Unable to redirect to web portal when it is deployed behind load balancer and "openid" authentication module

You need to configure the web portal URL in the web.config files of your web portals to point to https://<CLB>/OneIdentityManager/page.axd. In addition configure on off your entries in QBMWebApplication for your web portals to contain this URL (https://<CLB>/OneIdentityManager/page.axd) as well.

I changed web.config files in both web servers but unable to understand about the on off entries for web portal. Can you please explain how to do it?

Sorry, there is a typo in my post. Should read "In addition configure one of your entries in QBMWebApplication for your web portals to contain this URL (https://<CLB>/OneIdentityManager/page.axd) as well.

ok so I have one doubt like if my CLB redirects to server1 where I have configured CLB URL in QBMWebApplicaiton, it will act as LB and again redirect to one of the servers but in case if my CLB redirects to server2 where Application URL is still that server's IP then will it not throw an error again?

No, it won't. The URL is just a pointer for the web portal application on the IIS to find it's additional configuration from QBMWebApplication. So changing one entry is enough.

Or, even better, create a new entry in QBMWebApplication for your load balancer URL, but ensure to duplicate the other settings from one of your direct web portal entries in QBMWebApplication.

Thanks Markus for the help. It worked.

Hi Markus, as you suggested I made the changes in config file and qbmwebapplication table. But, now we are not able to login to synchronization editor where the connection is made to database via application server which is also deployed behind load balancer and we have 2 application servers behind load balancer. It throws an error "Please authenticate a session first". 

Hi Markus, as you suggested I made the changes in config file and qbmwebapplication table. But, now we are not able to login to synchronization editor where the connection is made to database via application server which is also deployed behind load balancer and we have 2 application servers behind load balancer. It throws an error "Please authenticate a session first". 

It's getting complicated now. You may want to contact support.

But, the application server should use the same session certificate and the load balancer needs to be configured to use sticky sessions as well.

ok we will contact support. Thank you.

Hi Markus,

One question on web portal which is running behind load balancer. We are not able to establish WCF connection in web designer for web portal (URL provided is https://<CLB>/OneIdentityManager). How can we achieve this?