Single user automatically redirecting to logout page

matt_staples · ‎04-20-2016

We have a single user who for unknown reasons is unable to log into our ServiceNow live instance. When the user logs in through our simplesaml login portal it accepts his details and then redirects him to lboro.service-now,com/logout_redirect.php and then immediately redirects him to our simplsaml logout page. There are no error messages that occur and the whole thing happens instantaneously. .

This only happens with this single user. I've tested his account on my computer and the same issue occurs so it only seems to be his account. His account is active in ServiceNow and I'm able to impersonate it through my admin account without issue.

Not entirely sure where to start with troubleshooting this. I've checked our login rules and UI scripts but could find nothing that would suggest why this is happening. The user is just a customer filling out a form in the Services and has no roles within ServiceNow (other users without roles are able to sign in without any issue).

Can anyone assist? Thanks in advance.

Service Manager · ‎09-14-2020

Hi,

I am having similar issue, was it resolved?

if yes then what was the solution ?

In my case, user account is not locked or disabled, we just upgraded from New York to Orlando version and since then it stopped working SSO for Google suite.

User was forcibly redirected to logout page.

Thanks!

Steven Chaparro · ‎09-15-2020

Is the user profile Active checkbox checked? My suggestion will be to go to the identity provider and test the connection using that user credentials. When it fails it will give you a summary of the results. You can share the results here for additional troubleshooting. Remember do not include sensitive information from the results. Redact it before sharing here.

Service Manager · ‎09-15-2020

Yes, profile is Active with checkbox checked. From identity provider test connection I found something like Userlogin: undefined. Though, identity provider got activated successfully with "IDP's logout URL not set. So, cannot logout the ID session".

Thanks

Steven Chaparro · ‎09-16-2020

Thats a good find, the userToLogin: undefined means that no user record were found in servicenow with the username in Subject NameID:***********.org. In the instance, make sure that there is a user profile that has the userID the same as the username from your idP provider. If ServiceNow doesnt have a user profile for the intended user, create a new user record that match the userID. If you already have the user profile but with a different userID just replace it with the one from your idP provider.

Example:

I am using Azure AD
username: john.doe@contoso.com

In ServiceNow, the user profile should have
user ID: john.doe@contoso.com

Service Manager · ‎09-17-2020

Everything was validated and double checked such as user ID or user name.

It is working as expected on our DEV instance but not on Test.

FYI - our DEV instance is on New York version and Test is on Orlando.

Thanks