Error message "Can not convert logon name: lab\\tstuser1 to UPN error: 0" during IWA authentication in RSA Access Manager
Originally Published: 2007-07-12
Article Number
Applies To
RSA Product/Service Type: Web Agent IIS 4.7
Platform: Microsoft Internet Information Services (IIS) 6.0, 5.0
Issue
<Error>:Can not convert logon name: lab\\tstuser1 to UPN, error: 0 <Error>:Can not convert logon name: lab\\tstuser1 to UPN, error: 0 <Debug>:Constructed upn: (null) <Warning>:Failed to obtain upn
Cause
Resolution
An alternative solution would be to perform the IWA authentication on an IIS webserver that is in the same domain as the user. This would be done by specifying a full url (hostname included) for the IWA authentication form in the webagent.conf. The server that does IWA authentication must also have the Access Manager agent installed.
If you have verified the 2 way trust and still have the problem, it could be the account that the application pool in IIS6 is running as does not have sufficient privileges to look up the upn of the user in the other domain. Try running the application pool as a privileged user such as an administrator account to see if this is the case. Then either modify the original account or create a new account to run the application pool as.
IIS5 has a requirement that the iisinfo process run as LocalSystem. If this account is unable to perform the upn check then it is a limitation of the webserver version. To get past this issue, point the url for IWA authentication to an IIS6 webserver.
Notes
Related Articles
Users can not open The SDTID file in some mail applications Number of Views IWA Keyset does not exist Number of Views Limitations of CTF Token for getBirthDate in Agent SDK Number of Views IWA RSA connector server shows wrong certificate when connecting to it through browser with error : Invalid Request Number of Views Unable to save workflows with unconditional transition using RSA Identity Management and Governance Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
