To configure "Two Factor authentication" using RSA + Storefront Auth along with pre-filled User name in the second Factor

---

Instructions

By enabling Store Front authentication, NetScaler does authenticate users with StoreFront (via LDAP) instead of the NetScaler Gateway performing a LDAP query to an Active Directory server.
 
To configure "Two factor authentication" as RSA + Storefront Auth along with pre-filled User name in the second Factor, please follow the steps below:
 
Go to Advanced authentication Policies under Security --> AAA – Application traffic, create the Policy and Action Type:

Radius:



StoreFront Auth:

• Choose Authentication Type - StoreFront Auth is Selected
• StoreFront URL – The StoreFront Server URL. This should auto-populate from the information entered in the previous screen
• Retrieve Auth Enabled Stores – This will contact the StoreFront server retrieve the authentication endpoint for the store
• Default Authentication Group - This is the default group that is chosen when the authentication succeeds in addition to extracted groups.
• Domain - Domain of the server that is used for authentication. If users enter name without domain, this parameter is added to username in the authentication request

 
To get, the pre-filled User name for the second factor, we need to select the appropriate Login Schema: