MS Azure Auth Issues after rolling out the Microsoft February patch and beyond (KB5034763)

[amr]

Good morning,

I have been following this topic for quite some time and there used to be KB on it, however since the move to Broadcom the page returns a 404 https://kb.vmware.com/s/article/97111. Their workarounds were not viable for us since we cannot disable modern auth, etc.

We are able to create this error with the February, March, and April patch on Windows 10 22H2, we have not tried the May patch. 

The issue appears from the AAD Broker plug in being blocked with the recent updates via Windows Defender. Even though we do not use Defender, this is not unique to us as it is happening to folks who use it or not. If this is blocked, our machines cannot communicate with Azure for auth, licensing, etc, hence the errors. The resolution was to delete the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces\IfIso\ and all of its contents on the parent image.

You can see that when a machine is broken all of the plug ins are set to ACTION=BLOCKED|ACTIVE=TRUE (attached) and you can see on a working machine, they are not blocked with some of them being ACTION=BLOCKED|ACTIVE=FALSE: (attached)

Having said that, I do not know of any repercussions of removing that key as well as all of its entries or not. This is especially something to consider since we will be doing to Defender soon on VDI.

Has anyone had any luck fixing this without deleting the keys or has MS/VMware fixed this yet? Does deleting this key impact Windows defender?

 

[Sascha Warno]

just a note on KBs. They do not seem to redirect, but you can find them on kb.omnissa.com by just searching for the kb number in this case 97111. This will get you to https://kb.omnissa.com/s/article/97111?lang=en_US&queryTerm=97111

On the issue, I didn't see any other "fix" then the one you mention on reddit. But let's see if anyone got further with it, I mean it seems not exclusive to Horizon.

[amr]

42 minutes ago, Sascha Warno said:

just a note on KBs. They do not seem to redirect, but you can find them on kb.omnissa.com by just searching for the kb number in this case 97111. This will get you to https://kb.omnissa.com/s/article/97111?lang=en_US&queryTerm=97111

On the issue, I didn't see any other "fix" then the one you mention on reddit. But let's see if anyone got further with it, I mean it seems not exclusive to Horizon.

Thanks Sascha. Agreed, curious to see others experience.

[John Twilley]

I'm testing deleting that Registry key now.  I just wish there was a little more details on what deleting that Key, as opposed to modifying the values does to the OS.

[John Twilley]

I wish we had the ability to provide feedback on the new Omnissa KB articles.   When hosted in Broadcom/VMware there was a feedback option at the bottom of the page,  where you could provide additional information about the issue.  I would have provided a link to this community topic so that they knew the real fix, as opposed to telling people to disable Modern Auth.  https://kb.omnissa.com/s/article/97111

[Sascha Warno]

50 minutes ago, John Twilley said:

I wish we had the ability to provide feedback on the new Omnissa KB articles.   When hosted in Broadcom/VMware there was a feedback option at the bottom of the page,  where you could provide additional information about the issue.  I would have provided a link to this community topic so that they knew the real fix, as opposed to telling people to disable Modern Auth.  https://kb.omnissa.com/s/article/97111

Let me point the owners of that KB to the discussion internally and ask for an update.

[George]

As far as i know, MS closed our ticket with them about that issue.

They told us that is vmware issue to fix that.

We have the workaround in place and I work. (removing the registry key)

But we would like to have solution.