Issue:
We're running a Web Agent, and when user try to login with Windows
Authentication, the Web Agent returns error 500 to the browser :
https://mymachine.mydomain.com/siteminderagent/ntlm/creds.ntc?CHALLENGE=&SMAGENTNAME="[...]
and we can see in the Web Agent traces :
[11/28/2018][07:50:41][20576][104][SmNTC.cpp:227]
[SmNtc::getCredentialsWinNativeAuth][00000000000000000000000039247fa9
-5060-5bfe48d1-0068-03bb186b][*169.112.46.232][][mymachine.mydomain.com][/]
[][LookupAccountSid failed - 5]
How can we solve this ?
Resolution:
You'll solve the issue by checking the following
Check the users in the following configuration :
One thing you must do when: getting http 500.0.1346 error
https://blogs.msdn.microsoft.com/asgoyal/2012/08/25/one-thing-you-must-do-when-getting-http-500-0-1346-error/
run –> secpol.msc –> Local Policies –> User Rights Assignment
Impersonate a client after authentication
and make sure that users are set :
Administrators
IIS AppPool\Net v2.0
IIS_IUSRS
LOCAL_SERVICE
NETWORK_SERVICE
SERVICE
IIS should be allowed to do impersonation at the Windows OS level.
KB : KB000122166