From: "Itamar Heim" <iheim(a)redhat.com
To: "simon" <simon(a)simminfo.com
Cc: "Frantisek Kobzik" <fkobzik(a)redhat.com>,
users(a)ovirt.org, "Yair Zaslavsky" <yzaslavs(a)redhat.com
Sent: Thursday, February 20, 2014 9:15:11 AM
Subject: Re: [Users] SSO from user portal to Windows 7 guest
On 02/20/2014 07:31 AM, simon wrote:
> > On February 18, 2014 at 4:47 PM Itamar Heim <iheim(a)redhat.com> wrote:
>
> > On 02/18/2014 06:59 PM, SimmInfo wrote:
> > > Yes, I make my tests from user portal.
> >
> > > Envoyé de mon iPad
> >
> > >> Le 2014-02-18 à
09:14, Itamar Heim <iheim(a)redhat.com> a écrit :
> > >
> > >>> On
02/18/2014 03:36 PM, SimmInfo wrote:
> > >>> Ok,
> > >>
> > >>> I tested it
on a 3.4 beta2. Build a VM (win7 32) check "Guest
> agent" as SSO option in vm config.
> > >>
> > >>> Same result
as the 3.3.3 engine. No sso but lock screen on spice
> session termination.
> > >>
> > >>> Nothing in
engine.log about VmLogon nor Guest agent reportion to
> the engine but Admin portal populated with vm ip, user connected, ip of
> the connected user (very useful info), installed app, etc.
> > >>
> > >>> Is there
another way to know if the agent is correctly reporting
> to the engine?
> > >>
> > >>> Will test
today with a fedora host.
> > >
> > >> just to make
sure - did you notice the important point of SSO only
> works if you login from the user portal, not from the webadmin?
> > >
> > >>
> > >>> Thanks!
> > >>
> > >>> My test
config :
> > >>
> > >>> Engine 3.4
beta2 on CentOS 6.5
> > >>> Node CentOS 6.5 with vdsm from prerelease repo.
> > >>> Storage iscsi
> > >>
> > >>
> > >>>> Le 2014-02-17 à 04:24, Frantisek
Kobzik <fkobzik(a)redhat.com> a
> écrit :
> > >>>
> > >>>> Yes,
that's a valid point (however it _should_ be set to 'Guest
> Agent' by default).
> > >>>
> > >>>> To sum
it up, SSO should happen (on the engine side) if all
> these conditions are true:
> > >>>> - user is connecting via userportal (not webadmin),
> > >>>> - guest agent presence is reported to engine,
> > >>>> - state of VM is strictly "Up"
> > >>>> - VM has SSO method set to "Guest agent"
(Itamar's mail).
> > >>>
> > >>>> If
these conditions are fulfilled and SSO still doesn't work,
> there must be something wrong with the engine (or with reporting GA
> presence).
> > >>>
> > >>>> Also
VmLogon command should print some information to engine's
> log - could you take a look?
> > >>>
> > >>>>
Cheers,
> > >>>> Franta.
> > >>>
> > >>>
> > >>>> ----- Original Message -----
> > >>>> From: "Itamar Heim" <iheim(a)redhat.com
> > >>>> To: "SimmInfo"
<simon(a)simminfo.com>, users(a)ovirt.org, "Frantisek
> Kobzik" <fkobzik(a)redhat.com
>
> >>>> Sent: Monday, February 17, 2014 3:35:08 AM
> > >>>> Subject: Re: [Users] SSO from user portal to Windows 7 guest
> > >>>
> > >>>>> On
02/15/2014 07:51 AM, SimmInfo wrote:
> > >>>>> Ok, after more investigation on agent logs and some code
> modification it seem that the agent is receiving commands from virtio
> device. As it should. I have seen commands lock-screen, shutdown, etc...
> But not the "login" command. Look like engine trouble... I will do more
> testing tomorrow.
> > >>>>
> > >>>>>
Simon
> > >>>>> _______________________________________________
> > >>>>> Users mailing list
> > >>>>> Users(a)ovirt.org
> > >>>>>
http://lists.ovirt.org/mailman/listinfo/users
> > >>>
> > >>>> make
sure it is enabled for the VM?
> > >>>
> > >>>> commit
abd645d5af8a5e4f7986bef00f470171a63be823
> > >>>> Author: Frantisek Kobzik <fkobzik(a)redhat.com
> > >>>> Date: Tue Nov 26 11:16:26 2013
+0100
> > >>>
> > >>>>
frontend: Allow enabling/disabling SSO
> > >>>
> > >>>> This
small feature allows controlling SSO per VM.
> > >>>> Changes:
> > >>>> - new radio buttons in New/Edit VM/Template/VmPool dialog.
> > >>>
> > >>>>
Change-Id: I213110a1554cd67b6cd8560477b5d7551e89f24e
> > >>>> Signed-off-by: Frantisek Kobzik <fkobzik(a)redhat.com
> > >>>> Bug-Url:
https://bugzilla.redhat.com/1035279
> > >
>
>
> engine log?
> Get no time for testing with fedora guest but there is some log output
> of the connection to the vm from user portal :
> I've noticed that error : *Error in finding LDAP servers for domain
> rstemis.reg01.rtss.qc.ca using user levsim01(a)CSSSBASQUES.REG01.RTSS.QC.CA*
> This domain : *rstemis.reg01.rtss.qc.ca* is not my domain but another
> domain member of the same forest...
That sounds strange, the ldap servers should be looked for domains that were added by
engine-manage-domains.
You can perform engine-manage-domains list (or engine-manage-domains -action=list if the
new syntax does not work for you).
or you can alternatively check the database -
psql engine
select * from vdc_options where option_name = 'DomainName';
and check which domains were added?
> 2014-02-20 00:02:47,721 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (org.ovirt.thread.pool-6-thread-40) [63705695] Correlation ID: 63705695,
> Job ID: bba86395-6eaa-4539-9557-2a0ba45b161c, Call Stack: null, Custom
> Event ID: -1, Message: VM test was started by admin (Host:
> csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca).
> 2014-02-20 00:02:50,795 INFO
> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
> (DefaultQuartzScheduler_Worker-47) VM test
> 8bf43efc-9424-4ffd-b5c6-1c92623267ea moved from WaitForLaunch --
> PoweringUp
> 2014-02-20 00:02:50,804 INFO
> [org.ovirt.engine.core.vdsbroker.vdsbroker.FullListVdsCommand]
> (DefaultQuartzScheduler_Worker-47) START, FullListVdsCommand(HostName =
> csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca, HostId =
> 0e900351-de49-4646-a4b1-394343e32f81,
> vds=Host[csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca],
> vmIds=[8bf43efc-9424-4ffd-b5c6-1c92623267ea]), log id: 4714a293
> 2014-02-20 00:02:50,813 INFO
> [org.ovirt.engine.core.vdsbroker.vdsbroker.FullListVdsCommand]
> (DefaultQuartzScheduler_Worker-47) FINISH, FullListVdsCommand, return:
> [Ljava.util.HashMap;@1bbd855a, log id: 4714a293
> 2014-02-20 00:02:50,815 INFO
> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
> (DefaultQuartzScheduler_Worker-47) Received a console Device without an
> address when processing VM 8bf43efc-9424-4ffd-b5c6-1c92623267ea devices,
> skipping device: {alias=console0, specParams={}, device=console,
> type=console, deviceId=dd007a77-cbf1-4c58-9cea-39427e770d5d}
> 2014-02-20 00:03:48,442 INFO
> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
> (DefaultQuartzScheduler_Worker-44) VM test
> 8bf43efc-9424-4ffd-b5c6-1c92623267ea moved from PoweringUp --> Up
> 2014-02-20 00:03:48,449 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (DefaultQuartzScheduler_Worker-44) Correlation ID: 63705695, Job ID:
> bba86395-6eaa-4539-9557-2a0ba45b161c, Call Stack: null, Custom Event ID:
> -1, Message: VM test started on Host
> csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca
> 2014-02-20 00:03:59,757 WARN
> [org.ovirt.engine.core.bll.GetConfigurationValueQuery]
> (ajp--127.0.0.1-8702-2) calling GetConfigurationValueQuery
> (UserMessageOfTheDay) with null version, using default general for version
> 2014-02-20 00:04:21,710 INFO
> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
> (DefaultQuartzScheduler_Worker-99) VM test
> 8bf43efc-9424-4ffd-b5c6-1c92623267ea moved from Up --> RebootInProgress
> 2014-02-20 00:05:01,101 INFO
> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
> (DefaultQuartzScheduler_Worker-66) VM test
> 8bf43efc-9424-4ffd-b5c6-1c92623267ea moved from RebootInProgress --> Up
> 2014-02-20 00:05:31,126 ERROR
> [org.ovirt.engine.core.bll.adbroker.DirectorySearcher]
> (ajp--127.0.0.1-8702-5) Error in finding LDAP servers for domain
> rstemis.reg01.rtss.qc.ca using user levsim01(a)CSSSBASQUES.REG01.RTSS.QC.CA
> 2014-02-20 00:05:31,593 INFO
> [org.ovirt.engine.core.bll.LoginUserCommand] (ajp--127.0.0.1-8702-5)
> Running command: LoginUserCommand internal: false.
> 2014-02-20 00:05:31,600 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-5) Correlation ID: null, Call Stack: null, Custom
> Event ID: -1, Message: User levsim01 logged in.
> 2014-02-20 00:05:34,780 INFO
> [org.ovirt.engine.core.bll.SetVmTicketCommand] (ajp--127.0.0.1-8702-5)
> [6916f2f] Running command: SetVmTicketCommand internal: false. Entities
> affected : ID: 8bf43efc-9424-4ffd-b5c6-1c92623267ea Type: VM
> 2014-02-20 00:05:34,787 INFO
> [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
> (ajp--127.0.0.1-8702-5) [6916f2f] START, SetVmTicketVDSCommand(HostName
> = csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca, HostId =
> 0e900351-de49-4646-a4b1-394343e32f81,
> vmId=8bf43efc-9424-4ffd-b5c6-1c92623267ea, ticket=y5bNXmtoILn7,
> validTime=120,m userName=levsim01,
> userId=4643e1c0-bd18-493c-8c51-a342802168b0), log id: 44ef4679
> 2014-02-20 00:05:34,806 INFO
> [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
> (ajp--127.0.0.1-8702-5) [6916f2f] FINISH, SetVmTicketVDSCommand, log id:
> 44ef4679
> 2014-02-20 00:05:34,813 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-5) [6916f2f] Correlation ID: 6916f2f, Call Stack:
> null, Custom Event ID: -1, Message: user levsim01 initiated console
> session for VM test
> 2014-02-20 00:05:49,829 INFO
> [org.ovirt.engine.core.bll.SetVmTicketCommand] (ajp--127.0.0.1-8702-4)
> [50148fc] Running command: SetVmTicketCommand internal: false. Entities
> affected : ID: 8bf43efc-9424-4ffd-b5c6-1c92623267ea Type: VM
> 2014-02-20 00:05:49,832 INFO
> [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
> (ajp--127.0.0.1-8702-4) [50148fc] START, SetVmTicketVDSCommand(HostName
> = csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca, HostId =
> 0e900351-de49-4646-a4b1-394343e32f81,
> vmId=8bf43efc-9424-4ffd-b5c6-1c92623267ea, ticket=thO14QusWk0w,
> validTime=120,m userName=levsim01,
> userId=4643e1c0-bd18-493c-8c51-a342802168b0), log id: b7b1cf
> 2014-02-20 00:05:49,849 INFO
> [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
> (ajp--127.0.0.1-8702-4) [50148fc] FINISH, SetVmTicketVDSCommand, log id:
> b7b1cf
> 2014-02-20 00:05:49,862 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-4) [50148fc] Correlation ID: 50148fc, Call Stack:
> null, Custom Event ID: -1, Message: user levsim01 initiated console
> session for VM test
> 2014-02-20 00:05:52,547 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (DefaultQuartzScheduler_Worker-59) Correlation ID: null, Call Stack:
> null, Custom Event ID: -1, Message: User
> levsim01(a)csssbasques.reg01.rtss.qc.ca is connected to VM test.
> 2014-02-20 00:06:07,732 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (DefaultQuartzScheduler_Worker-81) Correlation ID: null, Call Stack:
> null, Custom Event ID: -1, Message: User
> levsim01(a)csssbasques.reg01.rtss.qc.ca got disconnected from VM test.
> Also, i get this error each hour :
> 2014-02-19 23:46:15,522 ERROR
> [org.ovirt.engine.core.utils.timer.SchedulerUtilQuartzImpl]
> (DefaultQuartzScheduler_Worker-37) Failed to invoke scheduled method
> refreshAllUsers: java.lang.reflect.InvocationTargetException
> at sun.reflect.GeneratedMethodAccessor175.invoke(Unknown Source)
> [:1.7.0_51]
> at
>
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> [rt.jar:1.7.0_51]
> at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_51]
> at
> org.ovirt.engine.core.utils.timer.JobWrapper.execute(JobWrapper.java:60)
> [scheduler.jar:]
> at org.quartz.core.JobRunShell.run(JobRunShell.java:213) [quartz.jar:]
> at
> org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
> [quartz.jar:]
> Caused by: java.lang.NullPointerException
> at
>
org.ovirt.engine.core.bll.DbUserCacheManager.refreshUser(DbUserCacheManager.java:220)
> [bll.jar:]
> at
>
org.ovirt.engine.core.bll.DbUserCacheManager.refreshUsers(DbUserCacheManager.java:137)
> [bll.jar:]
> at
>
org.ovirt.engine.core.bll.DbUserCacheManager.refreshAllUsers(DbUserCacheManager.java:92)
> [bll.jar:]
> ... 6 more
> Somthing wrong with my directory config?
> Thanks
yair?