Issue:-

I see the option to change password using a web browser (web receiver); accessing internally and externally. I do not see the option in the citrix receiver (located in toolbar). Is this not an option using the citrix receiver 4.4.2000.16? Next you can start the Local Policy Editor (gpedit.msc) and go to Computer Configuration Administrative Templates Citrix Components Citrix Receiver User Authentication. Within User Authentication select Local Username and Password and select the options: Enable pass-through authentication and Allow pass-through authentication for all ICA.


Many time we face issue in Citrix Netscaler gateway that we have two factor authentication enabled with Primary as LDAP or something and Secondary as Radius with One time password.

Citrix Workspace


The main catch here is that OTP will only be provided to the user once they are authenticated to LDAP.
Problem:-
Citrix Receiver PasscodeThe problem we face here is that Netscaler on the first screen itself ask for Username/ Password and Passcode ( OTP) but since the user is not yet authenticated hence they can't provide the OTP.
The desired answer is we need to hide the second password field not shown to the user. There are many ways to do this on the Browser but there is no way to do this on the Citrix Receiver.
Solution:-
1. Your Receiver version should be 4.4 or above for this.
2. Then go to Netscaler using WinSCP or any other SFTP tool or vi editor andEdit the/netscaler /ns_gui/vpn/index.html file
3. Add this line to the file
<METAhttp-equiv='X-Citrix-AM-GatewayAuthType'>below <META http-equiv='Content-Type'>
As you can see below

<!DOCTYPEhtml PUBLIC '-//W3C//DTD XDEV_HTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>
<head>
<metahttp-equiv='X-UA-Compatible'>
<linkrel='SHORTCUT ICON' href='/vpn/images/AccessGateway.ico'type='image/vnd.microsoft.icon'>
<METAhttp-equiv='X-Citrix-AM-GatewayAuthType'>below <META http-equiv='Content-Type'>
<METAhttp-equiv='Content-Type'>
<METAcontent=noindex,nofollow,noarchive name=robots>
<linkhref='/vpn/js/rdx/core/css/rdx.css'type='text/css'/>

And it started workingfine and you will notice the passcode field is hidden as shown below

After entering passwordin the second screen it shows the OTP asked by the radius.

Citrix Receiver Password 2




Depending on how your company configured Duo authentication, you may or may not see a “Passcode” field when using the Citrix Receiver client.

Password with Automatic Push

If Receiver only prompts for a password, like so:

After you submit your login information, an authentication request is automatically sent to you via push to the Duo Mobile app or as a phone call.

Citrix Receiver Passcode Free

Alternatively, you can add a comma (“,”) to the end of your password, followed by a Duo passcode or the name of a Duo factor. Here's how:

Type...To...
password,passcodeLog in using a passcode, either generated with Duo Mobile, sent via SMS, generated by your hardware token, or provided by an administrator.
Examples: 'mypass123,123456' or 'mypass123,1456789'
password,pushPush a login request to your phone (if you have Duo Mobile installed and activated on your iOS, Android, or Windows Phone device). Just review the request and tap 'Approve' to log in.
password,phoneAuthenticate via phone callback.
password,smsGet a new batch of SMS passcodes.
Your login attempt will fail — log in again with one of your new passcodes.

Citrix Receiver For Mac

You can also add a number to the end of these factor names if you have more than one device registered. For example, push2 will send a login request to your second phone, phone3 will call your third phone, etc.

Examples

To use Duo Push if your password is 'hunter2', type:

To use the passcode '123456' if your password is 'hunter2', type:

hunter2,123456

To send new SMS passcodes to your second phone if your password is 'hunter2', type:

The comma is Duo's default separator character between your password and the Duo factor. Your administrator may have changed this to a different character. Be sure to follow the instructions sent to you by your organization if they differ from what's shown here.

Passcode for Factor Selection

If Receiver does prompt you for a 'Passcode' as shown:

Citrix Receiver Passcode

Use the 'Passcode' field to tell Duo how you want to authenticate. Here's how:

Type...To...
A passcodeLog in using a passcode, either generated with Duo Mobile, sent via SMS, generated by your hardware token, or provided by an administrator.
Examples: '123456' or '1456789'
pushPush a login request to your phone (if you have Duo Mobile installed and activated on your iOS, Android, or Windows Phone device). Just review the request and tap 'Approve' to log in.
phoneAuthenticate via phone callback.
smsGet a new batch of SMS passcodes.
Your login attempt will fail — log in again with one of your new passcodes.

You can also add a number to the end of these factor names if you have more than one device registered. For example, push2 will send a login request to your second phone, phone3 will call your third phone, etc.

Examples

To send a Duo Push request to your primary phone, type:

push

To send a Duo Push request to your secondary phone, type:

To use the passcode '123456', type:

123456

To send new SMS passcodes to your second phone, type:





⇐ ⇐ Boom Recorder Pro
⇒ ⇒ Firefox 48 For Mac