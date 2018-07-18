This is based upon a session that I presented at Citrix User Group Ireland and you can view the SlideShare presentation here –> https://www.slideshare.net/mariussandbu/citrix-with-microsoft-ems but the session was about, how can we leverage Citrix with EMS ( Enterprise Mobility and Security) and also shows the configuration for Citrix FAS together with Azure AD.

Now the focus on this post in purely about having Azure AD with Azure AD Joined Devices (Not Hybrid) and authentication is happening in Azure AD and not On-premises, but there are some supported workloads or topologies further down.

I have previously written about setting up SSO between Azure AD and Citrix FAS (Which is one of the core components to setting up a simple way to get SSO to an on-premises environment (http://msandbu.org/setting-up-citrix-sso-with-windows-10-and-azure-ad-join/) and also how to tune Storefront to get SSO working properly especially in cases where the end-users close the browsers it self (http://msandbu.org/citrix-fas-with-azure-ad-and-error-404-not-found/)

This allows end-users to access Citrix as part of Azure AD using, for instance, the My Apps Portal. (Or end-users can continue to use NetScaler Gateway as their application portal but Azure AD portal can be easily accessed from Windows 10 Azure AD Joined devices.

If customers are moving towards Azure AD, it also means that computer objects and user objects are stored in Azure Active Directory, and it therefore also requires some other tools to handle security as well and some other features as well such as Printing.

Via Marius Sandbu.