With Netscaler, you can control the resources that an authenticated user can access within an application.
To do complete this, you will need to create an authorization policy in Netscaler and associate the policy to either individual users or a group of users. For detailed instruction, please refer to Netscaler documentation below:
Authorizing User Access to Application Resources
If you are going to associate to associate an authorization policy authorization policy to a user group, then you need to configure your DualShield server Server to return a RADIUS attribute that contains the name of the user group, and configure your Netscaler server to receive the this RADIUS attribute.
To configure DualShield to with a RADIUS attribute, go to RADIUS/Radius Attributes and click create to add a new Radius Attribute. Select "Citrix" as the Vendor, :
Navigate to "Radius | Radius Attributes", then click "+ CREATE" button to create a new Attribute.
Vendor: This would be set as "Citrix"
Name: Select from the drop-down "Citirx-User-Groups" as the Attribute Name, and enter the user group name in the Fixed Value, e.g
Beneath 'Value' section, select option "Fixed Value", then enter a relevant User Group name, such as "Administrator".
In order to assign the newly created attribute to a user group, find find the target group in Directory/Group, tick the newly created attribute in the context menu: Radius Settings/Radius Attribute.
For the NetScaler server Server to receive the RADIUS attribute, go to Configuration/NetScaler Gateway/Authentication/Radius/Server.
Expend Authentication Radius server configure server configure setting. Map the "Group Vendor Identifier" with the "Vendor ID" of the RADIUS attribute, and "Group Attribute Type" with the "Attribute ID".:
