Skip to main content
Start a Conversation

Unsolved

B

BigBJ

14 Posts

2984

May 9th, 2019 10:00

Poll: ThinOS and Microsoft MFA SAML Authentication

Good Day All

My organization is moving to retire our EOL RSA two-factor authentication for externally connected 3040 ThinOS devices in favor of Microsoft Azure MFA.  Azure MFA is a SAML based authentication which requires a browser for pass through as the native Citrix receiver has no way of providing a web page to sign on to Azure. The user then gets a prompt (or phone call or text) from the Microsoft Authenticator App to approve the connection.  ThinOS needs a lightweight browser to get to a normal Netscaler / Storefront logon page where an .ica file can be downloaded. After the .ica file is downloaded the client normally has an association with the file type (ThinOS does not have file association types) and knows to open those files with the native receiver to launch and the .ica file contains all the necessary connection settings.

 

I've brought this up the chain to our Dell reps as a feature set for ThinOS 9, currently slated for December 2019.  The Citrix side of our organization recently got Azure MFA working for iOS and native Citrix receiver working by following these write ups:

https://www.ferroquesystems.com/2019/02/howto-citrix-workspace-app-saml-auth-to-citrix-gateway-via-azure-mfa/

https://discussions.citrix.com/topic/398621-workspace-app-saml-support/

https://www.carlstalhood.com/citrix-federated-authentication-service-saml/

The issue with ThinOS is we always get a Dell "modified" version of Citrix receiver (in the case of the write ups we need Citrix Workspace 1903 or 1904 for this to work) that doesn't support all the features of the full native client.

I thought I would reach out to the community and see who is road mapped for using Microsoft Azure MFA whom also use ThinOS devices and what your plans are?  Maybe if there are enough of us running ThinOS converting to Azure MFA that require this type of enhancement to ThinOS we can get it pushed up the developement ladder for ThinOS 9. I'd much prefer sticking with the over 300 externally deployed teleworker ThinOS devices instead of switching to a 3040 Thin Linux device (which does work with Azure MFA, I've tested already).  I don't like the Thin Linux presentation and configuration in WMS 1.3 vs ThinOS.

 

Thanks for taking the time to read and respond.

Marvin7

1 Message

October 8th, 2019 03:00

Yes Please!

a2samenwerking

4 Posts

November 5th, 2019 07:00

Yes please. We thinking about replacing our old thin clients (about 600) with new WTOS 3040 clients but Azure MFA is required. Hoping this will be supported in WTOS 9.

I've heard that the release date of WTOS 9 will be arround March 2020.

dropfreeze

4 Posts

January 20th, 2020 10:00

Yes Please!

I have a huge order of Wyse 3040 and 5070's that we have been waiting to place because this does not work. We wasted months testing because sales said it worked and support does not even know. We were told v9 should be released end of Q1 2020. But then we also heard April or May 2020

View More

View All

No Events found!

Top