Symptoms
The Horizon View Cluster Certificate (vdm.ec) is missing from VMware Horizon View Certificates store.Installing a Replica Connection Server rolls back with the flowing log entry and there is a need to re-generate the vdm.ec certificate.
Executing op: CustomActionSchedule(Action=VM_AdamReplicaImportCMS,ActionType=1025,Source=BinaryData,Target=VMAdamReplicaImportCMS,)
Invoking remote custom action. DLL: C:\Windows\Installer\MSIE9DC.tmp, Entrypoint: VMAdamReplicaImportCMS
CustomAction VM_AdamReplicaImportCMS returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
Action ended 18:37:34: InstallFinalize. Return value 3.
Purpose
Regenerating a new vdm.ec certificate for the existing VMware Horizon View Cluster.
Cause
Horizon View Cluster Certificate (vdm.ec) missing from VMware Horizon View Certificates store.
Impact / Risks
A missing vdm.ec certificate will cause issues for seamless sign-in with TrueSSO.
Resolution
Take a backup of the ADAM database and the existing vdm.ec (if any) (with the private key marked as exportable) before making any changes to the Horizon environment.Connect to ADAM and navigate to cn=common,ou=global,ou=properties,dc=vdi,dc=vmware,dc=int. Clear the values for pae-ClusterCredentials and pae-clusterCredParams.Edit the multi-string attribute pae-ClusterCredParams, appending a new string “rekey=true”.Then, restart the Connection Server Service to generate a new Key.
Note: It might take 5 mins for the new Cluster certificate to get generated.
Related Information
For more detail in terms of TrueSSO, please reference: Common configuration issues and guidelines with TrueSSO (90037)
