cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1907
Views
0
Helpful
10
Replies

SAML error after Asyncos 13

jape0002_
Level 1
Level 1

Hi!
After upgrading to Asyncos 13.0.0-187 on my SMA I get an error when trying to use SAML login.

Error URL: Error Failed to parse SP metadata file.

When I go into settings for SAML and click on view metadata or download metadata I also get an error: " Error occured while retrieving metadata information"

I tried to create a new IDP-config but same error on that one.

Anyone else that have seen this? I created a case regarding this.

 

10 Replies 10

On the SMA side, did you configure the meta data first (set a cert, at the company name/group, etc? )

Hi!
The SAML login was working prior to upgrading to version 13. So something happend after the upgrade.

 

I'm currently in the SMA 13.5 beta, and I see the same thing.

I'll raise a ticket.




Click into the Service Provider settings.

Did the Name ID Format change/get blanked?  Mine did….

 

I’m pretty sure it should be this:   urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

(that’s what is on my ESA…)

I am getting the same error and the Name ID field is populated (it is actually a field that can't be edited).  When attempting to download the sp metadata the error occurs.

 

Error occured while retrieving metadata information

It is blank and it is greyed out. If I change a value I get an error that says that there field can't be blank. But I can't edit the field.

Annotation 2019-10-09 092843.jpg

They found the issue, and there should be a bug published shortly.

 

You have two options as a workaround:

A.  Recreate the SP profile.  If you set it up with the same values and same certificate, it will work without touching the ADFS side.  (I did this, and it does work.)

 

B.  Open a TAC case and have them do the following via the service tunnel:

  1. Login to device root console and goto '/data/db/config/external_auth.saml/data.cfg'
  2. Open data.cfg, search for sp_settings variable, within that search for 'nameidformat' and change it to 'name_id_format' and save the file
  3. Go to SAML option in UI and Open the Service Provider Settings
  4. Now you will see Name_id_format having values in it, submit and commit the changes.

 

 

 

 

2. delete the profile and and recreate it. 

 

Bug ID CSCvr63378, though it may not be visible yet. 

Great, I have already created a tac case but I have not yet received any feedback on it. I will point my technican to the bug Id :)

I recreated the SP and it worked. But the technician also found something wrong with the configfile itself (wrong end of line character).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: