Solved

WADACO Login Issue for a Single User

  • 8 April 2021
  • 8 replies
  • 492 views

Userlevel 4
Badge +6

I’m currently working on a case that a particular user is unable to log on to WaDaCo via a Windows handheld scanner and he is getting an error says that "Username and/or Password Wrong". This customer is on IFS APP10 UPD9 and this user is able to access WaDaCo process through IEE client by using same Username/Password.

 

As per the customer, different users can also access to WaDaCo through that device. They have set SSO and ADFS authentication for logon hence, they are trying to access with the domain (USER@DOMAIN.COM).

 

 

 

 

Have you ever experienced such issue before? I really appreciate it if someone can provide me the inside and how that could happen?

icon

Best answer by Harsha Siriwardhana 15 April 2021, 07:07

View original

This topic has been closed for comments

8 replies

Userlevel 6
Badge +15

Have you checked if this device is supported by the relevant UPD (Incase if this is a APP10 issue)?
Also check if the WADACO  is configured in the device.

Please see below information that I have extracted from a documentation.

For windows devices that use Windows Mobile 6.5.

Windows Mobile client login to the IFS Application using the SOAP gateway. This gateway uses Basic authentication. In order to facilitate Basic authentication when AzureAD is used as the identity provider you need to enable Domain services in the AzureAD. This makes it possible for the Azure Active Directory to be exposed as an LDAPS server. Even though windows mobile 6.5 works with the Azure AD for authentication, as Windows Mobile being an old platform without any support from Microsoft, It's not recommend to use Azure AD against Window Mobile as it occurs performance issues for few customers.”

The Windows Mobile client is developed for handhelds running Windows Mobile 6.5 / Windows Embedded Handheld 6.5. The client will however also work on devices running older versions of Windows Mobile and also Windows CE (Windows CE 7.0 and earlier), provided .Net CF 3.5 is installed and supported by the device/OS. Using the client on any device but the ones listed below needs to be verified by the project/customer and the above support restrictions needs to be considered. Note that using the camera (e.g. to take photos in the Register Arrivals process) is not supported by Windows CE 7.0 

Steps T to configure the device:
1.    Install .NET CF 3.5 on device
2.    Install WADACO cab file on device
3.    Install Apps 10 SSL Certificate on device
4.    Configure VPN connection on device
5.    Create user WADACODEMO
6.    Assign Permission Sets to WADACODEMO (FND_ADMIN, FND_CONNECT, IFSAPP_FULL, WADACO_MOBILE_USER)
7.    Set destination for WADACO on device
8.    Attempt to login (Receive error message “Username and/or password is wrong.”
 

Please check if this information is relevant to your scenario.

Userlevel 5
Badge +10

@James Ashmore Is this something that you can help?

Userlevel 6
Badge +16

Unfortunately not. This is the Windows Mobile solution that I don’t have any knowledge of. @Anna Hagström can you help or do you know somebody in Supply Chain that can assist here?

 

Cheers


James

Userlevel 3
Badge +4

Hi,

Some additional questions:

  • Has this user been able to log on using the mobile device previously?
  • Does this user have the same permissions as the users that can log in? (Especially WADACO_MOBILE_USER)

KRgds, Anna

Userlevel 4
Badge +6

Hi @Anna Hagström,

To answer your questions…

  • Has this user been able to log on using the mobile device previously? Yes, this user has accessed before without any issue.
  • Does this user have the same permissions as the users that can log in? (Especially WADACO_MOBILE_USER) Yes, WADACO_MOBILE_USER permission has granted to this user.

Let me know if you need more information.

 

Best Regards,

Harsha 

Userlevel 5
Badge +10

Hi @Anna Hagström,

  1. The customer has ADFS authentication enabled, some two years back he had performance issues with this setup at a remote server, so the suggestion was to have it in local.
  2. He is using the domain name as in example.user@domain.com to log in, all the users are able to login likewise except this user. The user is able to login to IEE without an issue.
  3. I think @Harsha asked the customer to use his normal username/password to login to the mobile client, which didn’t help either.

    According to this article in share point Windows mobile devices are still using basic authentication. The fact that its only happening for a single user still baffles me.

Userlevel 4
Badge +6

Hi @Anna Hagström,

 

I have revalidate my last reply with the customer and kindly note below correction,

 

Has this user been able to log on using the mobile device previously? this user has been with the Company for some time but he only started to use his SSO account with IFS on the 01/04/21 (the FR Go Live). Other users can log on to this device but as per the customer, this user has never been able to log on to this device successfully.

 

Best regards,

Harsha

Userlevel 4
Badge +6

Hi All,

 

This issue was reviewed by @Togar Siahaan and he did suspect that the user is possibly:

  1. Having different SG membership at local ADFS
  2. Different User Principle Name at local ADFS
  3. Insufficient privilege to access the Apps

 

We have asked the customer to verify this particular user at their on premise ADFS. They have been asked to verify if that user is the member of the correct Security Group at local ADFS as well.

 

(To verify this, you can: Use AD Sync Form, connect to their local ADFS. Then at the table window of registering the Permission Set Mapping, do the browsing to their AD structure. Check if that user really exist under that SG mentioned above.)

 

Customer's infrastructure team has confirmed that Groups, OU and User principal name are ok for IFS. But the only thing they have noticed that in the past somebody has filled in a list of server that the user is allowed to log on to. Then, they have removed the computers and checked the box “The user can log on to all computers”.

 

Finally the customer has confirmed that issue had resolved after making above changes.

 

Thank you all for offering your valuable feedbacks regarding this issue.

 

Best Regards,

Harsha