Get rid of it! In the How To Create The Wow nFactor part one (https://xenapplepie.com/2022/03/13/how-to-create-the-wow-nfactor/), there is a section where you get a popup after configuring your LDAPS authentication. This outlines resolving that by logging into your handy, dandy Netscaler ADC with the power of SSH or putty. I’ll also link from that location the changes listed here to resolve that. This example will use putty as getting in the door. After that point of connection, the commands are the same from an SSH session.
Open up Putty and enter the host name / IP.
Login with your nsroot privilege.
Enter “shell” to drop to the Linux shell.
At the prompt, enter “cd /nsconfig/loginschema/LoginSchema.”
Press “Enter.”
Enter “ls” to list folder contents. You are looking for the PrefilUserFromExpr.xml file.
Enter “cp PrefilUserFromExpr.xml /nsconfig/loginschema/PrefilUserFromExpraaa.xml.” You can change the file name to whatever you wish. I just used this name for the example. This copies the xml file that is the template for the xml file you are going to modify.
Press “Enter.”
Type “cd..” to go up a folder level.
Type “ls” to list folder contents. This is to confirm the file copied correctly.
Type “vi PrefilFromUserExpraaa.xml.” This will open the file in vi editor so that you can make changes to the file.
Press “Enter.”
Use your arrow keys to navigate to the ${http.req.user.name}.
Highlight the first “h.”
Press the “Del” key to delete the text until you have just “{}.”
Press the “i” key to “Insert” and enter “AAA.USER.NAME” in the area so that it looks like ${AAA.USER.NAME}.
Press the “Esc” key and enter “:w!” This will write the file.
Press the “Esc” key and enter “:q” This will quit the vi session.
Type “exit” and press “Enter.” This exits the shell session.
Type “exit” and press “Enter.” This will exit your putty session.
Now you will need to go back to the section for the LDAP schema in your nFactor flow and edit. You will choose the LDAPS_Auth_Test Login Schema.
Click “Edit.”
Click the pencil icon.
Click on the “PrefilFromUserExpraaa.xml.”
Click “Select.” If you do not do this part, you won’t see the change reflected. You will see the ${AAA.USER.NAME} in the “User name” field.
Click “OK.”
Click “Done.”
You have completed the change to the custom XML file to move from the deprecated setting!
Leave a Reply