Request was from an untrusted provider in NAM


I'm trying to set up SSO using SAML into Vmware Horizon, using NAM as the identity provider.

The user goes to "https://<server fqdn>/nidp" and is prompted to login, they then click on an Appmarker to take them to Vmware horizon desktop agent but the page redirects to "https://<server fqdn>/nidp/app?first=false" and I get the error "Unable to complete request at this time. (Request was from an untrusted provider-5D5DFCF47082782E)"

I have tested this chain using Microsoft ADFS and it works ok so I think it's NAM that's having the issue?



  • make sure "all"  CA certificates (Intermediate CA and Root CA) have been imported and added within the NDIP Trustrore

    • check the IDP health status especially for certificates
    • make sure IDP servers are able to access OCSP responders or can download CRLs (Internet Access)
    • enable application and SAML2 debug logging for the IDP server
    • stop the idp server: systemctl stop novell-idp
    • clean out the catalina.out: "> /var/opt/novell/nam/logs/idp/tomcat/catalina.out"
    • start the IDP server: systemctl start novell.dp
    • run: grep -i "loaded trusted provider" /var/opt/novell/nam/logs/idp/tomcat/catalina.out
      if everthing has been configured correctly you will se messages like:
      <amLogEntry> 2023-03-11T09:37:32Z INFO NIDS Application: AM#500105038: AMDEVICEID#3C36FBEA9A5075F5: AMAUTHID#803e9573e589a59df8f71f14a4ddd2a4842828c71ef9195ad3374863a402ed02:  Loaded trusted provider of protocol SAML 2 </amLogEntry>

  • Verified Answer

    Thanks for the response, I figured out on Friday that I was missing the IDP part of the scenario. I have managed to get it working using ADFS as an IDP now.