amr Posted June 4 Share Posted June 4 Good morning, I have been following this topic for quite some time and there used to be KB on it, however since the move to Broadcom the page returns a 404 https://kb.vmware.com/s/article/97111. Their workarounds were not viable for us since we cannot disable modern auth, etc. We are able to create this error with the February, March, and April patch on Windows 10 22H2, we have not tried the May patch. The issue appears from the AAD Broker plug in being blocked with the recent updates via Windows Defender. Even though we do not use Defender, this is not unique to us as it is happening to folks who use it or not. If this is blocked, our machines cannot communicate with Azure for auth, licensing, etc, hence the errors. The resolution was to delete the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces\IfIso\ and all of its contents on the parent image. You can see that when a machine is broken all of the plug ins are set to ACTION=BLOCKED|ACTIVE=TRUE (attached) and you can see on a working machine, they are not blocked with some of them being ACTION=BLOCKED|ACTIVE=FALSE: (attached) Having said that, I do not know of any repercussions of removing that key as well as all of its entries or not. This is especially something to consider since we will be doing to Defender soon on VDI. Has anyone had any luck fixing this without deleting the keys or has MS/VMware fixed this yet? Does deleting this key impact Windows defender? Quote Link to comment Share on other sites More sharing options...
Employee Sascha Warno Posted June 4 Employee Share Posted June 4 just a note on KBs. They do not seem to redirect, but you can find them on kb.omnissa.com by just searching for the kb number in this case 97111. This will get you to https://kb.omnissa.com/s/article/97111?lang=en_US&queryTerm=97111 On the issue, I didn't see any other "fix" then the one you mention on reddit. But let's see if anyone got further with it, I mean it seems not exclusive to Horizon. Quote Link to comment Share on other sites More sharing options...
amr Posted June 4 Author Share Posted June 4 42 minutes ago, Sascha Warno said: just a note on KBs. They do not seem to redirect, but you can find them on kb.omnissa.com by just searching for the kb number in this case 97111. This will get you to https://kb.omnissa.com/s/article/97111?lang=en_US&queryTerm=97111 On the issue, I didn't see any other "fix" then the one you mention on reddit. But let's see if anyone got further with it, I mean it seems not exclusive to Horizon. Thanks Sascha. Agreed, curious to see others experience. Quote Link to comment Share on other sites More sharing options...
John Twilley Posted June 4 Share Posted June 4 I'm testing deleting that Registry key now. I just wish there was a little more details on what deleting that Key, as opposed to modifying the values does to the OS. 1 Quote Link to comment Share on other sites More sharing options...
John Twilley Posted June 6 Share Posted June 6 I wish we had the ability to provide feedback on the new Omnissa KB articles. When hosted in Broadcom/VMware there was a feedback option at the bottom of the page, where you could provide additional information about the issue. I would have provided a link to this community topic so that they knew the real fix, as opposed to telling people to disable Modern Auth. https://kb.omnissa.com/s/article/97111 Quote Link to comment Share on other sites More sharing options...
Employee Sascha Warno Posted June 6 Employee Share Posted June 6 50 minutes ago, John Twilley said: I wish we had the ability to provide feedback on the new Omnissa KB articles. When hosted in Broadcom/VMware there was a feedback option at the bottom of the page, where you could provide additional information about the issue. I would have provided a link to this community topic so that they knew the real fix, as opposed to telling people to disable Modern Auth. https://kb.omnissa.com/s/article/97111 Let me point the owners of that KB to the discussion internally and ask for an update. 1 1 Quote Link to comment Share on other sites More sharing options...
George Posted June 6 Share Posted June 6 As far as i know, MS closed our ticket with them about that issue. They told us that is vmware issue to fix that. We have the workaround in place and I work. (removing the registry key) But we would like to have solution. Quote Link to comment Share on other sites More sharing options...
HakimB Posted July 9 Share Posted July 9 Hello, anyone have update on this subject ? Thanks Quote Link to comment Share on other sites More sharing options...
John Twilley Posted July 9 Share Posted July 9 (edited) We DELETED the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces\IfIso\ and all of its contents on the parent image. This has resolved the Authentication issues for our users. No complaints since, and it's been a few weeks. Edited July 9 by John Twilley 1 Quote Link to comment Share on other sites More sharing options...
Melandrach Posted September 18 Share Posted September 18 On 6/6/2024 at 7:43 AM, George said: As far as i know, MS closed our ticket with them about that issue. They told us that is vmware issue to fix that. We have the workaround in place and I work. (removing the registry key) But we would like to have solution. This is ridiculous because the issue is not exclusive to Horizon, it happens in AVD too. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.