You’re offline. This is a read only version of the page.
15
Adam Pfau this might be in your area of expertise
We are trying to setup a MS CRM portal for external ADFS auth, We have done the config, its takes you to the ADFS login page, where the login does occur, however once it redirects back to the portal we are presented with "Unable to authenticate with the external account provider".
How do we go about troubleshooting this?
so basically, this call back is handled by some end point on the portal, which means, if something is wrong in handling that call back, the portal should "theoretically" through an error in the log which you don't have handy now.
Now, in the mean time,while waiting on enabling the log for the portal, spin off a dummy ASP.NET application (the same portal technology) and try to implement the authentication with the same values you used for the portal on that application. You should find plenty of articles on how to do that online. I'm pretty sure you will face the same issue (unless the portal itself has a bug) and you can debug the code and know the problem.
We do see the call back initiated from ADFS, no errors or anything like that immediately screams a problem. If we had what a proper call back would look like we could do a compare
Wondering if the network tab in chrome dev tools shows anything weird when the call back happens?
OK we will look into doing that, will need to get auth from their IT department for the blob storage so that might take some time. Is there anything we can check on the dev tools side in the browser, or some items in the config we can double check in the meantime?
Its entirely possible we have missed something on our side so any reference material would also be welcome so we can double check we have done our end correctly.
If a setting is not configured correctly on the portal then enabling portal error log may help as well.
It's on prem ADFS, which unfortunately we dont have direct access to. However its been reported to us that there are no errors on that side. We can also see the passback from the ADFS server hitting the portal after the login.
There is clearly something mis configured somewhere so we are trying to troubleshoot somewhat blind at the moment. Would enabling portal logging assist at all, or would all the errors only be on the ADFS side?
Hi,
Are you using Azure AD Connect ? I assume it has an event log that you can trace?
Stay up to date on forum activity by subscribing. You can also customize your in-app and email Notification settings across all subscriptions.
#1
André Arnaud de Cal...
291,253
Super User 2024 Season 2
#2
Martin Dráb
230,188
Most Valuable Professional
#3
nmaenpaa
101,156
Share
Report
All responses (
Answers (