Detailed below are common problems encountered by users of the Guest Accounts service and how to address them.
- user sees a "Session Creation Failure" error
This most likely indicates a Shibboleth problem on the www.stanford.edu web servers, the Guest Accounts system, or both. When you see this error, please submit a HelpSU request to notify administrators ASAP. We also encourage users to visit the IT Service Alerts website to follow the status of system wide problems. If administators are already aware of an issue, you should wait until it is resolved before submiting your HelpSU ticket (if still necessary, of course!).
- user sees an "Authorization Failed" error
Users will usually see this when trying to access a website that is restricted to members of a particular workgroup while their own guest account is not (yet) a member of the workgroup. Administrators of the website should double
check that the client is using the guest account/email address you think they
are, add it to the necessary workgroup, wait 5-10 minutes for changes to propagate to the
LDAP directory, and have the client restart their web browser and try again.
If you are seeing widespread "Authorization Failed" errors for accounts that are already members of the workgroup, that would likely indicate an LDAP issue on the Guest Accounts server and/or attribute release problem with the web servers. In which case, please let us know by submitting a HelpSU request.
- client visits restricted site, is prompted to log in with guest account, and then page hangs with "Redirecting..." message
In this case, there is nothing we can do. Could be due to high load on a
given web server at a given time and the user may have better success by simply waiting and trying again later. Another thing users may want to try is logging into the Guest Accounts system first and then trying to access the restricted website instead of doing both at the same time.
Log into GA settings page:
This is a good way to test base functionality. If users need to reset their passwords for any reason, they should then use the new password to log into the settings page to confirm the change worked.