In this blog entry I will talk about App Volumes and things to check when you are having trouble logging in.
There are times when a user may not be able to login to the App Volumes Manager Server. Users might get a message similar to “You must be in the Administrators group to login” as shown below. There can be a few reasons for this issue to occur.
The first is that an administrators group needs to be defined in the App Volumes configuration, which is done during the initial setup of the App Volumes instance. Users need to be members of this group in order to login to the App Volumes Manager Server.
Secondly, you need to validate the App Volumes Manager Server to be able to communicate with the SQL instance configured during installation and Active Directory. The credentials for connectivity to both environments should be verified.
If you have validated that all of the above configurations are accurate and the services are running, there is one other thing you should investigate; this issue can occur if the user object has been moved in Active Directory. For example, a user was in the “Chicago” organizational unit (OU) and has been moved to the “Cleveland” OU. When an object is moved in this way, App Volumes can have trouble finding the user because its distinguished name (DN) value in Active Directory has changed. App Volumes stores the user DN value in the “Users” App Volumes SQL database table.
To restore App Volumes functionality to the object, the App Volumes SQL database needs to be updated with the new Active Directory DN value. This is done by retrieving the correct DN value from Active Directory, then updating the database record for that user.
Updating the SQL record can be done directly through SQL Server Management Studio.
If this issue is occurring for all users then you will want to validate that the Active Directory group—defined as the App Volumes Administrators group—has not been move. In this circumstance you will want to validate the DN of the group specified in the App Volumes SQL Database against its location in Active Directory. The administrators group DN is stored in the “group_permissions” App Volumes SQL database table.
If the group has been moved you will need to update the App Volumes SQL Database with the DN value of the new group.
This record can also be updated directly through SQL Server Management Studio.
Jeffrey Davidson, Senior Consultant, VMware EUC. Jeffrey has over 15 years of IT experience and joined VMware in 2014. He is also a VCP5-DCV and VCP5-DT. He is a strong advocate of virtualization technologies, focusing on operational readiness with customers.