Azure SSO Issues Sign in Redirect Just says TRUE

TechWR
Just browsing

Azure SSO Issues Sign in Redirect Just says TRUE

My Company Impletemented Azure SSO Login:

 

When I login with my account the redirect process then Just lands on the Meraki page with a dialog that says "TRUE" and never goes to the dashboard.

 

Is there anything I should ask my admin to Test from the Azure Dashboard? I saw similar threads on this forum but not sure how to solve my problem. My Coworkers can login but some also have some issues with certain org site access. 

 

Does anyone have any suggestionstrue.png

 

Here is the output from SAML that I gathered use SAML add on for Chome:

 

https://raw.githubusercontent.com/WRR3Git/Test/main/Meraki%20SSO%20SAML%20Output%20Errors

 

I saw another thread saying the user solved the problem by making sure his manual login is different than his SAML login?

 

https://community.meraki.com/t5/Dashboard-Administration/Meraki-Single-Sign-On-SSO-integration-with-...

 

The only thing I can think of is I may have been delegated as a user on a different dashboard in the past for an equipment takeover of Toast POS Meraki device. How can I delete my manual login user from Meraki if that is the issue as well?

 

Any Help is Appreciated 

 

Thanks

3 REPLIES 3
MyHomeNWLab
Building a reputation

If the user already exists as a Non-SAML User in Meraki Dashboard, "true" will be displayed.

You should first check the SSO log.
Go to "Organization > Administrators" and display "SAML Login History".

 

For example, the log will appear as follows

 

Found existing non-SAML user with email USERNAME@domain.test

MyHomeNWLab
Building a reputation

Just FYI, if a Guest User exists in the Client VPN, the following error occurs.


> The server encountered an SSO error. Please contact your network administrator for assistance.
>
> For reference, your login was at Oct 02 06:55:55 UTC from #.#.#.#.

 

Please consider this specification as well when implementing SSO.

 

The relevant menu item is "User Management" section from "Security & SD-WAN > Client VPN".

Building on @MyHomeNWLab's answer, for this reason I always get the SAML Idp to present something like sAMAccountName instead of the email address as the username.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.