Hi all, I have configured SSO according to: /ifsdoc/f1doc/foundation1/040_administration/210_security/015_authentication/030_configure_ADFS/default.htm /ifsdoc/f1doc/foundation1/040_administration/210_security/010_users/100_active_directory_sync/default.htm /ifsdoc/f1doc/foundation1/040_administration/210_security/015_authentication/060_SSO_behaviour/default.htm ...and also configured ADFS on Windows 2016 (successfully logging on using Chrome, IE11 and Edge). But when I try to log on using SSO, I see error “Object reference not set to an instance of an object”. Full error details are: Ifs.Fnd.FndSystemException: Unexpected error while calling server method AccessPlsql/Invoke at Ifs.Fnd.AccessProvider.FndConnection.InvokeInternal(Object requestBody, Object responseBody, String intface, String operation, FndRequestContext requestContext, FndManualDecisionCollection decisions, Boolean forcedSync, Boolean integrationGateway) at Ifs.Fnd.AccessProvider.FndConnection.InvokeInternal(String intface, String operation, Object requestBody, Object responseBody, FndRequestContext requestContext, Boolean forcedSync, Boolean integrationGateway) at Ifs.Fnd.AccessProvider.PLSQL.FndPLSQLCommandCollection.Invoke() at Ifs.Fnd.AccessProvider.PLSQL.FndPLSQLCommand.ExecuteNonQuery() at Ifs.Fnd.AccessProvider.PLSQL.FndPLSQLSelectCommand.ExecuteReader(String recordType, Int32 fetchsize) at Ifs.Fnd.AccessProvider.PLSQL.FndPLSQLSelectCommand.ExecuteReader() at Ifs.Fnd.AccessProvider.Interactive.FndLoginDialog.checkLanguage(FndLoginCredentials loginCreds) at Ifs.Fnd.AccessProvider.Interactive.FndLoginDialog.AuthenticateCredentials(FndLoginCredentials loginCreds) ---> System.NullReferenceException: Object reference not set to an instance of an object. at Ifs.Fnd.AccessProvider.FndConnection.CallGetResponse(String intface, String operation, FndRequestContext requestContext, FndManualDecisionCollection decisions, Byte[] requestHeaderBytes, Byte[] requestBodyBytes, FndApfAsyncInvoke asyncInvokeHandle, Boolean integrationGateway) at Ifs.Fnd.AccessProvider.FndConnection.InvokeGetResponse(String intface, String operation, FndRequestContext requestContext, FndManualDecisionCollection decisions, Byte[] requestHeaderBytes, Byte[] requestBodyBytes, Boolean& abandoned, Boolean forcedSync, Boolean integrationGateway) at Ifs.Fnd.AccessProvider.FndConnection.InvokeInternal(Object requestBody, Object responseBody, String intface, String operation, FndRequestContext requestContext, FndManualDecisionCollection decisions, Boolean forcedSync, Boolean integrationGateway) --- End of inner exception stack trace --- I can’t find any specific instructions as to whether “Database Authentication not allowed” should be checked in Active Directory User Integration Configuration…? What am I missing?? Thanks, Ged.

SSO (Object reference not set to an instance of an object)

Page 1 / 1

Hi Ged

I feel your pain. SSO issues have caused me many headaches over the years. Although mine were with Windows Integrated Authentication rather than LDAP and in Apps v9. I assume you are running v10?

I wonder if the object reference is referring to an Active Directory object? or an IFS object/User?

Are you able to login by explicitly typing in the Domain username and password? and does this work?

Hope someone can shed some light on this for you.

Best regards

Mike

Thanks @MikeArbon. Yes, apologies, IFS 10.

I get the same error whether SSO or explicit domain username/password, so it does seem to be a user object issue. But the Directory ID has been updated from &sAMAccountName to &userPrincipalName and synchronisation re-run, updating user Directory ID to user@domain.

There are so many layers to SSO, it really can be a laborious task hunting issues, as often they show the same error (saying that I have not had your error before).

Are you able to login using db credentials? for example as IFSAPP?

Had also some problem as with SSO and IFS10. See SSO Error

But I don´t think above messages is related to my error, but I would suggest that you separate the ADFS login issues and the user create (AD Sync). The later is only to create a user and have nothing to do with SSO. To enable a user to have SSO you need to change the Directory ID to the same as your UPN, have a look in your AD and see what UPN you have set.

successfully logging on using Chrome, IE11 and Edge

What do you referring with the above statement, is it working with Aurena and not EE?

/Karl

Hello,

I am getting the same error with different details

Attached the same.

can some one suggest.

Regards

Pankaj

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded