On 04/12/2013 11:27 AM, Karli Sjöberg wrote:
Hey Everyone!admin@internal <mailto:admin@internal> for testing (correct me if Iīm
I solved it! I friggin solved it, and it didnīt have anything to do with
the spice-client, spice-plugin(ActiveX or XPI), or userportal
specifically, itīs in the engine itself! So Juanjo here said that it
works for him, and I took a guess thatīs because he is only using
wrong Juanjo), so I added a "UserRole" to admin on a test VM, logged
into Userportal, clicked for console, and it worked! So, since our setup
is a little more complex, as itīs connected to our ActiveDirectory, I
concluded that it must be a permissions related issue. I created a new
UserRole, called "ConsoleOwner" that only have "Login Permissions" and
"RemoteLogin" and added that role to our engineīs "System Permissions"
on a directory group as "broad" as possible. After that if I also added
an explicit UserRole permission for a directory user on any VM now it
works 100%. Me so happy!:)
A question goes out the developers: Should you have to do that? I
thought that permissions where supposed to be calculated like Windows
ACLs "Effective Permissions", so that if I just add sufficient
permissions for a directory user on a VM, itīs effective permissions
should have granted the necessary abilities in the system, without me
having to first add that as a "big" system permission to have them
granted? Bug, or intended?
Thank you so much Juanjo, for posting the versions you are currently
using that proved that it "should" work, and that it had to be something
else that prevented us from using it (which it was). Thank you!
can you please clarify again which permission you granted to a user on the VM which didn't work before you added to the user the console permission?