Recording Issue In Smartauditorall About Citrix

Posted on  by



downloadWhy can't I download this file?

  • Run the following command to change to the /tmp directory:
    cd /tmp

    1. Run the following command to start the debugging process:
      cat aaad.debug

    Recording Issue In Smartauditorall About Citrix Cloud

    1. Perform the authentication process that requires troubleshooting, such as a user logon attempt.

    1. Monitor the output of the cat aaad.debug command to interpret and troubleshoot the authentication process.

    1. Stop the debugging process by pressing Ctrl+Z.

    1. Run the following command to record the output of aaad.debug to a file:
      cat aaad.debug | tee /var/tmp/<debuglogname>
      Where /var/tmp is the required directory path and <debuglogname.log> is the required log name.

    Smartauditorall

    The following section provides examples of how aaad.debug module can be used to troubleshoot and interpret an authentication error.

    Incorrect Password

    In this example, the user entered an incorrect Lightweight Directory Access Protocol (LDAP) password.

    Invalid Username

    In this example, the user entered an incorrect username.

    Invalid LDAP Bind Attempt

    In this example, an invalid set of LDAP bind credentials were defined in the authentication policy.

    Determining Group Extraction Results

    In this example, the group extraction results can be determined. Many issues with AAA group access involves the user not picking up the correct session polices for their assigned group in a Citrix Gateway appliance. Common reasons for this include incorrect spelling of Active Directory/Radius group name in the appliance and users not being a member of the security group in Active Directory/Radius.

    Additional Resources

    CTX138663 - Error Codes Returned by aaad.debug Module of NetScaler
    CTX108876 - How to Configure LDAP Authentication on NetScaler
    CTX139963 - How to Configure NetScaler Gateway Session Policies for StoreFront
    CTX233027 - [NetScaler Gateway Trace Study] – LDAP Authentication
    CTX114335 - How to Configure an LDAP Monitor on NetScaler
    Citrix Blog - Monitoring secure LDAP using Citrix NetScaler

    Background

    Recording Issue In Smartauditorall About Citrix Workspace

    Authentication processing in NetScaler Gateway is handled by the Authentication, Authorization, and Auditing (AAA) daemon. The raw authentication events that AAA daemon processes can be monitored by viewing the output of the aaad.debug module and serves as a valuable troubleshooting tool. The aaad.debug is a pipe as opposed to a flat file and does not display the results or log them. Therefore, the cat command can be used to view the output of aaad.debug. The process of using nsaaad.debug to troubleshoot an authentication problem is typically referred to as 'debugging aaad.”