I'm having an issue with intergrating SecurID Access into Office 365. I've followed the guide but currently getting this issue.
Sorry, but we’re having trouble signing you in.
Anyone have any troubleshooting tips or guidance?
Thanks
Hi CJ BIGGERS - what value did you set the Issuer Entity ID to on the RSA side vs the $idpID variable on the O365 side when you ran the Set-MsolDomainAuthentication command?
Thanks,
Ted
I was using the RSA Inteplementation guide and your supposed to set the Issuer Entity ID to
urn:uri:<idp_id> on the RSA Application side, then on the Office 365 side, when you run Set-MsolDomainAuthentication you set the IssuerUri to $cloudURL. This is direct from RSA documentation and from what I can tell is incorrect.
I just fixed it myself. The Integration guide has a step that is incorrect apparently unless i'm missing something.
The only reason I found this was if you look at the screenshot they included in the document, it shows a REALLY short and blurred out IssueUri. No way that could be a url, so I decided to change it to just my Entity ID.
This is copy / paste direct from Microsoft Office 365 - SAML SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide
Set-MsolDomainAuthentication –DomainName $domain –FederationBrandName $domain -Authentication Federated –ActiveLogOnUri $cloudURL –IssuerUri $cloudURL -LogOffUri $logOffURL –PassiveLogOnUri $cloudURL –SigningCertificate $certData –PreferredAuthenticationProtocol “SAMLP”
Am I wrong or am I just not seeing something?
Anyways I have it resolved! Thanks for the quick reply though.
Thanks for the info CJ BIGGERS and glad you have it working now!
Apologies for what appears to be a documentation bug. We will correct that as soon as possible.
Thanks again,
Ted
Ted Barbour
I was using the RSA Inteplementation guide and your supposed to set the Issuer Entity ID to
urn:uri:<idp_id> on the RSA Application side, then on the Office 365 side, when you run Set-MsolDomainAuthentication you set the IssuerUri to $cloudURL. This is direct from RSA documentation and from what I can tell is incorrect.
I just fixed it myself. The Integration guide has a step that is incorrect apparently unless i'm missing something.
The only reason I found this was if you look at the screenshot they included in the document, it shows a REALLY short and blurred out IssueUri. No way that could be a url, so I decided to change it to just my Entity ID.
This is copy / paste direct from Microsoft Office 365 - SAML SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide
Set-MsolDomainAuthentication –DomainName $domain –FederationBrandName $domain -Authentication Federated –ActiveLogOnUri $cloudURL –IssuerUri $cloudURL -LogOffUri $logOffURL –PassiveLogOnUri $cloudURL –SigningCertificate $certData –PreferredAuthenticationProtocol “SAMLP”
Am I wrong or am I just not seeing something?
Anyways I have it resolved! Thanks for the quick reply though.