Upgrade from 11.0.273 to 11.1.263 blows up SSO (SAML)

I have a k1000 and it was doing this on the physical box as well but I did convert it to virtual the other day. Backed up, loaded ovf (same version) in vmware, set box back up and restored from the backup.

So the current Version is 11.0.273 and I am trying to upgrade it to  11.1.263. Thankfully its now virtual so I can just do a snapshot and upgrade and roll back if needed.

I tried it twice and both times it blows up the SSO after the upgrade. The settings all look correct for SAML but I get an LDAP error "Login Failed: Incorrect LDAP user name or password."

Anyone else experience the same? Any workaround?

0 Comments   [ + ] Show comments

Answers (1)

Posted by: barchetta 8 months ago
2nd Degree Black Belt

All you should have to do is login with a local account (highly suggest you keep one in your back pocket) and then go to saml and re-import your IdP metadata.  You can get this from wherever you are doing your SAML app reg from. In the new version because of all the SAML token expirations, it will auto load this monthly.  

Question: regarding your snapshot.. is this in Azure? Are you shutting down KACE SMA before you take the snap or while running?  Ive not restored from a snap yet (no need) but the docs say in azure anyway that it can cause corruption if instance is running. Im assuming this corruption is only on the snap itself and not the running instance.  Was thinking about scheduling a snap in azure for quick restores in an emergency.  I realize the state could be an issue but I think it is unlikely especially if you schedule early in the morning when no users are doing anything and there are no tasks running.

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ