Issue:
When you see one or both of the following items pictured in figures 1 & 2 below (blank details in this first stage via the web console drill down or an email alert that says "unable to start logon simulator...") it means that one or more prereqs on the GAAM Launch Endpoint is missing and therefore the technology can't start the scheduled launch.
Figure 1 - Sample Access stage drill down failure w/ empty details
Figure 2 - Sample email
Troubleshooting Steps:
- Re-confirm the GAAM launch endpoint machine configured in the launch schedule. Is this the machine where you followed the Launch Endpoint Configuration steps? If not, please change the launch endpoint to be the appropriate machine.
- Note - we do not want the GAAM Launch Endpoint to be a Citrix VDA/VMware Horizon RDSH Server or Microsoft RDS Server. It just needs to be a standard physical or virtual machine
- A Windows user account, domain or local, is required to be signed into the GAAM Launch Endpoint in an active or disconnected state at all time. Ensure the user is not in a "locked" windows session or is logged off of the machine.
- Specifically, this is the user account who you ran the GAAMEndpoint.exe installer. If you are unsure of the user account configured, please see the Appendix below
- We recommend this user account be a service account and not your own personal account
- We recommend this user account to be configured for Windows Automatic Logons so if for any reason the GAAM Launch Endpoint machines is rebooted the account will reconnect.
- The windows user mentioned above, must have Windows Admin rights on the Launch Endpoint. Please confirm that this has been configured.
- The windows user mentioned above, was configured to run a process named "LogonSimulator.exe". This process must always be running in order for the technology to launch. Please confirm this process is running.
- Also, ensure there is only 1 instance of this process running.
- if it is not running, go to the start menu>Run and type in "shell:startup" w/o quotes. If you see the process listed, double click to run it and then check Task Manager to ensure.
- If the process isn't listed in the startup folder, copy and paste it from the Goliath Servers "..\MonitorIT\Bin" folder
- UAC is required to be disabled at the system level (not via Control Panel). To test this setting, open Command Prompt not as admin.
- Does the Command Prompt application open with a window title that has "Administrator:" in the beginning like pictured below? If not, please see the Appendix below for instructions on how to resolve.
- Does the Command Prompt application open with a window title that has "Administrator:" in the beginning like pictured below? If not, please see the Appendix below for instructions on how to resolve.
- Ensure the "MonitorIT Agent Service" is running as local system
Appendix
How to determine the Windows Launch Endpoint User
- RDP to the Launch Endpoint machine
- Open Task Manager and see if the process "LogonSimulator.exe" is running.
- If it is, note the user account who is running it. That is the user account configured to run GAAM on the launch endpoint.
- If it is not, please proceed to the next step
- Open Windows File Explorer and go to "C:\Users". Do any of the users listed resemble a naming convention for service accounts or GAAM? Or ring a bell?
- If so, try repeating steps 1-2 as the account
How to Disable UAC at the Kernel/System level
- While the GAAM launches are executing, the technology is making a number of system level call. In order to avoid unexpected prompt, UAC must be disabled at the system level (not through Control Panel). To accomplish this, Goliath includes a registry file to update the system. This file requires a machine reboot. Below are instructions:
- On the Goliath Server, open Windows File Explorer and navigate to the install directory:
- C:\Program Files (x86)\MonitorIT\Tools
- C:\Program Files\MonitorIT\Tools
- Locate the reg file and copy it over to the launch endpoint(s)
- Double click to run the file
- A warning will appear for changing the registry, click ‘Yes’ to continue
- A confirmation window will appear, click ‘Ok’
- Reboot the launch endpoint
- Run through the confirmation steps again, if you are seeing that UAC is still not disable this means it is being forced by GPO and the launch endpoint needs to be moved to a different OU or the GPO needs to be updated
- On the Goliath Server, open Windows File Explorer and navigate to the install directory: