Attempting to setup UPN authentication instead of SAM. When we hit the Store Front, we get "cannot complete your request".

Attempting to setup UPN authentication instead of SAM. When we hit the Store Front, we get "cannot complete your request".

book

Article ID: CTX222823

calendar_today

Updated On:

Description

Attempting to setup UPN authentication instead of SAM. When we hit the StoreFront, we get  "cannot complete your request".
From inside the network, when accessing the storefront portal directly, able to log in with UPN.
Issue appears to be the way the NetScaler is handing the authentication token to StoreFront.

Resolution

Attempting to setup UPN authentication instead of SAM. When we hit the Store Front, we get  "cannot complete your request", as it was throwing "cannot complete your request" on the SF page.

With SamAccountName, it worked.
  1. Direct access to the SF server with UPN worked. 
  2. In StoreFront Console, right-click  the Store, and click Manage Authentication Methods.
  3. On the right, click the gear icon, and then click Configure Trusted Domains.
  4. In the Trusted domains box, select Any domain.
  5. Or add your domains in DNS format. The advantage of entering domain names is that you can select a default domain if internal users forget to enter a domain name during login. The DNS format is required for UPN logins (e.g. SSO from NetScaler Gateway).
  6. Make sure that we removed the SSO domain from Session Profile and leave it blank when Store Front was configured with multiple domain.

 

Problem Cause

Configuration
Powered by Wolken Software