VMware Horizon Community
trubida
Contributor
Contributor
Jump to solution

{#AD_USER_OR_GROUP_NOT_FOUND#} Could not find user or group in AD

I receive the following error message when trying to retrieve the remote access groups in Horizon 8.1.0 build - 17351278.

2021-03-08T04:29:43.025-06:00 ERROR (08C8-1DB8) <ajp-nio-127.0.0.1-8009-exec-3> [RestApiServlet] Unexpected fault:(vdi.fault.EntityNotFound) {
errorMessage = {#AD_USER_OR_GROUP_NOT_FOUND#} Could not find user or group in AD,
id = (vdi.EntityId) {
dynamicType = null,
dynamicProperty = null,
id = UserOrGroup/Uy0xLTUtMjEtMzg5NDk2NzgyMy0xNzUxNDI3MDA5LTI3NDI0NjQ5NzYtMTc2OA

I've searched all over and cannot find this entry anywhere.

Anyone seen anything like this or know how to remove all of the defined remote access users so I can add them back in?

1 Solution

Accepted Solutions
Chenddd
Contributor
Contributor
Jump to solution

Hello,I had a same problem last week,and I solved it.The question is you deleted a domain user or group in AD when the “remote control” function assigned this user or group.I think this is bug.

The solution steps are as follows:

1  At First,I see "id = UserOrGroup/Uy0xLTUtMjEtMzg5NDk2NzgyMy0xNzUxNDI3MDA5LTI3NDI0NjQ5NzYtMTc2OA" in your log.

2  According to this error report,it should be that a user or group could not be found in the connection server

3  Through the relevant transcoding tools,covert "Uy0xLTUtMjEtMzg5NDk2NzgyMy0xNzUxNDI3MDA5LTI3NDI0NjQ5NzYtMTc2OA" to "S-1-5-21-3894967823-1751427009-2742464976-1768"

4 You need to delete this user or group from connection server ADAM database(It is recommended that you take a backup or snapshot before operation)

  • Log in to the connection server operation system,click Start >  Windows Management Tools > ADSI EditConnecting to the View ADAM Database
  • In the console tree, right click ADSI Edit , and then click connect to
  • In the Select or type a Distinguished Name or Naming Context text box, type the distinguished name DC=vdi, DC=vmware, DC=int
  • In the Select or type a domain or server text box, select or type localhost:389 or the fully qualified domain name (FQDN) of the View Connection Server computer followed by port 389 (For example: localhost:389 or mycomputer.mydomain.com:389)
  • Click OK.
  • Select and expand DC=vdi,dc=vmware,dc=int to expand
  • Select and expand CN=ForeignSecurityPrincipals to expand
  • Find CN=S-1-5-21-3894967823-1751427009-2742464976-1768 ,and then delete it.

After the operation is complete,verify that the environment is back to normal.

Thank you!

 

 

View solution in original post

15 Replies
Chenddd
Contributor
Contributor
Jump to solution

Hello,I had a same problem last week,and I solved it.The question is you deleted a domain user or group in AD when the “remote control” function assigned this user or group.I think this is bug.

The solution steps are as follows:

1  At First,I see "id = UserOrGroup/Uy0xLTUtMjEtMzg5NDk2NzgyMy0xNzUxNDI3MDA5LTI3NDI0NjQ5NzYtMTc2OA" in your log.

2  According to this error report,it should be that a user or group could not be found in the connection server

3  Through the relevant transcoding tools,covert "Uy0xLTUtMjEtMzg5NDk2NzgyMy0xNzUxNDI3MDA5LTI3NDI0NjQ5NzYtMTc2OA" to "S-1-5-21-3894967823-1751427009-2742464976-1768"

4 You need to delete this user or group from connection server ADAM database(It is recommended that you take a backup or snapshot before operation)

  • Log in to the connection server operation system,click Start >  Windows Management Tools > ADSI EditConnecting to the View ADAM Database
  • In the console tree, right click ADSI Edit , and then click connect to
  • In the Select or type a Distinguished Name or Naming Context text box, type the distinguished name DC=vdi, DC=vmware, DC=int
  • In the Select or type a domain or server text box, select or type localhost:389 or the fully qualified domain name (FQDN) of the View Connection Server computer followed by port 389 (For example: localhost:389 or mycomputer.mydomain.com:389)
  • Click OK.
  • Select and expand DC=vdi,dc=vmware,dc=int to expand
  • Select and expand CN=ForeignSecurityPrincipals to expand
  • Find CN=S-1-5-21-3894967823-1751427009-2742464976-1768 ,and then delete it.

After the operation is complete,verify that the environment is back to normal.

Thank you!

 

 

trubida
Contributor
Contributor
Jump to solution

Thanks for the info Chenddd.  I found the SID in the ForeignSecurityPricipals like you stated and deleted.  I also found a broken SID in the OU=Properties,OU=Global,CN=ExternalGatewayAccessUsers.

Once I deleted the users from both spots I was able to get the admin console to display properly.

AlexYB
Contributor
Contributor
Jump to solution

Hello. Could anybody give a sample of relevant transcoding tool which converts ID to SID?

Reply
0 Kudos
Chenddd
Contributor
Contributor
Jump to solution

Hello,you can try this website

https://www.cmd5.com/

 
Reply
0 Kudos
hellraiser
Enthusiast
Enthusiast
Jump to solution

Hi,

 

The link for the transcoder below doesn't work in that I enter the ID and it comes back "invalid input". Is there any other way of converting the ID to SID?


JD

JD
Reply
0 Kudos
Chenddd
Contributor
Contributor
Jump to solution

You can give me your ID and I will try the conversion for you

Reply
0 Kudos
sulmazk
Contributor
Contributor
Jump to solution

Dear Sir/Madam
we are looking for SID from EntityID would you please convert it for us?
Uy0xLTUtMjEtMzEzMjEzMTYyLTE2NzM2NzY4NDQtMjE1NDE2OTU0OS0zMzg4OQ

Reply
0 Kudos
Chenddd
Contributor
Contributor
Jump to solution

S-1-5-21-313213162-1673676844-2154169549-33889

Reply
0 Kudos
sulmazk
Contributor
Contributor
Jump to solution

Thanks .

Sorry We have The same Problem in other VDI, would you please convert it for us?

Uy0xLTUtMjEtMjg4MjM4OTkwMi0zNjg0MzAzMDE0LTQwNDEyOTg0OTQtOTEzODg

Reply
0 Kudos
Chenddd
Contributor
Contributor
Jump to solution

S-1-5-21-2882389902-3684303014-4041298494-91388

Reply
0 Kudos
sulmazk
Contributor
Contributor
Jump to solution

I am So sorry, This Time I Find Other Object in My log:

Uy0xLTUtMjEtMjg4MjM4OTkwMi0zNjg0MzAzMDE0LTQwNDEyOTg0OTQtOTI1OTk

 

Reply
0 Kudos
hellraiser
Enthusiast
Enthusiast
Jump to solution

Uy0xLTUtMjEtMjg4MjM4OTkwMi0zNjg0MzAzMDE0LTQwNDEyOTg0OTQtOTI1OTk

S-1-5-21-2882389902-3684303014-4041298494-92599

 

Use this link to do the conversion:-

 

https://www.base64decode.org/

 

JD
AlexYB
Contributor
Contributor
Jump to solution

Thanks, this URL is very useful.

Reply
0 Kudos
harrymsg
Contributor
Contributor
Jump to solution

What log are you finding that entry in?   You mentioned, "At First,I see "id = UserOrGroup/Uy0xLTUtMjEtMzg5NDk2NzgyMy0xNzUxNDI3MDA5LTI3NDI0NjQ5NzYtMTc2OA" in your log."

 

Reply
0 Kudos