SSO is not working
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-01-2017 05:18 AM
Hi All,
we are using multiprovide SSO and SAML2.0 to enable SSO. In one of our subproduction instance it is not working and showing the error email doesn't exist( for example if test.tes@example.com is email address then we are getting error message "User:test.tes@example.com is not found" )
Please help me to troubleshoot the issue.
Thanks and regards
Swamy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-01-2017 07:17 AM
Hi Amaradi,
Do you have any user present in your subproduction instance with that email address? If yes then in ideal case it should login. Just check in logs with name contains saml. you will come to know the error
Mark Correct if this solves your issue and also hit Like and Helpful if you find my response worthy based on the impact.
Thanks
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-01-2017 08:40 PM
Hi Ankur,
Yes, users present in subproduction instances with correct email address and when i check in logs , the error message displayed as same(User:test.tes@example.com not found)
Thanks and regards
Swamy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-01-2017 09:52 PM
Hi Amaradi,
The reason is that there is no user present in the system with the email id as test.tes@example.com. In your instance please navigate to Properties of the SAML 2.0 section. There you will find 'The User table field to match with the Subject's NameID element in the SAMLResponse.' Please check which field is mentioned in that property. In your case I guess, some other alias field is provided, not the exact email_id from user table. If so, then the alias field's value is needed to be same as of the error message email id for the particular user to login successfully.
I hope this helps.Please mark correct/helpful based on impact
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-01-2017 10:11 PM
Hi Pal,
No, user is present in our instance and email only selected for checking. I have cross checked all the properties and i checked ADFS certificate but unable to find the exact issue.
Thanks and regards
Swamy
