Which two components directly communicate with each other during the process of resource launch, when Federated Authentication Service (FAS) is used?
(Choose two.)
Which two components directly communicate with each other during the process of resource launch, when Federated Authentication Service (FAS) is used?
(Choose two.)
During the process of resource launch with Federated Authentication Service (FAS), the FAS Server and the Virtual Delivery Agent (VDA) directly communicate with each other as the VDA uses the certificate issued by the FAS to authenticate users. Additionally, the FAS Server and the Delivery Controller directly communicate as the Delivery Controller manages the sessions and brokers the connections to VDAs, coordinating with FAS for authentication certificates for secure access.
A+D. A:The CA Is talking with AD- it need the user information for issuing a cert, D: Fas and VDA, The Vda use Fase cert to login
I agree to go with A&D. According to the diagram in https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/federated-authentication-service.html#set-up-active-directory-certificate-services , B&C cannot be right.
Roger that. See Stalhood com. "https://www.carlstalhood.com/citrix-federated-authentication-service-saml/" "With SAML, Citrix Gateway and StoreFront do not have access to the user’s password and thus cannot perform single sign-on to the VDA. FAS works around this limitation by using issuing certificates that can be used to logon to the VDA."
FAS doesn't talk to DC and ADC so only A+D can be right!
Correct Answer - is A - "Certificate Authority and Domain Controller"
D is ok but I believe that B should be Storefront, not Delivery Controller. https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/federated-authentication-service.html
A and D , This diagram is the best way to understand https://docs.citrix.com/en-us/tech-zone/design/reference-architectures/federated-authentication-service.html#citrix-fas-for-on-premises-deployment
A and D are the correct options
D is for sure - FAS sends authentication ticket to VDA the other is StoreFront but not on the answers list - see diagram and description in here: https://docs-citrix-com.translate.goog/en-us/xenapp-and-xendesktop/7-15-ltsr/secure/federated-authentication-service.html?_x_tr_sl=en&_x_tr_tl=pl&_x_tr_hl=pl&_x_tr_pto=op,sc
Agree with BeatOn