAME.EQ("myusername") Link to comment Share on other sites More sharing options...
Paul Cross Posted November 19, 2020 Share Posted November 19, 2020 You could do something like this but where I check group membership you'd check username. The LDAP policy uses a LDAP server with authentication unticked so just does a lookup and membership extraction: Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now