Identity federation standards identify two operational roles in an SSO transaction: the identity provider (IdP) and the service provider (SP).
An IdP, for example, might be an enterprise that manages accounts for a large number of users who may need secure access to the Web-based applications or services of customers, suppliers, and business partners.
An SP might be a SaaS provider or a business-process outsourcing (BPO) vendor wanting to simplify client access to its services.
Identity federation allows both types of organizations to define a trust relationship whereby the SP provides access to users from the IdP. The IdP continues to manage its users, and the SP trusts the IdP to authenticate them. Thanks, Aditya
Offen this kind of setup needed especially when deploying ping access internally and token provider such as Ping federation/Aure AD in the cloud.
In this kind of set up, secure internet access needed from Ping Access needed in order to register the token provider.
First, register the internet proxy IP and port number (provide credentials if proxy need authentication) in the Ping Access Administration console settings >> networking >> proxies
Next, Add created proxy instance to Administration/replica Administration nodes and all the engine nodes(If in the multinode cluster setup) else if in a standalone setup adding in Primary Administration node is good enough.
Error:-The AccessGate is unable to contact any Access Servers."#011raw_code^301#011
Version:-OAM 22.214.171.124 and later Work Around:-
1.Go into oamconsole and modify the webagte profile ( may be decrease the Cache Timeout by a second )for the first agent and save it. 2.Download webagte artifacts 3.Copy the artifacts from the the oam server directory to appropriate directories for the correct webgate. 4.Restart the webserver instance on which webgate is running.
Issue:-At times you may notice that one or more Web sites are not started in IIS 7.0. If you try to manually start the Web site, it may fail with the following error message:
Internet Information Services (IIS) Manager - The process cannot access the file because it is being used by another process. (Exception from HRESULT: 0x80070020)
Environment:-Windows 2012R2 server
Error Cause:-The error code 0x80070020 translates to ERROR_SHARING_VIOLATION (The process cannot access the file because it is being used by another process.)
This issue may occur if TCP port 80 and/or 443 is grabbed by a different service.
Solution:-First check to see what is listening on port 80. Open a command prompt and enter the following command:
netstat -ano | find ":80" netstat -aon | find ":443" In this case process ID 4228 was listening on port 80. To check what this process is open task manager and locate that PID. (Note you may need to select View -> Select columns -> PID first).
1.It turns out a developer installed Apache which was listening on port 80 and causing a conflict.To resolve the conflict change one service to run on a different port or uninstall the unnecessary web server. 2.In Task bar we can select httpd.exe running on port 80 and end process
Now you can start and stop IIS website. Thanks, Aditya.