This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
CJBIGGERS
New Contributor
New Contributor
‎2020-04-02 06:10 PM

SecurID Access SSO SAML with Office 365 issue

Jump to solution

I'm having an issue with intergrating SecurID Access into Office 365. I've followed the guide but currently getting this issue.

 

Sign in

Sorry, but we’re having trouble signing you in.

AADSTS50107: The requested federation realm object 'urn:uri:IDPID' does not exist.

 

Anyone have any troubleshooting tips or guidance?

 

 

 

Thanks

Labels (1)
0 Likes
Reply
1 Solution

Accepted Solutions
CJBIGGERS
New Contributor
New Contributor
In response to TedBarbour
‎2020-04-02 06:36 PM

Jump to solution

Ted Barbour

 

I was using the RSA Inteplementation guide and your supposed to set the Issuer Entity ID to 

urn:uri:<idp_id> on the RSA Application side, then on the Office 365 side, when you run Set-MsolDomainAuthentication you set the IssuerUri to $cloudURL. This is direct from RSA documentation and from what I can tell is incorrect. 

 

I just fixed it myself. The Integration guide has a step that is incorrect apparently unless i'm missing something.

The only reason I found this was if you look at the screenshot they included in the document, it shows a REALLY short and blurred out IssueUri. No way that could be a url, so I decided to change it to just my Entity ID. 

 

This is copy / paste direct from Microsoft Office 365 - SAML SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide 

 

 

Set-MsolDomainAuthentication –DomainName $domain –FederationBrandName $domain -Authentication Federated –ActiveLogOnUri $cloudURL –IssuerUri $cloudURL -LogOffUri $logOffURL –PassiveLogOnUri $cloudURL –SigningCertificate $certData –PreferredAuthenticationProtocol “SAMLP”

 

Am I wrong or am I just not seeing something?

 

Anyways I have it resolved! Thanks for the quick reply though.

View solution in original post

Reply
4 Replies
TedBarbour
Employee
Employee
‎2020-04-02 06:21 PM

Jump to solution

Hi CJ BIGGERS‌ - what value did you set the Issuer Entity ID to on the RSA side vs the $idpID variable on the O365 side when you ran the Set-MsolDomainAuthentication command?  

 

Thanks,

Ted

Reply
CJBIGGERS
New Contributor
New Contributor
In response to TedBarbour
‎2020-04-02 06:36 PM

Jump to solution

Ted Barbour

 

I was using the RSA Inteplementation guide and your supposed to set the Issuer Entity ID to 

urn:uri:<idp_id> on the RSA Application side, then on the Office 365 side, when you run Set-MsolDomainAuthentication you set the IssuerUri to $cloudURL. This is direct from RSA documentation and from what I can tell is incorrect. 

 

I just fixed it myself. The Integration guide has a step that is incorrect apparently unless i'm missing something.

The only reason I found this was if you look at the screenshot they included in the document, it shows a REALLY short and blurred out IssueUri. No way that could be a url, so I decided to change it to just my Entity ID. 

 

This is copy / paste direct from Microsoft Office 365 - SAML SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide 

 

 

Set-MsolDomainAuthentication –DomainName $domain –FederationBrandName $domain -Authentication Federated –ActiveLogOnUri $cloudURL –IssuerUri $cloudURL -LogOffUri $logOffURL –PassiveLogOnUri $cloudURL –SigningCertificate $certData –PreferredAuthenticationProtocol “SAMLP”

 

Am I wrong or am I just not seeing something?

 

Anyways I have it resolved! Thanks for the quick reply though.

Reply
TedBarbour
Employee
Employee
In response to CJBIGGERS
‎2020-04-03 09:44 AM

Jump to solution

Thanks for the info CJ BIGGERS‌ and glad you have it working now!

 

Apologies for what appears to be a documentation bug.  We will correct that as soon as possible.

 

Thanks again,

Ted

Reply
NicanorPulido
Occasional Contributor
Occasional Contributor
In response to TedBarbour
‎2021-11-05 04:45 AM

Jump to solution

Please correct the documentation. I spent several hours trying to figure out what was wrong with my configuration before reaching this entry.

Many thanks.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.