Troubleshoot "Trust this browser" in TFA

Troubleshoot "Trust this browser" in TFA

Issue:

TFA details need to be entered every time (after closing and opening browser / after reaching home or office / when IP changes) even if Trust this browser in enabled.


Troubleshooting: 

1. Check if "ADSTFA_xxxx" cookie is present on browser close and open: 
  1. After logging in with Trust the browser, right click and click Inspect and choose Application tab > Cookies
  2. Click on the SDP URL and check for the presence of ADSTFA_xxxx cookie

  1. Now, close all windows of your browser and open SDP and check if this cookie is present. If the cookie is not present, kindly follow this KB: https://pitstop.manageengine.com/portal/en/kb/articles/retain-sdp-logged-in-credentials-after-browser-restart
  2. If this is present, then go to step 2.

2. Check if cookie is removed when your IP changes.
  1. For versions below 14201, DHCP cases are not supported (SD-102970)
  2. Kindly upgrade to versions above 14201 to retain "keep me signed in" even if your IP changes.
  3. If you are above 14201 and still your issue is not resolved, please contact us.

                    New to ADSelfService Plus?

                      • Related Articles

                      • Retain SDP logged in credentials after browser restart

                        The following two settings are mandatory for SDP to remember the credentials when closing and reopening the browser. To reopen last tabs: Go to settings, and search for "on start-up" Choose "Continue where you left off" To retain cookies on browser ...
                      • TFA : Failing Email Delivery of TFA Verification Code During Login

                        Issue: In a non-EWS setup with Graph configuration in the outgoing mail server settings, the sending of TFA verification codes via email fails when attempting to log in. Screenshot of Error: Trace of Error in Logs: ...
                      • SAML Auto Login with ADFS (in Intranet)

                        Steps to enable Auto-logon: Step 1: In the AD FS server, under Authentication Methods, make sure that Windows Authentication is selected. Step 2: Run the below powershell query to check if "Chrome" is present in the supported WIA agents: ...
                      • Generating HAR files

                        Below are some instructions about how you can easily generate a HAR file using different browsers. To generate the HAR file for Chrome Open Google Chrome and go to the page where the issue is occurring. From the Chrome menu bar, select Click ...
                      • Unable to access ServiceDesk Plus in the latest version of Edge and Chrome version (Version 94 - Released)

                        Root cause : Chrome has defined Scheduler as a variable and unfortunately the same is used in ServiceDesk Plus in resource management section and Chrome API's 'scheduler' variable is overriding our application's variable (Used in resource management) ...