Friday, January 23, 2015

MDX Sharefile APP SSO


MDX ShareFile app has been published for end users. But SSO is not working. I had configured PingFederate as IDP provider for Sharefile and Single Sign On is failing.

As per Citrix, MDX Sharefile App supports only Xenmobile(App Controller) SSO only. Hence I have configured Sharefile SSO using the following articles and it worked like gem..

http://blogs.citrix.com/2014/01/16/xenmobile-sharefile-mobile-app-sso-using-saml/

http://support.citrixonline.com/en_US/sharefile/all_files/SF090017

It supports multiple domains too..For that I have added AD authentication domains on both Netscaler(Under gateway--Policies ---Authentication---LDAP) and App controller (settings --Active Directory) and linked them in Netscaler by binding the LDAP policies to Gateway virtual server.

Have a nice Day...
Posted by at No comments:

Tuesday, January 20, 2015

ShareFile SSO failing PingFederate


The PingFederate has been configured as SAML authentication provider for ShareFile.

ShareFile SAML logon link:

https://company.sharefile.com/saml/login

Logon screen was showing up after user passes credentials for Sharefile login even configuring after SSO.

Solution:
In my situation, I was loaded the wrong X.509 certificate.

Get the right certificate from PINGFederate server or copy the cert from PING meta server file.
Replacing:
Login to Sharefle sub domain
go to Admin ------>Configure Single Sign On ----->click "Change" to replace right cert one.


Regards

Posted by at No comments:

Monday, January 12, 2015

Users terminated in Citrix App Controller 9.0


Recently all users were terminated in Citrix App Controller after changing user base DN and AD server.


Issue: Users showing in terminated state on app controller



All the users showing in a terminated state are from a child domain ZZZ.YYY.com and all not the actual parent domain YYY.com . The "50" users of the parent domain YYY.com were showing up as Active on App controller in a active state.

We have deleted the domain YYY.com on app controller and re added it again after which  all the terminated users were erased and only the "50" users of YYY.com domain were synced on app controller  in a active state.

Please be careful before deleting domain.

Have a nice day!

Posted by at No comments:

Wednesday, January 7, 2015

ShareFile SSO SAML configuration ADFS/Xenmobile/PING/OKTA/OneLogin

ShareFile Single Sign-On

ShareFile has added additional Identity Provider (IdP) support to its SAML implementation.
ShareFile Single Sign-On can be configured with any SAML 2.0-based federation tool using basic, integrated, or forms authentication.

Please find here information to configure SSO for ShareFile using SAML authentication through the following products.

XenMobile

For configuring ShareFile Single Sign-On with XenMobile, click here.

ADFS

For configuring ShareFile Single Sign-On with ADFS, click here.

Okta

For configuring ShareFile Single Sign-On with Okta, click here.

Ping Federate

For configuring ShareFile Single Sign-On with Ping Federate, click here.

OneLogin

For configuring ShareFile Single Sign-On with OneLogin, click here.

Here is the link from Citrix for complete article:

http://support.citrixonline.com/en_US/ShareFile/help_files/SF150004?Title=ShareFile+Single+Sign-On

Have a nice day!
Posted by at 1 comment:
Subscribe to: Posts (Atom)