Troubleshoot "Trust this browser" in TFA

Troubleshoot "Trust this browser" in TFA

Issue:

TFA details need to be entered every time (after closing and opening browser / after reaching home or office / when IP changes) even if Trust this browser in enabled.


Troubleshooting: 

1. Check if "ADSTFA_xxxx" cookie is present on browser close and open: 
  1. After logging in with Trust the browser, right click and click Inspect and choose Application tab > Cookies
  2. Click on the SDP URL and check for the presence of ADSTFA_xxxx cookie

  1. Now, close all windows of your browser and open SDP and check if this cookie is present. If the cookie is not present, kindly follow this KB: https://pitstop.manageengine.com/portal/en/kb/articles/retain-sdp-logged-in-credentials-after-browser-restart
  2. If this is present, then go to step 2.

2. Check if cookie is removed when your IP changes.
  1. For versions below 14201, DHCP cases are not supported (SD-102970)
  2. Kindly upgrade to versions above 14201 to retain "keep me signed in" even if your IP changes.
  3. If you are above 14201 and still your issue is not resolved, please contact us.
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                  See all integrations
                  New to ADManager Plus?
                  See all integrations
                  New to ADManager Plus?

                    New to ADSelfService Plus?

                    Start your free trial
                    Start your free trial

                      • Related Articles

                      • Retain SDP logged in credentials after browser restart

                        The following two settings are mandatory for SDP to remember the credentials when closing and reopening the browser. To reopen last tabs: Go to settings, and search for "on start-up" Choose "Continue where you left off" To retain cookies on browser ...

                      • SAML Auto Login with ADFS (in Intranet)

                        Steps to enable Auto-logon: Step 1: In the AD FS server, under Authentication Methods, make sure that Windows Authentication is selected. Step 2: Run the below powershell query to check if "Chrome" is present in the supported WIA agents: ...

                      • Generating HAR files

                        Below are some instructions about how you can easily generate a HAR file using different browsers. To generate the HAR file for Chrome Open Google Chrome and go to the page where the issue is occurring. From the Chrome menu bar, select Click ...

                      • Unable to access ServiceDesk Plus in the latest version of Edge and Chrome version (Version 94 - Released)

                        Root cause : Chrome has defined Scheduler as a variable and unfortunately the same is used in ServiceDesk Plus in resource management section and Chrome API's 'scheduler' variable is overriding our application's variable (Used in resource management) ...

                      • How to change the database from MySQL/PostgreSQL to MSSQL

                        The steps mentioned below are applicable only if you migrate the DB from PgSQL to MSSQL. This means that the application server is going to remain the same. The data alone is going to be transferred to MSSQL DB from the existing PgSQL DB.    For ...

                        Related Products