Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 5
In Part 5 – Providing Context Aware logins I will set up Single Sign on and Single Factor for Internal Use but still require Multi Factor for External Access to the systems from outside of my network. This along with dns records for ug.bretty.me.uk and sts.bretty.me.uk internally and externally should give you a nice experience when logging into my Unified Gateway and SSO internally whilst still asking for 2FA externally.
First open up the ADFS Management Console – and re-open the Multi Factor Authentication Policy
Disable MFA for Intranet Users
The Issue: when logging onto the service internally it does not ask you for a second factor, however it does prompt for credentials even though you are logged into the machine as a valid domain users. This is by no means ideal and not a good user experience.
If we want to look at how we can resolve this we just open up Internet Options
Read the entire article here, Putting it all together – Citrix XenDesktop, ADFS, Azure MFA, NetScaler Unified Gateway and Citrix FAS – Part 5
via Dave Brett at bretty.me.uk