SchwarzC Posted August 10 Posted August 10 Good day, This is my first post in the new forum, and Iโm liking it so far! ๐ In the release notes for Horizon Client 2406, I noticed the following: Enhancement to Log In as Current User A new GPO on the client allows administrators to turn off support for Hello for Business while keeping the Log In as Current User feature operational. Could someone please confirm if this means the following? Instead of implementing Windows Hello Cert Trust (we are currently in the middle of this and itโs becoming quite challenging), can we implement Windows Hello for Business with Cloud Kerberos without causing interference with the Log In as Current User feature? For context, our setup allows internal users to log in as the current user. Does this require upgrading the back-end (Connection Servers) to version 2406 as well, or is it sufficient to upgrade just the clients? (We need to wait for Nvidia compatibility before upgrading the servers.) Thank you for your assistance! ย
Employee Kristina De Nike Posted August 15 Employee Posted August 15 (edited) Hello! On questions 1, the answer is Yes. You can leave Login as Current User on but ignore the current user if the end point is using Hello for Business. Your end users using AD will continue to auto-auth and end users with WHFB will have to type in credentials to connect to Horizon. On question 2, the client GPO will work with older Horizon servers . Edited August 19 by Kristina De Nike 2
SchwarzC Posted August 25 Author Posted August 25 Hi Kristina, Thank you for the clarification! I appreciate the explanation. However, I noticed a slight discrepancy between the release notes and your response. My goal is to have users log in via Windows Hello for Business (WHFB) and then be automatically authenticated through the "Log In as Current User" feature to their Horizon Desktop. Based on the release notes, I thought this would work even with WHFB. Could the difference in how WHFB handles session tokens or credentials compared to a password-based login impact the auto-authentication with Horizon? (Please note that all devices are hybrid joined.) or am I complety on the wrong track here. Thank you!
Gerard Strouth Posted August 27 Posted August 27 That's what I've been wanting as well but I'm pretty sure it only works with certificate trust currently. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now