Quote Originally Posted by edmaa View Post
On 09-01-2019 12:54 AM, janvdmeij wrote:
>
> This is what the apache logs of NAM say:
>
> Jan 8 14:36:20 xxxxx httpd[25306]: [novell_ag:crit] [pid 25306:tid
> 140489494906624] AM#104600404 AMDEVICEID#ag-695C76DDC80EE84B:
> AMAUTHID#b8d58ae3fcc8990c2108a8c9cb716e2f5818f3911 ff0cb59a1b2f5402d4f1e69:
> AMEVENTID#233499: reason for session assurance mismatch is
> Jan 8 14:36:20 fs-amap httpd[25306]: [novell_ag:crit] [pid 25306:tid
> 140489494906624] AM#104600404 AMDEVICEID#ag-695C76DDC80EE84B:
> AMAUTHID#b8d58ae3fcc8990c2108a8c9cb716e2f5818f3911 ff0cb59a1b2f5402d4f1e69:
> AMEVENTID#233499: IDC mismatch:received Idc cookie is expired
>
> Under security > Advanced Session Assurance > Identity Server / Access
> Gateways I have set a longer interval now. Hope this will do it. Will
> let you know.


If increasing the timeout doesn't fix it, disable it. It wouldn't be the first time session assurance causes some unexpected issues.


--
Cheers,
Edward


Hmmm.....this sounds similar to that issue I reported on here last year with having to re-auth on backend "failure"....might try setting that variable as well.