SSO troubleshooting and maintenance — NetBackup IT Analytics 11.8 | Cohesity Documentation

Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist

SSO troubleshooting and maintenance — NetBackup IT Analytics 11.8 | Cohesity Documentation

SSO troubleshooting and maintenance

The following covers common scenarios and possible solutions.

Table: Scenarios and its solutions.

Scenario	Solution
SSL Certificate Revisions	If there are changes to the SSL certificates perform the following steps: Use the Keystore Utility (deployCert) to add (replace) the existing SSL certificate. See Add a Certificate into the Portal Keystore. Verify the new SSL certificate has the mandatory prerequisite algorithm settings. See Single sign-on (SSO) prerequisites . Restart the Portal Tomcat service. Log into the Portal after restarting and navigate to Admin>Advanced>System Configuration>Portal . In the section SSO using SAML, click Download in the SAML Metadata field to retrieve the metadata XML file. This file contains the content of the new SSL certificate. To re-register, the file must be resent to the external Identity Provider (IDP) server to identify IT Analytics as a service provider for SSO.
Identity Provider Server (IDP) Revisions	If there are changes to the IDP server, the entire SSO configuration and registration process must be redone.
Identity Provider (IDP) Login Screen Not Displaying	For this issue, check if both the IDP server and the IT Analytics Portal are able to resolve host names. A second solution is try to ping the IDP server by hostname from the IT Analytics Portal.
Message Security Error	This error is displayed when SSL certificates are not as expected with regards to the metadata XML files. Verify the SSL certificates satisfy all the requirements on both the IT Analytics Portal and the IDP server.
Security Provider Not Registered	This error indicates the registration process between the IDP server andIT Analytics Portal was not completed successfully. Verify the exchange of both metadata XML files was done correctly.
IDPSSODescriptor Not Found	This error indicates the Entity Base URL and the path to the IDP server was set incorrectly. Verify there is no '/' at the end of the given path.
Stale Request	This error may be caused by using the browser window back button from the IDP login screen. For this issue, clear your browser cache and retry the SSO login. This error may be caused by time zone discrepancies between the IDP server and the IT Analytics Portal.
Login Issues/Reset Utility	If Single Sign On (SSO) is not properly set up in the Admin>Advanced>System Configuration, after restarting you may not be able to log into the Portal. This utility resets the Single Sign On (SSO) parameters to provide Portal access. Run the following scripts from the command prompt: Linux cd /opt/aptare/utils ./resetSSOConfig.sh Windows cd C:\opt\aptare\utils resetSSOConfig.bat Restart the Portal services after running the OS specific script.

Feedback

Was this page helpful?

Feedback

Was this page helpful?