Cascading external authentication servers
Cascading multiple external authentication servers provides a continuous, reliable process for authenticating and authorizing external users. If authentication fails on the first authentication server, the Management Service attempts to authenticate the user by using the second external authentication server.
To enable cascading authentication, add the external authentication servers to the Management Service. For more information, see Configuring External Authentication. You can add any type of the supported external authentication servers (RADIUS, LDAP, and TACACS). For example, to add four external authentication servers for cascading authentication, you can add any combination of RADIUS, LDAP, and TACACS servers. You can also add all four servers of the same type. You can configure up to 32 external authentication servers in Citrix Application Delivery Management.
Cascade external authentication servers
- On the Configuration tab, under System, expand Authentication.
- In the Authentication page, click Authentication Configuration.
- In the Authentication Configuration page, select EXTERNAL from the Server Type drop-down list (you can cascade only external servers).
- Click Insert, and on the External Servers page that opens, select one or multiple authentication servers that you would like to cascade.
- Click OK.
The selected servers are displayed on the Authentication Servers page as shown in the following figure. To change the order of authentication, use the icon next to a server name to move the server up or down in the list.