Access Manager Intersite Transfer URL fails after upgrading to SP3

  • 7007903
  • 15-Feb-2011
  • 26-Apr-2012


Novell Access Manager 3.1 Linux Novell Identity Server
Novell Access Manager 3.1 Windows Novell Identity Server


Access Manager SAML Identity (IDP) server setup (version 1 or 2) with an Intersite Transfer URL configuration pointing to the SAML Service Provider (SP). An ID and Target are specified in the Intersite transfer URL configuration. The option to 'allow any target' is disabled.

WHen the user hits this intersite transfer URL with a pre 3.1 SP3 build of Access Manager, the user is prompted to authenticate at the IDP server and when successful, an assertion is sent over to the SP for single sign on. After applying Access Manager 3.1 SP3, the user user gets an "Untrusted provider" error message immediately after submitting credentials.


Download and run the script on Linux primary Administration Console or ConfigUpgrade.bat script on Windows primary Administration Console. After running the appropriate ConfigUpgrade script, the administrator must login to the Administration Console and apply the changed configuration on the Identity Server devices that are upgraded to 3.1 SP3.

On upgrading to 3.1 SP3, by default, the default intersite transfer URL parameters were changed due to the SP Bockering functionality. This issue will be fixed in 3.1 SP3 IR1.