AzureAD Archives - Julian Jakob

November 22, 2023 Julian Jakob

Microsoft Entra – Using Private Access to tunnel Citrix HDX Sessions and giving HDX Direct a Try

Overview Private Access, a Feature of Microsoft Entra’s Global Secure Access Suite, is a simple but powerful Security Service Edge (SSE) network solution for providing secure access to your Cloud / OnPrem Apps without VPN,

September 30, 2023 Julian Jakob

Citrix DaaS – Microsoft Entra ID B2B User Identity Logonmethods

Overview Recently my namesake Julian wrote a great Post about choosing the correct Machine Identity in a Virtual Desktop Infrastructure – which is very important. This post will cover the other Hand – choosing the

July 3, 2023 Julian Jakob

Citrix DaaS – Prevent Session takeover when using NetScaler as IdP followed by SAML

Overview A customer of mine recently came across a way to sign in to Cloud Workspace with any other user, provided you sign up before with some valid credentials – for example your own. The

April 29, 2023 Julian Jakob

Citrix DaaS – NetScaler as IdP with OAuth to Azure AD

Overview This is a Quickpost about a desired architecture with Citrix DaaS, where a NetScaler is acting as OAuth IdP (DaaS Workspace Authentication is set to Citrix Gateway or Adaptive Authentication) and is acting as

March 30, 2023 Julian Jakob

Citrix NetScaler – OAuth to Azure AD with login_hint Subject Field

Overview What’s the biggest difference when choosing SAML instead of OAuth as the protocol when using Azure AD as IdP for NetScaler when it comes to User Experience (UX)? You should consider this Question when

February 6, 2023 Julian Jakob

Citrix FAS – Azure AD CBA Single Sign-On (SSO) without a PRT

Overview With Azure AD’s certificate-based authentication (CBA) there is a way to get a Primary Refresh Token (PRT) inside the User’s Citrix Session. I’ve written about the details in Part1. As the most negative requirement

January 5, 2023 Julian Jakob

Citrix FAS – SID Lookup Mismatch with Citrix DaaS

Issue Recently I tried to setup a Citrix DaaS environment with OnPrem VDA’s and FAS for a working Azure AD B2B scenario. Every B2B customer’s UPN suffix is created OnPrem with the matching Shadow Account.

October 15, 2022 Julian Jakob

Citrix FAS – Azure AD CBA with Primary Refresh Token (PRT)

Overview There are several discussions about the missing Primary Refresh Token (PRT) in the User’s Citrix Session when using SAML / oAuth with Azure AD and Citrix FAS – as using Smartcard to authenticate is

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.