Forum Discussion

ez12a's avatar
ez12a
Copper Contributor
Mar 15, 2024

WAC Build 2311 in HA Not Authenticating w/ Entra AD Properly

Have a fresh install of WAC Build 2311 in HA, with Entra authentication enabled. When I try to log in as a domain user that does not have administrative privileges on the WAC gateways (but still falls under a regular User), I receive this error:

Method not found: 'Microsoft.IdentityModel.Tokens.SecurityKey Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.FindKeyMatch(System.String, System.String, Microsoft.IdentityModel.Tokens.SecurityKey, System.Collections.Generic.IEnumerable`1<Microsoft.IdentityModel.Tokens.SecurityKey>)'.

The user is listed in a group with the role Gateway User in Entra. 

This doesnt seem to have been a problem with the previous build before 2311.

I am able to log in with my admin account that is a Gateway Administrator (that is also in the local Administrators group). 

  • ez12a's avatar
    ez12a
    Copper Contributor

    Just tested by rolling back to a fresh install of Build 2306 and it does not have the same issue.

    I noticed some warning on Build 2311 about migrating to SPA when configuring the integration with Entra and also tried following the steps to migrate to SPA and got the same error in this thread when trying to login with a normal user account: https://techcommunity.microsoft.com/t5/windows-admin-center/update-to-admin-center-1-5-23-12-09001/m-p/4013640

    Seems like Build 2311 with Entra integration for 2FA is still not fully supported. I will have to roll back to Build 2306.

    • Rebecca_Wambua's avatar
      Rebecca_Wambua
      Icon for Microsoft rankMicrosoft
      Hi, Thank you for the feedback and sorry about this issue. We are currently conducting an investigation into our identity model and RBAC. Please bear with us on this as we aim to improve this experience.
      • GeoffryFaulkner's avatar
        GeoffryFaulkner
        Copper Contributor

        Rebecca_Wambua It has been a month since the last response and I am still unable to login to Windows Admin Center. Has a cause been found? A workaround or solution?

         

        Method not found: 'Microsoft.IdentityModel.Tokens.SecurityKey Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.FindKeyMatch(System.String, System.String, Microsoft.IdentityModel.Tokens.SecurityKey, System.Collections.Generic.IEnumerable`1<Microsoft.IdentityModel.Tokens.SecurityKey>)'.
  • DrSleez's avatar
    DrSleez
    Copper Contributor

    Also run into this issue. Somebody got any updates?

  • YvesGutSTS's avatar
    YvesGutSTS
    Copper Contributor
    Hello everyone, I have the same problem. I am using Windows Admin Center 2311 with EntraID authentication enabled. The redirect URLs are fine, and ID tokens are used (Hybrid Flow) and my wac users are listed in a group with the role Gateway User in Entra. But I always get the message:

    Method not found: 'Microsoft.IdentityModel.Tokens.SecurityKey Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.FindKeyMatch(System.String, System.String, Microsoft.IdentityModel.Tokens.SecurityKey, System.Collections.Generic.IEnumerable`1<Microsoft.IdentityModel.Tokens.SecurityKey>)'.

    I have also used Azure's Sign-in Diagnostic, which states that:

    "The user sign-in failed due to application configuration issues. The reply URL does not match the reply URLs configured for the application {appName}. Make sure the reply URL sent in the request matches one added to your application in the Azure portal."


    ...no matter what I configure. Is there any news about this issue ?
    • GeoffryFaulkner's avatar
      GeoffryFaulkner
      Copper Contributor
      Use incognito browser mode until the problem is resolved. Crazy it has gone on this long without a solution.
      • toomassuls's avatar
        toomassuls
        Copper Contributor
        There still is no Fix for it?
        Had to do rollback myself to get it working again (2306 works fine) but 2311 does not even in incognito it gives this error.

        Searching around i do not see any bug tracker to WAC aswell

Resources