"Sorry, but we're having trouble signing you in" and "80043431" errors when a NAM authenticated user tries to sign in to Office 365

  • 7014712
  • 07-Mar-2014
  • 07-Mar-2014

Environment

NetIQ Access Manager 4.0 Identity Server
Federation to Office365 with ws-fed

Situation

Office 365 is setup to Federate with NAM Identity server using ws-federation protocols. Powershell settings all point to the NAM setup and are applied successfully. When a user accesses the https://login.microsoftonline.com/ and enter their email addresses, the redirect to the NAM Identity (IDP) Server is performed as expected. After users sign in to the NAM IDP server, instead of being redirected to the portal to view their page, they are presented with the error:

"Sorry, but we're having trouble signing you in" or shown a
"80043431" error

This is returned by Office 365 when consuming the claim sent by NAM.

Resolution

Make sure that the powershell uri parameter for NAM includes a trailing slash. The setup was changed from

$uri = "https://$idp/nidp/wsfed"


to

$uri = "https://$idp/nidp/wsfed/"


and users were able to SSO succesfully.