Jump to content

Recommended Posts

Posted

Around 3 months ago, I switched us from an LDAP import to an Azure import to incorporate 2 large areas of our company, did testing on quite a few accounts that all seemed to work fine, now I find that there are a number of accounts with the correct email address etc in Hornbill however theyu receive the following when attempting to sign in with SSO.

 

image.jpeg.38cc19481fe461f51887e34b8ffd7e73.jpeg

 

Our SSO profile is linked to our Azure AD so I cant see that being the problem, any ideas?

 

Josh

Posted

@Josh Bridgens for the affected users, the value for "Name ID" attribute in the SAML response is not matching any value for "Logon ID" for any users in Hornbill. I would say to check what is being used for "Name ID" for these users in AD then check the "Logon ID" for these users in HB.

Posted

Victor, seems you are correct, these appear to be users with a different SAMAccountname... but I cant update it to match?

 

it says the specified user already exists (i cant find them though)

Posted
Just now, Josh Bridgens said:

seems you are correct

Ehm... seems? :P

You should be able to update the logon ID... unless that's not the issue and I am misunderstanding?

 

Posted

"seems" was a figure of speech, you are definitely 100% correct. haha


Trying to change a user to "SReynolds" but get the error message... in images...

 

Howeveres theres no accounts with that anywhere in it..

image.png.d5d98e7506ecdc201990de38c23b4fdd.png

image.png

Posted

@Josh Bridgens ok, so I did some checks and it seems changing the login ID also checks for matches against user ID... I can somehow see why it would do that but I am not convinced is right... I'll ask development.

Posted

@Josh Bridgens ok so, I was advised changing the login ID will indeed check for the value against the user ID and login ID for existing users. This is required as some API calls where user ID is still used which is internally mapped to login ID. Can you try this report to see what user has that value for login ID or user ID?

users-for-josh.report_2.txt

Posted

Ive tried to find it over the past few days and searched for anyone with Reynolds, Sam, anything in their setup and cant locate it. 

Happy for you to have a dig around if you want?

 

Posted

@Josh Bridgens looks like I have to... might have been a bad import that created incomplete user records that exist in the system (almost certain based on the report result above). These "broken" user records are not visible in the UI. I'll send you a PM.

  • Sad 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...