cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

Also beware, in my case I had to set the attribute "active" to "accountEnabled" during Step #2,14.
If I did not set this, my users would automatically be disabled when Azure AD auto provisioned, this is now not the case. Accounts do get disabled when I block logins through Office365 for a user.

Highlighted
New Contributor

Re: Cannot find signing certificate configured.

So I went through the Enterprise App setup again. My test user was still in Lastpass so I deleted it from there. It's not synced back in even after I've waited 16 hours. Support mentioned that there's no way to force a sync but that it usually takes 4-6 hours. I'll add a second user to see if that one goes. So far I'm only using email ticket support which isn't the quickest so I may need to call.
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

It is possible, I do this all the time 🙂

Azure AD > Enterprise Application > *Lastpass app you created* > Provisioning > Provision on demand > A user (That is also added to Users and Groups) > Provision.

Highlighted
New Contributor

Re: Cannot find signing certificate configured.

You're right, just found that. I guess support gave me the wrong information. Here's the error I'm getting for the user in question.

Export details
Failed to create User 'ITTest@mydomain.com' in customappsso

Error code
SystemForCrossDomainIdentityManagementServiceIncompatibleFiltering

Error message
StatusCode: Conflict
Message: Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the 'Response' property of this exception for details.
Web Response:
{"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"status":"409","detail":"This user exists and has been invited to join this enterprise."}
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

I just found the user under Invited Users in lastpass so I'll try to reinvite.
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

Well I finally got it to work with a second user account. I've deleted the first user that I was testing with before I had to redo the setup but even when I add it back in, it doesn't work. I still get the provisioning error shown above and when I go to lastpass, I see the user in invited users but the user never gets the activation code and I cannot log in.

 

The second user shows up under active user licenses right away and the user gets the activation code in their email. Not sure how to fix the first user yet.

Highlighted
New Contributor

Re: Cannot find signing certificate configured.

I think it has to do with the old setup you did, if it was a test user I wouldn't be too worried about it. Otherwise Lastpass should be able to fix it
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

I'll check with them to see if it's fixable.

I was wrong above, LastPass does use SSO so when I am already logged in with O365, it logs me into LastPass automatically which I don't care for.

And it has the issue where if you log out of Lastpass, it logs you out of Office 365. Do they have an option to change that?
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

This is the exact way I want it to be used, users log into O365 (with 2FA) for their LastPass (and chromebook) and autofill services that dont offer a similar option.

 

It looks like you would only want LastPass > Users > Add Users > Upload CSV to invite all your users and have them have a seperate password for LastPass? 
Seems unclear why you would need federated login at all in your case 

Highlighted
New Contributor

Re: Cannot find signing certificate configured.

No, I don't want them to have a separate password.  I just don't want Single Sign On.  Basically I'd just want password sync.  That way the log out timers in LastPass would still work and they wouldn't be logged into lastpass constantly.  It makes it a bit more secure in case the user leaves the computer unattended briefly for example.