This page contains some trouble shooting suggestions to investigate.
USI Organisation Portal users
Follow this link to read current details about AUSkey and Web browser compatibility.
Organisations experiencing various problems with specific machines may resolve the machine issue by having dotNET Framework reinstalled (and/or upgraded from 4.0 to 4.5 on machines that won't connect).
Errors encountered when using a Student Management System (SMS)
“Organisation was not verified as an authorised body/organisation in the system”
The error indicates the organisation has not yet requested access to the USI Registry System using Web Services, or if access has been requested, the application has not yet been processed.
Note:- Submitting a request for access via Web Services and accepting Terms and Conditions is a mandatory requirement to obtain access.
“An error occurred when verifying security for the message”
Office of the Student Identifiers Registrar comment:
"In the USI request all the EncryptedData elements (and thus the EncryptedAssertion element) need to appear before all instances of the Signature element."
SMS Vendor comment:
"We've been able to resolve the issue oddly by changing the order of the classpath parameters for the java execution."
“ID3242: The security token could not be authenticated or authorized”
Vanguard gateway does not authenticate using a username/password model. It uses a certificate.
If a developer uses the svcutil tool against the endpoint they will generate a config file which shows the bindings expected. They should see that a certificate is required not a password.
“Unknown KeyStore exception – 4699”
For applications developed in .Net using IIS manager.
In IIS Applications Pool -> Advanced Settings:- changing the setting ‘Load User Profile’ to true solved problems for some users.
If not using .Net/IIS manager, this solution (amending local settings) may be something that can be investigated.
A range of very unusual and rather obscure errors indicating a security breaches have been reported from time-to-time.
Often the problem stems from a ‘clock skew’ issue.
Only a small variation/tolerance is permitted between the remote machine/server and the Authentication Service. A correction/adjustment to system clock time(s) has often resolved this problem.
For information on troubleshooting AUSkey problems visit the Technical Help Desk on the ATO website.