VMware Horizon Community
john_lozon
Contributor
Contributor

VMware Horizon Client 'Login as current user' Not Working After Reimaging Workstation

Hello,

I'm running VMware Horizon Client ver 3.1.0 on Windows 7 Enterprise x64 on an AD domain. When I install the software on a new computer, the 'Login as current user' is working correctly and all is right in the world. However, if I reimage a workstation and add it to the domain using the same computer name (even when I delete the computer object out of AD first), the 'Login as current user' functionality does not work and instead I receive error message 'The Connection Server authentication failed to log in as current user'. If I deselect 'Login as current user', I am able to manually enter the credentials that I am logged on with at the prompt and it works correctly. Does anyone have any ideas why the functionality isn't working on reimaged machines?

Here is the Windows Security Event Viewer entry showing the failure when I try to connect using 'Login as current user'

An account failed to log on.

Subject:

  Security ID: NULL SID

  Account Name: -

  Account Domain: -

  Logon ID: 0x0

Logon Type: 3

Account For Which Logon Failed:

  Security ID: NULL SID

  Account Name:

  Account Domain:

Failure Information:

  Failure Reason: An Error occured during Logon.

  Status: 0xc000006a

  Sub Status: 0x0

Process Information:

  Caller Process ID: 0x0

  Caller Process Name: -

Network Information:

  Workstation Name: -

  Source Network Address: -

  Source Port: -

Detailed Authentication Information:

  Logon Process: Kerberos

  Authentication Package: Kerberos

  Transited Services: -

  Package Name (NTLM only): -

  Key Length: 0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.

  - Transited services indicate which intermediate services have participated in this logon request.

  - Package name indicates which sub-protocol was used among the NTLM protocols.

  - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

And here is the VMware log during a failed login attempt (username and VDI server name removed for security)

2015-03-04 11:59:42.515+-5:00 INFO (0784) [libcdk] Log for vmware-view.exe pid=2148 version=3.1.0-2085634

2015-03-04 11:59:42.515+-5:00 INFO (0784) [WinCDK] OpenLog : Log for VMware Horizon Client, version=3.1.0 build-2085634.

2015-03-04 11:59:42.520+-5:00 ERROR (0784) [WinCDK] RebrandingPref::LoadCertFile : Failed create new BIO from cert file: C:\Program Files (x86)\VMware\VMware Horizon View Client\rc\rebranding\vendor.crt.

2015-03-04 11:59:42.520+-5:00 ERROR (0784) [WinCDK] RebrandingPref::VerifyCert : Invalid parameter.

2015-03-04 11:59:42.520+-5:00 ERROR (0784) [WinCDK] RebrandingPref::CheckRebranding : Failed to verify cert.

2015-03-04 11:59:42.520+-5:00 INFO (0784) [WinCDK] utils::GetCurrentLangId : Language id '0x0409' used by the OS.

2015-03-04 11:59:42.520+-5:00 INFO (0784) [libcdk] Using the WSAPoll() API Implementation for polling sockets.

2015-03-04 11:59:42.525+-5:00 INFO (0784) [libcdk] Using libcurl/7.32.0 OpenSSL/1.0.1h zlib/1.2.3 c-ares/1.9.1

2015-03-04 11:59:42.525+-5:00 INFO (0784) [libcdk] Set local language as en-us.

2015-03-04 11:59:42.600+-5:00 INFO (0784) [libcdk] Icon cache root dir will be:C:\Users\[UsernameRemoved]\AppData\Roaming\VMware\VMware Horizon View Client\Icon Cache\.

2015-03-04 11:59:42.635+-5:00 INFO (0784) [WinCDK] SmallWindow::OnInitDialog : [User] Enter SmallWindow.

2015-03-04 11:59:42.680+-5:00 INFO (0784) [WinCDK] SmallWindow::OnInitDialog : [User] Exit  SmallWindow.

2015-03-04 11:59:42.703+-5:00 INFO (0784) [WinCDK] AppWindow::EnterWindowState : Valid transition from state 'Uninitialized' to state 'Disconnected'.

2015-03-04 11:59:42.723+-5:00 INFO (0784) [WinCDK] NotificationAreaManager::ShowIcon : Create notify icon in the notification area succeed.

2015-03-04 11:59:42.723+-5:00 INFO (0784) [WinCDK] NotificationAreaManager::ShowIcon : Set version for the notify icon succeed.

2015-03-04 11:59:42.733+-5:00 INFO (0784) [WinCDK] ImageItem::OnPaint : Current system's BITSPIXEL: 32.

2015-03-04 11:59:43.705+-5:00 INFO (0784) [WinCDK] BrokerItem::Connect : [User] Enter ConnectToServer:[VDI Server Name Removed Here]

2015-03-04 11:59:43.705+-5:00 INFO (0784) [WinCDK] Services::LogOffServer : [User] Enter Services::LogOffServer.

2015-03-04 11:59:43.705+-5:00 INFO (0784) [WinCDK] Services::LogOffServer : [User] Exit  Services::LogOffServer.

2015-03-04 11:59:43.710+-5:00 INFO (0784) [WinCDK] AppWindow::EnterWindowState : Valid transition from state 'Disconnected' to state 'Connecting'.

2015-03-04 11:59:43.805+-5:00 INFO (0784) [WinCDK] BrokerItem::Connect : [User] Exit  ConnectToServer:[VDI Server Name Removed Here]

2015-03-04 11:59:43.805+-5:00 INFO (0784) [libcdk] TaskCombiner: CdkGetLaunchItemsTask(TODO) added, group task num:1, total task num:1.

2015-03-04 11:59:43.805+-5:00 INFO (0784) [libcdk] TaskCombiner: CdkGetUserGlobalPreferencesTask(TODO) added, group task num:2, total task num:2.

2015-03-04 11:59:43.855+-5:00 DEBUG (0784) [(null)] CdkProxy_GetProxyForUrl: Got the proxy and return to main message loop.

2015-03-04 11:59:43.855+-5:00 INFO (0784) [libcdk] TaskCombiner: CdkGetTunnelConnectionTask(TODO) added, group task num:3, total task num:3.

2015-03-04 11:59:43.855+-5:00 INFO (0784) [libcdk] TaskCombiner: Group Tasks(3):CdkGetLaunchItemsTask(TODO),CdkGetUserGlobalPreferencesTask(TODO),CdkGetTunnelConnectionTask(TODO),

2015-03-04 11:59:43.855+-5:00 INFO (0784) [libcdk] TaskCombiner: CdkGetConfigurationTask(TODO) added, group task num:1, total task num:4.

2015-03-04 11:59:43.855+-5:00 INFO (0784) [libcdk] TaskCombiner: CdkSetLocaleTask(TODO) added, group task num:2, total task num:5.

2015-03-04 11:59:43.855+-5:00 INFO (0784) [libcdk] TaskCombiner: Group Tasks(2):CdkGetConfigurationTask(TODO),CdkSetLocaleTask(TODO),

2015-03-04 11:59:43.855+-5:00 INFO (0784) [libcdk] TaskCombiner: CreateRequest for CdkSetLocaleTask(REDY).

2015-03-04 11:59:43.860+-5:00 INFO (0784) [libcdk] Send request successful: 0311B220

2015-03-04 11:59:43.913+-5:00 INFO (0784) [libcdk] Verify server's certificate for Request 03137610

2015-03-04 11:59:43.913+-5:00 INFO (0784) [libcdk] Find rpc request 03137610 from list

2015-03-04 11:59:43.960+-5:00 INFO (0784) [libcdk] Alt name 0 matches hostname [VDI Server Name Removed Here]

2015-03-04 11:59:43.960+-5:00 INFO (0784) [libcdk] Found a valid EKU: TLS Web Server Authentication

2015-03-04 11:59:44.625+-5:00 INFO (0784) [libcdk] Got a response to request 1.

2015-03-04 11:59:44.625+-5:00 INFO (0784) [libcdk] TaskCombiner: ParseResult for CdkSetLocaleTask(PEND).

2015-03-04 11:59:44.625+-5:00 INFO (0784) [libcdk] TaskCombiner: CdkSetLocaleTask(DONE) removed, group task num:1, total task num:4.

2015-03-04 11:59:44.625+-5:00 INFO (0784) [libcdk] TaskCombiner: SetResult for CdkSetLocaleTask(DONE).

2015-03-04 11:59:44.628+-5:00 INFO (0784) [libcdk] Alt name 0 matches hostname [VDI Server Name Removed Here]

2015-03-04 11:59:44.628+-5:00 INFO (0784) [libcdk] Found a valid EKU: TLS Web Server Authentication

2015-03-04 11:59:44.628+-5:00 INFO (0784) [WinCDK] Services::AuthInfoLoadCallback : Unhandled_Type Callback: Entry.

2015-03-04 11:59:44.628+-5:00 INFO (0784) [WinCDK] Services::AuthInfoLoadCallback : Unhandled_Type Callback: Exit.

2015-03-04 11:59:44.628+-5:00 INFO (0784) [WinCDK] Services::AuthInfoCallback : Unhandled_Type Callback: Entry.

2015-03-04 11:59:44.630+-5:00 INFO (0784) [WinCDK] Services::AuthInfoCallback : Unhandled_Type Callback: Exit.

2015-03-04 11:59:44.630+-5:00 INFO (0784) [libcdk] TaskCombiner: CdkGetConfigurationTask(DONE) removed, group task num:0, total task num:3.

2015-03-04 11:59:44.630+-5:00 INFO (0784) [libcdk] TaskCombiner: SetResult for CdkGetConfigurationTask(DONE).

2015-03-04 11:59:44.640+-5:00 INFO (0784) [libcdk] Send request successful: 0311BCE8

2015-03-04 11:59:45.123+-5:00 INFO (0784) [libcdk] Got a response to request 2.

2015-03-04 11:59:45.123+-5:00 INFO (0784) [WinCDK] Services::TaskDoneCallback : CdkSubmitGssapiTask Callback: Entry.

2015-03-04 11:59:45.123+-5:00 INFO (0784) [WinCDK] Services::TaskDoneCallback : CdkSubmitGssapiTask Callback: Exit.

2015-03-04 11:59:45.133+-5:00 INFO (0784) [libcdk] Send request successful: 0311BCE8

2015-03-04 11:59:45.743+-5:00 INFO (0784) [libcdk] Got a response to request 3.

2015-03-04 11:59:45.743+-5:00 INFO (0784) [WinCDK] Services::AuthInfoLoadCallback : Unhandled_Type Callback: Entry.

2015-03-04 11:59:45.743+-5:00 INFO (0784) [WinCDK] Services::AuthInfoLoadCallback : Unhandled_Type Callback: Exit.

2015-03-04 11:59:45.743+-5:00 INFO (0784) [WinCDK] Services::AuthInfoCallback : Unhandled_Type Callback: Entry.

2015-03-04 11:59:45.743+-5:00 INFO (0784) [WinCDK] Services::AuthInfoCallback : Unhandled_Type Callback: Exit.

2015-03-04 11:59:45.748+-5:00 ERROR (0784) [WinCDK] BaseAppWindow::OnAuthInfoChanged : GSSAPI ProcessServerContext FAILED.

Thanks in advance for any advice!

Reply
0 Kudos
9 Replies
john_lozon
Contributor
Contributor

The plot thickens - the problem appears to be self-correcting. After anywhere from 2 hours to 8 hours, the 'Login as current user' functionality begins to work. I've verified this multiple times over the past 5 days. Another very interesting note, it doesn't matter if the computer is on or not while this amount of time passes. I was able to reimage a machine and saw the problem, and then powered the machine off overnight, and when I booted it up the next day the 'Login as current user' was working. Very strange.

I'm guessing the issue is somewhere within AD, but it still doesn't make sense to me why dropping from the domain and re-joining it wouldn't fix it if it was a domain trust problem, or a problem with the computer object. It appears that only time will fix it for now. So at least I have a workaround, but I'm open to suggestions if anyone has any input! Thanks!

Reply
0 Kudos
kgsivan
VMware Employee
VMware Employee

After re imaging, does it miss any windows updates ?

I guess After re-imaging, windows updates will run in the background to fix certificate vulnerabilities and hot patches.

Reply
0 Kudos
john_lozon
Contributor
Contributor

Good suggestion, but I've got all the the updates installed on the reference image (using SCCM offline servicing). Also as I mentioned in the second post, the problem fixes itself even when the machine is off over night.

Reply
0 Kudos
JackMac4
Enthusiast
Enthusiast

Have you tried uninstalling and reinstalling the client, followed by a reboot so that it can reset its hooks to the authentication?

---- Jack McMichael | Sr. Systems Engineer VMware End User Computing Contact me on Twitter @jackwmc4
Reply
0 Kudos
Dar88
Enthusiast
Enthusiast

did you find out why this happening ?  also do you have any work around ?

Reply
0 Kudos
john_lozon
Contributor
Contributor

Unfortunately I was unable to get to the bottom of why this is happening, and the only 'workaround' I have (if you can call it a workaround) is to wait the unspecified amount of time for it to fix itself before I deploy the workstation to the end-user. In my testing this could be a matter of hours, or potentially overnight, and does not require the effected workstation to be on the network (or even powered on for that matter). Luckily our desktop support technicians and incident support folks aren't reporting seeing this problem very often in the field, even though I can replicate the behavior at-will in my computer lab. I guess they aren't doing many in-place reimages, and are more likely replacing workstations with pre-imaged devices. *shrug*

Reply
0 Kudos
Dtk1
Contributor
Contributor

We had the same issue, only our workstation had not been re-imaged.  And it resolved itself by the next day.

This client was working fine with "log in as current user" selected for the last month.

Then began to get this error Message with "Log in as current user" selected.

"The Connection Server authentication failed to log in as current user"

This was the only client experiencing this problem.

Unselecting "Log in as current user", allowed the user to be prompted for credentials and successfully login using the same connection.

A day later, the "Log in as current user" feature is now working again for the client.

Client Workstation:

O/S: Windows 7 Enterprise

Level: Service Pack 1 64-bit

VMware Horizon View Client 3.0.0.1969620150313

No smartcard

Two Connection Servers, both version 6.0.0-1884746

Load balance DNS IP address to connection servers.

No Security Servers.

Servers and client in the same Active Directory Domain.

Client security event log error:

Log Name:      Security

Source:        Microsoft-Windows-Security-Auditing

Date:          4/15/2015 7:49:29 AM

Event ID:      4625

Task Category: Logon

Level:         Information

Keywords:      Audit Failure

User:          N/A

Computer:      XXXXX.xxxxx.ca

Description:

An account failed to log on.

Subject:

                Security ID:                         NULL SID

                Account Name:                 -

                Account Domain:                             -

                Logon ID:                             0x0

Logon Type:                                       3

Account For Which Logon Failed:

                Security ID:                         NULL SID

                Account Name:               

                Account Domain:                           

Failure Information:

                Failure Reason:                 An Error occured during Logon.

                Status:                                  0xc000006a

                Sub Status:                         0x0

Process Information:

                Caller Process ID:             0x0

                Caller Process Name:     -

Network Information:

                Workstation Name:        -

                Source Network Address:            -

                Source Port:                       -

Detailed Authentication Information:

                Logon Process:                  Kerberos

                Authentication Package:               Kerberos

                Transited Services:          -

                Package Name (NTLM only):       -

                Key Length:                        0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.

                - Transited services indicate which intermediate services have participated in this logon request.

                - Package name indicates which sub-protocol was used among the NTLM protocols.

                - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Reply
0 Kudos
Dtk1
Contributor
Contributor

Rebooting the workstation, did not resolve it either, it still failed after a reboot.  Only the next day it was working again.

Reply
0 Kudos
cvindel
Contributor
Contributor

Any resolution to this? I am experiencing the same issue in our environment.

Reply
0 Kudos