Piloting WTOS 9 remotely from home and attempting to get it to authenticate with a Netscaler Gateway setup with SAML/Azure MFA.
I plug the URL into the Broker section of policy and that seems to come down correctly – however – when booting up the thin device, I’m being challenged with username/password/domain and I can’t seem to bypass (at this stage, our domain isn’t available to authenticate).
I think I’m missing something fundamental. My goal is to have the thin device hit our Gateway which does a redirect to SAML for the user to authenticate, and then return to our Storefront via that Gateway (where the user could now provide domain credentials).
I’ve poured through the policies, admin guide and these forums and see no mention of this setup, thus I think I’m heading the wrong direction.
I’ve tried every option for authentication (Default, LDAP and LDAP+RSA) and it continues to prompt me for a domain username/password when I power up the thin device. It appears to be getting the correct policy from WMS.
If I enter in my e-mail address/password, it prompts me for a “token code” – but our SAML based Netscaler URL doesn’t use token codes.
I feel like I need to bypass that initial authentication because our Netscaler Gateway doesn’t use LDAP or RSA – which leads me down the path that I’m missing something fundamental.