By: Rick Rohne
The following are some reasons why you would give users a selection box before authentication:
1. Give users a choice to access their appliacations, desktops, or VPN sessions
2. Allow users to access Sharepoint, OWA, and other clientless web applications using the same url.
3. Allows users to have more control, reducing support calls.
4. Get more out of Access Gateway Enterprise.
I created this video to give you an idea on how this can be used:
NOTE: The index.html file mentioned on this article is found under /netscaler/ns_gui/vpn
First create a cookie on the user's workstation
This procedure creates a cookie on the user's workstation which will be evaluated by the session policy. The name of the cookie is NSCookie
1. Download index.html to your workstation.
2. Open the file for editing with your preferred document editor software.
3. Locate the following section:
4. Add the following on the next available line
5. The next line should read:
6. Add storeValues(this);" so that it reads:
Next create the actual pull-down menu
1. On the same index.html page locate the line that reads:
2. Add the following code.
(Note: you can add as many OPTIONS as you wish. The Value’s m(x) will be used to match up against a session policy)
3. Save the changes and copy the file to the /netscaler/ns_gui/vpn directory
Note: make sure to backup the original file.
Create a procedure to allow the custom page to survive a reboot
1. Connect to the appliance using an SSH client such as PuTTY.
2. Type shell.
3. Make a directory on the hard drive to hold the custom file.
4. Copy the modified page to the new directory.
cp /netscaler/ns_gui/vpn/index.html /var/customizations/
5. Create a startup script file called rc.netscaler under /nsconfig (if one is not already present).
6. Copy the copy command into rc.netscaler.
echo cp /var/customizations/index.html /netscaler/ns_gui/vpn/index.html >> /nsconfig/rc.netscaler
Next you must modify the session policies to be based on the presence of the cookie instead of the default "true value".
The expression syntax would look similar to that shown in the screen shot below:
add vpn sessionPolicy xMyDT-pol "REQ.HTTP.HEADER Cookie CONTAINS MyDT" XD_ONLY
The user will then be given a drop down menu on the default logon page. The cookie will be placed on their workstation and evaluated by the session policies. MyDT is the default which should always match the users Default connection while others will match other session policies.
More information on Access Gateway Enterprise
Monday, September 6, 2010
Microsoft Virtualization, Citrix, XENServer, Storage, iscsi, Exchange, Virtual Desktops, XENDesktop, APPSense, Netscaler, Virtual Storage, VM, Unified Comminications, Cisco, Server Virtualization, Thin client, Server Based Computing, SBC, Application Delivery controllers, System Center, SCCM, SCVMM, SCOM, VMware, VSphere, Virtual Storage, Cloud Computing, Provisioning Server, Hypervisor, Client Hypervisor.