Citrix StoreFront authentication in SSO mode

Posted on Monday 08/02/2016 by Victor — Leave a comment

I found something extremely intriguing about StoreFront and authentication and wanted to share it with the community.

Let’s take StoreFront 3.0, although I bet it was there since beginning.

When StoreFront is configured in SSO mode you have two types of authentication:

From the Internet (via NetScaler)
From internal network (no NetScaler involved)

The Internet authentication is pretty straight forward. StoreFront SSO is not active and users must login the old way, with username and password.

The difference can be seen when SSO authentication from internal network is being used and one specific feature is missing. Explicitly.

And apparently, there’s a reason for it.

In StoreFront’s top-right side, there’s a drop-down menu that appears when clicking the user’s name. The drop-down menu is by default populated with the “Activate” and “Log Off ” options, but the Administrator can add more options there.

But where’s the “Change password…” option?

Well, I mentioned that this feature is explicitly removed when SSO is active, and the reason is very logic and I’d give lots of Kudos to Citrix for this.

The reason for the missing “Change password…” option is just one: SECURITY.

As mentioned by some friends at Citrix, the logic behind this is quite simple. When an user logs in to his computer and SSO is active, the option is missing in order to protect it’s password, as he might leave his PC unlocked and “a friend” could change the password from StoreFront. And because SSO is active, the “friend” would not be asked for the current password.

If you have like me, clients that need to change passwords from StoreFront, tell them to connect with the alternate login method (Username and Password) and the “Change password…” field will appear where it should be.

Cheers!

Advertisements

About Victor

Victor an End User Computing Architect and Consultant. You find him most of the time on Twitter (@01004753) but also on LinkedIn evangelizing new technologies and processes that can change in good, the world we live in. Victor has expertise in Server & Client Virtualization, Client Management, GPU Virtualization, HyperConvergence and Enterprise Security

Tagged with: Citrix, HOWTO
Posted in Citrix, HowTo

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

Connecting to %s

New form of carbon discovered that is harder than diamond but flexible as rubber socsi.in/9KISe 2 days ago
ANNOUNCING THE NEW RELEASE OF DOCKER ENTERPRISE EDITION lnkd.in/g3845eC 4 days ago
Hacker claims to have decrypted Apple's Secure Enclave, destroying key piece of iOS mobile security lnkd.in/gx7Mu7C 4 days ago
My week on Twitter 🎉: 2 Favorited, 9 Tweets. See yours with sumall.com/performancetwe… 5 days ago
XenApp and XenDesktop 7.15 LTSR was released. Start planning the upgrade now! There are a ton of features that impro… bit.ly/2wZknCm 1 week ago
My #Receiver has no idea that @Citrix published a new version for it #ntzntzntz #updateftw https://t.co/DR3arZi6Ek 1 week ago
RT @pluralsight: Meet our new platform: adaptive skill measurement, paths and mentoring are here! Details: bit.ly/28R0PIx https://… 1 week ago
Musk has just made the technology 100% cooler after thanking Microsoft in a tweet for contributing resources to his… lnkd.in/gPWMvmZ 1 week ago
lnkd.in/gGaa7xr 1 week ago
Is Your iPhone Cable Spying On You? lnkd.in/geG7SXj 1 week ago
Homeopathy 'treatments' must be labelled to say they do not work, US government orders. lnkd.in/gTdyzhQ 1 week ago
Facebook launches the Watch platform lnkd.in/gwF9iBq 1 week ago
My week on Twitter 🎉: 1 New Follower, 1 Favorited, 10 Tweets, 1 New Following. See yours with sumall.com/performancetwe… 1 week ago
Self-Driving Cars Can Be Hacked By Just Putting Stickers On Street Signs lnkd.in/gXPq7Hd 1 week ago
OMV, Petoro discover gas in Gemini North well, Barents Sea lnkd.in/gPQZt5U 1 week ago

Follow @01004753

Software-defined datacenter, End user computing & cloud Architect (Microsoft MVP Azure, vExpert, Veeam Vanguard, Citrix CTA)

cu camera pe bord

Thincomputing.net

by Michel Roth on the VDI, Desktop Virtualizaion, Application Virtualization, UEM aspects of End User Computing and Product Management

Virtualization, Workspace, EUC, Citrix, VMware | Kyle Davies

Tech Thoughts & Brain Dump

About Citrix, Remote Desktop, Performance, Workspace, Monitoring and more...

Filling gaps in EUC vendor documentation

Don't Follow the Trend

blog.ogs.ro

www.jariangibson.com/1486606887-dedupe/

Double VCDX #122 | Cloud Architect

Calatorind prin lumi indepartate, pictez in cuvinte, lacrimi de culori.

%d bloggers like this: