VMware Horizon Community
HugsterOne
Contributor
Contributor
‎07-26-2016 10:05 AM
Jump to solution

Horizon View 7 and RSA - C:\Windows\system32\securid (The system cannot find the file specified)

Hi

I try to setup RSA Authenticaton with our Horizon 7 View Connection Server.

(Our old View Infrastruktur (5.1) works great with the rsa authentication manager.)

I setup the Authentication Agent on the RSA Appliance.

Upload the sdconf.rec File in View Administrator.

Now I try to Login. So what I read is, the NodeSecret file should be automatic generated.

But that doesnt work on my System (Windows Server 2012 R2; VMware Connection Server 7.0.1; RSA Authentication Manager 8.0)

So when I look in the the rsa_api_debug.log file, I get this lines:

[2016-07-26 18:36:00,409] ajp-nio-8009-exec-7 - RSA Authentication API started.

[2016-07-26 18:36:00,437] ajp-nio-8009-exec-7 - ReadReamlStatus[Servers= AcmServerInfo[ serverAddress = x.x.x.x addressStatus = 12 serverStatus = 1 aliases =  aliasOptions = 0 consecutiveSuspensions = 0 averageNetTurnaround = 0 worstNetTurnaround = 0 lastTimeUsed = 0 runPriority = 10 sdoptsPriority = 0 suspendTime = 0]

Static Priority=0 ClientIP=null]

[2016-07-26 18:36:00,438] ajp-nio-8009-exec-7 - PriorityList[size1]

[2016-07-26 18:36:00,439] ajp-nio-8009-exec-7 - PriorityList[size1]

[2016-07-26 18:36:00,439] ajp-nio-8009-exec-7 - SetPriorityByPerformance selectable:PriorityList[size=1Totalweight=10currentTotalWeight1currentIndex0 server=0 current weight=1(priority=10)]

[2016-07-26 18:36:00,439] ajp-nio-8009-exec-7 - SetPriorityByPerformance emergency:PriorityList[size=0Totalweight=0currentTotalWeight0currentIndex0]

[2016-07-26 18:36:00,441] ajp-nio-8009-exec-7 - Write ReamlStatus[Servers= AcmServerInfo[ serverAddress = x.x.x.x addressStatus = 12 serverStatus = 1 aliases =  aliasOptions = 0 consecutiveSuspensions = 0 averageNetTurnaround = 0 worstNetTurnaround = 0 lastTimeUsed = 0 runPriority = 10 sdoptsPriority = 0 suspendTime = 0]

Static Priority=0 ClientIP=null]

[2016-07-26 18:36:00,444] ajp-nio-8009-exec-7 - ACEServerDataObject.getData error: C:\Windows\system32\securid (The system cannot find the file specified)

[2016-07-26 18:36:00,444] ajp-nio-8009-exec-7 - Can't get nodeSecret

[2016-07-26 18:36:00,454] ajp-nio-8009-exec-7 - server selected from selectable is : 0 Selectable=PriorityList[size=1Totalweight=10currentTotalWeight1currentIndex0 server=0 current weight=1(priority=10)]

EmergencyPriorityList[size=0Totalweight=0currentTotalWeight0currentIndex0]

[2016-07-26 18:36:00,475] ajp-nio-8009-exec-7 - Error creating AceLockRequest: com.rsa.ace.techservice.udpserver.AUTHa7: Packet exception:Exception building Lock: no nodesecret

[2016-07-26 18:36:00,475] ajp-nio-8009-exec-7 - Can't lock because of no node secret

[2016-07-26 18:36:00,482] ajp-nio-8009-exec-7 - server selected from selectable is : 0 Selectable=PriorityList[size=1Totalweight=10currentTotalWeight1currentIndex0 server=0 current weight=1(priority=10)]

EmergencyPriorityList[size=0Totalweight=0currentTotalWeight0currentIndex0]

[2016-07-26 18:36:02,507] ajp-nio-8009-exec-7 - Authenticaton failed for xxx !

Any ideas why the securid file is not created?



Thx

Dom

0 Kudos
1 Solution

Accepted Solutions
HugsterOne
Contributor
Contributor
‎07-28-2016 08:39 AM
Jump to solution

Hi Mark

Thank you for your hint.

There was a problem with the firewall configuration.

I have to disable the Network Address Translation (NAT) between RSA and VMware Net.

Now the Node Secret is generated and the Login with RSA works Smiley Happy

Dom

View solution in original post

0 Kudos
2 Replies
markbenson
VMware Employee
VMware Employee
‎07-27-2016 12:48 PM
Jump to solution

Hi Dom,

Node Secret gets automatically generated as part of the initial successful handshake between Connection Server and your RSA Authentication Manager server. The fact that the Node Secret is not getting created on Connection Server will probably be because this handshake failed.

Double check your settings in RSA Authentication Manager server. Make sure you've added the new Authentication Agent for this Connection Server. If it all looks OK, then do a "Clear Node Secret" operation on RSA Authentication Manager and see if that helps.

Mark

0 Kudos
HugsterOne
Contributor
Contributor
‎07-28-2016 08:39 AM
Jump to solution

Hi Mark

Thank you for your hint.

There was a problem with the firewall configuration.

I have to disable the Network Address Translation (NAT) between RSA and VMware Net.

Now the Node Secret is generated and the Login with RSA works Smiley Happy

Dom

0 Kudos