-
Description
When logging in with the Advanced Login GINA the following error is displayed:
"Authentication Error: You are not allowed to register your authentication key pair.
Error code: 0x8200200b" -
Cause
This is due to the user not having privileges to access to their own ESSO attributes.
-
Resolution
RESOLUTION 1:
Re-run the ACL tool included on the installation CD. Select the following option:
"Extend Active Directory Schema"
Continue through to the "Enable the use of software" section.
Ensure that the OU in which the user resides (or a parent container), has been ticked and applied.
RESOLUTION 2:
Certain groups can be excluded from ESSO Advanced Logon authentication. This option will disable all ESSO ability for the user however:
1. Create a new group in AD called "No-SSO"
2. Open the ESSO console.
3. Edit the access point profile that applies to the user workstations.
4. Click the "Advanced Login" tab, and select the "Excluded Accounts" tab.
5. Add the "No-SSO" group into this list.
Comments
0 comments
Please sign in to leave a comment.