Copy a Citrix ADC configuration to a new machine

In one of my recent projects, I had to build several Citrix ADCs in a new data center. After consultation with the customer, the same services and functions should be configured as in the old data center. The only difference was that the new data center should use different IP ranges and therefore all network settings of the Citrix ADCs and the connected services had to be adapted.

Requirements

  • Same version and build on all Citrix ADC
  • Same Citrix ADC license version on all Citrix ADC
  • IP addresses of the new Citrix ADC should be defined and free (NSIP, SNIP & VIP).
  • IP addresses of the connected machines should be known (server or server groups)
  • Basic configuration of the new Citrix ADC should be done (NSIP, SNIP, DNS, Timezone & License)
Continue reading “Copy a Citrix ADC configuration to a new machine”

Microsoft Azure MFA Cloud Service in Citrix ADC Version 12

To complete my previous article, I also directly implemented and tested Microsoft Azure MFA Cloud Service in my test lab. In this post I go straight to the ToDo’s for implementation. For more information on MFA and the differences between Local and Cloud, please read my previous post.

It is important that all my information has the status of March 2019 and since it is the cloud, it will soon be obsolete again.

Microsoft Azure MFA Cloud in Citrix ADC Version 12
Continue reading “Microsoft Azure MFA Cloud Service in Citrix ADC Version 12”

Microsoft Azure MFA Server in Citrix ADC Version 12

During one of my current projects, I launched a PoC for two-factor authentication based on Microsoft Azure MFA. Azure multi-factor authentication requires users to verify and confirm their signups using a mobile app, phone call, or text message. You can use it with Azure AD or the local AD.

It is important that all my information has the status of March 2019 and because it is the cloud, quite quickly become obsolete again.

Microsoft Azure MFA Server in Citrix ADC Version 12

Multi-Factor Authentication

The safety of the two-stage check is at level approach. The multiple authentication factors poses a major challenge for attackers. Even if an attacker can find out the user’s password, this is useless unless he or she is also proficient in the additional authentication method. This works by requesting at least two of the following authentication methods:

  • Something you know (usually a password)
  • Something you have (a familiar device that can not be easily duplicated, like a phone)
  • Something that you are (biometrically)
Continue reading “Microsoft Azure MFA Server in Citrix ADC Version 12”

Citrix ADC Version 12 as initial IdP for Office365

This article is about setting up SAML authentication for Office365 through the Citrix ADC (version 12). The Citrix ADC serves as IdP and Office365 as SP. So that you do not have to enter your user name a hundred times, this is prevented by an initial IdP (SSO).

Terminology

In short, the important upcoming terms explained.

SAML

SAML (Security Assertion Markup Language) provides a common platform for web-based access to multiple, autonomous services without the need to reenter multiple credentials. Authentication takes place via an encrypted session cookie, transparent in the background. This session cookie, which is provided with an expiration date, is given to the user in the browser by an authentication service (Identity Provider – IdP) and can then subsequently use all connected services (Service Provider – SP) in the browser.

Continue reading “Citrix ADC Version 12 as initial IdP for Office365”

What’s new in Citrix Virtual Apps and Desktops 7 1811

Delivery Groups: New Studio interface for creating machine restart schedules

In earlier releases, you used Studio to create a restart schedule for machines in a Delivery Group. To create multiple schedules, you used PowerShell cmdlets. Now, the updated Studio interface enables you to create and manage one or more restart schedules.

A schedule can affect either:

  • All of the machines in the group.
  • One or more (but not all) machines in the group. The machines are identified by a tag that you apply to the machine. This is called a tag restriction, because the tag restricts an action to only items (in this case, machines) that have the tag.
Continue reading “What’s new in Citrix Virtual Apps and Desktops 7 1811”