IDSecurity agent

The following errors may arise with the IDSecurity Agent. Follow the solutions provided to resolve them:

IDSecurity Agent installed successfully, but MFA is not prompted

This error may occur due to various scenarios. Follow the steps outlined below to resolve the issue:

Access is being denied for a user after installing IDSecurity Agent

This error may occur due to the following scenarios. Follow the steps outlined below to resolve the issue:

A blank screen appears during the Windows MFA process

Cause:

Solution:

Listed below are the solutions for enabling cookies and adding the Identity360 URL to the trusted sites list in Internet Explorer.

Verify whether cookies are enabled in Internet Explorer on the user's system. If they are not, enable cookies by following the steps below:

  1. Download PsTools on the machine facing the issue.
  2. Open the Command Prompt and run the command psexec.exe -s -i "C:\Program Files (x86)\Internet Explorer\iexplore.exe.".
  3. Internet Explorer will open. (Note: Internet Explorer is the only browser that supports the following troubleshooting, regardless of any other browsers installed on the user's system.)
  4. Go to Settings and select Internet options.
  5. Troubleshooting tips

  6. In the Internet Options window, go to the Privacy tab. Under Settings, select the Advanced button.
  7. In the Advanced Privacy Settings window, select the Accept radio button under both First-party Cookies and Third-party Cookies.
  8. Troubleshooting tips

  9. Select OK and close the Advanced Privacy Settings window.
  10. Click Sites under Settings in the Internet Options window.
  11. In the Per Site Privacy Actions window that opens, enter Identity360's URL (https://id360.manageengine.com/) in the Address of website field and click Allow.
  12. Troubleshooting tips

  13. Press OK to close the Per Site Privacy Actions and Internet Options windows.

Solution:

Adding the Identity360 URL to intranet/trusted sites.

  1. Download PsTools on the machine facing the issue.
  2. Open the Command Prompt and run the command psexec.exe -s -i "C:\Program Files (x86)\Internet Explorer\iexplore.exe.".
  3. The browser will open. Now go to Settings and select Internet options.
  4. Troubleshooting tips

  5. In the Internet Options window, go to the Security tab and select Trusted sites in the Select a zone to view or change security settings field.
  6. Troubleshooting tips

  7. Click Sites below the Select a zone to view or change security settings field to open the Trusted sites window.
  8. Troubleshooting tips

  9. In the Trusted sites window, type in the URL of the Identity360 application in the Add this website to the zone field, then click Add.

These steps should ensure that there are no further issues in displaying the MFA prompt.

Troubleshooting error codes

The error codes listed below can be found within the log files located at C:\Program Files\ManageEngine\Identity360 Cloud IDSecurity Agent\logs. For logs related to agent installation, please refer to Installerlog.log, while for other logs, refer to IdsAgent-Common.log. If you require additional assistance with different error codes, kindly reach out to our support team.

Error code Description Resolution
IDS-4000 The user machine cannot reach the Identity360 portal. This code is logged when the IDSecurity Agent encounters an unexpected error. Kindly reach out to the support team at identity360-support@manageengine.com, providing the IDSecurity Agent's logs located at C:\Program Files\ManageEngine\Identity360 Cloud IDSecurity Agent\logs, along with the timestamp of the error occurrence and any relevant screenshots.
IDS-4101 The user machine cannot reach the Identity360 portal. This code is logged when IDSecurity Agent authorization fails due to an invalid or old installation key being used after generating a new one. Get the valid or updated installation key from the Identity360 portal at Applications > Multi-factor Authentication > Install IDSecurity Agent > Step 2, and attempt to reinstall the agent.
IDS-4102 The user machine cannot reach the Identity360 portal. This code is logged when MFA is bypassed due to an unexpected failure in API authorization with Identity360. Please attempt to reinstall the agent. If the problem persists, please contact the support team at identity360-support@manageengine.com. Provide the IDSecurity Agent's logs located at C:\Program Files\ManageEngine\Identity360 Cloud IDSecurity Agent\logs, along with the timestamp of the error.
IDS-4103 The user machine cannot reach the Identity360 portal. You can locate this code in instances where the MFA is skipped due to a failure in agent authorization caused by the absence of the Azure AD Tenant from the directory list in Identity360. Add the respective Azure AD Tenant in Identity360 under Universal Directory > Manage Directory > Add Directory, and try reinstalling the agent.
IDS-4104 The user machine cannot reach the Identity360 portal. This code may occur when MFA is bypassed due to an unexpected failure in verifying the user password through Windows APIs. Kindly reach out to the support team at identity360-support@manageengine.com, providing the IDSecurity Agent's logs located at C:\Program Files\ManageEngine\Identity360 Cloud IDSecurity Agent\logs, along with the timestamp of the error.
IDS-4105 The user machine cannot reach the Identity360 portal. This code appears when the access token expires and authentication is bypassed. Please reach out to the support team at identity360-support@manageengine.com, providing the IDSecurity Agent's logs located at C:\Program Files\ManageEngine\Identity360 Cloud IDSecurity Agent\logs
IDS-4106 The user machine cannot reach the Identity360 portal. In such cases, user access would either be denied, or MFA would be bypassed depending on whether the setting found at MFA for Endpoints > Advanced > Skip MFA for offline machines is enabled or disabled. Ensure a stable internet connection is available for user machines to reach the Identity360 portal.
IDS-4107 The user machine cannot reach the Identity360 portal. This code is logged when an attempt to establish a secure HTTPS connection with the Identity360 portal fails due to an SSL certificate issue.
Or
This error code is triggered during agent installation if the device setup information is incorrect.
Please reach out to the support team at identity360-support@manageengine.com.
Or
Please ensure that you install the agent on machines that run only the operating systems supported by the IDSecurity Agent as per this list.

Copyright © 2024, ZOHO Corp. All Rights Reserved.