Quantcast
Viewing all 5983 articles
Browse latest View live

Security Servers Crashing - Old version of View Clients Issue

We are having an issue were it seems our security servers randomly stop responding and our load balancer (F5) sends an alert out.

 

When verifying the logs we see the following:

 

2015-11-28T15:43:59.794-05:00 WARN  (0E24-05AC) <pool-1-thread-15> [PooledProcessor] Problem processing HTTP connection: Read timed out

2015-11-28T15:43:59.794-05:00 DEBUG (0E24-05AC) <pool-1-thread-15> [PooledProcessor] Problem processing HTTP connection from /74.110.122.XXX:53923: java.net.SocketTimeoutException: Read timed out

2015-11-28T15:43:59.794-05:00 WARN  (0E24-0CD8) <pool-1-thread-4> [PooledProcessor] Problem processing HTTP connection: Read timed out

2015-11-28T15:43:59.794-05:00 DEBUG (0E24-0CD8) <pool-1-thread-4> [PooledProcessor] Problem processing HTTP connection from /74.110.122.XX:53924: java.net.SocketTimeoutException: Read timed out

2015-11-28T15:43:59.810-05:00 WARN  (0E24-0EC0) <pool-1-thread-17> [PooledProcessor] Problem processing HTTP connection: Read timed out

 

or

 

2015-11-28T13:23:51.216-05:00 DEBUG (0E68-057C) <pool-1-thread-9> [PooledProcessor] Problem processing HTTP connection from /68.10.113.xx:54527: java.net.SocketTimeoutException: Read timed out

2015-11-28T13:23:51.216-05:00 WARN  (0E68-0CD4) <pool-1-thread-1> [PooledProcessor] Problem processing HTTP connection: Read timed out

2015-11-28T13:23:51.216-05:00 WARN  (0E68-05A0) <pool-1-thread-6> [PooledProcessor] Problem processing HTTP connection: Read timed out

2015-11-28T13:23:51.216-05:00 DEBUG (0E68-0CD4) <pool-1-thread-1> [PooledProcessor] Problem processing HTTP connection from /68.10.113.xx:54525: java.net.SocketTimeoutException: Read timed out

2015-11-28T13:23:51.216-05:00 DEBUG (0E68-05A0) <pool-1-thread-6> [PooledProcessor] Problem processing HTTP connection from /68.10.113.xx:54533: java.net.SocketTimeoutException: Read timed out

2015-11-28T13:23:51.232-05:00 DEBUG (0E68-0338) <pool-1-thread-11> [PooledProcessor] SSL handshake exception for /167.114.229.xx:32937, error was: no cipher suites in common

2015-11-28T13:23:51.232-05:00 DEBUG (0E68-0338) <pool-1-thread-11> [PooledProcessor] SSL handshake exception for /167.114.229.xx:32927, error was: no cipher suites in common

2015-11-28T13:23:51.232-05:00 DEBUG (0E68-0F00) <pool-1-thread-17> [PooledProcessor] SSL handshake exception for /167.114.229.xx:56650, error was: Remote host closed connection during handshake

2015-11-28T13:23:51.232-05:00 DEBUG (0E68-0338) <pool-1-thread-11> [PooledProcessor] SSL handshake exception for /167.114.229.xx:32943, error was: Remote host closed connection during handshake

 

 

I opened a ticket with VMware and they told me that this is related to old version of the view client and that the only way is upgrading the clients.... Great..... I asked them if there are ways to block old client and they said there is none...

 

So now I'm trying to find a way of notifying the users with old clients to upgrade.

 

Being this in a university, we can't control the versions students have installed so what I would like to do is to create a script that somehow will verify their client version and spit out a message asking them to upgrade.

 

Does anyone know of a way to identify the client version? I check the Volatile Environment and there does not seem to be an entry there..


Godday wildcard cert not work on Horizon 6

Hi,

 

Self-signed cert works on View connection server, but my wild card public cert does not.

I have searched the forum of resolution, but still can't figure out.

 

Steps I have done:

1. Generate CSR on my domain controller dc.mycompany.com, CN=*.mycompany.com, allow export private key.

2. Post CSR to Godaddy and download the cert (IIS format).

3. In my domain controller dc.mycompany.com, import the cert from Goddy

4. Export the cert of "*.mycompany.com" with private key to .pfx

5. Import to connection server viewconn.mycompany.com

6. Set friendly name "vdm" and restart connection server

 

 

 

On IE

==========

This page can't be displayed

  • Make sure the web address https://viewconn.mycompany.comis correct.
  • Look for the page with your search engine.
  • Refresh the page in a few minutes.
  • Make sure TLS and SSL protocols are enabled. Go to Tools > Internet Options > Advanced > Settings > Security

==========

 

On Chrome

==========

Error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

==========

 

 

Thanks a lot, quite urgent.

View Agent 6.2.0 Ports and Communications

HI All

 

Having a strange issue with Linked Clones which are being created over two domains using two way trust.

 

I am using Server2008R2 as a Desktop OS, whenever the machines are created they are added to the client domain fine, and the machines created in vcenter and the pool ok BUT in view administrator I get a Error of View Agent cannot communicate with the connection broker.

Looking at NetStat the ports are in a time_wait state. If I reinstall the agent on one of the linked cloned machines, everything works fine, netstat shows as listening and connection server is showing machine as available.

 

I recreated my golden image and reinstalled tools and agent but still not working. Ive added port 4002 to the firewall but I am not using any message mode options.

 

If I install Agent 6.0.1 (FP 6.0.2) everything is fine and machine state is "Available" first time.

 

Everything is View Horizon 6.2.0

Vcenter and Esx are  5.1.0, 880146

 

Whats changed from Agent 6.0.1 to 6.2.0?

What is reinstalling the Agent doing to allow that port to be "listening"?

 

Thanks for any help.

Horizon View 6.2.0 No mouse cursor on connection

Hello,

 

I am running a View 6.2.0 environment and I recently migrated VMs from a View 5.3 environment into the View 6.2.0 environment (new hosts, connection and security server all running latest versions).

 

I upgraded the view agent from the migrated VMs to 6.2.0-3005627 as well as upgraded the VMware tools to 10.0-3000743.  Upon connecting to the VM via the Horizon View Client I do not get any moue cursor.  If I scale down the Horizon View Client Window and then maximize it again and wait for it to refresh the cursor returns.  I thought there was an issue with the agent upgrade so I uninstalled, rebooted the VM, reinstalled the agent but I am still experiencing the same issues.

 

Does anyone know if there is a compatibility issue with 6.2.0-3005627 agent and the VMware Tools v10.0-3000743?

 

Thank You

Load balancing with HAProxy and CA signed certificates

Anyone have luck with using HAProxy and CA signed certificates?  I have my own Microsoft CA and am using it to create CA signed certificates for my connection server, security server and my HAProxy load balanced IP address.

 

If I connect directly to any of my security servers I have no issues, everything works great.  When I connect to the load balanced IP by the host name used in the certificate and DNS it gives me a SSL certificate error.  I can view the certificate and see its using the load balanced certificate.  My problem is I'm not sure if its failing at the first step (the load balancer) or the security server point.  I believe I have it made so it uses the security servers certificate when it is redirected but the debug log is not helpful at all.

 

Anyone have a sample config that has worked for them by chance?

Vmware View Client for IOS Devices + F1 - f12 Keys on magic keyboard and Ipad

Hey guys,

 

i have an ipad pro with a magic keyboard and i'm using the vmware view client.. but i can't get the F1 - F12 keys to work.. they just change the brightness (F2 Key).

 

i was able to find some docs from ios client 1.6 that said it's unsupported.. but we are on version 3.5.1 and see no reference to it being supported or now.

 

anyone have any ideas?

 

here is what i found in the old documentation.

 

 

Known Limitation for View Client 1.6 and Earlier In View Client versions earlier than 1.7, several keys on external keyboards did not work with a remote desktop: Function keys (such as F1 through F12), Ctrl, Alt, and Command. Workaround: Use the onscreen Ctrl and function keys. To tap a combination of these keys, such as Ctrl+Alt +Delete, first tap the onscreen Ctrl key. After it turns blue, tap the onscreen Alt key. After it also turns blue, press the Delete key.

Image may be NSFW.
Clik here to view.

Bitlocker and View USB Redirection

Hi,

 

i have a workstation with an external usb drive and have to encrypt this usb drive with bitlocker. After that, is it possible to redirect that usb drive to a horizon 6.1 vm?

Frank

Choosing Snapshot is greyed out.

Greetings,

When creating a linked clone pool, when I get to the point of choosing the master image-Parent image, I then choose the snapshot. The snapshot does not appear unless I check "All Images", then it appears. Even when it appears, I cannot select it. It never highlights to allow me to click the "OK" button. Does anyone have any thoughts on why this is?  Thank you.


Horizon 6.1 environment with Vsphere 6 cluster, Win7 64 desktops keep crashing/rebooting

I manage about 7 different Horizon View environments for customers, some on prem, and some in our hosted environment.  I have had no problems (lately) with any of them, and some of them exist on this same Vsphere environment, and one other is on the same Horizon View release.  The only discernible difference is I believe the environment not having issues is on hardware version 7, and the problem environment is 11.  The issues are happening across all servers in the cluster, and the cluster includes other working View environments, using the same storage array in some circumstances.

 

So, the issue is that these Win 7 64 desktops are crashing or rebooting, and I can't figure out from the log exactly which.  I don't see "WinBSOD" in the log.  The users report the issue after stepping away for a few minutes, and they come back to a black screen, move their mouse to try and wake it, and usually lose connection.  It looks like maybe there is a video issue, but I can't really figure out what or why.  They all have 35mb of video memory, and most users are running 1920x1080 or lower on a single monitor, so this should be more than enough.

 

Attached is a log from one of the machines having the issue.  Anyone have any insight?  able to point me in the right direction?  I usually figure this stuff out on my own, but this one has me pretty stumped.

 

Thanks

Image may be NSFW.
Clik here to view.

Smart card authentication in Horizon View

Guys and gals, I am a bit perplexed at the issue we are dealing with so i wanted to go to the experts.  We are running HView 5.3.3 coupled with vcenter 6.0 (as an appliance).  I have all of the nessecary keystore files created and the locked.properties file setup right in order to make smart card (sc) authentication work, but just can't seem to find out where the issue lies.  Currently when you go to the URL to view server, it will prompt you for your sc certificate, i can pick the certificate and then it will take me to the usual logon screen with user name and password.  I am also experiencing similar behavior when trying to connect to the virtual machines in a view pool via cad card using a PCOIP client.  Here is where the oddity is though, sc authentication is working for parts of view.  I can log into the pcoip client with an sc and get taken to the pool selection screen, but when i pick the pool the client isn't passing the sc credentials to the vm and i am then being prompted for a user and password.  I can, however, use the view client on a physical box and connect to a vm using an sc and it works as expected. 

 

It seems as though there is some missing link somewhere that i haven't yet found.  The only oddity i can find in the debug log for view is this:

2015-12-03T07:45:44.059-06:00 DEBUG (0E04-1A9C) <MessageFrameWorkDispatch> [MessageFrameWork] ValidateCertificateChain ok=1, msecs=0

2015-12-03T07:45:44.059-06:00 DEBUG (0E04-13A8) <ConfigureHostsCbrc-173d8861-e680-4357-80a8-fed71962420b-1449086049681> [CertMatchingTrustManager] invalid certificate (as expected) for 10.0.210.171:443 InvalidCertificateException[reasons:notTrusted;cantCheckRevoked; subject:'C=US, CN=10.0.210.171' message:'ValidateCertificateChain Result: FAIL, EndEntityReasons: cantCheckRevoked, noTrust, ChainReasons: noTrust']

2015-12-03T07:45:44.102-06:00 DEBUG (0E04-13A8) <ConfigureHostsCbrc-173d8861-e680-4357-80a8-fed71962420b-1449086049681> [SAX2EventRecorder] start replay: events=[ length=26, numPointers=119, objarray.length=50 ], start=12, stop=15, this=org.apache.axis.message.SAX2EventRecorder@2d737c36, handler=org.apache.axis.encoding.DeserializationContext@78dfd489

2015-12-03T07:45:44.102-06:00 DEBUG (0E04-13A8) <ConfigureHostsCbrc-173d8861-e680-4357-80a8-fed71962420b-1449086049681> [SAX2EventRecorder] end replay: events=[ length=26, numPointers=119, objarray.length=50 ], start=12, stop=15, this=org.apache.axis.message.SAX2EventRecorder@2d737c36

 

IN this cans 10.0.210.171 is our vcenter IP.

 

I am using the exact keystore on a separate view instance on the same network and it is working as expected, so i am just not sure where to start looking. 

Profile sub folders created with PM cannot be viewed by admins

If a users profile is created on the network share using PM, it cannot be viewed by admins.

If it is created by normal windows roaming profile then admins can view (modify/delete) no problem.

 

It seems that:

- PM creates subfolders with no inheritance (the admins group is not propegated).

- Roaming profile creates subfolders with full inheritance.

 

But why? Is this a fault? Should PM create the folders in the same way that roaming profile does?

We want admins to be able to clean/modify PM created folders, but they cannot - the problem ONLY happens when using PM.

 

 

 

Notes:

  • We precreate roaming profile user folders when a user account is created.
  • We don't populate the folder with a "default profile", but we make sure the users top level folder is created.

 

i.e:

  • \\server\profileshare is the top level parent.
  • When the user account is created, we then create \\server\profileshare\useraccount.v2 only (as part of a script). Permissions are setup as expected.
  • Administrators can navigate into this particular folder.
  • Administrator cannot navigate to subfolders of the user profile if created with PM, but can navigate if created with traditional roaming profile.
Image may be NSFW.
Clik here to view.

When will Remote Desktop version 8 be supported in Horizon View Client for Mac

I am running Horizon View Client 3.5.2 for mac on El Capitan.  I can't use PCoIP because I just get a black screen.  But RDP can only use version 2 and I can't change the resolution.  I want to know when RDP version 8 for mac will be supported.

Image may be NSFW.
Clik here to view.

user files

my user connected one vdi machine and it copy word,excel on the desktop . another day my user connected another vdi machine but he didnt find his files.

now i want to learn that my user connecting every day different vdi machine and how to config that when he connect vdi machine he wont lost his files ?

 

what is good plan or config ?

DRP VMware Horizon view

Hello

 

I have 2 sites with external storage in replication ( only primary volume in RW )

I would like to create a cluster VMware Horizon View ( + VDI ) over the 2 sites and in a standard mode that each host ESX work on the local storage ( primary storage )

That means each time a VM desktop needed it will be created on DS local even if ESX can access on the 2nd site

 

Could it implement this design ?

 

Thank you for your help

Should I use a seperate Virtual Center for my View Horizon 6 deployment?

I'm in a position where I am starting off fresh with a new View deployment.  New hardware, newest version, etc.  Should I have a separate Virtual Center server dedicated to View?  We have a dedicated one for our old v5 environment and I found it cumbersome to manage a separate VC.  What would be the benefits of having a dedicated VC?


How to get a report on users that have logged into a pool in the last year?

Is there any way to get a report on how many users have logged into a pool over the last year?

vGPU deployment - Can not remove module nvidia: module symbols in use

Hi, we have a View 6.2 deployment with GRID K1 cards in our Dell R720 hosts. Previously using vSGA, however we want to test the new vGPU technology. Have split one host off into it's own cluster and trying to get the vGPU vib installed instead of the vSGA. Following the vGPU deployment guide PDF, and it says to run vmkload_mod -u nvidia, however when I do this, I get the message in the title of this post "vmkload_mod: Can not remove module nvidia: module symbols in use".

 

If I try to run excli software vib remove,


esxcli software vib remove -n "NVIDIA-VMware_ESXi_6.0_Host_Driver"

 

it fails with the following:


[InstallationError]

Error in running rm /tardisks/NVIDIA_V.v00:

Return code: 1

Output: rm: can't remove '/tardisks/NVIDIA_V.v00': Device or resource busy

 

 

It is not safe to continue. Please reboot the host immediately to discard the unfinished update.

 

So, can anyone advise how to get the vmkload command to work to remove the nvidia module so I can uninstall the host driver and install the vgpu driver?

Image may be NSFW.
Clik here to view.

Customize Horizon Portal

Hi All,

I am looking to customize my Horizon Portal (6.x) with my company logo and other visual objects.  I have read the document that points to how to change the download links and such, but nothing about changing the look of it.

 

Additionally, when I am prompted for uname and password, the domain that is presented is not the preferred domain, how can I change this so all my users get the preferred domain?

 

Thanks for any help provided.

-GB

Image may be NSFW.
Clik here to view.

Thinprint over Security server

Hi all;

 

I got a use case where the end user is using a zero client on a remote office connecting through the internet (no vpn) via security server 6.2. Is location based printing usable in that scenario where the user can use the branch office printers (on the same network than the zero client).

My issue is that the end user VM have no connectivity to the branch office printer and in my lab the only way to do that was allowing ip connectivity between the desktop VM and the remote printer.

It's like a Desktop as a service solution. How printing redirection is handled in that scenario.

 

Regards

Image may be NSFW.
Clik here to view.

VMware View 5.3 - Full Clones - Windows Activation

Hello,

 

i have a running View 5.3 Environment.

I changed my vCenter from Windows to Appliance.

 

Because my Composer was installed on my Windows vCenter Server i decided not to use Composer any more and changed my linked clones to full clones.

Performance is better and i have enough space on my Storage.

After recreating the VMs as full clones my Windows 7 did not get activated.

My Question is how to solve this. KMS or is there an alternative way to go?

 

Thanks!

 

Kind Regards

Marco

Viewing all 5983 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>