Citrix FAS User Certificate Details Test
Citirx FAS authorizes users to login to the Citrix environment by issuing certificates to the users. To know how many users were issued certificates and what fraction of these certificates are expired, use the Citrix FAS User Certificate Details test.
This test monitors the user certificates managed by Citrix FAS, tracks the usage of these certificates, and reports the count of users who were issued certificates. The test also reports the number of expired certificates, with detailed diagnosis throwing light on which certificates expired and when.
Target of the test : Citrix Federated Authentication Server
Agent deploying the test : An internal agent
Outputs of the test : One set of the results for the Citrix FAS server being monitored
Parameter | Description |
---|---|
Test Period |
How often should the test be executed. By default, this is set to 5 minutes. |
Host |
The IP address of the host for which this test is to be configured. |
Port |
The port at which the specified host listens. |
Show Total User DD |
The detailed diagnosis of the Total Users measure, if enabled, provides detailed information regarding all certificates that Citrix FAS issued to users. In a typical Citrix environment, the Citrix FAS could be managing certificates for hundreds or even thousands of users. In such environments, the detailed metrics of the Total Users measure, if collected, may put considerable strain on the eG database. This is why, by default, eG Enterprise DOES NOT provide detailed metrics for the Total Users measure. Accordingly, the Show Total User DD flag is set to No. However, if you have a well-sized, well-tuned eG database, then you can set this flag to Yes, and enable the collection of detailed diagnostics for the Total Users measure. |
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:
|
Measurement | Description | Measurement Unit | Interpretation |
---|---|---|---|
Total users |
Indicates the total number of users who were issued certificates. |
Number |
By default, the test does not collect detailed metrics for this measure. However, if the SHOW TOTAL USERS DD flag is set to Yes, then detailed diagnostics will be reported for this measure. Such detailed insights include the definition, expiry date, role, and thumbprint of every certificate managed by the Citrix FAS. |
Total unique users |
Indicates the unique users who were issued certificates. |
Number |
|
Total expired users |
Indicates the total number users whose certificates have expired. |
Number |
Use the detailed diagnosis of this measure to determine which certificates expired and when. |
Total unique expired users |
Indicates the total number of unique users whose certificates have expired. |
Number |
|