VMware Horizon Community
ICTROCMN
Enthusiast
Enthusiast
‎11-02-2015 03:48 AM

UEM (Immidio Flex+ 8.5.1) mandatory profiles and stored credentials

Hello,

we are using VMware User Environment manager (version 8.5.1) in our environment. Works like a charm,

except that we have some trouble with UEM and users that store credentials.

We use a mix of desktops with Windows 7 Enterprise and  Windows 2008 R2 terminal servers.

Users get a mandatory profile with folder redirection on both the Windows 7 Enterprise desktops and terminal servers.

We have used the built-in configuration files to synchronise the personal certificates and Internet Explorer passwords.
This works as intended.

But these configuration settings are not sufficient to capture all the stored credentials.

Following this blogpost I created an additional settings file to synchronise the credentials in the Windows vault.

RES Workspace Manager – Save IE and Windows Credentials – renshollanders.nl

This works and the settings get saved at log off.

However if a user stores the credentials on a 2008 R2 terminal server, and switches to a Windows 7 desktop the stored credentials

do not work. From Windows 7 to 2008 R2 is'nt a problem, neither is between two 2008 R2 terminal servers.

They do appear in the credential manager.

Selecting the stored credentials, and re-entering the password does'nt fix the issue.

Only clearing the entry from the credential manager, and saving them again under Windows 7 fixes the issue.

Does anyone recognize this behaviour, or encountered this before and solved it, and is willing to share the solution?

0 Kudos
1 Reply
Pim999
Enthusiast
Enthusiast
‎12-04-2015 07:58 AM

Hi,

The only location not saved in the UEM templates is <LocalAppData>\Microsoft\Credentials (compared to the article you reference to)

Just adding that to the template might have been what you have done. I'll give this a try in my environment.

But I know that Microsoft sometimes does some migration steps when roaming between different OS versions. Sometimes Microsoft just migrates the settings to make them compatible with an other OS version. But that is not backwards compatible in all the scenario's. I think you are running into this scenario.

The easiest 'solution' in you case might be to check the 'Settings are OS-specific' checkbox on the Advanced tab if the UEM Config File. That way the settings will only roam between exact the same OS versions. This does mean the users will have to type the password twice: once on Win7 and once on Server2008R2.

Kind Regards.

0 Kudos