All versions of Centrify Application ServicesProblem:
IWA failed after modifying the cloud connector setting(s) in Centrify Admin Portal. Users were prompted for username and password which is not supposed to be.
Cloud connector log shows:2018-01-15 05:58:14,105 [P-Centrify.Cloud.Core.ProxyHost.exe-4324|(null)|(null)|2ef0c45f76484d88a47c1293e31e87c3|30|235|ERROR]OnPremiseRestController: Get One Time Pass using Cors failed: System.ArgumentNullException: Value cannot be null.
Parameter name: value
at System.String.EndsWith(String value, StringComparison comparisonType)
Cloud sends config to Connector without "TenantSystemCname" and "PodFqdn" when connector setting is changed in Admin portal by Settings > Network > Centrify Connectors > Modify dialog.
After receiving these config, connector sets TenantUrlDomain and PodDomain as null.
During IWA (i.e. GetOneTimePass), connector checks these values but did not expect them to be null.
OTP thus returned without returning headers like Access-Control-Allow-Origin.
Workaround would be to restart the cloud connector service on the modified cloud connector machine.
This will be fixed permanently in 18.8 release.