Re: Connection server console message shows "DETEC... - Page 3

CTRIM · ‎03-22-2023

We recently updated to Horizon 8. Since then, we are seeing multiple console errors...

Connection server console message shows "DETECTED UNRECOGNIZED REQUESTS"

UAG shows "BROKER DETECTED UNRECOGNIZED SESSIONS"

Has anyone seen these and or come up with a resolution? I cannot find any mention on the net or in kbs.

Edit 07-10-23 We are using F5 load balancer.

kendalgoodrich · ‎12-08-2023

Sorry it's taken so long to update this post, but I was finally able to install the 2306 update and the patch they sent me. Come to find out that alone did not fix the issue. There was one more step, a modification to the ADAM database. Since the upgrade/patch/ADAM mod..... I don't seem to be getting the warnings for the connection servers..... although I am still receiving them for the UAGs. To my understanding I need to update them to 2306 as well then reach out for a modification that needs to happen on them similar to the ADAM mod. I'm kind of wondering if the ADAM modification will work WITHOUT the patch..... I will update when I am able to proceed with the UAG upgrades.

VMHero4Ever · ‎12-08-2023

Hi,

I find a simple way how to disable this message for the UAGs.

Download existing UAG config JSON from admin UI
Search for key 'unrecognizedSessionsMonitoringEnabled' in JSON
The current value in JSON will be true. Change this to false
Save JSON
Import the modified JSON to UAG

This work for me with UAG 23.03.

Arnaud_Lebret · ‎12-14-2023

Hi,

thanks for sharing this kendalgoodrich, i added the modification in the ADAM database yesterday afternoon, no more "DETECTED UNRECOGNIZED REQUESTS" messages for the connections servers.
Horizon 2309 install, without any patch, it works !

I will try the solution for UAG asap(thanks VMHero4Ever), hope to see Horizon console System Health with 0 issues, almost a year with this error messages, after upgrading to 2212.

Patrick4 · ‎01-04-2024

Hi ,

do you need to do the modification on all connection servers ? or the database will replicate itself ?

Thank you

MP-CAE · ‎01-04-2024

Hey @Arnaud_Lebret,

Do you happen to have the exact modification you made in the ADAM database? I'd like to try it out and see for myself how it works in our infra with no UAGS - just Connection Servers.

Any details, sources or reference links would be appreciated.

Thanks!

Arnaud_Lebret · ‎01-09-2024

Hi @MP-CAE,

you just have to add enable-xml-api-warning=0 in the attribute "pae-NameValuePair". You can edit this attribute in OU=Properties > OU=Global > CN=Common or CN=Common Properties

Then search for pae-NameValuePair and click modify to add the value :

That's all, add only on one connection server @Patrick4, for your question), wait a little time for replication, and no more error messages.

MP-CAE · ‎01-09-2024

Merci @Arnaud_Lebret - much appreciated!

I'll give that a try and see how things go.

UPDATE:
I made the "enable-xml-api-warning=0" update to my Connection Servers (running 8.8.0 - 21073894 (2212)) and let it sit for a few days and nada - I still have the same issue unfortunately.

chriskoch99 · ‎01-16-2024

@TimUFHJ what was the result? Did 2212.2 resolve the issue?

Arnaud_Lebret · ‎01-17-2024

Hi @MP-CAE,

I think you need to update your Connection Servers at least to version 2306 for this to work.

MP-CAE · ‎01-17-2024

Hey @Arnaud_Lebret - thanks for the tip there too! Ok I'll add the upgrade to the mix soon and see how that fares. May take me a bit since it's a prod infra but I'll let folks know how that works over here.

As always much appreciated!

SchwarzC · ‎02-08-2024

Did the upgrade to 2212.2 - still the same messages

dragans2 · ‎02-20-2024

I have updated to version 2312, and still the same messages.

dbaker999 · ‎02-27-2024

We have the same problem for a customer environment:

Patched customer from 2206 to 2303, UAGs to 2303.1.

F5 load balancers in front of internal and external UAGs.

To give some context, we spent 3 months working with GSS to try and disable the feature. The customer didn't want to see warnings (regardless of if they were false positives) when they were testing connectivity and failing over their UAG's manually. Under normal working conditions I would expect the Source-IP persistency on the load balancer to prevent a user from reconnecting to an existing session via a UAG that had a stale session cookie (obviously this implies that at some point they had logged on via a diffferent UAG, but in normal working scenarios a user should connect via one UAG, then be re-directed via that UAG if they disconnect/reconnect - right?). After we finished patching the estate, they manually disable each UAG in the load balancer to test connectivity and that both UAGs work as expected, which is understandable. In doing so, they reconnect via existing session cookies which, of course, generates the warnings. This alarms them, and they requested the feature be removed.

GSS issued a hot fix to us + LDAP enable-xml-api-warnings=0 + "UnrecognizedSessionsMonitor" value = false on UAG config. No joy. The hotfix didn't install, broke global replication and caused more problems than expected.

As it stands, we are looking to either patch them to a later version of Horizon where this feature is not present, or change their internal testing processes to try and reduce the change of these warnings appearing. I'd be keen to know if, based on my comments above, source IP persistency should prevent these warnings from occuring (assuming the LB is configured correctly...).

What version of Horizon is this feature actually disabled or doesn't generate false positives?

TimUFHJ · ‎04-10-2024

My apologies for never responding when I was asked if 2212.2 fixed this. No it did not fix it for me.

Just been dealing with these alerts.

I have my Production system on 2212.2 now, which will allow me to play around on my Test environment and try all kinds of things, including upgrading to 2312 ESB.

My UAGs are 21.11.2, and do not have the key 'unrecognizedSessionsMonitoringEnabled' in JSON, that @VMHero4Ever posted about.
I did add the add enable-xml-api-warning=0 in the attribute, that @Arnaud_Lebret posted about. Just waiting around to see if it works for me, but not holding my breath.

TimUFHJ · ‎04-12-2024

It has only been one day, but WOW! night and day difference for those "DETECTED UNRECOGNIZED REQUESTS".

They have all just stopped. Hopefully I'm not angering the IT Gods by saying its fixed.

Here is my setup and how I seemed to have resolved it:
Netscaler for external VIP > 2 UAGs on version 21.11.2 > Netscaler for Internal VIP > 4 Connection Servers on version 2212.2

My UAGs do not have the key 'unrecognizedSessionsMonitoringEnabled' in JSON, that @VMHero4Ever posted about.

I added the "enable-xml-api-warning=0" in the attribute, that @Arnaud_Lebret posted about.

I adjusted the Global Settings > General Settings > "Other Client" settings; set the following for: Discard SSO Credentials - After 1 minutes.
(not 100% sure this is needed).

All of my errors/warnings for "DETECTED UNRECOGNIZED REQUESTS" have completely stopped. I have tried to switch local machines and steal my session, many times. I have tried to disconnect and almost immediately reconnect to the session multiple times. These errors/warning have not come back.

I hope my info is helpful to others.

NelsonCandela · ‎04-17-2024

@TimUFHJ is this still the case that you're not seeing any of these alerts?

We're still on 2306, shortly before updating to 2312.2, but these messages make a mess out of the System Health pane in Horizon Console. We have more and more users connecting to and using this system, but they're plagued by random timeouts as well when trying to log on for the first time (intial loading of the page, entering user data and - bam - it brings up an timeout error message even if they've just loaded the page. Re-entering credentials will almost certainly work 100 %. I believe this is the moment when the Error shows up in HC).

dbaker999 · ‎04-17-2024

Thought I'd throw in my findings to the mix:

We worked with GSS for a number of months applying the AD LDS change (on CS) and UAG config change to disable the Unrecognized Sessions warnings. In the end, they stated the CS AD LDS fix will only work in v2312 (v2312 contains a hotfix built into the .exe installer as well as the base installation code). Said hotfix can be applied to earlier Horizon versions, but it seems to have mixed results as to when it works (and it also broke our 2206/2303 builds when applied).

GSS stated the UAG fix will be working in v2403 (not yet released). So from my experience, it is possible to disable the warnings sourcing from CS, but the UAG fix is temperamental. Both warning sources can be removed in v2403 of Horizon.

I believe TimUFHG's findings are also true - if the user's SSO credentials are discarded much quicker than the default 15 minute period, then and set to say, 1 minute - then a user should be able to log in via UAG01, disconnect, wait 1 minute, then log in via UAG02 and not see any warnings in the CS console.

Stanford54 · ‎04-17-2024

Look for more detailed information in your server logs. Check system logs, web server logs (such as Apache or Nginx logs), and application logs (if applicable) to see if there are any accompanying messages or entries related to the unrecognized requests. These logs may provide more context about the nature of the requests and where they are coming from.

NelsonCandela · ‎04-17-2024

@Stanford54 wrote:
Look for more detailed information in your server logs. Check system logs, web server logs (such as Apache or Nginx logs), and application logs (if applicable) to see if there are any accompanying messages or entries related to the unrecognized requests. These logs may provide more context about the nature of the requests and where they are coming from.

Is this a general recommendation or are you going somewhere with this? Could you possibly be more specific?

I'd assume (at least that's why I did) that most people here in this thread have already checked their logs, but seeing these results popping up in HC but not in any log files bring you only so far.