NimbostratusSupport for 2 different Citrix farms on one Virtual Server
Hi All,
We are currently using a BIG-IP APM device to allow external access to our XenApp 6.0 farm with Web Interface. Basically, we are using the BIG-IP as a NetScaler replacement.
We are in the process of trying to roll out a XenDesktop 7.8 implementation using Store Front. My problem comes with trying to support both environments using a single Virtual Server.
Right now, we have an SSO form and a iRule in place for the 6.0/Web Interface farm. The SSO Configuration is applied to the Access Policy and the iRule is applied to the Virtual Server. This is problematic, since I can't think of a way to provide support for both environments at the same time. I can either support one or the other by changing the SSO Configuration and the iRule, but applying the set for the 6.0 Farm breaks the 7.8 farm and vice-versa.
What I am trying to determine is if there is any other way to apply the SSO Configuration and the iRule based on a user's role, rather than at the VS and Access Policy level.
In my access policy I do a AD group membership check for a group called "XEN 7 Users". If my user is in that group, I can then assign them some SSO credentials and the StoreFront Pool. If they are not in the "XEN 7 Users" group, they get assigned SSO credentials and the Web Interface pool. However, if they are in the "XEN 7 Users" group, but the SSO config and IRule for the Web Interface are in place they can't access the Store Front servers.
Is there some way I could assign SSO configurations and iRules based on the user's role, rather than to the Access Policy and Virtual Server? I am looking to get a little more granular.
Thanks, I hope this was clear.
-John
