Environment
NetIQ Access Manager 4.0 Identity Server
Federation to Office365 with ws-fed
Federation to Office365 with ws-fed
Situation
Office 365 is setup to Federate with NAM Identity server using ws-federation protocols. Powershell settings all point to the NAM setup and are applied successfully. When a user accesses the https://login.microsoftonline.com/ and enter their email addresses, the redirect to the NAM Identity (IDP) Server is performed as expected. After users sign in to the NAM IDP server, instead of being redirected to the portal to view their page, they are presented with the error:
"Sorry, but we're having trouble signing you in" or shown a
"80043431" error
This is returned by Office 365 when consuming the claim sent by NAM.
"Sorry, but we're having trouble signing you in" or shown a
"80043431" error
This is returned by Office 365 when consuming the claim sent by NAM.
Resolution
Make sure that the powershell uri parameter for NAM includes a trailing slash. The setup was changed from
$uri = "https://$idp/nidp/wsfed"
to
$uri = "https://$idp/nidp/wsfed/"
and users were able to SSO succesfully.
$uri = "https://$idp/nidp/wsfed"
to
$uri = "https://$idp/nidp/wsfed/"
and users were able to SSO succesfully.