Skip to main content
All CollectionsKnowledge BaseEnterprise WorkloadsTroubleshooting - Enterprise Workloads
Login fails with SSO after timeout from Druva console with ADFS as IdP
Login fails with SSO after timeout from Druva console with ADFS as IdP
Updated over 9 months ago

This article applies to:

  • Product edition: Phoenix

Problem description

Phoenix administrator fails to login to the Phoenix Management Console using SSO credentials with ADFS as IdP when the console session is timed out due to inactivity. The admin has to wait for some time to login again from the SSO page of the organization.

Cause

ADFS has a property called “TokenLifetime” of relying party object on the ADFS server. Default value of “TokenLifetime” in ADFS is 480 min. If the admin changes the TokenLifetime value to 0 (zero) while configuring ADFS, this issue may occur.

Resolution

❗ Important

This resolution works for ADFS on Windows 2012, steps may vary for the other versions of Windows Servers.

  1. Run PowerShell as an administrator.

  2. Add ADFS snap-in to Windows PowerShell session.

    PS > Add-PSSnapin Microsoft.Adfs.PowerShell

  3. Check the values set by for the relying party object.

    PS > Get-ADFSRelyingPartyTrust -Name "relying_party"

  4. Set the “TokenLifetime” to default.

    PS > Set-ADFSRelyingPartyTrust -Targetname "relying_party" -TokenLifetime 480

Related Articles
How to Configure ADFS 2.0 with Phoenix
How to Configure ADFS 3.0 with Phoenix
How to install and configure ADFS 2.0 with inSync Cloud
How to install and configure ADFS on Windows Server 2016 with DCP
How to configure SSO for inSync users using ADFS as IdP
Did this answer your question?