BenAlabaster February 2016

How do I connect Release Management 2013 client on a non-domain Windows 10 box?

I've got 2 machines:

  • A corporate desktop machine which is running Windows 7 SP1 which resides on the corporate domain and which I log into using a corporate domain account.
  • A personal laptop that I use when working from home via the Cisco VPN client but presently sits on my desk connected to the corporate WiFi (though I had it connected to the wire and on the same subnet as my desktop machine today also). This machine is not on the corporate domain; I log into this machine with a Microsoft Account.

I need to run Visual Studio 2013 Release Management Client from both machines. The machine on my desktop works fine when entering either the IP address or the URL into the Release Management Server URL entry field and everything hooks up and all is glorious.

On my Windows 10 laptop however, it's a different story. Every attempt to connect is met with the error:

The server specified could not be reached. Please ensure the information that is entered is valid (please contact your Release Management administrator for assistance). <-- I'm the admin

I can ping the machine both with IP address and with hostname, ruling out DNS issues. Both client machines are on the same subnet. Both machines are using the same outbound port.

Checking the event log I see a bunch of Message: The remote server returned an error: (401) Unauthorized.

Checking with Fiddler, on my desktop machine, I can walk through the handshake of each of the stages of startup and all is good. But in Fiddler on my laptop I see 3 401 Unauthorized errors before Release Management Client bombs and returns the rather uninformative message I posted above.

I've attempted to create a shadow account on my laptop and do the Shift-Right Click-Run As Different User dance, but I must be missing something because I can't get this to run.

I've talked to the network administrator who su

Answers


Giulio Vian February 2016

I would bet you simply have a security issue as the workstation is not domain-joined and the WPF client is using Integrated Authentication. Often creating a local "shadow" user with same username and password, and running the client app under that account (run as) works. Another option is to join the workstation to the domain or use a domain-joined VM.


BenAlabaster February 2016

After fully investigating the situation, it appears to have been a combination of factors. I am posting a response because this appears to be a relatively common problem:

  • The workstation was sending an unexpected credential to the server. To get around this, you have to configure the user account on the server without a domain in the username and create a shadow account on your local machine. When running the client application, you must either log into this shadow account on the local machine or you must SHIFT+RIGHT CLICK and choose "Run as" entering your local shadow credentials. This will then pass the shadow account to the server which will now authenticate without referencing the domain. OR
  • Create a user account on the server that matches the credentials on your local machine including MACHINENAME\LocalUsername

  • There appeared to be a network issue when attempting to connect to the Release Management Server from the non-domain machine when connected inside the network. When connecting via the VPN from home, this situation was resolved, but only after we'd ensured the account and local machine accounts were correctly configured. The domain connected machine always connected properly.

Post Status

Asked in February 2016
Viewed 2,529 times
Voted 5
Answered 2 times

Search




Leave an answer