VIDM users are prompted for username and password after applying patch CSP-97577
search cancel

VIDM users are prompted for username and password after applying patch CSP-97577

book

Article ID: 408521

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • Kerberos is configured for VIDM prior to applying patch CSP-97577 
  • Users are now prompted to enter username and password when signing in with their VIDM user
  • RC4 has been disabled domain wide for security reasons on the Active Directory
  •  /opt/vmware/horizon/workspace/logs/workspace.log shows errors similar to:  
    2025-08-24T10:18:01,343 INFO : com.vmware.horizon.adapters.kerberosAdapter.KerberosIdpAdapter - Initiating authentication using Kerberos
2025-08-24T10:18:01,345 INFO : com.vmware.horizon.adapters.kerberosAdapter.KerberosIdpAdapter - Kerberos authentication failure: null
2025-08-24T10:18:01,346 INFO : com.vmware.horizon.adapters.kerberosAdapter.KerberosIdpAdapter - Cause: Failure unspecified at GSS-API level (Mechanism level: Encryption type RC4 with HMAC is not supported/enabled)
2025-08-24T10:18:01,346 INFO : com.vmware.horizon.connector.utils.SamlAssertionGeneratorUtil - Returning a saml failure response.

Environment

VIDM 3.3.7

Resolution

Set the msDS-SupportedEncryptionTypes attribute on the vIDM’s computer object in ActiveDirectory to enforce an encryption type 

Powered by Wolken Software