Hello everyone!
I have deployed an environment in two locations.
The first one contains:
2 x Domain Controllers (let's name it DC1 and DC2)- both are connected through vpn to the 3rd domain controler( DC3) in second location
5 x ADFS Servers connected to the load balancer - there is no connection between ADFS servers and 3rd domain controler(DC3) in second location
The second contains:
1 x Domain Controller (DC3)
2 x Clustered OBIEE servers connected to the DC3's AD LDAP. Also these servers are connected to the LB and are accessible from the internet
If I had test environment containing OBIEE servers in first location everything was ok. I could log into OBIEE weblogic servers through SSO (ADFS).
Now there is a problem. I can't log in to OBIEE becouse I am getting on OBIEE site 403 - forbidden.
In ADFS logs all the time I am getting when I am trying to connect OBIEE following error:
Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '2' seconds.
I read many articles in oracle support and microsoft sites wchich indicated on:
- differences between network time servers - I synchronized the time between all servers.
- permissions for users and groups who can access to the obiee - I did it
The main question is: Is it possible the problem persists becouse my DC3 is not connected to the ADFS servers?