Hi all - our upgrade to 25.2 was overnight, and now our SSO users - all non-admin and non-integration roles - aren't able to log in. When our dev ops manager updated the SSO certificate he's getting an error. We've been on hold with priority tech support for 30 min and submitting a case through suite answers keeps failing. Hopefully someone here has an idea. Thanks! Here is what he did and the error:

I'm attempting to update our SAML Azure Federation Metadata XML file to our three environments and am running into an error.  To prep for the loading the new XML file, I first deleted the IdP configuration from the three environments by going to Setup > Integration > Manage Authentication > SAML Single Sign-on, clicking Actions, and selecting Delete IdP configuration. I then waited a few minutes before attempting to load the new file.
When I attempt to submit the new XML file in any environment, I get the following error message:
"Identity provider with the entity ID <https://sts.windows.net/d6ac7fd1-6f24-46a4-9996-bfcc1b587137/> is already used by another account and contains different metadata associated with it. Use IDP with a different entity ID or make sure you have the latest metadata file uploaded in all accounts."
It looks like the old IdP data is being retained somewhere.  I have double-checked our three environments and confirmed that the IdP settings have been deleted in each.
The XML file needs updating as our Azure SSO certificate was due to expire soon.

Hi, you need to reach out to NetSuite support for that kind of error. They have a backend tool to clear that conflict in entity ID.

Ok, thanks. We're trying but still on hold and ticket won't go through either. 😢

You can call their hotline for faster resolution since that can be considered as a Business Down issue: https://www.oracle.com/corporate/acquisitions/netsuite/support.html

Thank you! I think that's the number we called. We're actually on with support now - we hung up and chose a different option at the beginning and got someone w/in 5 min. He and our network engineer are going through it. The support rep didn't mention the tool to clear the conflict, so I asked about it, and he said it has to go above him for that.

Yeah they will troubleshoot first before they do that. 🙂 welcome!

It's resolved - the rep's manager did use tool to clear the conflict while we were all still on the call. It was Release Preview that was the issue. We couldn't clear it since now RP goes away as soon as they upgrade. RP used to hang around for a while. Thanks again.

Sure no worries. glad that I helped 😉