SSO error

RollGroup
RollGroup Posts: 2
edited April 2023 in TeamViewer Tensor

I have followed the steps for SSO login with detail.

Single Sign-On for Azure Active Directory - TeamViewer Support

However, I get the following error, I would like some feedback what is wrong.

In AAD I have assigned users through user & groups to the enterprise application.

The comment TeamViewer accounts must be created, is also not a step in the tutorial since it should be via SSO.


2023-04-18 11_31_35-.png


Tagged:

Answers

  • JenW
    JenW Posts: 1,179 Senior Moderator

    Hi @RollGroup,

    Congrats on your first post on our Community! 🙌

    We would need a bit more information about your use case.

    First, please check if all the desired users are showing up in the User Management tab in your Management Console.

    Then, can you verify if this user is part of the group added to the SSO configuration? Indeed, he can be in the group set on the provisioning but the SSO activation group may not have his profile in there.

    💡 If this is the case let us know if he can't sign in on both the application and the Management Console.

    Also, is the problem affecting all/several accounts in your company profile?

    Thanks in advance for your reply.

    Best,

    Jen

    Modératrice Communauté Francophone / French Community Moderator

  • RollGroup
    RollGroup Posts: 2

    Hi.

    Thank you for your reply.

    None of the users that are member in the TeamViewer Enterprise Application I've created in Azure or showing up as member in de management console in TeamViewer.

    I have created a group in Azure and added several users. Next, I've added this group to User & Groups to the TeamViewer App in Azure. Also, I have added single users, but same issue. Not a single member of the TeamViewer App in Azure can login to the management console.

    I'm not sure what you mean with:

    Indeed, he can be in the group set on the provisioning but the SSO activation group may not have his profile in there.

    I still can login with the admin account, which isn't setup for SSO.

  • JenW
    JenW Posts: 1,179 Senior Moderator

    Hi @RollGroup,

    Thank you for the additional information.

    As general information, the accounts must be created in TeamViewer either manually or by provisioning. SSO is simply connecting the existing TeamViewer accounts with Identity providers and user directories.

    In fact, if you don't see the users in your Management Console, it can be possible that the user accounts don't exist yet in TeamViewer.

    With SCIM (System for Cross-domain Identity Management), it is possible to synchronize users and AD Groups from Azure AD to TeamViewer.

    We invite you to take a look at our dedicated article: 📄 Azure Active Directory Integration - SCIM Configuration

    Please let us know if you need further assistance,

    Best,

    Jen

    Modératrice Communauté Francophone / French Community Moderator

Trustpilot

Categories

This Week's Leaders