SAML with multiple identities

JanJansen40394 · ‎02-11-2022

Hi,

My login account for my laptop is connected to Azure AD with domain A. Now my customer wants me to connect to his domain B with SAML, but whenever i try to connect with the cisco anyconnect secure mobility client, it uses my normal account with domain A, and i am getting the error

Message: AADSTS50105: Your administrator has configured the application myname@A to block users...

However i don't want to use the myname@A, but i want to use the account that the customer gave me. And i can't seem to logout or switch accounts for this vpn.

Is it possible to use multiple identities and switch tot the customer account for this vpn connection? I don't want to log off from my normal account, because then probably my email, teams and other websites that use my normal account are not working anymore.

Br,

Jan Jansen

calinning · ‎01-05-2024

Did you manage to get this working? I have the same issue at the moment.

JanJansen40394 · ‎01-05-2024

Not really. As a workaround I am now using the windows sandbox and install
every time the vpn. Another workaround was to add the vpn account as an
extra account under Email & accounts on my windows laptop. Then I could
choose which accounts to use.

calinning · ‎01-05-2024

Good shout, thanks for letting me know. I'm very surprised there's no native way to switch accounts.

patrikwillers · ‎05-16-2024

Have been struggeling with this for a while now.
Initially I could get it working (sometimes) by restarting computer and logging into an office product with the desired account.
Found a way easier solution.
Create a AnyConnect.bat file containing the script:
runas /netonly /user:<username> "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe"

Username and path should be changed.

DmytroKostiuk · ‎07-19-2024

Hi, maybe someone have another solution?

MHM Cisco World · ‎07-25-2024

Make new post it better

MHM