Problem
When an existing user changes their firstname, surname or Email Address. You may find that they can no longer log into CloudBolt using SSO.
Cause
When you have SSO Configured you will have potentially set the required attributes to:
Email
First Name
Last Name
If a user changes one of these attributes in your Idp it may fail as it can no longer match the 3 required attributes to the existing account.
Affected Versions
All versions
Workaround
Overview
There are potentially two (2) work arounds. The first is to remove the common required attributes that users usually change ie; Last Name. The second is to amend the user account inside cloudbolt.
Changing Required Attributes
Once logged into CloudBolt as an Admin, Browse to Admin (1) → Security (2) → Single Sign-On (SSO) (3)
Select the SSO configuration you wish to update by clicking on the name
Click on Edit
Scroll down to Required Attributes . If you see the attributes you want to not have as part of your requirements, simply click the X next to it.
Click on Save
Have the user who has changed the corresponding attribute try to log in again
Once the user has updated their information, please go back and reverse your changes as required.
Change the User information
Log in as an admin and click on Admin (1) → Security (2) → Users (3)
Locate the user you wish to update the login details for and click on the name
Click on Manager Profile
Change the attribute that has been updated (This is usually surname or firstname)
Click on Save
The update will show on the users screen
Have the user try to log into Cloudbolt.
Additional information
CloudBolt single sign-on : https://docs.cloudbolt.io/articles/#!cloudbolt-latest-docs/single-sign-on-sso
0 Comments