Questions in topic: "iwa" https://knowledge.亚搏在线safe.com/questions/topics/single/55291.html The latest questions for the topic "iwa" SSO cross domain users https://knowledge.亚搏在线safe.com/questions/66055/sso-cross-domain-users.html

Hi all,

I've a question regarding single sign on into FME Server.

I've installed FME Server on a domain (let's call it "DomainA") and I've configured the SSO for the users in the Domain A.I've tried tolog in on a client using right domain A account and then,using InternetExplorer,I've logged into FME Server in SSO mode and It works fine.

Now I have another domain (let's call it "Domain B") trustedwith Domain A in bidirectional mode.

In FME Server I added the connection to the Domain B'sActive Directory and imported the users from this domain.

I tried to log in on a client using right Domain B accountand then,using Internet Explorer,I logged into FME Server in SSO mode but itnot works.

The returned message is "You are not authorized to access this web application"

Can someone tell me if I need to set principal name,usingthe setspn command,also in the Domain B?

Thanks in advance

Roberto

 fmeserver active directory sso iwa Thu,15 Mar 2018 18:33:03 GMT roberto ​FME Server Troubleshooting: Integrated Windows Authentication or Single Sign On https://knowledge.亚搏在线safe.com/articles/55293/fme-server-troubleshooting-integrated-windows-auth.html

Are you encountering issues configuring FME Server for IWA/SSO?Please read below for some common troubleshooting tips and issues.

Troubleshooting

  • Have you followed all theconfiguration steps?(This doc is for the current release,please use the correct version for your installation)
  • Are you using a supported browser?Single Sign On is currently supported on Internet Explorer,Firefox and Chrome.
  • Have you checked the log files?Look in the fmeServer_* log files for messages with '(Active Directory)' or '(Single Sign-On)'.These files are located in /Logs
  • 众所周知,SSOnot workif you are logged into the machinewhere FME Server is installed– please test connecting from a different machine.

Authentication failures with IWA/SSO:

Do you see any of the following errors in the fmeServer.log:

Incorrect Mechanism

Negotiation Error
  • Additional Notes: Make sure that the SPNs have been entered in the formhttp/server.cominstead ofhttp://server.com.HTTP and HTTPS Protocols both use the HTTP Service Class.

Service Account

Cross-Domain User

Same Machine Access

Common Questions from the FME 亚搏国际在线官网Community

1.FME Server Single Sign-On refuses logins while Active Directory login works fine

Are you still experiencing issues?

Please consider posting to theFME 亚搏国际在线官网Community Q&Aif you are still experiencing issues that are not addressed in this article.There are alsodifferent support channelsavailable.

Have ideas on how to improve this?

You can add ideas or product suggestions to ourIdeas Exchange.

 fmeserver troubleshooting active directory sso iwa Tue,10 Oct 2017 23:15:00 GMT jlutherthomas