Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Virtual Desktops Appear as “Not Registered” in the Console

To resolve the issue, grant the logon right, Access this computer from the network to the Delivery Controller machine account(s).

This can be modified directly on the VDA (recommended for testing):

  1. To edit the policy directly on the VDA, use Local Computer Policy editor (MMC, then add the Snap-In Local Computer Policy.)
  2. The policy is located in Computer Configuration –>Windows Settings –>Security Settings –>Local Policies –>User Rights Assignment
  3. Locate “Access this computer from the network”
  4. Click ‘Add User or Group’. Change the Object Types to include “Computers”.
  5. Type the names of the Delivery Controller(s). Click ‘Check Names’. Click OK to save the change. There will be several warnings.

Once this is determined to resolve the OU-based registration issue, policy can be applied to all the VDA’s by completing one of the following tasks:

  • Apply a group policy from the domain controller either to the domain as a whole or to an Organizational Unit containing the Virtual Desktops for the XenDesktop farm.

User-added image

Related:

  • No Related Posts

Untitled

Customers using Single Sign-on through Windows toauthenticate to Host Access Management and Security Server (MSS) are subject tothe “Netlogon Elevation of Privilege Vulnerability” (CVE 2020-1472).

According to NIST, “An elevation of privilegevulnerability exists when an attacker establishes a vulnerable Netlogon securechannel connection to a domain controller, using the Netlogon Remote Protocol(MS-NRPC), aka ‘Netlogon Elevation of Privilege Vulnerability’.”

Microsoft published guidance on how to manage the changes in Netlogon secure channelconnections associated with this CVE. The first step is to update your DomainControllers.

Unfortunately, afterupdating your Domain Controllers, MSS’s authentication implementation of“Single Sign-on through Windows authentication” will no longer function.

Related:

Untitled

Customers using Single Sign-on through Windows toauthenticate to Host Access Management and Security Server (MSS) are subject tothe “Netlogon Elevation of Privilege Vulnerability” (CVE 2020-1472).

According to NIST, “An elevation of privilegevulnerability exists when an attacker establishes a vulnerable Netlogon securechannel connection to a domain controller, using the Netlogon Remote Protocol(MS-NRPC), aka ‘Netlogon Elevation of Privilege Vulnerability’.”

Microsoft published guidance on how to manage the changes in Netlogon secure channelconnections associated with this CVE. The first step is to update your DomainControllers.

Unfortunately, afterupdating your Domain Controllers, MSS’s authentication implementation of“Single Sign-on through Windows authentication” will no longer function.

Related: