Guest

Preview Tool

Cisco Bug: CSCte63458 - User impersonation to retrieve proxy settings fails

Last Modified

Mar 15, 2016

Products (1)

  • Cisco AnyConnect VPN Client

Known Affected Releases

2.4(1012)

Description (partial)

Symptom:
The Anyconnect client fails to connect when the local machine is configured to use a proxy.
The Anyconnect event log contains entries similar to the following:

Description : Function: CWinsecApiImpersonateUser::searchProcessesForUserToken
File: .\IPC\WinsecAPI.cpp
Line: 1362
Invoked Function: Process32Next
Return Code: 18 (0x00000012)
Description: There are no more files.

Description : Function: CWinsecApiImpersonateUser::getUsername
File: .\IPC\WinsecAPI.cpp
Line: 1038
Invoked Function: GetUserImpersonationToken
Return Code: -32767981 (0xFE0C0013)
Description: WINSECAPI_ERROR_GETUSERIMPERSONATIONTOKEN_FAILED


Conditions:
This only happens when the process defined in registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell is not running at the time the connection is established.
In a default Windows installation, this registry key is set to 'explorer.exe' however this can be modified by the system administrator.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.