Troubleshooting

Single Sign-On for a Box user can fail due to configuration issues on Ivanti Connect Secure, Box Service Provider, Pulse Mobile Client or Pulse Workspace.

To troubleshoot issues with Single Sign-On:

1.On ICS, under Maintenance > Troubleshooting , enable the event codes – “saml, auth” at level “50” and collect debug logs. Enable Policy Tracing and capture the Policy traces for the specific user.

2.Check System > Log/Monitoring > User Access > Log for SAML AuthNRequest and Response for the specific user. Verify if Subject Name is proper in the SAML Response.

3.Log in to Salesforce Domain. Navigate to Security Controls > Single Sign-On Settings.

1. Click SAML Assertion Validator.
2. Select sso and click Validate.
3. Check Results and fix if any issues reported.
4. If any issue related to timestamp is reported, verify that the time zone configured on Ivanti Connect Secure and Salesforce SP is in sync. Configuring NTP Server on Ivanti Connect Secure can also resolve this issue.
5. On mobile device, open Pulse Client and Send Logs to your administrator.