Note: the domain name entered here must match one of the domain names permitted by StoreFront. The Domain field can be used to enter a default domain.
Use the Authentication Service URI drop-down to select a store.Click the button to Retrieve Auth Enabled Stores.In the Authentication section, in the Choose Authentication Type drop-down, notice that there are several options.Check the box next to Use this StoreFront for Authentication and click Continue.STAs are usually your XenDesktop Controllers. Enter a Secure Ticket Authority URL, including or the plus icon to add more than one STA server.
In the Default Active Directory Domain field, enter a domain name that your StoreFront server will accept.In the Receiver for Web Path drop-down, select a Receiver for Web Path.In the StoreFront section, enter the URL to StoreFront, and click Retrieve Stores.
Or, change the selection to Install Certificate, and import a. In the Server Certificate section, if you already have a certificate on this appliance that matches the new Gateway FQDN, then select it.Check the box next to Redirect requests from port 80 to secure port, and click Continue.In the Citrix Gateway section, enter the FQDN for the new Gateway.Select StoreFront and then configure Continue.In Citrix ADC, click XenApp and XenDesktop on the bottom left.RADIUS – If you are doing multi-factor authentication, then you’ll need RADIUS information, including adding Citrix ADC NSIP and/or SNIP as RADIUS Clients.Īlso see Citrix CTX223882 FAQ – Configuring Authentication at StoreFront using NetScaler Gateway XenApp and XenDesktop Wizard StoreFront must be version 3.11 or newer.To retrieve the list of stores, NSIP must be able to reach the StoreFront URL.URL to the StoreFront servers – StoreFront must be reachable from Citrix ADC SNIP and NSIP The Wizard creates a whole new Gateway Virtual Server.
License – make sure the appliance is licensed for Advanced Edition (formerly known as Enterprise Edition) or Premium Edition (formerly known as Platinum Edition).ĭNS Servers – make sure DNS Servers are configured on the Citrix ADC.
See George Spiers NetScaler Gateway authentication direct to StoreFront for manual nFactor configuration.
NetScaler Gateway 12 and Citrix Gateway 12.1 and newer support a new form of authentication called StoreFrontAuth, which delegates Active Directory authentication to a StoreFront server. StoreFrontAuth replaces LDAP on Citrix Gateway.