Symptoms
Starting Windows 24H2, when installing Parallels Client with SSO enabled, the SSO options is not available on the drop-down lit for authentication type.
Cause
MARCH 2024
NPLogonNotify and NPPasswordChangeNotify APIs
Starting in Windows 11, version 24H2, the inclusion of password payload in MPR notifications is set to disabled by default through group policy in NPLogonNotify and NPPasswordChangeNotify APIs. The APIs may be removed in a future release. The primary reason for disabling this feature is to enhance security. When enabled, these APIs allow the caller to retrieve a user's password, presenting potential risks for password exposure and harvesting by malicious users. To include password payload in MPR notifications, set the EnableMPRNotifications policy to enabled.
Resolution
To enable MPR Notifications using the following GPO:
Computer Configuration > Administrative Templates > Windows Components > Windows Logon Options : "Configure the transmission of the user's password in the content of MPR notifications sent by Winlogon"
must be set to Enabled
If the above GPO is set by default, "Not configured", when enabled SSO on Parallels Client during the installation process even after several reboots, the SSO will not be available on the drop list.
Was this article helpful?
Tell us how we can improve it.