SharePoint And ADFS: SecurityTokenException – The issuer of the token is not a trusted issuer

This is a pretty common ADFS error, and there are all sorts of reasons that it could happen.

The stack trace will be this:

[code]

Microsoft.SharePoint.IdentityModel.SPTrustedIssuerNameRegistry.GetIssuerName(SecurityToken securityToken)

   at Microsoft.SharePoint.IdentityModel.SPPassiveIssuerNameRegistry.GetIssuerName(SecurityToken securityToken)

   at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.CreateClaims(SamlSecurityToken samlSecurityToken)

   at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token)

   at Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri)

   at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request)

   at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)

   at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

[/code]

At the end of the day though, don’t sit around and fiddle with the SharePoint trusted authorities and yada yada yada, it boils down to a certificate problem. Basically the one that was specified as the signing certificate, when exported during the ADFS setup, is either malformed (the certificate chain is incomplete) or plainwrong wrong when the trusted issuer was being built up in SharePoint ala powershell. So to get around the error follow two pretty basic steps.

  1. Verify the appropriate certificate chain is present on the SharePoint server in both the trusted root authorities as well as in the SharePoint folder within the Certificate MMC snap-in. Never ever, ever delete the self issued ones that SharePoint provisioned within that folder. You will cause a Micheal Bay-spolosion. To verify the chain, just popup open the certificate details within some interface (like, the MMC :) ) doesn’t really matter what and verify that the chain is trusted and existent.
  2. Next, verify that you actually used the right certificate when specifying the certificate path when building the System.Security.Cryptography.X509Certificates.X509Certificate2 object to pass into your SPTrustedIdentityTokenIssuer. This is pretty easy to mess up when troubleshooting if you are swapping certs all over the place.

Both of these are in place, then that error will go away. Not that another won’t popup :)

Share

Dynamics GP – Types of Accounting Information Systems

Electronic data processing (EDP) is the use of computer technology to perform an organization’s transaction-oriented data processing. EDP is a fundamental accounting information system application in every organization. As computer technology has become commonplace, the term data processing (DP) has come to have the same meaning as EDP.

Management Information Systems

Management information system (MIS) describes information which supports managers to make a decision. An MIS provides a wide variety of information beyond that which is associated with DP in organizations. MIS recognizes that managers with in an organization use and require information in decision-making, and that computer based information systems can assist in providing information to mangers. Many organizations apply the MIS concept to specific functional areas within the organization. Terms such as marketing information system, manufacturing information system, human resource information system and financial information system indicate the tailoring of MIS concept to the development of specific information system to support decision making in a particular, well- defined organization sub unit.

Decision Support Systems

In a decision support system (DSS), data are processed into a decision making format for the end user. A DSS requires the use of decision models and specialized databases, and differs significantly from DP system. A DSS is directed at serving ad hoc, specific, non-routine information requests by management.

Expert Systems

An expert system (ES) is knowledge based information system that uses its knowledge about a specific application area to act as an expert consultant to end-users.

Attributes of Good Accounting Information System

Overview

In designing and developing an efficient and effective accounting information system (or simply referred to as an accounting system), it is important that certain basic principles be followed. These principles or design features make accounting systems run efficiently. A good and an effective system whether computerized or manual-includes the following features: control, compatibility, flexibility, a favorable cost/benefit relationship, and useful output. 

Control

Managers need control over operations. Internal controls are the methods and procedures used to authorize transactions and safeguard assets.

Compatibility

A compatible is one that works smoothly with the business’s operations, personnel, and organizational structure. A compatible accounting information system conforms to the needs of the business.

Flexibility

Organizations evolve. They develop new products, sell off unprofitable operations and acquire new ones, and adjust employee pay scales. Changes in the business often call for changes in accounting system. A well-designed system is flexible if it accommodates changes without needing a complete overhaul.

Favorable Cost-Benefit Relationship

Achieving control, comparability, and flexibility costs money. These costs reduce a company’s net income, so managers often must settle for less than the perfect accounting system. They strive for a system that offers maximum benefits at a minimum cost-that is, a favorable cost/benefit relationship. As a matter of fact, a major consideration in developing an accounting system is cost. The system must be cost effective; the benefit obtain from the information must outweigh the cost of providing it. For example, the value of each accounting report should be at least equal to the cost of producing it.   

Useful output

To be successful, information must be understandable, relevant, reliable, timely, and accurate. Designers of accounting systems must consider the needs and knowledge of the various users so that the systems out put (reports and statements) will be useful. For example, sales managers may need weekly reports of sales and factory supervisors may need daily reports of production. Others with differing responsibilities (such as vice-president) may need such reports only monthly or quarterly.  

Share