Hello All,
I am getting authentication issues consistently on shared devices. We have a generic account for staging and autologout after 13hours. We are observing AUTH-1005 (invalid token) and HMAC authentication failure on these shared devices. I can replicate the issue if I leave the device logged in and let hub trigger an auto logout. It is happening on almost all the shared
devices. After auto logout it prompts to enter credentials and token. At this screen, it is expecting the staging account credentials. If you reboot the device, it goes back to normal login screen with just username and password. Has anyone seen this before ?
We are on 19.7.0.17 (1907).
I'm having the same issue with our shared devices and just open a ticket with support about it.
VMware Support has replicated this issue internally in their environment. They are evaluating the logs.
It was working fine a couple months ago. I am guessing that is has something to do with the new version of hub.
I'm on 1907 and have not experienced this issue with our shared devices.
When the issue occurs, can an actual user log in with his/her credential?
Issue happens only if you let it auto logout. On "Use token" screen, it only accepts the staging account credentials. Once you login with staging account, then it gives the normal login screen with just username and password fields. Then it accepts the user's credentials.
In console, I see AUTH-1005 (invalid token) and HMAC authentication errors when the device is on "Use token" screen.
I replicated it multiple times, in Dev environment too. At this point, reboot is the only fix that brings the hub login to senses.
Are you SaaS? I also see the token error on our devices.
I'm a SaaS on 1907 but I have yet to experience this issue with my shared devices.
SHMike
On-Prem 19.7.0.17(1907). I was able to replicate it in Dev environment also, running 2001.
chengtmskcc
First login on a newly built device usually works. I have a test group that has auto logout(10mins) enabled. It goes to token screen every time I let hub logout the user.
Because we have iOS Single App Mode enabled, device locks into hub on that token screen. End users cannot break in and use the device.
"Because we have iOS Single App Mode enabled, device locks into hub on that token screen. End users cannot break in and use the device."
I see. I suppose the use of the Hub app is to be able to keep track of who uses the device during a specific period of time?
In my case, we set up our shared devices so that additional apps such as the native mail client and any specific 3rd party apps are not visible until a user logs into the Hub app. So I'm curious about your setup and see if I can offer any suggestions.
When no user is logged in, device is locked into hub. No other app is accessible.
Users login with their credentials and all the allowed apps become accessible. We do not allow apps that are user specific like emails.
Console reflects who is logged in and using the device and keeps track of shared device login history.
When user logs out, device goes back to single app mode and locks into hub.
Our shared devices having the issue when logged out are locked to the intelligent hub and I have 4 profiles being pushed to them. One to hide all the apps and icons they don't need a lock screen that sets the department and asset tag on the screen. A notification profile to enable notifications for the app they use on the devices and a WiFi profile. When they sign into the hub the only other profile I have added to the device is a passcode requirement.
If the user goes into the hub and manually logs out the issue doesn't happen. Its only on the auto log out of the device in which its happening.
Error | 7/9/2020 10:28 AM | Default Staging User iPhone iOS 13.5.1 JC6C | Default Staging User | Device | Devices | Authentication | Authentication Error | sysadmin | Reason : AUTH-1001 (invalid credentials) |
Thats the error I see on the device.
I see this on broken devices. User can still login with HMAC failures but when AUTH-1005 appears, then the device is stuck on token screen.
I can reproduce the issue also by using the management options for the device and having hit check-in
Have you gotten any answer from VMWare yet on this issue? I've open a support ticket but going through the back and forth of them asking the basic questions still and not getting very far.
Thanks
They are still working with their engineers. No ETA yet.
You don't happen to have a reference number or a known issue page to go off by any chance? We're also seeing this issue and dealing with VMWare support has been a nightmare, can't even get them to acknowledge the problem
+1. Same issue with my shared devices. If WSO triggers an auto logout it will occasionally ask for the enrollment user to sign in.
This is not resolved yet.
Vmware's response -
This issue has been logged with our product team who are investigating this further. For your records, I have assigned an internal reference number to this case: HUBI-4675