Hi, I'm trying to setup sso on Windows 10, vm is domain joined, has
agent installed and credential provider registered.Of course I setup an
AD domain and the vm has sso enabled
Whenever I log to the user portal and open a VM I'm presented with the
login screen and nothing happens, it's like the engine doesn't send the
command to autologin.
In the agent logs there's nothing interesting but the communication
between the engine and the agent is ok: for example the command to
lock-screen on console close runs and works:
Dummy-2::INFO::2018-03-01
09:01:39,124::ovirtagentlogic::322::root::Received an external command:
lock-screen...
This is an extract from engine logs when I login in the user portal and
start a connection:
2018-03-01 11:30:01,558+01 INFO
[org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-30)
[] User c.mammoli(a)apra.it successfully logged in with scopes:
ovirt-app-admin ovirt-app-api ovirt-app-portal
ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all
ovirt-ext=token-info:authz-search
ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate
ovirt-ext=token:password-access
2018-03-01 11:30:01,606+01 INFO
[org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default
task-31) [7bc265f] Running command: CreateUserSessionCommand internal:
false.
2018-03-01 11:30:01,623+01 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(default task-31) [7bc265f] EVENT_ID: USER_VDC_LOGIN(30), User
c.mammoli@apra.it(a)apra.it connecting from '192.168.1.100' using session
'5NMjCbUiehNLAGMeeWsr4L5TatL+uUGsNHOxQtCvSa9i0DaQ7uoGSi6zaZdXu08vrEk5gyQUJAsB2+COzLwtEw=='
logged in.
2018-03-01 11:30:02,163+01 ERROR
[org.ovirt.engine.core.bll.GetSystemStatisticsQuery] (default task-39)
[14276418-5de7-44a6-bb64-c60965de0acf] Query execution failed due to
insufficient permissions.
2018-03-01 11:30:02,664+01 INFO
[org.ovirt.engine.core.bll.SetVmTicketCommand] (default task-54)
[617f130b] Running command: SetVmTicketCommand internal: false. Entities
affected : ID: c0250fe0-5d8b-44de-82bc-04610952f453 Type: VMAction
group CONNECT_TO_VM with role type USER
2018-03-01 11:30:02,683+01 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
(default task-54) [617f130b] START, SetVmTicketVDSCommand(HostName =
r630-01.apra.it,
SetVmTicketVDSCommandParameters:{hostId='d99a8356-72e8-4130-a1cc-e148762eca57',
vmId='c0250fe0-5d8b-44de-82bc-04610952f453', protocol='SPICE',
ticket='u2b1nv+rH+pw', validTime='120',
userName='c.mammoli(a)apra.it',
userId='39f9d718-6e65-456a-8a6f-71976bcbbf2f',
disconnectAction='LOCK_SCREEN'}), log id: 18fa2ef
2018-03-01 11:30:02,703+01 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
(default task-54) [617f130b] FINISH, SetVmTicketVDSCommand, log id: 18fa2ef
2018-03-01 11:30:02,713+01 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(default task-54) [617f130b] EVENT_ID: VM_SET_TICKET(164), User
c.mammoli@apra.it(a)apra.it initiated console session for VM testvdi02
2018-03-01 11:30:11,558+01 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(EE-ManagedThreadFactory-engineScheduled-Thread-49) [] EVENT_ID:
VM_CONSOLE_CONNECTED(167), User c.mammoli(a)apra.it is connected to VM
testvdi02.
Any help would be appreciated