CB Response: SSO fails to login after restart of the Response Server services
Article ID: 285212
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
- After restarting the Response services, SSO login fails with "Unknown User"
- Login with local Admin account works.
- Errors found in enterprise.log:
<err> cb.flask.blueprint_helpers - Unhandled exception from API request: ['http://www.okta.com/ADDRESS'] <warning> cb.auth.auth - User Authentication Activity: User Id=None, Status=403, Ip Address=ADDRESS, Timestamp=TIMESTAMP <warning> cb.flask.blueprints.api_routes_saml - USERNAME authenticated, not found in CB user database and attrs not found to create.
Environment
- CB Response Server: 6.2 and higher
- Okta SSO
Cause
Attr_map.py file updated with misconfigured attributes since the last restart.
Resolution
- Change the configurations within attr_map.py
if "lastname" in key: should become if "last_name" in key:
- Configure any custom scripts required to complete the integration.
Additional Information
- Settings will vary depending on what SSO provider is used.
- Use of custom scripts is not supported within Support. Use of Professional Services may be required.
Feedback
Yes
No
Powered by
