Home Applications Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 3

Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 3

Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 3

Previous Articles in this series

Part 1 – ADFS

Part 2 – Citrix FAS and StoreFront

Part 3 of this blog series will walk you through setting up your NetScaler Gateway authentication policies to hand off authentication to ADFS as well as setting up the NetScaler as an ADFS Proxy and binding this to your Externally Facing Content Switch.

SAML Authentication Policies

You will need to create a SAML Authentication Policy to bind to your NetScaler Gateway in order to hand off authentication to your ADFS Service.

Head to Security – AAA – Application Traffic – Policies – Authentication – Basic Policies – SAML

Select the Servers tab and click to Add your new SAML Server

Set up your SAML Server as shown below


  • The IDP Certificate Name and Signing Certificate name are being used as we replaces the Token Signing and Token Decrypting Certificate when setting up ADFS in Part 1 of this series
  • The Redirect and Logout URL use the EXTERNAL FQDN for my ADFS Service with /adfs/ls/ tagged onto the end of the URL
  • Issuer Name: This needs to be listed as a relying party in ADFS – if this is not listed SAML will not work and the authentication process will fail.

ADFS Signing Certificates

Read the entire article here, Putting it all together – Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 3

via Dave Brett at bretty.me.uk

Dave Brett Dave Brett (@dbretty) is an End User Computing, Cloud and Mobility Technical Architect based in the UK with a passion for delivering solutions that are innovative, resilient and most importantly great for the end user to work on and use. He has recently been awarded as one of the founding member for the Citrix Technology Advocate (CTA) program and leads the Citrix Networking Special Interest Group on myCUGC with a fellow CTA and one of the CTP’s. You can find Dave blogging about App and desktop delivery, mobility and networking on his personal blog at http://bretty.me.uk as well as on twitter using the handle @dbretty

Featured Resources:

Related Articles:


White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]


      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors