Scenario
User has a Windows Desktop SSO realm set up. He tries to login to the desired application and gets stopped for 2 Factor Authentication. After entering in the correct credentials, he gets hit with error message:
SecureAuth is unable to process WS-Federation posts at this time. Review debug logs and configuration.
Solution
- Open the SecureAuth Admin realm
- Go to the post-auth tab
- See what certificate they're using. Is this the right one? If so, take note of which it is.
- Open Certificate Console
- Browse to Certificates -> Personal -> Certificates folder.
- Right click on the certificate desired. All Tasks -> Manage Private Keys
- Make sure the following at least have Read authority:
- Authenticated Users (domain group)
- NETWORK SERVICE (local PC group)
Comments
Is this all the trusts that are necessary
Please sign in to leave a comment.