Follow

Error: "The system requires windows authentication to fulfill this request"

Applies to:

Enterprise Mobility Agent with Trust Protection Platform 15.4

Symptom:

When trying to retrieve a certificate with Enterprise Mobility Agent, the User Agent will check in but the certificate will not enroll or retrieve. Viewing the Default SQL Channel log shows the following error:

A system at hostname HOSTNAME attempted to retrieve certificate work on behalf of USERNAME, while the system requires windows authentication to fulfill this request. IP: xxx.xxx.xxx.xxx

Cause:

Windows integrated authentication must be enabled on the TPP Server (VEDClient web site) configured with Enterprise Mobility Agent.

Resolution:

You should configure Microsoft Internet Information Services (IIS) by enabling Windows Authentication for the VEDClient web site. This includes:

disabling Anonymous Authentication, and
enabling Windows Authentication


Note: if using Server Agent and Enterprise Mobility Agent, enable Windows Authentication (for Enterprise Mobility) and leave Anonymous Authentication (for Server Agent) enabled for the VEDClient website.

Follow the sections in the "Venafi Trust Protection Platform Installation Guide" TPP 15.4 documentation to configure the following:

Setting Up Windows Integrated Authentication for Web Consoles
Enabling Windows authentication for Trust Protection Platform

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk