Category: Microsoft
Notes from the field: Microsoft Azure MFA Number Matching and the one with NPS extension
Regarding the upcoming change of Microsoft MFA number matching, some customers started to ask me hey what’s going on? Do we need to do something? Is there any impact for our users? Well, the short answer is yes. The long answer is well it depends, can we live with the current setup or is there…
Notes from the field: The Kerberos chronicles, the one with VMware TrueSSO
After a lengthy and cumbersome troubleshoot on a VMware TrueSSO setup finally had the time to blog this one. In summary the situation with a customer was a working VMware TrueSSO setup which stopped working, after lengthy troubleshooting we opened a support case with VMware and later also with Microsoft. The issue was manifesting in…
Notes from the field: Citrix Cloud Connector we’re having trouble signing you in
Recently I’ve encountered an issue after installing the Citrix Cloud Connector on new Windows Server 2022 machines. The configuration on my first machine went just fine until the sign-in, here my interest got peeked because I still have IE11 on my box, strange that it uses the sign-in for Citrix Cloud. Well let’s test the…
Notes from the lab: Migrating Azure AD Connect and then we cannot sync
This is a quick blog post regarding my own Azure AD Connect migration and a nasty error after trying to connect again for an initial connection and synchronisation. A little insight in my environment, I already had the latest version running of Azure AD Connect namely 2.1.16.0 on my Windows Server 2019. See Azure AD…
Notes from the field: VMware Horizon instant clone breaks with Kerberos armoring
On my current customer project we’ve encountered a strange issue when some stricter security policies were implemented. Kerberos armoring was enabled which effectively broke the instant clone process for Windows 10 1809/1909 releases but not for 2009 or 21H2. It all started with a ticket that the image update process in Horizon would error out…
Notes from the lab: Citrix ShareFile and VMware Access SSO
When configuring Citrix ShareFile for an SSO experience with your Microsoft Active Directory setup we have the following guides to use it from Citrix. See How to Configure Single Sign-On (SSO) for ShareFile (citrix.com) Well I’m having my setup with another Identity Provider in my own lab and still want to achieve an managed SSO…
Notes from the lab: VMware vCenter 7u2 ADFS changes
When vCenter 7 introduced ADFS integration I jumped on the configuration part in my lab and set it up with the necessary OAUTH integrations: Now with vCenter 7u2 there are some changes when you have it in place and are upgrading: The trust store is changed to VECS and you need to change/add that in…
Notes from the field: Citrix FAS request not supported
On a recent Citrix FAS deployment I’ve encountered the following error: “Request not supported” when logging in to a published application or desktop. Article https://support.citrix.com/article/CTX218941 explains that re-enrollment of the domain controller authentication template or another custom template for Kerberos usage should resolve the error. A little bit of a background on the environment, an…
Notes from the presentations: Modern authentication glued together with Microsoft, Citrix and VMware
Very happy to share my first presentation on Virtual Expo with Erik Bakker, please click the following link for the recording and all other recordings as well. https://xenapptraining.com/members/virtual-expo/2020-09/
Notes from the lab: Microsoft ADFS and VMware UAG
You don’t see many configuration articles around ADFS and UAG and that’s why I would like to share my setup. First things first, I’m expecting that there is an working Horizon environment with True SSO enabled for access to the desktop. And a working ADFS environment to add a new application to test with. My…