Authentication Manager Version: 8.8

Horizon Version: 8

Thin Client Being Used: 10ZIG

Token: SID700

Implementing RADIUS Auth through the Horizon Connection server, when going through the web console, the login page for users prompts for Username and Token PIN, then page reloads and users have to type in their LDAP password.

Trying to connect through 10zig to the VDI is really just a hassle right now. First, it prompts for username/pin, then prompts for username/pin again after that it prompts for username/password before fully authenticating users.

I am trying to make sure I didn't somehow miss something when configuring everything.

When I look at the radius logs while authenticating I see:

(1) suffix: Checking for suffix after "@"

(1) suffix: No '@' in User-Name = "username", looking up realm NULL

(1) suffix: No such realm "NULL"

And in my Horizon Logs I can see:

User null\user failed to authenticate because of a bad username or password 

So, when I try to add a prefix or a suffix to include my domain, I just get access denied:

 RADIUS access denied for user username

RADIUS Log Snippet:

(3) perl: &reply:Response-Packet-Type = $RAD_REPLY{'Response-Packet-Type'} -> 'Access-Reject'

(3) perl: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'Perl'

(3) perl: &control:Response-Packet-Type = $RAD_CHECK{'Response-Packet-Type'} -> 'Access-Reject'

(3)   [perl] = reject

(3)  } # Auth-Type Perl = reject

(3) Failed to authenticate the user

(3) Using Post-Auth-Type Reject

(3) Post-Auth-Type sub-section not found. Ignoring.

(3) Login incorrect: [username@domain.com] (from client ConnectionServer1 port 1)

Can someone point me in the right direction on what I should be looking at to get this figured out? All of the instructions online pretty much say the same thing for setting this up, which I've done and can't really seem to get it figured out.