This article explains the steps to perform in case you receive the following error "No valid NameID found. Cannot process response".
Note: This article is specifically for ADFS 2.0 as the identity provider.
No valid NameID found. Cannot process response.
This error means that identity provider was unable to find the Claim Rule – NameID or it was unable to get the e-mail address parameter from AD server for that particular user.
- Make sure the user receiving this error, has a e-mail address configured in Druva console under Users option and also on AD server.
- Check the Claim rules on ADFS server for Druva Application again and ensure that the claim rules are configured as shown in the following screenshot.
- If these points do not help, then ensure that the Claim rules configured are setup under Issuance Transform Rules instead of Issuance Authorization Rules. This is very important as ADFS will not contact LDAP server to look for the e-mail address parameter which is the default claim type (Name ID) used by Druva for SSO.
- Under Issuance Authorization Rules, the following option should be configured “Permit all the users to access the relying party”.
Note: In case the issue exist after following all the steps mentioned in this article, please contact Druva Technical Support.