Skip to main content
NetApp Stage KB

Configuration of SAML authentication fails with ‘invalid host’ error

Views:
Visibility:
Public
Votes:
0
Category:
ontap-system-manager
Specialty:
OM
Last Updated:

Applies to

  • ONTAP System Manager 9.3 and later
  • Security Assertion Markup Language (SAML)

Issue

When configuring SAML authentication and adding the 'host system' with the cluster short name, the following error occurs:

Web UI error:
Invalid host specified for parameter -sp-host. Specify an address or fully qualified domain name that corresponds to a LIF with role cluster_mgmt.

cluster sysmgr.log
00000030.0000e4ff 072b772e Mon Nov 16 2020 17:15:26 -05:00 [kern_sysmgr:info:11804] 10.x.x.x|admin|UsageRecord :ocsm.mfa.idp.configure.request accessed
00000030.0000e50a 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:info:11804] 10.x.x.x|admin|INFO|1605564067879|Mon Nov 16 2020,17:14:49.533||[MFA]Configuring MFA IdP...
00000030.0000e50b 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:info:11804] 10.x.x.x|admin|INFO|1605564067879|Mon Nov 16 2020,17:14:49.534||[security-saml-sp-create-async]API request start: security-saml-sp-create-async
00000030.0000e50c 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:info:11804] 10.x.x.x|admin|INFO|1605564067879|Mon Nov 16 2020,17:14:49.596||[security-saml-sp-create-async]API response received: security-saml-sp-create-async
00000030.0000e50d 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:error:11804] 10.x.x.x|admin|ERROR|1605564067879|Mon Nov 16 2020,17:14:49.597||[security-saml-sp-create-async]security-saml-sp-create-async failed: Invalid host specified for parameter "-sp-host". Specify an address or fully qualified domain name that corresponds to a LIF with role "cluster_mgmt". (13001)
00000030.0000e50e 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:error:11804] 10.x.x.x|admin|ERROR|1605564067879|Mon Nov 16 2020,17:14:49.597||UsageRecord :ocsm.mfa.visit accessed
00000030.0000e50f 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:info:11804] 10.x.x.x|admin|INFO|1605564067879|Mon Nov 16 2020,17:14:49.598||[security-saml-sp-get]API request start: security-saml-sp-get
00000030.0000e510 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:error:11804] 10.x.x.x|admin|ERROR|1605564067879|Mon Nov 16 2020,17:14:49.597||UsageRecord :ocsm.mfa.configure.failure accessed
00000030.0000e511 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:info:11804] 10.x.x.x|admin|INFO|1605564067879|Mon Nov 16 2020,17:14:49.617||[security-saml-sp-get]API response received: security-saml-sp-get
00000030.0000e512 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:error:11804] 10.x.x.x|admin|ERROR|1605564067879|Mon Nov 16 2020,17:14:49.618||[security-saml-sp-get]security-saml-sp-get failed: entry doesn't exist (15661)
00000030.0000e514 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:error:11804] 10.x.x.x|admin|ERROR|1605564067879|Mon Nov 16 2020,17:14:49.618||[MFA]Failed to get MFA details.
00000030.0000e515 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:error:11804] 10.x.x.x|admin|ERROR|1605564067879|Mon Nov 16 2020,17:14:49.597||UsageRecord :ocsm.mfa.IdPnotconfigured accessed
00000030.0000e516 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:info:11804] 10.x.x.x|admin|INFO|1605564067879|Mon Nov 16 2020,17:14:49.618||[MFA]MFA  is not configured
00000030.0000e517 072b772e Mon Nov 16 2020 17:15:27 -05:00 [kern_sysmgr:error:11804] 10.x.x.x|admin|ERROR|160
Cluster mgwd.log
00000030.0000e502 072b772e Mon Nov 16 2020 17:15:26 -05:00 [kern_mgwd:info:2311] 0x81f078e00: 8503e80000000029: ERR: saml_ui: get_lif_role:src/saml/saml_ui.cc:227 Failed to get a lif; Error entry doesn't exist.

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.
3beedc47-de66-4b1f-a555-67872f00e4dd