Identity Management, Troubleshooting and Solutions for using Urbana Single Sign-On Pages

This article is for Help Desks and IT Pros, to assist campus users with using the AzureAD single sign-on page protecting Microsoft365 and Shibboleth applications.

Urbana users logging into Microsoft365 (Outlook, Word, Excel, etc.) or Shibboleth (Canvas, Box, Zoom, Moodle, etc.) applications will now authenticate with their full login address (most likely their University email address,

An overview of the Urbana Single Sign-On pages can be found here (Identity Management, Urbana Single Sign-On Pages) and an overview of the Duo Universal Prompt can be found here (2FA, Duo Universal Prompt Overview).

Possible Issues:

Error message: Message: AADSTS50107: The requested federation realm object '' does not exist.

Incorrect login address

AzureAD - the technology behind our new sign-in pages - uses the UserPrincipalName attribute as the login address. For most people, this will be their email address.

NOTE for IT Pros:

If a user attempts to log in with just their NetID or with an incorrect login address, their login attempt will fail. Depending on what they type in, they may experience one of the following:

'Forgot Password' Link

The AzureAD login page features some customization specific to our campus, however currently the 'Forgot Password' link directs to a Microsoft Self-Service Password Reset (SSPR) page, instead of to our NetID Center. Users who attempt to reset their password through the Microsoft SSPR page will not be successful. This is the same for the 'reset it now' link if users enter an incorrect password.

Instead, if users are having issues with their password, they can click on the 'Change your password' link, in the 'Troubles logging in?' section.

See the below screenshot depicting where users should click:

Screenshot indicating users should click on change your password if having issues logging in

Duo Prompt Message: "No access to server. The page cannot load without access to your server"

This issue can occur if your Windows operating system is out of date. Resolution would be to update the impacted machine to Windows patch 1909 or greater.

Additional information can be found here.

Duo error message cannot access server

Potential Browser Issues

The AzureAD login page has been thoroughly tested for compatibility, but it is still possible that issues will be encountered:

If standard troubleshooting steps have been followed and a user is still experiencing a browser based login issue, please note what has been tried so far and send a ticket to the Help Desk.