Adding MFA to Citrix XenDesktop

 

Note: This integration does not support the use of Push. You will need to use OTP.

 

  1. Go to the Start Menu and click on All Programs, then Citrix, then Management Consoles, then open Citrix Web Interface Management.
  2. Select XenApp Web Sites, then right-click on the site that you want to add MFA to.

  3. Click Authentication methods
  4. Select Explicit then click Properties
  5. Click on Two-Factor Authentication, then set the Two-factor setting to RADIUS
  6. Click Add, then type in the IP address and port of the AuthAnvil Radius agent, then click OK (The AuthAnvil Radius agent runs on port 1812 by default)

  7. Click OK, then OK again, and close the Citrix Access Management Console.
  8. The XenDesktop web interface requires that the RADIUS secret that has been configured between this client and the AuthAnvil RADIUS Server is placed in a text file in the Citrix\RADIUS\CONF directory. 
  9. Go to C:\inetpub\wwwroot\Citrix\<site_name>\conf folder and create a file called radius_secret.txt.citrix1.png
  10. Open this text file and enter your RADIUS shared secret passcode.
  11. Save the file and close it.
  12. For Web Interface 5.2 or later: Go to folder and open the file Web.config with a text editor like Notepad. On Java application servers, the file is web.xml file. 
    C:\inetpub\wwwroot\Citrix\<site_name>\
  13. Search for line # 102 or the following parameter:
    <add key="RADIUS_NAS_IDENTIFIER" value="" />12.
  14. For value, enter any alphanumeric value longer than 3 characters.
    citrix2.png
  15. Save the Web.config file and test your Web Interface site.
  16. To test the Site, log on to the website you protected with AuthAnvil. You will now see a Passcode field.

The credentials would should be formatted as follows:

Username: XenDesktop Username (this should match authanvil username)

Password: XenDesktop Password

Passcode: Authanvil Password,OTP (ex. Password123!,56241526)

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.