ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unable to login to CloudSOC resulting from CMP domain mapping conflict

book

Article ID: 238200

calendar_today

Updated On:

Products

CASB Security Advanced

Issue/Introduction

An error is returned upon attempting to log in to CloudSOC. This immediately began to occur upon adding secondary domains in Cloud Management Portal (CMP). 

The customer is SSO integrated yet even upon removing SSO integration from Backend, the error below continues to appear.

"You cannot perform single sign on with this user account as it is activated in another account in Symantec CloudSOC"

Cause

In short- domain mapping in the backend encountered an exception during Secondary domain maintenance via CMP.

 

Below is a summary of events in the order that occurred for an affected customer:

• A demo tenant had been created at one point for the customer with the same primary domain as their current (actively used) tenant. 

• Although, two tenants in the same region (America's vs EU, etc.) can have the same domain, issues can arise if a user is activated more than one tenant.

• The error continued to appear even after the removal of SSO integration via the backend portal. 

• The error (above) no longer appeared after the deletion of the old demo tenant yet the user is still unable to log in (when signing in with user credentials as opposed to SSO as this had been removed).

• The error now indicated an issue with 'Invalid credentials'.

 

• Even upon resetting the user's password as well as their 'unlock' status from the backend, all users encountered the same error.

 

 

Resolution

Open a Support ticket so Engineering can be engaged to correct domain mapping for the affected tenant. 

 

Attachments