We have intergrated Pulse Connect Secure with Azure AD as per:
However, we seem to be having an issue when a user logins into there Windows 10 device using Windows Hello for Business (WHfB). When authenticating the user will get the following error message:
Sorry, but we’re having trouble with signing you in.
We have added X509 in the Authn Context Classes but the error remains.
Comparision Method for Authentication Classes is set to 'Exact'.
Can anyone please advise?
Solved! Go to Solution.
Managed to get this working!
We have to select only x509 as the only accepted for Authentication Class. Windows 10 authentication using either username+password or WHfB would work.
But to answer you question incase anyone else needs future help:
1) Yes - Username+Password login to Windows 10 device would work. This would SSO correctly as the per the Pulse document guide.
2) Same as above
3) Error/authentication on the PCS log:
Info SML31067 2019-05-13 18:49:39 - ive - [127.0.0.1] Default Network:ystem() - SAML AuthnRequest generation succeeded for SigninUrl:'https://URL', SSO Service URL: 'https://login.microsoftonline.com/xxx/saml2'
On the Azure side, barring the error message above, the log would say:
Error code: 75011
Authentication method by which the user authenticated with the service doesn't match requested authentication method. Contact the app owner.