The specified resource type cannot be found in the image file SAML access denied because of invalid assertion/artifact The following information was included with the event:īROKER_USER_AUTHFAILED_SAML_ACCESS_DENIED If the event originated on another computer, the display information had to be saved with the event. You can install or repair the component on the local computer. Either the component that raises this event is not installed on your local computer or the installation is corrupted. T13:08:46.696+02:00 ERROR (13B8-1BE4) (SESSION:0748_***_bce6) Error performing authentication: Enabled SAML Authenticator's Issuer/entityId not matched with SAML ArtifactĬom.FatalAuthException: Enabled SAML Authenticator's Issuer/entityId not matched with SAML ArtifactĪnd in the event viewer of windows: The description for Event ID 104 from source VMware View cannot be found. In the debug.log of one of the connection servers I saw: T13:08:46.695+02:00 DEBUG (13B8-1BE4) (SESSION:0748_***_bce6) Error_Event: "SAML access denied because of invalid assertion/artifact": Node=, Severity=AUDIT_FAIL, Time=Mon Jun 24 13:08:46 CEST 2019, Module=Broker, Source=.filters.SamlAuthFilter, Acknowledged=true name = E01CS01,ĪuxillaryExternalPCoIPIPv4Address = null, Note that when using UAG’s the external URLs are not used. In the Connector.log you will see if the sync with the connector servers is correct. Time sync is off between the vIDM connector and Connection Servers.Ĭ:\VMware\VMwareIdentityManager\Connector\opt\vmware\horizon\workspace\logs.All desktop entitlements were there but just logging into a desktop would not work… The whole Horizon environment works just fine with the sub DNS records. Have a multi-pod environment and have done this a million times before but for the love of… I could not get it working in this environment… Connection servers added as expected, could sync my desktops into vIDM. This Horizon Server Expects to get your logon credentials from another application or server. The problem was that no matter how I configured the vIDM tenant I kept on getting a SAML error. Upgraded from Horizon 7.7 and downgraded vIDM Connector to 3.3 to test if that was an issue but that did not matter at all… The problem: VMware Identity Manager Connector 1903 in HA on Windows (AD sync and Horizon sync to SAAS).Horizon 7.8 (2 PODS, each pod has 2 connection servers).The environment I am working on is based on:
Finally got it fixed with some good old log digging. So… I just had a nice week troubleshooting a Horizon 7 SAML issue with VMware Identity Manager SAAS / 1903 with GSS.
0 kommentar(er)
