Are you seeing SSO Issues with iManage?
iManage released an advisory announcement yesterday that affects customers authenticating to iManage via Azure SSO using a desktop client such as DeskSite, FileSite, or the Work Desktop. The issue applies to both iManage Cloud and on-premise environments.
When attempting to log in, users may see Microsoft redirect popup windows with the following error: “We couldn’t sign you in. Please try again.”
It seems the SSO issues stem from recent changes that Microsoft and Google made to the Chromium browser, which is used as the default host for iManage authentication.
iManage has provided a workaround of disabling the Chromium browser for SAML authentication and switching to Internet Explorer. For this workaround to function properly, the following minimum version requirements must be met for each desktop client software component:
- Work Desktop 10.2.0.209
- DeskSite 9.3.6.85
- FileSite 9.3.6.85
This change is controlled by the following registry key:
For 64-bit Desktop Clients:
[HKLM\Software\iManage\Work\10.0\client\login]
“EnableChromiumBrowser“=DWORD:0For 32-bit Desktop Clients:
[HKLM\Software\Wow6432Node\iManage\Work\10.0\client\login]
“EnableChromiumBrowser“=DWORD:0
The advisory announcement article includes a second registry key that may be required if EnableChromiumBrowser does not fix the issue in iManage Cloud environments (this does not apply for on-premise installations).
[HKCU\Software\iManage\Work\10.0\ADFS\RegisteredServers\[servername]
String Value Name: PreferredLoginType
String Value: Saml
After configuring one or both of these registry keys, you may need to manually end the iwsingleton.exe process in Windows Task Manager and restart the Work Agent from the Windows System Tray before attempting login.