ADC

Configure NetScaler Gateway preauthentication EPA scan for the domain check

May 2, 2023

Contributed by:

S C

You can configure NetScaler Gateway preauthentication EPA scan to check if the user device is domains based or not.

Navigate to NetScaler Gateway > Policies > Preauthentication.
Click the Preauthentication Profiles, tab and then click Add.
Enter a name for the new profile, and click Create.
Switch to the Preauthentication Policies tab and click Add.
Enter a name for the policy.
In Request Action, choose the previously created domain scan profile.
In Expression, click OPSWAT EPA Editor.
In Expression Editor, select Windows to scan Windows based systems, and then choose Domain Check.
Click + and enter the domain suffix and comment, if any. In this example, ‘example.com’ is used as the domain suffix.
Click OK, and then click Create.
Bind the policy to the virtual server to enable the policy.
1. Navigate to NetScaler Gateway > Virtual Servers.
2. Select the virtual server, and then click Edit.
3. In the Policies section, click the + sign.
4. In Choose Policy, select Preauthentication, and then click Continue.
5. In Select Policy, select the policy created for domain scan, and then click Bind.
6. Click Done. The Policies pane displays the other policies and the new preauthentication policy bound to the virtual server.

After the scan is enabled, test it with a suitable client that has domain membership matching the setting in the policy. Repeat the scan with a non-confirming client to verify the functionality of the new policy.

Configuration by using the NetScaler CLI

To enable preauthentication policy for domain check, at the command prompt, type:

add aaa preauthenticationpolicy <policy name> "CLIENT.SYSTEM(DOMAIN_SUFFIX_anyof_<domain>[COMMENT: Domain check]) EXISTS" <Action Name>
<!--NeedCopy-->

The following is the preauthentication policy for domain check:

EPA Domain Check CLIENT.SYSTEM('DOMAIN_SUFFIX_anyof_<domain>[COMMENT: Domain check]') EXISTS
<!--NeedCopy-->

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Configure NetScaler Gateway preauthentication EPA scan for the domain check

May 2, 2023

Contributed by:

S C

May 2, 2023

Contributed by:

S C

Configure NetScaler Gateway preauthentication EPA scan for the domain check

Configuration by using the NetScaler CLI

In this article