Anto1le's Posts

Condition Set on HKCU\Volatile Environment\ViewClient_ for logon customization failing

by Contributor in Dynamic Environment Manager
‎08-29-2023 12:39 AM
‎08-29-2023 12:39 AM
Hello Guys, I am looking for feedbacks on a login customization I am unable to make work My goal is to adapt Virtual Desktop Smart Policies (Enable/Disable clipboard, redirection, etc.) and configu... See more...
Hello Guys, I am looking for feedbacks on a login customization I am unable to make work My goal is to adapt Virtual Desktop Smart Policies (Enable/Disable clipboard, redirection, etc.) and configuration depending on the client workstation at the logon : corporate workstation or non-corporate/untrust workstation. To do that I have been using : A DEM Condition Set based on a registry key value LoggedOn FQDN that should meet our corporate FQDN retrieved from the client :  HKEY_CURRENT_USER\Volatile Environment\ViewClient_LoggedOn_FQDN is equal to ‘myCoporateFQDNValue’ DEM User Environment configurations for both Corporate and Non-Corporate Workstation that are performed if Condition Set Matches or if it’s Not Matches : Horizon Smart Policies, Triggered Tasks : User Environment refresh and show message at session reconnect, Create Shortcuts on Desktop Unfortunately, it looks like the DEM User Environment configurations are always triggered before the Volatile Environment registry keys is updated with the client info. This results to the condition set that can never matches with the corporate FQDN/condition when a corporate machine connect, and the non-corporate configuration always apply. I am running Horizon 2212 and I have seen the version 2306 is getting a new Schedule trigger that could probably help. Would you see any idea alternate solution on how to achieve my goal ? Many thanks, Antoine

Re: Horizon 8.4 - Authenthication failed from Horizon client

by Contributor in Horizon Desktops and Apps
‎03-09-2023 01:46 AM
‎03-09-2023 01:46 AM
Hello, VMware Support were able to find the root cause of the problem : time difference between the Connection Server / Domain and the Horizon Clients / Universal Clock were exceeding a 15s threshol... See more...
Hello, VMware Support were able to find the root cause of the problem : time difference between the Connection Server / Domain and the Horizon Clients / Universal Clock were exceeding a 15s threshold and was causing the SAML authentication to failed We had a NTP misconfiguration on our PDC that was causing domain members, including Horizon Connection Server to be 30s in advanced from the universal clock. The related errors found on the Connection Server was : 2023-03-03T10:18:03.697Z ERROR (14AC-21D8) <ajp-nio-127.0.0.1-8009-exec-10> [SamlAuthFilter] (SESSION:3677_***_cee0) Problem determining assertion from SAML Auth: Assertion _afd5918839f75c001ea3a81819e330c8 is not valid before 2023-03-03T10:18:20.062Z. Too early by 1365 milliseconds (including 15000 ms leeway) Fixing the NTP misconfiguration and synchronization with the Universal clock resolved the problem.

Re: Horizon 8.4 - Authenthication failed from Horizon client

by Contributor in Horizon Desktops and Apps
‎03-08-2023 03:24 AM
‎03-08-2023 03:24 AM
Hi Alex, The problem occurs on two pods on production for more than a year with the exact same "standard" design with LB, UAG, etc on which we haven't changed anything. I confirm that the locked.pr... See more...
Hi Alex, The problem occurs on two pods on production for more than a year with the exact same "standard" design with LB, UAG, etc on which we haven't changed anything. I confirm that the locked.properties is correctly set and we have tested different client version - actually the web client also facing the problem. Are you using Workspace One Access for authentication ? Because to us the problem come with Workspace One Access that we are using for MFA and SSO. Connection to horizon is working fine when we bypass WS1. We expect a feedback on log analysis I will share the result as soon as I have it.  

Re: Horizon 8.4 - Authenthication failed from Horizon client

by Contributor in Horizon Desktops and Apps
‎03-07-2023 09:10 AM
‎03-07-2023 09:10 AM
Hello Guys, We are also facing this problem. it begun last week with only horizon client and then now web client is also impacted.  We are connecting to horizon from workspace one access OS affect... See more...
Hello Guys, We are also facing this problem. it begun last week with only horizon client and then now web client is also impacted.  We are connecting to horizon from workspace one access OS affected is win10 with Feb Updates,  any kind of browser chromium based or Firefox. we also try different client version. It looks like the saml artifact and connection info cannot be forwarded anymore from Workspace One Access web page to the horizon client/web client despite updating site permission settings in the web browser. I thought it was related to Computer Corporate security policies being pushed but connection from personal computer are also affected now. We have a SR open with the support. I will let you know if we have a resolution If any of you have idea to share or some info about the KB mentioned in the earlier post feel free to share Many thanks, Antoine

Re: CLI for OSOT Update Image

by Contributor in Horizon Desktops and Apps
‎01-17-2023 07:05 AM
1 Kudo
‎01-17-2023 07:05 AM
1 Kudo
I was thinking that this command part of the optimization -o was just disabling the service but it does actually the whole set of actions mentioned above.  This could be verified with the OSOT Logs ... See more...
I was thinking that this command part of the optimization -o was just disabling the service but it does actually the whole set of actions mentioned above.  This could be verified with the OSOT Logs available under C:\ProgramData\VMware\VMware Horizon OS Optimization Tool\Log ==> VMwareOSOptimizationTool.exe -o -windowsupdate [enable | disable] than a reboot to get the new configuration applied Thanks @mrkasius  for pointing that out.

Re: CLI for OSOT Update Image

by Contributor in Horizon Desktops and Apps
‎01-17-2023 12:39 AM
‎01-17-2023 12:39 AM
Yes, I am using the last release of the tool from my products portal section but unfortunately this version doesn't include CLI for managing Update actions. ...maybe in the next release.

Re: CLI for OSOT Update Image

by Contributor in Horizon Desktops and Apps
‎01-16-2023 11:55 PM
‎01-16-2023 11:55 PM
Unfortunately no information were found under the Techzone article and the flings is no longuer beeing updated.  However I did found an old answer from Graeme Gordon on the fling after a new search ... See more...
Unfortunately no information were found under the Techzone article and the flings is no longuer beeing updated.  However I did found an old answer from Graeme Gordon on the fling after a new search try: Comments | VMware Flings 1. Export registry key - HKLM/Software/Policies/Microsoft/Windows/WindowsUpdate 2. Delete registry key - HKLM/Software/Policies/Microsoft/Windows/WindowsUpdate 3. Set Windows Update service to manual 4. Run ‘gpupdate’ 5. Run ‘usoclient StartScan’ 6. Import the exported registry key 7. Disable the service - If it was previously disabled 8. Run NGEN - If .NET Framework updated (ngen executequeueditems) 9. Run DISM (optional) - dism /online /cleanup-image /startcomponentcleanup /resetbase I will restart from here, Thanks for your help

CLI for OSOT Update Image

by Contributor in Horizon Desktops and Apps
‎01-16-2023 09:49 AM
‎01-16-2023 09:49 AM
OSOT Update Image actions: "Enable Windows Update", "Run Windows Update", "Restore to Original Settings" are only available through the GUI and I am struggling to integrate those actions in my day-2 ... See more...
OSOT Update Image actions: "Enable Windows Update", "Run Windows Update", "Restore to Original Settings" are only available through the GUI and I am struggling to integrate those actions in my day-2 gold image update automatic process. Do you guys have some info to share about what are the commands behind "Changes the required registry values, local group policy and enables the required services"