Citrix StoreFront authentication in SSO mode

Posted on Monday 08/02/2016 by Victor — Leave a comment

I found something extremely intriguing about StoreFront and authentication and wanted to share it with the community.

Let’s take StoreFront 3.0, although I bet it was there since beginning.

When StoreFront is configured in SSO mode you have two types of authentication:

From the Internet (via NetScaler)
From internal network (no NetScaler involved)

The Internet authentication is pretty straight forward. StoreFront SSO is not active and users must login the old way, with username and password.

The difference can be seen when SSO authentication from internal network is being used and one specific feature is missing. Explicitly.

And apparently, there’s a reason for it.

In StoreFront’s top-right side, there’s a drop-down menu that appears when clicking the user’s name. The drop-down menu is by default populated with the “Activate” and “Log Off ” options, but the Administrator can add more options there.

But where’s the “Change password…” option?

Well, I mentioned that this feature is explicitly removed when SSO is active, and the reason is very logic and I’d give lots of Kudos to Citrix for this.

The reason for the missing “Change password…” option is just one: SECURITY.

As mentioned by some friends at Citrix, the logic behind this is quite simple. When an user logs in to his computer and SSO is active, the option is missing in order to protect it’s password, as he might leave his PC unlocked and “a friend” could change the password from StoreFront. And because SSO is active, the “friend” would not be asked for the current password.

If you have like me, clients that need to change passwords from StoreFront, tell them to connect with the alternate login method (Username and Password) and the “Change password…” field will appear where it should be.

Cheers!

Advertisements

About Victor

Victor an End User Computing Architect and Consultant. You find him most of the time on Twitter (@01004753) but also on LinkedIn evangelizing new technologies and processes that can change in good, the world we live in. Victor has expertise in Server & Client Virtualization, Client Management, GPU Virtualization, HyperConvergence and Enterprise Security

Tagged with: Citrix, HOWTO
Posted in Citrix, HowTo

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

Connecting to %s

Some ask why I have a 1Gbps FTTH Internet at home. Well to download big stuff without pain. #workingabroad #hotelinternetisbad 5 days ago
I'm the #productivity Grandmaster– with over 20k @Todoist Karma points! win.todoist.com/karma/en/6/2 2 weeks ago
BREAKING: Saudi Arabia, Bahrain, UAE and Egypt to suspend air travel to and from Qatar lnkd.in/gGz4iRP 2 weeks ago
What if robots take over the world? b-gat.es/2snsDL6 2 weeks ago
Done for today! Completed 15 tasks! #TodoistZero todoist.com/todoist/zero/6… 2 weeks ago
RT @elonmusk: Am departing presidential councils. Climate change is real. Leaving Paris is not good for America or the world. 2 weeks ago
Apple design chief Jony Ive is the new chancellor of the world’s best design school lnkd.in/gG3zAE6 4 weeks ago
200 Million Downloaded video players including VLC Player are vulnerable to Malicious subtitles Attack lnkd.in/gxxY5j9 4 weeks ago
RT @ciprianrusen: Say goodbye to the password when using a Microsoft account bit.ly/2q4oFcP #microsoft https://t.co/0z9hTNEIW7 4 weeks ago
Why Donald Trump when you can Trump Donald? https://t.co/AWOCjw5dSx trumpdonald.org #TrumpDonald 1 month ago
If your PC has been infected by WannaCry – the ransomware that wreaked havoc across the world last Friday – you migh… lnkd.in/gjdKiGn 1 month ago
lnkd.in/dEjxesr 1 month ago
Apple releases dozens of security patches for all products. lnkd.in/gjffPrs 1 month ago
VMware acquires Apteligent lnkd.in/gkuUVDF 1 month ago
Given this basic psychology of spying it is impossible for GCHQ or the NSA to actually engage in serious cyber defen… lnkd.in/gFAVp4M 1 month ago

Follow @01004753

Software-defined datacenter, End user computing & cloud Architect (Microsoft MVP Azure, vExpert, Veeam Vanguard, Citrix CTA)

cu camera pe bord

Thincomputing.net

by Michel Roth on the VDI, Desktop Virtualizaion, Application Virtualization, UEM aspects of End User Computing and Product Management

Virtualization, Workspace, EUC, Citrix, VMware | Kyle Davies

Tech Thoughts & Brain Dump

About Citrix, Remote Desktop, Performance, Workspace, Monitoring and more...

Filling gaps in EUC vendor documentation

Don't Follow the Trend

blog.ogs.ro

www.jariangibson.com/1486606887-dedupe/

Double VCDX #122 | Cloud Architect

Calatorind prin lumi indepartate, pictez in cuvinte, lacrimi de culori.

%d bloggers like this: