I just upgraded to 3.9.6 and after, I couldn’t login from remote computer, it appears to accept the password but returns to login page.
I have tried did the following:
Uninstalled powershell universal entirely, removed remaining files/folders, and reinstalled
I tried using localhost from the server itself, and I was able to get logged in and change the password
Attempted to use Chrome and Edge from remote computer and I get the login page, and it seems to accept the new password from previous attempt on the server itself (If I enter the default password it tells me it is an incorrect password.). But, still returns to the login page.
I have observed the same issue on the latest night build from 4.0.0-beta5
Version beta from the beginning of June is ok, latest 2 have broken admin logon (the same behavior). I dint check other. Luckly my AD user had a administrator privilege
Hmm… Fortunately this is on a test server and I didn’t upgrade the production ones yet. I’m going to try and roll back to an older version to see if it fixes it. I also cleared all cookies, history, etc., and tried on another computer. It only works when on the server itself.
Oh, and I also watched the logs on the server. When I put the wrong password in, it updates the log and displays the login error. But, when putting in the correct one, there are no entries in the log, it just refreshes back to the login screen.
Do you have a dev license installed on the server or is it unlicensed? I only ask because I know that we restrict remote access when using a dev server. I think you wouldn’t even see the login page in this case.
One other thing I would recommend is capturing a network trace from your browser. You can press F12 and then click the Network tab. I’d be curious about what the request and response are returning. Do note that the network request will contain your user name and password so you will need to do some cleaning of anything you provide publicly.
At the moment there isn’t a license installed on it. I completely removed and reinstalled it to see if I messed up something during the upgrade. It has also been a while since I’ve installed the licenses, so I’m looking for those to get it added back on. And according to the license on one of the other servers it looks like it has expired so I’m also in the process of getting that updated/purchased as well.
I’ll see if I can pull up that trace you mentioned.
I rolled back to what was running before (3.6.3) and I am able to login from a remote computer. I’m going to try and upgrade a couple of versions at a time until I hit the issue again. If I do I’ll get a trace of it.
Based on the changes in 3.9.6, it seems like the only thing relevant is the change to the SameSite cookie policy that we put in place to support iframes. This may be having some sort of weird issue with authentication.
We’ll make this optional in 4.0.1. If you want to try a nightly build, this change will be included tonight. It will default back to the old behavior and a change to the appsettings will be required to enable SameSite=None cookies.
