Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BP 7.1 Authentication server, login via Active Directory doesn't work.

AbhishekKumar1
Level 5

‎25-07-22 10:40 AM

I have configured AD authentication in HUB also I have added AD user as well in the users section and given the right permission in HUB. However when I try to login to HUB via option Login using active directory, it doesn't work. It keeps on asking the pop up for entering the credentials, even if I write correct credential it again pops up. I have tried many possibilities but no luck.

I have setup right permission in IIS also kept windows authentication as enabled. But it keeps on asking the credential. Can someone assist here, I have tried all possibilities which I could.

------------------------------
Abhishek Kumar
------------------------------
0 Likes
7 REPLIES 7

hossein.azimi
Staff
Staff

‎27-07-22 12:48 AM

Hello Abhishek

Thank you for contacting the Blue Prism community.

It appears that there is a configuration problem. To learn more about this, I advise taking the following actions to review the logs and learn more about what's happening in the background.

From the Blue Prism knowledge website:

The product logs for each component of Hub and Interact can be found within the 'C:\Program Files (x86)\Blue Prism' directory on the web server.
The logs for each component are stored separately within directories which follow the format of 'C:\Program Files (x86)\Blue Prism\%componentname%\Logs_%componentname%'.
It can be quite difficult to search through each of these directories without a prior understanding of which component is at fault (which isn't always possible).
One solution is to navigate to the 'C:\Program Files (x86)\Blue Prism' directory within Windows Explorer, and do a search for '*.log', as seen here:

26767.png

You will also want to make sure the view of these results are set to 'Details', and that the search results are ordered by 'Date Modified', as seen below:
 
26768.png
When you are ready, reproduce the error you are seeing (for example by refreshing the relevant page of Hub). Once it appears, refresh the search results and you should see the most recently updated log files.
In our example, there are two files which fit this, related to the SignalR component:
 
26769.png
On this occasion, the log does not contain anything which helps us investigate further - although these logs can often be very useful.



Online help for your reference:
https://bpdocs.blueprism.com/hub-interact/4-6/en-us/hub/ug-hub-authentication.htm?tocpath=Hub%7CHub%7CHub%20administration%20and%20configuration%7CSettings%7C_____10


------------------------------
Hossein Azimi
Customer Support Engineer, APAC
Blue Prism
Sydney NSW
------------------------------
0 Likes

diane.sanzone
Level 7

‎27-07-22 02:00 PM

Hi Abhishek,

We had a similar issue after upgrading to 7.1.  We were able to resolve this by going into the configuration for the connection (on the runtime resource/client PC) and checking off the "force NTLM" checkbox.  We saved that and then BP gave us the "Sign in using Active Directory" button and it worked correctly.

Hope this helps!

------------------------------
Diane Sanzone
------------------------------
0 Likes

AbhishekKumar1
Level 5
In response to diane.sanzone

‎27-07-22 02:44 PM

I have tried that option too, but didn't work.

I am not even able to login to hub using AD, credential works fine. I feel somewhere I am missing something because I have checked logs nothing is registered there. SPN configured as per the BP manual and all accesses as well looks fine.

Even after giving credential pop ups keep on coming and no error is coming like authentication or authorization failed. I am not able to figure it our where is the gap.

I have tried disabling anonymous authentication from IIS but then I can't reach to authentication server and when I enable anonymous authentication, I can reach but then not able to login via AD account.

Can someone tell what additional setting is required on the application server to get this AD authentication works on the HUB web server. Because Blueprism AD authentication on application works fine without any issue, its the only the HUB web server.



------------------------------
Abhishek Kumar
------------------------------

0 Likes

AbhishekKumar1
Level 5

‎23-08-22 01:27 PM

Hi,

I have managed to solve it by configuring SPN.

Thanks & regards,
Abhishek

------------------------------
Abhishek Kumar
------------------------------
0 Likes

KevinStrimer
Level 2
In response to AbhishekKumar1

‎21-09-22 11:58 AM

Hi,

How did you solve it?

Our problem is that "Sign in using Active Directory" button doesn't appear when we start Blue Prism on our Client PC, but when we start Blue Prism with the same account but on out Application Server the button is visable and there is no problem to login.

So I might think that your solution with configuring SPN might work for us to. 

------------------------------
Kevin Strimer
------------------------------
0 Likes

AndrzejSilarow2
Level 2
In response to AbhishekKumar1

‎20-10-22 01:36 PM

Hi Abhishek,

Do you mean that you had to get the SPN registered for the user assigned to the Identity Pool ?
If so, can you explain the steps you took to get it done pls?
I am having the same issue, but struggling to see why should this be done, as it seems very far-fetched to have to have a domain admin involved in configuring AD SSO for HUB...

FYI... the error returned in the Authentication server logs is below:

[2022-10-20 04:15:03.688] 73060b0217b544cea206dfd9401f2fc0 no_context Microsoft.EntityFrameworkCore.Database.Command - Failed executing DbCommand (810ms) [Parameters=[@__distinguishedDomainName_0='?' (Size = 255)], CommandType='Text', CommandTimeout='30'] =>>SELECT TOP(1) [a].[Id], [a].[DistinguishedName], [a].[Password], [a].[Username] =>>FROM [ActiveDirectoryDomain] AS [a] =>>WHERE LOWER([a].[DistinguishedName]) = @__distinguishedDomainName_0

[2022-10-20 04:15:03.711] 73060b0217b544cea206dfd9401f2fc0 no_context Microsoft.EntityFrameworkCore.Query - An exception occurred while iterating over the results of a query for context type 'ImsServer.DataAccess.ImsContext'. =>>System.InvalidOperationException: Invalid operation. The connection is closed. =>> at Microsoft.Data.SqlClient.SqlCommand.<>c.<ExecuteDbDataReaderAsync>b__164_0(Task`1 result) =>> at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke() =>> at System.Threading.Tasks.Task.<>c.<.cctor>b__274_0(Object obj) =>> at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state) =>>--- End of stack trace from previous location where exception was thrown --- =>> at (...)

------------------------------
Andrzej Silarow
------------------------------
0 Likes

AbhishekKumar1
Level 5
In response to AndrzejSilarow2

‎01-11-22 08:45 AM

Hi Andrzej,

Are you still facing the issue?

Regards,

------------------------------
Abhishek Kumar
------------------------------
0 Likes