OTP Server Integration Module



Similar documents
McAfee One Time Password

MICROSOFT ISA SERVER 2006

OTP Server Integration Module

OTP Server. Integration module. Nordic Edge AD Membership Provider for Microsoft ASP.NET. Version 1.0, rev. 6. Nordic Edge

Secure Messaging Server Console... 2

PineApp Surf-SeCure Quick

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

NSi Mobile Installation Guide. Version 6.2

DIGIPASS Pack for Citrix on WI 4.5 does not detect a login attempt. Creation date: 28/02/2008 Last Review: 04/03/2008 Revision number: 2

FaxCore 2007 Database Migration Guide :: Microsoft SQL 2008 Edition

IIS SECURE ACCESS FILTER 1.3

Configuring a Custom Load Evaluator Use the XenApp1 virtual machine, logged on as the XenApp\administrator user for this task.

Step by Step Guide to implement SMS authentication to F5 Big-IP APM (Access Policy Manager)

IIS, FTP Server and Windows

escan SBS 2008 Installation Guide

Using Internet or Windows Explorer to Upload Your Site

Adobe Connect LMS Integration for Blackboard Learn 9

Configuring Sponsor Authentication

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Microsoft DirectAccess

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Setup Citrix Access Gateway Enterprise Edition (NetScaler) for use of multiple authentication methods.

MadCap Software. Upgrading Guide. Pulse

Step by step guide to implement SMS authentication to Cisco ASA Clientless SSL VPN and Cisco VPN

1 Summary. Step by Step Guide to implement SMS authentication to Bluecoat ProxySG

BusinessObjects Enterprise XI Release 2

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

GE Intelligent Platforms. Activating Licenses Online Using a Local License Server

F-Secure Messaging Security Gateway. Deployment Guide

ATT8367-Novell GroupWise 2014 and the Directory Labs

Virtual Appliance Setup Guide

To install Multifront you need to have familiarity with Internet Information Services (IIS), Microsoft.NET Framework and SQL Server 2008.

TechNote. Contents. Introduction. System Requirements. SRA Two-factor Authentication with Quest Defender. Secure Remote Access.

Using LDAP Authentication in a PowerCenter Domain

RoomWizard Synchronization Software Manual Installation Instructions

Installation and Configuration Guide

Changing Passwords in Cisco Unity 8.x

Changing Your Cameleon Server IP

CONSOLEWORKS WINDOWS EVENT FORWARDER START-UP GUIDE

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Your Question. Net Report Answer

Content Filtering Client Policy & Reporting Administrator s Guide

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

Here, we will discuss step-by-step procedure for enabling LDAP Authentication.

PaperCut Payment Gateway Module - RBS WorldPay Quick Start Guide

Microsoft IAS Configuration for RADIUS Authorization

FTP, IIS, and Firewall Reference and Troubleshooting

Security Provider Integration RADIUS Server

Configuring a Windows 2003 Server for IAS

System Administration Training Guide. S100 Installation and Site Management

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

NovaBACKUP xsp Version 15.0 Upgrade Guide

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Integration Guide. Swivel Secure Authentication

Use Enterprise SSO as the Credential Server for Protected Sites

Managing Identities and Admin Access

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

Installing the ASP.NET VETtrak APIs onto IIS 5 or 6

Active Directory Integration

Configuring the Palo Alto Firewall for use with Juniper Steel-Belted RADIUS.

OneLogin Integration User Guide

FaxCore Ev5 Database Migration Guide :: Microsoft SQL 2008 Edition

Setup and configuration for Intelicode. SQL Server Express

Click Studios. Passwordstate. Upgrade Instructions to V7 from V5.xx

Setting Up Scan to SMB on TaskALFA series MFP s.

QUANTIFY INSTALLATION GUIDE

Click Studios. Passwordstate. Installation Instructions

BaseManager & BACnet Manager VM Server Configuration Guide

ProSystem fx Document

Sitecore Ecommerce Enterprise Edition Installation Guide Installation guide for administrators and developers

Instructions for Configuring a SAS Metadata Server for Use with JMP Clinical

pcanywhere Advanced Configuration Guide

Cloud Services ADM. Agent Deployment Guide

Installation Steps for PAN User-ID Agent

SAS 9.3 Foundation for Microsoft Windows

Active Directory Management. Agent Deployment Guide

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Configuring IBM Cognos Controller 8 to use Single Sign- On

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

Quest Soft Token for Windows Phone User Guide

Network Load Balancing

Configuring Thunderbird with UEA Exchange 2007:

To enable an application to use external usernames and passwords, you need to first configure CA EEM to use external directories.

Exchange 2010 PKI Configuration Guide

How to integrate RSA ACE Server SecurID Authentication with Juniper Networks Secure Access SSL VPN (SA) with Single Node or Cluster (A/A or A/P)

Managing Qualys Scanners

LDaemon. This document is provided as a step by step procedure for setting up LDaemon and common LDaemon clients.

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

HOTPin Integration Guide: DirectAccess

Integrating LANGuardian with Active Directory

Dell SonicWALL Notice Concerning Multiple LDAP Vulnerabilities

F-SECURE MESSAGING SECURITY GATEWAY

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

SecureAware on IIS8 on Windows Server 2008/- 12 R2-64bit

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

Installation Instruction STATISTICA Enterprise Server

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Click Studios. Passwordstate. High Availability Installation Instructions

Protecting Juniper SA using Certificate-Based Authentication. Quick Start Guide

Transcription:

OTP Server Integration Module Citrix XenApp Web Interface 5.4 Version 1.0

Table of Contents Table of Contents 1 Overview 1.1 Integration Overview 2 Requirements 2.1 Minimum Requirements 2.1.1 Citrix 2.1.2 Nordic Edge One Time Password Server 2.1.2 Integration Module Files 3 Installing the Integration Module 3.1 Installation Guide 3.2.1 Configure Citrix XenApp Web Interface 4 Configuring Nordic Edge OTP Server 3.x 4.1 OTP Server Configuration 5 Restarting the IIS Web Server 5.1 Restarting IIS 6 Testing the Web Interface 6.1 Running the Web Interface with the Nordic Edge OTP Integration 7 Appendix 7.1 Troubleshooting 7.1.1 Troubleshooting & Support 8.1 Document History

1 Overview Nordic Edge One Time Password Server adds an extra security layer to protect your applications. When the user id and password is successfully verified, a One-Time Password is sent to the user s mailbox or mobile phone through SMS (Short Message Services). This One-Time Password will be verified and only then will the user be authenticated to the application. 1.1 Integration Overview Citrix XenApp Web Interface 5.4 integration module for Nordic Edge One Time Password Server enables strong authentication for Citrix XenApp Web Interface.

2 Requirements 2.1 Minimum Requirements 2.1.1 Citrix The integration requires Citrix XenApp Web Interface 5.4 2.1.2 Nordic Edge One Time Password Server OTP Server 1.6 (Build 2471) or later 2.1.2 Integration Module Files Download OTP_Server-CitrixXenAppWebInterface5.4.zip The OTP Server must be configured before the integration module can be used. See the OTP Server administration manual for more information and how to configure this.

3 Installing the Integration Module This chapter describes what s required for the installation. 3.1 Installation Guide 1. Download the latest package and the latest revision of this document from the Nordic Edge One Time Password Server product site. 2. Backup the Citrix web root, c:\inetpub\wwwroot\citrix (default location) 3. Unpack the zipfile contents to c:\inetpub\wwwroot\citrix 4. If the Nordic Edge One Time Password Server is installed on another machine than the Web Interface, change /XenApp/auth/loginOTP.aspx to point to the correct server ip address or hostname. It is configured to 127.0.0.1:3100 by default. 5. Open web.config in an editor (sample location C:\Inetpub\wwwroot\Citrix\XenApp\web.config). Make the following changes (NOTE, loginotp.aspx has to be written case sensitive): Add the string /auth/loginotp.aspx to the key AUTH:UNPROTECTED_PAGES. Example: <add key="auth:unprotected_pages" value="/auth/loginotp.aspx,/ rade.aspx,... In the <appsettings> section, add a value to <add key="radius_nas_identifier" value="servername" />, for example the name of the Citrix server.

The RADIUS_NAS_IDENTIFIER value must be present in the site's Web configuration file. The RADIUS_NAS_IDENTIFIER value can be any string containing three characters or more. In other words: Replace the value "servername" with the name of your server (at least 3 characters) or just keep the string "servername". 3.2 Configuration 3.2.1 Configure Citrix XenApp Web Interface 1. From the Start menu: Programs > Citrix > Management Consoles > Citrix Web Interface Management 2. Browse to XenApp Web Sites and select the site name (where the integration is installed)

3. In the right pane "XenApp - Edit Settings": Click on "Authentication Methods Figure 1

4. Select Explicit, and press Properties Figure 2 5. Select Two-Factor Authentication 6. In the drop-down Two-factor setting:, select RADIUS 7. Click on Add... 8. Enter the IP address of the OTP Server (127.0.0.1 if the OTP Server is installed on same machine. Set the RADIUS port used by the OTP Server (default value: 1812). Figure 3

Figure 5 9. Press OK to save configuration 10. Check if the file radius_secret.txt exists in: c:\inetpub\wwwroot\citrix\xenapp\conf If not, rename the file radius_secret.txt.sample to radius_secret.txt, edit the file and enter a shared secret (it will also be entered in the OTP Server) 11. Restart IIS

4 Configuring Nordic Edge OTP Server 3.x Install Nordic Edge OTP Server as described in the installation documentation. 4.1 OTP Server Configuration 1. Select Databases in left pane. Press "LDAP Database" 2. Host Settings 3. Note 4. Database Display Name: 5. Enter a display name 6. Host Address: 7. The IP address to the LDAP directory 8. Portnumber: 9. The IP address portnumber of the LDAP directory 10. Admin DN: 11. The admin DN 12. Password:: 13. The admin password 14. Test LDAP Connection 15. Use this button to verify your LDAP settings 16. Search Settings 17. Note 18. Search Base DN: 19. The DN where to start search for users 20. Search Scope: 21. Search level, SUB, ONE or BASE 22. Nr of Connections: 23. The number of LDAP connections the OTP server should use 24. Search Filter Start: 25. The start of the search filter to be used to authenticate users 26. Search Filter End: 27. The end of the search filter to be used to authenticate users

28. Account Settings 29. Note 30. OTP Attribute: 31. The user attribute where to get the mobile number/email address 32. Figure 6

2. Select Clients in left pane. 3. Name & Address 4. Note 5. Client Display name: 6. Enter a Client name 7. Client IP Address: 8. Enter the IP Address of the Citrix XenApp Web Interface server 9. RADIUS Options 10. Note 11. Shared Secret: 12. Enter the Shared Secret (same as in radius_secret.txt) 13. Auth. Server IP Address: 14. The IP address of the Citrix XenApp Web Interface Server

Figure 7 15. Select RADIUS in left pane. 16. Radius & Server Settings 17. Note 18. Enable Radius: 19. Check this box 20. Port number: 21. Keep the default port number 1812

Figure 8 Press Save Config and Save in the following dialog

Figure 9

5 Restarting the IIS Web Server Before you can use the Web Interface, you have to restart the IIS. 5.1 Restarting IIS Open a command prompt and type iisreset to restart the Internet Information System. Figure 10: Restarting IIS

6 Testing the Web Interface 6.1 Running the Web Interface with the Nordic Edge OTP Integration To test the web application in your browser, type the required URL such as: http://localhost/ Citrix/XenApp/auth/login.aspx Enter User name, password and domain and click Log On

Figure 11: Login page Enter the One-time password and click Log On

Figure 12: OTP page The application icons are presented

Figure 13: Authenticated to Citrix Web Interface

7 Appendix 7.1 Troubleshooting 7.1.1 Troubleshooting & Support For troubleshooting and support, please go to http://www.nordicedge.se or send an email to support@nordicedge.se 8.1 Document History Revision Date Description 0.1 2011-02-07 Initial version 1.0 2011-02-09 Approved 1.0 2011-04-20 Overview image added

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information