On one of my recent deployments, I needed to set up external access using NetScaler to an internally hosted web application (Grafana).
Grafana is a cross-platform open source application for graphical representation of data from various data sources such as InfluxDB, MySQL, PostgreeSQL, Prometheus and Graphite.
The challenge here was that the customer wanted to pre-install authentication on the NetScaler, but the users were only known to the web application itself.
The question that therefore came to me was:
How can I check the user of the web application if only the web application itself has access to the user data?
I had only used standards like LDAP, RADIUS, CERT, SAML etc. for user authentication on NetScaler, but these were not useful here because the target system should not be changed.
Continue reading “Web Authentication Action in NetScaler”
The scheduled update (ADV190023), regarding LDAP Signing and Channel Binding for new and existing domain controllers, scheduled for March 10, 2020, has been postponed to the second half of calendar year 2020. The March 2020 update will only provide additional auditing capabilities to identify and configure LDAP systems before they become inaccessible with the later update.
The later update results in no more connections to the domain controller, via unsigned / Clear Text LDAP on port 389. Then it is only possible to use either LDAPS via port 636 or Signed LDAP (StartTLS) on port 389.
Continue reading “ADV190023 – Enable LDAPS in Windows DC and Citrix ADC”
In one of my recent projects, I had to build several Citrix ADCs in a new data center. After consultation with the customer, the same services and functions should be configured as in the old data center. The only difference was that the new data center should use different IP ranges and therefore all network settings of the Citrix ADCs and the connected services had to be adapted.
Continue reading “Copy a Citrix ADC configuration to a new machine”
- Same version and build on all Citrix ADC
- Same Citrix ADC license version on all Citrix ADC
- IP addresses of the new Citrix ADC should be defined and free (NSIP, SNIP & VIP).
- IP addresses of the connected machines should be known (server or server groups)
- Basic configuration of the new Citrix ADC should be done (NSIP, SNIP, DNS, Timezone & License)