Automatic Login with SSL

I tested Automatic Login without SSL and it worked fine, but with SSL the Web Interface throws Access Denied error the first time I browser the URL.

However, on entering User Id and Password it works.

Has anyone faced a similar issue? Is there any specific configuration required for making Single SignOn work with SSL?

by (730 points)
by (216k points)
0

Hello,

The main reason for the issue is that, for some reason, the users cannot authenticate in Adaxes Web Interface using the Kerberos authentication mechanism when connecting via SSL.

To help us troubleshoot the Kerberos issue, can you answer the following questions:

  • When accessing the Web Interface via HTTP and when accessing via HTTPS, do you use the same host name in the Web Interface URL, or are these different names? For example, these can be different DNS records for the same computer.
  • When accessing the Web Interface via SSL, do you use the Fully Qualified Domain Name (FQDN) for the computer or a certain DNS alias?
by (730 points)
0

It is the same host name for both URLs, in fact, it is the same URL except for the Scheme. I am using the fully qualified domain name.

However, I am using a self signed SSL certificate, since this URL is only available on the intranet. Could this be causing the issue?

1 Answer

by (216k points)
0 votes

Hello,

To resolve the issue, you may try to register a Service Principal Name (SPN) for HTTPS connections on the computer where Adaxes Web Interface is installed. To do this, you need to run the following command line on the computer:

setspn -s https/<fqdn> <netbiosname>

where

  • - the FQDN of the computer where your Adaxes Web Interface is installed,
  • - the NetBIOS name of that computer.
by (730 points)
0

Thanks, it worked. It was a problem with the SPN configuration for Kerberos and https

by (360 points)
0

I'm having the same problem, but my web interface and SSL certificate is different from the computer name. What do I need to do to resolve this?

computer FQDN: mitkuscfln89.mii.com
web interface: https://admgmt.mii.com/

by (216k points)
0

Hello,

Run the following command line on the computer where your Web Interface is installed:

setspn -s https/<dns_alias> <netbiosname>

where

  • <dns_alias> - the DNS alias of that computer,
  • - the NetBIOS name of that computer.

Related questions

issue with automatic login

Hi, we are running Adaxes on a MS Server 2008 R2 with IIS 7.5 and we wanted to enable Automatic Login for the self-service part. We did it exactly the way like ... forrest, consisting out of three domains, where the Adaxes server is placed in the root domain.

asked Sep 13, 2013 by ijacob (960 points)
0 votes
1 answer
Sending notifications via SMPT.OFFICE365.COM work with SSL enabled

We are trying to send e-mail notifications using Exchange Online. Everything I can find online shows that this uses smtp.office365.com. This works for us if we don't select the ... it's ready to start mail negotiation, but then Adaxes just stops. Why is this?

asked Aug 18 by jgcovalt (70 points)
0 votes
1 answer
Report Exchange Online - User Mailboxes with Automatic Replies Enabled

Hi Team I need some assitance with creating a report to pull from exchange online all user mailboxes that have automatic replies enabled. I have been attempting to use ... Where-Object { $_.AutoReplyState -ne "Disabled" } | Select Identity, StartTime, EndTime

asked Aug 25, 2021 by Richard_NRL (90 points)
0 votes
1 answer
Problem With Exchange Automatic Replies Property

Hi, We are getting intermittent problems with 2 exchange powershell commands. All the over commands work fine [08/07/2014 19:45:54] Get-CalendarProcessing -Identity "CN=46010248, ... this? I've tried running the command on the mdcexch5r and there is no error.

asked Aug 7, 2014 by darryl82 (40 points)
0 votes
1 answer
Cannot login with AAD account

Fresh install, new user. I've connected our local and cloud tenant. I've successfully added a user's cloud account as an admin in properties but when they try to login ... brute force protection and the error is still "The user name or password is incorrect. "

asked Jun 5 by hippodrome (50 points)
0 votes
1 answer