With the release of LANDesk Management Suite 2016.3 SU3, and Ivanti Endpoint Manager 2017.x, we have upgraded our hash encryption algorithms to use SHA-256 hashes for the pass-through Authentication Token. This change to the algorithm prevents older agents from being able to decrypt the token, causing the following errors for both HTML and Legacy remote control.
Error when using HTML Remote Control:
Authentication Failed, Invalid Credentials or No rights to Remote Control
Error when using Legacy Remote Control:
The signed rights document was not valid. Authentication failed.
Updating the agent to match the core version will resolve the issue, as the newer agent will be able to decrypt the authentication token.
It has always been the position of Ivanti Support that Agents should be updated as quickly as possible after the core server has been upgraded. Although this is an inconvenience, it is working as designed and is expected Ivanti admins will work to upgrade their agents as quickly as possible to return to full functionality.
There is a workaround for HTML Remote Control that can be used when the agent cannot be updated in a timely fashion, or at all.
When presented with the authentication error, click OK, and you will be prompted for your credentials. Enter your credentials in manually and, provided you have the necessary access, it will successfully initiate the remote control session.
*** There is no work around for Legacy RC. To remote control an older agent, you will need to use HTML RC.***