<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
Have you tried to run a SAML Tracer?
<div><br>
</div>
<div id="ms-outlook-mobile-signature">Sincerely,<br>
Benjamin M. Turner</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> cisco-voip <cisco-voip-bounces@puck.nether.net> on behalf of Jonathan Charles <jonvoip@gmail.com><br>
<b>Sent:</b> Thursday, September 16, 2021 4:56:48 PM<br>
<b>To:</b> cisco-voip@puck.nether.net <cisco-voip@puck.nether.net><br>
<b>Subject:</b> [cisco-voip] Error Processing SAML Response</font>
<div> </div>
</div>
<div>
<div dir="ltr">So, users are randomly getting the above error when logging into CUCM UCMUser or CUC Inbox... we are also getting it using AD credentials into admin pages for CUCM/CUC/etc.
<div><br>
</div>
<div>For a user, it will work find repeatedly, then you will get the error, close your browser, and reopen, still get the error for a few minutes. Then later it will work. When a user is affected, other users work fine.<br>
<div><br>
</div>
<div>TAC is saying it is an NTP issue, however, NTP between CUCM 12.5 and IdP (ADFS 2.0) is fine.</div>
<div><br>
</div>
<div>Pings are around 1ms between servers.</div>
<div><br>
</div>
<div>Any ideas?</div>
<div><br>
</div>
<div><br>
</div>
<div>Jonathan</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</div>
</div>
</div>
</body>
</html>