- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-13-2018 07:15 AM
Hello SN Community
All of a sudden this morning, our SSO failed to redirect to our network login page. SSO is enabled and identity provider is set up as active and default and redirects to the native SN login page. Any ideas where else we can look (I have backdoor access, while all other users cannot log in)?
Thanks in advance
Steve
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-13-2018 04:25 PM
Since a lot of config for SSO is stored in system properties, I would start with looking at sys_properties table and sorting by Updated date descending... make sure nobody changed any values recently.
If you're using Multi-Provider SSO in ServiceNow, find your IdP and you should be able to click Test Connection while on the record. That might give further insight.
Other random things to check:
- expiration of X509 Cert (related list at bottom of IdP record)
- check if your default IdP has field "Auto Redirect IdP" set to true
- system property "glide.authenticate.sso.redirect.idp" has a value set to the sys_id of your default IdP
- syslogs for keywords like SSO and SAML and such... sometimes getting direct error language in the logs can lead to finding where it's erroring in other scripts like Installation Exits and SSO scripts
If you still can't find anything, I would check with your SSO provider to make sure nothing changed on that end.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-13-2018 04:25 PM
Since a lot of config for SSO is stored in system properties, I would start with looking at sys_properties table and sorting by Updated date descending... make sure nobody changed any values recently.
If you're using Multi-Provider SSO in ServiceNow, find your IdP and you should be able to click Test Connection while on the record. That might give further insight.
Other random things to check:
- expiration of X509 Cert (related list at bottom of IdP record)
- check if your default IdP has field "Auto Redirect IdP" set to true
- system property "glide.authenticate.sso.redirect.idp" has a value set to the sys_id of your default IdP
- syslogs for keywords like SSO and SAML and such... sometimes getting direct error language in the logs can lead to finding where it's erroring in other scripts like Installation Exits and SSO scripts
If you still can't find anything, I would check with your SSO provider to make sure nothing changed on that end.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-14-2018 05:16 AM
Thanks Eric, figured out yesterday it was in fact changes to 'glide.authenticate.sso.redirect.idp' that accidentally got included in an update set.
