SharePoint 2013 integration problems and solutions - SSO
This page lists some problems that may occur during the configuration and how to solve them.
SharePoint: Creating SPTrustedIdentityTokenIssuer fails
Symptom:
When executing the command New-SPTrustedIdentityTokenIssuer <attributes> the following error appears:Â
New-SPTrustedIdentityTokenIssuer : Exception of type 'System.ArgumentException' was thrown. Parameter name: newProvider
Solution:
There can be only one SPTrustedIdentityTokenIssuer at a time. Type
Get-SPTrustedIdentityTokenIssuer
in the SharePoint Management Shell to find out if a SPTrustedIdentityTokenIssuer already exists. Either delete the current SPTrustedIdentityTokenIssuer with the command
Remove-SPTrustedIdentityTokenIssuer
or extend the existing one.
SharePoint is not receiving the identifying claim
Symptom:
The authentication with Ubisecure SSO works, but after the final SharePoint redirect the following error message is shown (in SharePoint context):
An unexpected error has occurred. Troubleshoot issues with Microsoft SharePoint Foundation. Correlation ID: xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx
Solution:
SharePoint is not receiving the user-identifying claim. The identifying claim is the one the -IdentifierClaim
attribute specifies.
Office asks for a client certificate
Symptom:
When opening a SharePoint library directly from an Office application the user is asked for a client certificate.
Solution:
The client does not trust the SSL certificate that the SharePoint or AD FS 2.0 provides. Verify that the certificates are signed by a root authority that your client trusts.
Ubisecure SSO displays an error "The requested agent was not found"
Symptom:
The authentication with Ubisecure SSO fails with an error message displayed in red: "The requested agent was not found".
Solution:
The URN must be identical in both the SharePoint installation and the Ubisecure SSO. Please see the first two steps in SharePoint 2013 integration configuration - SSO for further instructions.