I am unable to authenticate using a smartcard from the view client.
Error Log 1 (View server):
Unable to extract User Principal Name: Unknown type 22, remaining......
..........................................
Failed to convert SID (null)
Unable to obtain user information from the Active Directory
Error instantiating PAEContext for : com.vmware.vdi.ob.lib.b: Failed to retrieve user information for the users with given upns: Unable to obtain information from the Active Directory - ErrorCode 1
Error Log 2 (View server):
No SubjectAlternativeName found
Failed to convert SID
Unable to obtain user information from the Active Directory
Error instantiating PAEContext for : com.vmware.vdi.ob.lib.b: Failed to retrieve user information for the users with given upns: Unable to obtain information from the Active Directory - ErrorCode 1
The logs show the certificate being read by the view server and all the detials of CRLs etc but it appears unable to extract the UPN. Where does it resolve it from?
I read in the admin guide that if the Root CA is in another domain then the user must have the Subject Alt Name of the Root CA cert set as this UPN of their local domain account. I do not understand why this is as the UPN is a vital attribute for many other software products and is usually in the format user@company.com. The error logs above would suggest that the UPN from the user cert can not be decoded and therefore can not be used to resolve the user from the Active Directory.
In the event log on the view server the first event is an informational one stating "No SubjectAlternativeName found" and then the next event is of the type warning and is "Failed to convert SID (null)". Why is the first message Informational when it appears to be part of the problem?
Are there any special rights required by the ws_admin server to convert the SID, or is it because it uses the Subject Alt Name whch should be the user UPN?
Thoroughly confused!
Thanks
