How to Troubleshoot Citrix NetScaler Access Gateway Authentication with aaad.debug

To troubleshoot authentication with Aaad.debug, complete the following procedure:

Connect to the Access Gateway Enterprise Edition command line interface with a Secure Shell (SSH) client such as PuTTY.



Run the following command to switch to the shell prompt:
shell



Run the following command to change to the /tmp directory:
cd /tmp



Run the following command to start the debugging process:
cat aaad.debug | grep username

Use | grep username to filter out a particular user



Perform the authentication process that requires troubleshooting, such as a user logon attempt.



Monitor the output of the cat aaad.debug command to interpret and troubleshoot the authentication process.



Stop the debugging process by pressing Ctrl+Z.



Run the following command to record the output of aaad.debug to a log file:
cat aaad.debug | tee /var/tmp/<debuglogname.log>

Where /var/tmp is the required directory path and <debuglogname.log> is the required log name