Form Based SSO to Office 365 via XenMobile and NetScaler Traffic Policy

NetScaler Traffic Policies are great ! Control authentication settings etc. on a deeper level.
In this post we look into Form Based SSO on NetScaler, as an approach to automatically submit the email adress to the login form for authentication in Microsoft Office 365.

When running mVPN/VPN sessions through NetScaler Gateway, the NetScaler can detect a specific Login Form that we define and where we need to auto-populate eg. mail adresss within.

Requirements

  • Make sure your LDAP authentication on NetScaler extracts the “mail” attribute from Active Directory. Do this by defining “mail” as Attribute 1 in the LDAP policy.
  • Make sure Secure Web MDX App is configured in Secure Browse mode, with Tunnel to internal network.

This is how my Traffic Form Based SSO looks like:

Above traffic policy will then need to be bound on the NetScaler Gateway to trigger upon mVPN access to login.microsoftonline.com.

Screenshot of my Form SSO profile which I tested with success:

img-alternative-text

Leave a Reply