MED-V v1 Connection Settings and Credential Management
Working in support, I get many questions and issues related to how MED-V v1 handles user settings and credentials. Hopefully the information below will help explain how a lot of this works.
The ProfileInfo.XML File
Basic user settings such as server location and start options are stored in the ProfileInfo.XML file. When the MED-V client is installed, the settings specified during the installation will be placed into the machine’s default ProfileInfo.XML file located in the %ALLUSERSPROFILE%\MED-V\Profile\ directory. This will be used as the base template for each user’s individual settings file which will be maintained on a per-user basis for override purposes.
For example, on Windows 7, when a new user logs on to MED-V for the first time, MED-V will build that user their own ProfileInfo.XML file so any settings changes will only affect that user. The user’s copy will be in %LOCALAPPDATA%\MED-V\PROFILE\ based upon the machine template that is located (in the case of Windows 7) in C:\ProgramData\MED-V\Profile\ProfileInfo.xml.
The settings stored in the ProfileInfo.xml match essentially the settings configurable in the MED-V System Tray. Any user settings changes will be copied here (such as server address, whether or not workspace starts automatically, etc.)
User Credentials and Offline Work
When a user accesses the MED-V Server successfully, a user stamped folder is placed in C:\ProgramData\MED-V\Users and a WindowsUserSettings.xml file is created in the user’s profile in the %LOCALAPPDATA%\MED-V folder. This index is important for mapping to cached credentials in the offline.dat file. In addition, if a user saves his or her password, it will be filled in for them on the dialog box. Regardless of whether a user chooses to save his or her password, upon successful authentication, the MED-V client will cache their credentials in the offline.dat file. This file is located in C:\ProgramData\MED-V\Local\Config\.The purpose of this to provide a cached credentials authentication mechanism in the event of the MED-V server being unreachable or the user is using a portable computer.
Variations of Event ID 81
Event ID 81 is the MED-V client user authentication failure event. These events happen in the event of an offline or online authentication failure. Certain conditions will generate certain types of failures.
1.) If the offline.dat is invalidated, corrupted, missing, or this is the first time the user has logged on and the server is not reachable, you will get this message:
Failed authenticating the user credentials. MED-V Server is unreachable at ‘https://servername’, and no cached credentials are available
2.) If the user has no credentials saved in the offline.dat fileand no MED-V server is accessible, you will get the following message:
Failed authenticating the user credentials. Invalid user name or password (offline mode).
3.) If there are no cached credentials available and there is access to the MED-V Server but the user has supplied an incorrect password, you get this:
Failed authenticating the user credentials. Invalid user name or password (online mode).
4.) If there are cached MED-V credentials and there is no access to MED-V Server but user inputs incorrect password, you will get this:
Failed authenticating the user credentials. Invalid user name or password (offline mode).
![clip_image004[1]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/prod.evol.blogs.technet.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/69/31/metablogapi/7824.clip_image0041_467494E7.png "clip_image004[1]")
Out of sync scenarios (when offline cached/saved password conflicts with windows
5.) If the password put into the MED-V Client dialog box is the correct windows password but the cached one (in the offline.dat file) is no longer valid and the MED-V server is unreachable, you get this:
Failed authenticating the user credentials. Invalid user name or password (offline mode).
![clip_image004[2]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/prod.evol.blogs.technet.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/69/31/metablogapi/4520.clip_image0042_1E61E5C8.png "clip_image004[2]")
6.) If the password put into the MED-V Client dialog box is the incorrect Windows password but matches the cached one that is old and MED-V server is unreachable – IT *will* be successful.
7.) However, if the password is saved and it no longer matches the windows password AND the server is unreachable, it will fail with the following error:
Failed authenticating the user credentials. Invalid user name or password (online mode).
![clip_image005[1]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/prod.evol.blogs.technet.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/69/31/metablogapi/0880.clip_image0051_52960F0E.png "clip_image005[1]")
8.) If the connection is lost again after a credential mismatch, it will throw this error (which is the same as if the server is unreachable and no credentials are available)
Failed authenticating the user credentials. MED-V Server is unreachable at ‘https://servername’, and no cached credentials are available
![clip_image003[1]](https://msdntnarchive.blob.core.windows.net/media/TNBlogsFS/prod.evol.blogs.technet.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/69/31/metablogapi/0724.clip_image0031_3A9F021B.png "clip_image003[1]")
Steve Thomas | Senior Support Escalation Engineer
The App-V Team blog: https://blogs.technet.com/appv/
The WSUS Support Team blog: https://blogs.technet.com/sus/
The SCMDM Support Team blog: https://blogs.technet.com/mdm/
The ConfigMgr Support Team blog: https://blogs.technet.com/configurationmgr/
The OpsMgr Support Team blog: https://blogs.technet.com/operationsmgr/
The SCVMM Team blog: https://blogs.technet.com/scvmm/
The MED-V Team blog: https://blogs.technet.com/medv/
The DPM Team blog: https://blogs.technet.com/dpm/
The OOB Support Team blog: https://blogs.technet.com/oob/
The Opalis Team blog: https://blogs.technet.com/opalis
