In pre-authentication endpoint analysis, the user cannot log on with the Citrix Gateway plug-in if the user does not install the Endpoint Analysis plug-in or skips the scan. In post-authentication endpoint analysis, the user can access resources for which a scan is not required by using either clientless access or by using the Citrix Workspace app. IBM BigFix formerly IBM Endpoint Manager, Tivoli Endpoint Manager (TEM) and before that, BigFix, is a systems-management software product developed by IBM for managing large groups of computers running Windows, Mac OS X, VMware ESX, Linux or UNIX, as well as various mobile operating systems such as Windows Phone, Symbian, iOS and Android.
Important! This article is intended for use by System Administrators. If you are experiencing this issue and you are not a System Administrator, contact your organization’s Help Desk for assistance and refer them to this article.
To resolve this issue ensure that the preauthentication policy and NetScaler Gateway plug-in are correctly configured.
In this article a File Exist Policy for preauthentication is used to illustrate the correct configuration.
Xcode 9 download. Create the preauthentication policy and bind it to the NetScaler Gateway virtual server.
For more information refer to Citrix Documentation - Configuring Preauthentication Policies and Profiles.
Note: Ensure that you enable Smart Access Mode.
Download and install the Citrix NetScaler Gateway Plug-in for MAC OS X.
Create a file on the MAC OS X. Currently, the only supported directory is the /Library directory.
In this example /Library/test.txt is created.
Run Citrix NetScaler Gateway Plug-in.
Enter a name for this connection in the Connections tab.
Note: This need not be an FQDN. The FQDN is added as a placeholder for reference.
Specify the FQDN for the NetScaler Gateway virtual server in the Connections tab.
Note: Do not use http or https when specifying the FQDN.
If two-factor authentication is used, select Show secondary password field check-box.
Close the Preferences Window and select the new site to start the log on process.
If you are using a preauthentication policy, then the following screen appears for logon:
This error is usually observed when preauthentication policy or NetScaler Gateway plug-in is in correctly configured.
In the NetScaler command line interface, you can run the following command to view the failed EPA scans:
tail -f /var/log/ns.log grep EVAL
Citrix Endpoint Analysis Download Mac Download
The EPA scans that pass will not show in this log.
Citrix Endpoint Analysis Plug-in Mac Download
For more information about EPA, refer to Citrix Documentation - Configuring Endpoint Polices.