1. Home
  2. Applications
  3. Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 3

Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 3


Previous Articles in this series

Part 1 – ADFS

Part 2 – Citrix FAS and StoreFront

Part 3 of this blog series will walk you through setting up your NetScaler Gateway authentication policies to hand off authentication to ADFS as well as setting up the NetScaler as an ADFS Proxy and binding this to your Externally Facing Content Switch.

SAML Authentication Policies

You will need to create a SAML Authentication Policy to bind to your NetScaler Gateway in order to hand off authentication to your ADFS Service.

Head to Security – AAA – Application Traffic – Policies – Authentication – Basic Policies – SAML

Select the Servers tab and click to Add your new SAML Server

Set up your SAML Server as shown below


  • The IDP Certificate Name and Signing Certificate name are being used as we replaces the Token Signing and Token Decrypting Certificate when setting up ADFS in Part 1 of this series
  • The Redirect and Logout URL use the EXTERNAL FQDN for my ADFS Service with /adfs/ls/ tagged onto the end of the URL
  • Issuer Name: This needs to be listed as a relying party in ADFS – if this is not listed SAML will not work and the authentication process will fail.

ADFS Signing Certificates

Read the entire article here, Putting it all together – Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 3

via Dave Brett at bretty.me.uk

Dave Brett Dave Brett (@dbretty) is an End User Computing, Cloud and Mobility Technical Architect based in the UK with a passion for delivering solutions that are innovative, resilient and most importantly great for the end user to work on and use. He has recently been awarded as one of the founding member for the Citrix Technology Advocate (CTA) program and leads the Citrix Networking Special Interest Group on myCUGC with a fellow CTA and one of the CTP’s. You can find Dave blogging about App and desktop delivery, mobility and networking on his personal blog at http://bretty.me.uk as well as on twitter using the handle @dbretty

Featured Resources:

Related Articles:


White Papers

‘All You Need to Know About Microsoft Windows Nano Server’ Veeam White Paper

Now updated for Windows Server 2016 GA release! You probably heard about Windows Nano Server already … but what is it exactly, and how do you get started with it? What value will it bring to your environment? Nano Server is a headless, 64-bit only deployment option for Windows Server 2016. Microsoft created this component specifically with […]


Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

On-Demand Webinars

Architecting for today’s desktop environments – FSLogix On-Demand Webinar

October 19, 2017 Webinar with David Young, Solutions Architect and Product Champion, and Brandon Lee, Solutions Marketer. Video Recording of a live demo of FSLogix and an overview of the latest release of FSLogix Apps featuring Roaming XenApp Email Search and OneDrive App along with Skype for Business Global Address List and Device Based Licensing. […]

Latest Videos

Current State of EUC – E2EVC Video

Session from @E2EVC 2017 Orlando. For event information please visit www.e2evc.com/home. For slides, additional info etc please contact the presenter directly on Twitter. For best video and sound quality do visit the event! This video is from the fine folks at E2EVC Conference

Views All IT News on DABCC.com
Views All IT Videos on DABCC.com
Win a Tesla P100D

Visit Our Sponsors