Citrix Workspace Azure



downloadWhy can't I download this file?Citrix Workspace Azure Mfa
  • Citrix Workspace Azure Active Directory
  • Citrix

    Microsoft is partnering with Citrix to use the company’s Citrix Workspace portal as its “preferred digital workspace solution,” and Citrix is using Microsoft Azure as its preferred cloud platform. Citrix Workspace, Azure AD & DSAuthAzureAdNestedGroups. Citrix Cloud and Azure Active Directory is a logical combination for many customers. The integration makes.

    Applicable Products

    • Citrix Cloud
    Access

    Symptoms or Error

    Azure

    Overview:
    Users may be prompted for additional authentication when navigating to Citrix Workspace URLS if Workspace is configured to use a federated identity provider.
    Example:
    Users may be prompted for Azure AD credentials when Using AAD for Authentication to Citrix Workspace, even if the user has a valid Microsoft authentication token.
    Scenario

    • Authenticate to an existing O365 or Azure AD provisioned resource
    • Browser retains the Microsoft authentication token for the session
    • Navigate to Citrix Workspace URL (configured to use AAD as the Workspace IdP)
    • Previous authentication token is NOT accepted by Workspace
    • User is prompted again prompted to provide Azure AD credentials to login to Workspace

    In this video I use Citrix Workspace Cloud and Microsoft Azure to show how simple it is to setup a demo XenApp/XenDesktop environment. The idea is to show of. Add Citrix Virtual Apps and Desktops Standard for Azure to a customer Sign in to Citrix Cloud with your CSP credentials. Click Customers in the upper left menu. From the Customer dashboard, select Add Service in the ellipsis menu for the customer. Citrix XenApp and XenDesktop have traditionally used Windows Server Active Directory domains to manage end user access and administrator roles. With the move to the cloud, the use of an Active Directory domain continues to remain a requirement. When using Azure as a Resource Location, Azure Active Directory also has a role to play.

    Citrix Workspace Azure Mfa

    Solution

    IMPORTANT:
    Customers should consult their internal security teams before requesting an exception to determine which settings are best for their environment and security posture.
    This behavior is turned on by default for all Workspace customers as an additional security measure.
    Customers can request an exceptions on an individual Citrix Cloud tenant basis.
    Contact Citrix Technical Support to have the feature disabled for a specific Cloud Customer account.

    Citrix Workspace Azure Active Directory

    Access

    Problem Cause

    Citrix Workspace Azure
    • Citrix recently made a change with within the Azure AD Workspace integration to resolve a security concern.
    • To ensure that a user is properly and securely authenticated when accessing Citrix Workspace, the Engineering team has added the “prompt=login” parameter to every authentication request to the IdP of record.
    • This parameter forces the user to be prompted for authentication whenever there is not a valid Citrix Workspace session.
    • This was done to align with Industry-standard security practices.


    Additional Resources

    Microsoft has documented how Azure AD should be configured for applications that use “prompt=login”:
    https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-prompt-login
    Citrix CTP Contributions:
    https://jkindon.com/2019/09/20/azure-ad-and-citrix-workspace-sso/




    Comments are closed.