Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

Log in to Web portal with AD account fails with "401 Unauthorized" error (4332698)

Return

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Title

Log in to Web portal with AD account fails with "401 Unauthorized" error
Description

The end user attempts to login using "Active Directory user account (role based)" as the Authentication module. However, when trying to log in to the web portal with Single Sign-On (SSO) with the Active Directory (AD) account, the logs display the following error:

VI.DB.Entities.SessionExpiredException: Your session has expired. Log on again.
401 Unauthorized
Code: Unauthorized, Message: Unauthorized
Cause

The Service Principle Name (SPN) was not configured for the web host.
Resolution

Configure the Service Principal Name (SPN) for the server hosting the web portal as per the following:

Kerberos with Service Principal Name (SPN)

If the API server is connecting to the database via the application server then a SPN will need to be created for both the API server and Application server in order for this to work.

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Request a KB Article

Leave a Comment

Recommended Content

Product(s):: Identity Manager
9.3.1, 9.3, 9.2.2, 9.2.1, 9.2, 9.1.3, 9.1.2, 9.1, 9.0 LTS

Topic(s):: Troubleshooting

Article History:: Created on: 1/14/2021
Last Update on: 11/18/2025

Search All Articles

© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center