We recently implemented MFA in UAG via SAML authentication with Azure AD.
We have two UAG3.8 servers set up. We are using round robin DNS.
Randomly, we get an 'access denied' error from the horizon client when trying to connect remotely.
'Access denied' Steps
1. Launch VMware horizon Client
2. Login with credentials in client.
3. Web browser opens, prompting to open VMware Horizon 32 bit client. User clicks open.
4. Access denied error occurs
We have tried connecting to each UAG to see if one UAG is having an issue, but the behavior randomly occurs on each UAG.
When it works, step 4 does not occur. The user is prompted again for credentials, then presented with their desktop options. the problem has not occurred prior to implementing MFA.
Issue has occurred don Horizon client 5.4.2 and 5.4.3
VMware horizon view version 7.11
An SR has been created for this, but wanted to see if anyone else has run into this problem.
Are you sure you don't have any issue with your load balancer between UAG and Horizon (sessions persistance) or in front of UAG ?
Did you check logs in your Connection servers ?
Did someone manage to find solution?
I am in this exact same situation of random "Access Denied" by Horizon Client only. The HTML connection doesn't give this issue.
I have both UAG's at 3.10 along with Horizon 7.13. Tried with client 2006 and 2012.
What did VMware conclude in their SR?