BugZero | VMware BugID 57761 - Error: "USB redirection is not available for this ...

VMware - Defect ID: 57761

Error: "USB redirection is not available for this desktop" due to an Agent side corrupt certificate

VMware - Defect ID: 57761

Error: "USB redirection is not available for this desktop" due to an Agent side corrupt certificate

Last updated on 12/8/2022

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

No defect details.

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

No defect details.

Symptoms

When a user opens the Horizon Client and launches a VDI desktop, the user will find the error "USB Redirection is not available for this desktop" displayed in the dropdown control.The USB component is installed on the agent.Another functionality on the desktop is ok.USB redirection is not denied by group Policy. How to validate if it is a certificate issue:You will find similar log lines in the client and agent debug logs.Reference: Location of Horizon (VDM) log files (1027744)Client-side Logging: xxx WARN (2DE0-2910) <SharedMemAuthenticateThread> [MessageFrameWork] Unable to accept connection, authentication failed, reason=authPackage DEBUG (0B6C) [libcdk] CdkViewUsbErrorCb: USB error callback for desktopId "cn=vdi-test,ou=applications,dc=vdi,dc=vmware," msgString=IDS_DROPDOWN_DEVICES_NOT_AVAILABLE 2017-03-17 15:37:38.027+07:00 INFO (0B6C) [WinCDK] USBDevices::HandleUSBError : USB remoting is disabled for this desktop because the USB component is not available in the agent. The broker is 'BROKERFQDN'. The desktop is 'TEST'. Agent side Logging: xxx WARN (2BBC-0AAC) <SocketAuthenticateThread> [MessageFrameWork] Authentication function AcceptSecurityContext failed, return value 0x0000000080090330, text=The specified data could not be decrypted. xxx WARN (2BBC-0AAC) <SocketAuthenticateThread> [MessageFrameWork] Unable to accept connection, authentication failed, reason=authTicketSsl

Cause

The USB traffic that Horizon View redirects over the network is an encrypted communication channel.USB redirection will fail if there is a failure in the negotiation, or an outside force has created interference in the ability of the software to read the certificate from the Guest O/S certificate store.

Resolution

Procedure: This script will back up your current agent certificate store before removing it.The absence of certificates after a restart of the framework service will regenerate new certificates. 1. Copy the below script to a file named "usbcert.bat" and execute in elevated Command Prompt on the virtual desktop. net stop wsnm certutil -v -store VMwareView > backupcerts_dump.txt certutil -exportPFX -p "beforetesting" VMwareView * backupcerts.pfx REM **(Proceed ahead only if above command is successful and the backupcerts.pfx is actually created) certutil -delstore VMwareView VMwareViewKeyContainer net start wsnm 2. Logoff and reconnect from the Horizon Client.3. USB redirection should now be available

Original Vendor Announcement

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

VMware - Defect ID: 57761

Error: "USB redirection is not available for this desktop" due to an Agent side corrupt certificate

VMware - Defect ID: 57761

Error: "USB redirection is not available for this desktop" due to an Agent side corrupt certificate

Last updated on 12/8/2022

Vendor details

Vendor details

Description

Symptoms

Cause

Resolution

Links

Top VMware defects by risk score

Ready to prevent the next vendor outage?