Troubleshoot authentication issue in NetScaler

Authentication processing in NetScaler Gateway is handled by the Authentication, Authorization, and Auditing (AAA) daemon. The raw authentication events that AAA daemon processes can be monitored by viewing the output of the aaad.debug module and serves as a valuable troubleshooting tool. The aaad.debug does not display the results or log them, so cat command can be used to view the output of aaad.debug. The process of using nsaaad.debug to troubleshoot an authentication problem is typically referred to as debugging aaad. This process is useful for troubleshooting authentication issues such as:

•General authentication errors
•Username/password failures
•Authentication policy configuration errors
•Group extraction discrepancies

To troubleshoot authentication with aaad.debug module, complete the following procedure:

1. Connect to NetScaler Gateway command line interface with a Secure Shell (SSH) client such as PuTTY.
2. Run the following command to switch to the shell prompt: shell
3. Run the following command to change to the /tmp directory: cd /tmp
4. Run the following command to start the debugging process: cat aaad.debug
5. Perform the authentication process that requires troubleshooting, such as a user logon attempt.
6. Monitor the output of the cat aaad.debug command to interpret and troubleshoot the authentication process.
7. Stop the debugging process by pressing Ctrl+Z.
8. Run the following command to record the output of aaad.debug to a file:

cat aaad.debug | tee /var/tmp/debuglogname.log


About Murugan B Iyyappan

Working as a Consultant - Citrix solutions architect with 18 years of experience in the IT industry. Expertise in Citrix products and Windows platform.
This entry was posted in Citrix XenApp. Bookmark the permalink.