We have recently deployed Zscaler private access in our environment. We have integrated Microsoft ADFS and integrated MFA as well. We have kept authentication timeout policy.
When authentication expires and tries to reauthenticate it throws script error everytime. This is very annoying.
Does anyone have any information on how to fix this issue. Error Snapshot attached herewith.
There’s not enough detail there to give a definitive answer. I suspect that what is happening is you are triggering re-authentication, but the auth server (or something the auth server depends on) is also a ZPA application segment - so you’re getting into an auth/re-auth/block loop.
Consider - bypass the ADFS server ZPA. Create a segment with the ADFS server and set to “always bypass”. Does this resolve the issue?
Or - Set the AD server to “never re-authenticate” so that ADFS can always authenticate against the domain. Does this resolve the issue?
I would suggest a PCAP, Header Trace, and ZCC logs with a support case to further investigate this.
What’s the error in the script? Can you open the script and correct it?
TAC case is already opened but the issue still persists.
ADFS url is already bypassed in application segment but still at the time of reauthentication this error is coming on windows machine. On mac machine it seems to be working fine.
With TAC we have performed multiple things but still the issue remains.