For DaaS you can deploy a UAG (Unified Access Gateway) if you need one. Once you do, you need to run the command “sudo /usr/local/desktone/scripts/apsetup.sh” from the tenant appliance.

Basically your UAG is now configured and ready for use. But after some it could be that you need to change your SSL certificate because it will expire. SO you upload the new certificate file on the tenant appliances and you need to rerun the apsetup.sh to pickup the new certifiate for you UAG.
The problem is that does not work any more…. Why?
The default settings in the UAG will expire the admin pass after 90 days! you can change this pass by login into the UAG GUI, but in same setups that can be difficult because of all the network restrictions.

So I tried to find the REST API call to modify this setting:
It puts the expiration settings to 0 (unlimited) and saves it as a json file. Then with curl I inject the setting.
Don’t forget to change your UAG IP address!

echo {\"adminPasswordExpirationDays\" : \"0\"} > passexpirechange.json
curl -k -d @- -u 'admin' -H "Content-Type: application/json" -X PUT https://UAG-IP-address:9443/rest/v1/config/system < ~/passexpirechange.json

There is a way to do it fully scripted with Powershell but also needs additional software before you can use the script. And then you can include the above settings for the password settings: https://communities.vmware.com/docs/DOC-30835



One thought on “DaaS UAG changes not working after some time”

Leave a Reply

Your email address will not be published. Required fields are marked *