- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- Re: Azure AD Authentication with MDS Smart Console...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Azure AD Authentication with MDS Smart Console - SAML error message
Hi everyone,
I am creating a lab to integrate an Identity Provider with Smart Console to login using users for Azure AD.
The environment I am using for the lab is an MDS with version R81.20 and JHF 70.
I have been following this documentation: Creating an administrator account with SAML Login authentication.
When I finished creating the Azure application and linking it to the Identity Provider object in the Global Domain inside the MDS, I tried to authenticate through Identity provider inside the Smart Console, everything seemed to work fine but when I was redirected back to the Smart Console I got the following error message:
Error: An error occurred in processing the SAML response. Make sure the 'Entity ID' is correct, that the response is signed and that this is the Service Provider initiated flow
I have searched about the issue and with the guide from the next SK and Check Mates Post trying to fix the problem but I still have the problem.
sk181695 - Error trying to connect to Azure SAML
Then I tried upgrading JHF 70 > JHF 89 but I still see the same error.
Do you guys think any additional steps are needed for this integration within a MDS?
*In addition, does anyone know if it is important to create an Azure AD type object? If it is necessary, where should it be created, within the Global Domain or in a specific domain?
Note: I attached some additional images of how the application is configured in azure and the object in the MDS. I am not sure if they are helpful for a better view of the problem (I did compare the Entity ID parameters and they are exactly the same if you ask.).
- Labels:
-
Multi-Domain
-
SmartConsole
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you trying to authenticate against the domain or MDS here?
I assume this would need to be configured in the domain.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I am trying this authentication for MDS Level authentication.
I have 3 domains, the first one is for VSX Cluster Management, the other two each has one VSX domain. One domain has internet access.
Is necessary to configure Azure AD object in the domain that have Internet Access?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @PhoneBoy , thank you for your reply,
The authentication would be for MDS Level
As my colleague commented in his post, we have 3 domains:
-1 domain manages the VSX Cluster
-1 domain is for a VS
-1 domain is for a VS and has internet access.
Is it necessary to configure the Azure AD object in the domain with internet access?
Otherwise, is there any documentation that specifies this authentication configuration for an MDS environment?
We found documentation for doing this in an SMS but not in an MDS.