NLA User issue

I configured SAML/SSO/EntraID and also an enrollment agent as described in the Parallels documentation. Now when I try to start a desktop I receive a message addressed to other user saying that I don't have the right to logon remotely. When I click OK the login screen appears which is filled out with the username of the NLA user. Of course this user is denied that right, but when I replace it with the credentials of the actual user it logs on. Again, everything (enrollment agent, enrollment agent user, NLA user, certificate templates, GPO etc.) is configured appropriately. Thanks in advance!

Kind regards,

Robin

 

This is the output from CertLogonCredProv.log during initial login:

[I 00/00000123/T15B0/P05D4/S0003] 15-10-25 13:27:52 - Module version 20.2.2 (build 26015) - LogonUI.exe 64bit
[I 00/00000123/T15B0/P05D4/S0003] 15-10-25 13:27:52 - Starting RAS Module - PRLSCREDPROV
[I 00/00000113/T15B0/P05D4/S0003] 15-10-25 13:27:52 - System OS - Windows 11 Enterprise Edition 10.0.22631 (x64) - Hv:VMware
[I 00/00000113/T15B0/P05D4/S0003] 15-10-25 13:27:52 - System language - English (USA)
[I 00/00000123/T15B0/P05D4/S0003] 15-10-25 13:27:52 - System Boot Time - Wed Oct 15 11:29:36 2025
[I 00/00000113/T15B0/P05D4/S0003] 15-10-25 13:27:52 - System timezone - W. Europe Daylight Time
[I 00/00000113/T15B0/P05D4/S0003] 15-10-25 13:27:52 - Machine Name - HP-70ONE-001
[I 0B/00000001/T15B0/P05D4/S0003] 15-10-25 13:27:52 - IP - *.*.*.* (Mac *-*-*-*-*-*)
[E 70/00000007/T15B0/P05D4/S0003] 15-10-25 13:27:52 - Failed to store token
[E 70/0000000B/T15B0/P05D4/S0003] 15-10-25 13:27:52 - ReceiveCredentials() failed

 

https://kb.parallels.com/en/130219 describes the exact issue in detail but the suggested resolution doesn't work...

 

Disabling secure boot eventually resolves the issue...

 

It didn't solve my problem. Evne without Secure Boot it have the same issue on a Windows Server 2019 server.

Created a ticket for it.

 

Hello Robin,
Can you login to https://my.parallels.com/ and submit a ticket so we could check this issue in more details?

 

Robin was able to get it working.
I didn;t so i created a ticket for the problem.

 

https://kb.parallels.com/en/130219 does solve the issue! Thanks Louis!

 

Hi, do you have a solution for your problem? Unfortunately, the solution described in the article (https://kb.parallels.com/en/130219?...61.1093226221.1760449229-989926196.1759842880) doesn't work for me on Server 2022.

 

Ok. Do you have the mentioned updates installed? For me the registry solution worked. What also worked was disabling secure boot on my VMware VM. Did you also try the opt-out tool?

 

Yes, the updates are installed and the opt-out tool has been run. I'll try disabling Secure Boot tomorrow.