VMware Horizon Community
oliober
Enthusiast
Enthusiast
Jump to solution

Horizon Client 5.4 Problem with MFA and SAML2

Hi

We use 2FA with MFA on our Gateways (UAG 3.8)

Our Users cannot connect to the Horizon Server with the new Horizon Client 5.4.

The message is: Your client was not launched with valid SAML2 Credentials.

Any ideas to solve this problem?

Regards,

Oliver

saml2_failure.png

1 Solution

Accepted Solutions
jksnbco
Enthusiast
Enthusiast
Jump to solution

Client version 5.4.1 seems to have addressed the problem.

Release notes:

New in 5.4.1

- Fixes an issue that blocks connections to older versions of Unified Access Gateway. This issue is specific to Horizon Client for Windows installations that use the dual IPv4/IPv6 setting.

- Fixes an issue with SAML authentication when Workspace ONE mode is enabled on the Connection Server instance.

View solution in original post

10 Replies
kdenike
VMware Employee
VMware Employee
Jump to solution

Is the connection still working with the 5.3 client? Did you open a support ticket with VMware yet?

Reply
0 Kudos
oliober
Enthusiast
Enthusiast
Jump to solution

Yes, with Horizon Client 5.3 is it still working.

Open a ticket is probably the next step.

Reply
0 Kudos
agong
VMware Employee
VMware Employee
Jump to solution

It would be helpful if you can upload the client log bundle for analysis.

From the screenshot, looks you're using Windows client. You can find how to collect log from VMware Knowledge Base

Reply
0 Kudos
oliober
Enthusiast
Enthusiast
Jump to solution

Hi

I made another test and upgrade an existing horizon client 5.3.
After the update is it possible to connect to the connection server behind the uag with mfa configured.

When I delete the entry and try to add again, then the failure occurs.

You can find the log attached

many thanks

Oliver

Reply
0 Kudos
jmacdaddy
Enthusiast
Enthusiast
Jump to solution

Experiencing the same thing.  UAG 3.8 with Microsoft Azure MFA/SAML.  VMWare Horizon 5.4.0 Client.  Error: "Your client was not launched with valid saml credentials".  Rolled back to 5.3.0 and it connects fine.

Reply
0 Kudos
jksnbco
Enthusiast
Enthusiast
Jump to solution

I found if you had the connection set on a previous version of the client, there isn't an issue.  I had version 5.3 installed, then upgraded from within the client  The connection already existed, I did not have to ad it, and I was able to connect with no problems.

I then uninstalled the client, rebooted, and install 5.4 cleanly.  I attempted to add my connection, and received the error 'your client was not launched with valid SAML2 credentials.  Please contact your administrator'. 

I uninstalled 5.4, went back to 5.3 and it worked again.  I created case 20111517303.

Reply
0 Kudos
kdenike
VMware Employee
VMware Employee
Jump to solution

We're working on that case, we think we've narrowed it down to Workspace ONE mode. Hope to have an update soon.

jksnbco
Enthusiast
Enthusiast
Jump to solution

Thank you. If there is any log information I can provide please let me know.

Reply
0 Kudos
jksnbco
Enthusiast
Enthusiast
Jump to solution

Client version 5.4.1 seems to have addressed the problem.

Release notes:

New in 5.4.1

- Fixes an issue that blocks connections to older versions of Unified Access Gateway. This issue is specific to Horizon Client for Windows installations that use the dual IPv4/IPv6 setting.

- Fixes an issue with SAML authentication when Workspace ONE mode is enabled on the Connection Server instance.

oliober
Enthusiast
Enthusiast
Jump to solution

The Release 5.4.1 has fixed the Problem with the SAML issue.

Thanks for your help.

Regards,

Oliver

Reply
0 Kudos