The default identity provider uses the domain name as its Name. If an administrator renames the default identity provider's Name field to any arbitrary name, then searching or adding Windows users to this identity provider will result in an Access was denied error.
Error Details
Administrators will see a Input Windows credentials prompt pop-up when searching or attempting to add users to the default identity provide. After valid Windows credentials are entered, you will continue to receive this error: Access was denied. You can retry using a specific Windows account.
Solution
There are different approaches to mitigate this error. Choose one of the options below:
- Navigate to the default identity provider. Change the Name field back to the domain name.
- Create a new identity provider.
- Add the domain name of the default identity provider in the Host field of the new identity provider you are creating.
- The Name field can be any arbitrary name.
- After creating the new identity provider, delete the default identity provider.
Note: Do not delete the default identity provider prior to creating a new identity provider. You must have the default identity provider's domain name in the Host field of the new identity provider.