Login for Windows "No two-factor authentication methods found" Admin User works fine.

Follow

SecureAuth IdP Versions Affected: IdP 9.2+ 
Description: After installing Login for Windows, the test User works fine as do people in the bypass group but regular users see the error "No two-factor authentication methods found"

Cause: These Users do not trust the IdP Certificate. This can be proven by adding the User to the bypass group, logging in and then opening the SecureAuth server address in Internet Explorer. If there is a certificate warning, this is the problem. 

Resolution: 

1. Login as an Administrator

2. Open IE and navigate to the SecureAuth site

3. View the Certificate by clicking on the Padlock icon.

4. Click Certification Path

5. Click the Root Certificate and click View Certificate

6. Click install certificate and select the store location of Local Machine - this will mean that everyone trusts the Cert.

7. If you did not see the Install Certificate option, it probably means that you've already imported the certificate to your User store. In which case, open MMC and click Add/Remove snapin

8. Add the Certificate snap in for Current User and repeat for Local machine

9. Copy the SecureAuth G3 Root Certificate Authority from the Current User | Trusted Root Certification Authorities store to the Local Computer | Trusted Root Certification Authorities store

SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.