Skip to main content
Question

ADFS and JAMF Pro issue

  • October 25, 2021
  • 4 replies
  • 32 views
O
Forum|alt.badge.img+3

Hi everyone,

Hope you can help. We have configured JAMF Pro Single Sign On with ADFS which was working well and last time it works was on Oct 6th. Around 2 weeks later when I logged on to JAMF the SSO is not working even though we haven't made any changes on the JAMF as well as ADFS end.

This is the error message we received "An error occurred while processing your Single Sign-On request. Contact your administrator for assistance."

On checking the log, this is what I found :

Response issue time is either too old or with date in the future, skew 60, time 2021-10-25T03:49:37.476Z
2021-10-25 03:51:09,704 [ERROR] [lina-exec-2] [henticationFailureHandler] - Error validating SAML message
org.springframework.security.authentication.AuthenticationServiceException: Error validating SAML message

 

Anyone knows what that means?

Thanks!

    4 replies

    B
    Forum|alt.badge.img+11
    • bollman
    • Contributor
    • October 25, 2021

    I'd say it sounds like there's too big discrepancy in time between the 2 servers.

    Could there be different time zones set which led to DST ending too soon on one?

    U
    Forum|alt.badge.img+1

    Jamf Pro Log: authentication.AuthenticationServiceException (Spring Security). "Error validating SAML message". Signing certificate is invalid.

     

    walgreenslistens

    O
    Forum|alt.badge.img+3
    • orygen
    • Author
    • New Contributor
    • October 26, 2021

    I'd say it sounds like there's too big discrepancy in time between the 2 servers.

    Could there be different time zones set which led to DST ending too soon on one?


    I've checked the time, the ADFS server has the correct time and the time setting on the JAMF cloud is on the correct time zone.

    O
    Forum|alt.badge.img+3
    • orygen
    • Author
    • New Contributor
    • October 26, 2021

    Jamf Pro Log: authentication.AuthenticationServiceException (Spring Security). "Error validating SAML message". Signing certificate is invalid.

     

    walgreenslistens


    Thanks. Our signing certificate actually is still valid and works with other Service Provider.

    Terms & ConditionsCookie settingsAccessibility statement