[Users] SSO from user portal to Windows 7 guest

simon simon at simminfo.com
Thu Feb 20 05:31:49 UTC 2014 

> On February 18, 2014 at 4:47 PM Itamar Heim <iheim at redhat.com> wrote:
>
> On 02/18/2014 06:59 PM, SimmInfo wrote:
> > Yes, I make my tests from user portal.
> >
> > Envoyé de mon iPad
> >
> >> Le 2014-02-18 à 09:14, Itamar Heim <iheim at redhat.com> a écrit :
> >>
> >>> On 02/18/2014 03:36 PM, SimmInfo wrote:
> >>> Ok,
> >>>
> >>> I tested it on a 3.4 beta2. Build a VM (win7 32) check "Guest agent" as
> >>> SSO option in vm config.
> >>>
> >>> Same result as the 3.3.3 engine. No sso but lock screen on spice session
> >>> termination.
> >>>
> >>> Nothing in engine.log about VmLogon nor Guest agent reportion to the
> >>> engine but Admin portal populated with vm ip, user connected, ip of the
> >>> connected user (very useful info), installed app, etc.
> >>>
> >>> Is there another way to know if the agent is correctly reporting to the
> >>> engine?
> >>>
> >>> Will test today with a fedora host.
> >>
> >> just to make sure - did you notice the important point of SSO only works if
> >> you login from the user portal, not from the webadmin?
> >>
> >>>
> >>> Thanks!
> >>>
> >>> My test config :
> >>>
> >>> Engine 3.4 beta2 on CentOS 6.5
> >>> Node CentOS 6.5 with vdsm from prerelease repo.
> >>> Storage iscsi
> >>>
> >>>
> >>>> Le 2014-02-17 à 04:24, Frantisek Kobzik <fkobzik at redhat.com> a écrit :
> >>>>
> >>>> Yes, that's a valid point (however it _should_ be set to 'Guest Agent' by
> >>>> default).
> >>>>
> >>>> To sum it up, SSO should happen (on the engine side) if all these
> >>>> conditions are true:
> >>>> - user is connecting via userportal (not webadmin),
> >>>> - guest agent presence is reported to engine,
> >>>> - state of VM is strictly "Up"
> >>>> - VM has SSO method set to "Guest agent" (Itamar's mail).
> >>>>
> >>>> If these conditions are fulfilled and SSO still doesn't work, there must
> >>>> be something wrong with the engine (or with reporting GA presence).
> >>>>
> >>>> Also VmLogon command should print some information to engine's log -
> >>>> could you take a look?
> >>>>
> >>>> Cheers,
> >>>> Franta.
> >>>>
> >>>>
> >>>> ----- Original Message -----
> >>>> From: "Itamar Heim" <iheim at redhat.com>
> >>>> To: "SimmInfo" <simon at simminfo.com>, users at ovirt.org, "Frantisek Kobzik"
> >>>> <fkobzik at redhat.com>
> >>>> Sent: Monday, February 17, 2014 3:35:08 AM
> >>>> Subject: Re: [Users] SSO from user portal to Windows 7 guest
> >>>>
> >>>>> On 02/15/2014 07:51 AM, SimmInfo wrote:
> >>>>> Ok, after more investigation on agent logs and some code modification it
> >>>>> seem that the agent is receiving commands from virtio device. As it
> >>>>> should. I have seen commands lock-screen, shutdown, etc... But not the
> >>>>> "login" command. Look like engine trouble... I will do more testing
> >>>>> tomorrow.
> >>>>>
> >>>>> Simon
> >>>>> _______________________________________________
> >>>>> Users mailing list
> >>>>> Users at ovirt.org
> >>>>> http://lists.ovirt.org/mailman/listinfo/users
> >>>>
> >>>> make sure it is enabled for the VM?
> >>>>
> >>>> commit abd645d5af8a5e4f7986bef00f470171a63be823
> >>>> Author: Frantisek Kobzik <fkobzik at redhat.com>
> >>>> Date: Tue Nov 26 11:16:26 2013 +0100
> >>>>
> >>>> frontend: Allow enabling/disabling SSO
> >>>>
> >>>> This small feature allows controlling SSO per VM.
> >>>> Changes:
> >>>> - new radio buttons in New/Edit VM/Template/VmPool dialog.
> >>>>
> >>>> Change-Id: I213110a1554cd67b6cd8560477b5d7551e89f24e
> >>>> Signed-off-by: Frantisek Kobzik <fkobzik at redhat.com>
> >>>> Bug-Url: https://bugzilla.redhat.com/1035279
> >>
>
> engine log?

Get no time for testing with fedora guest but there is some log output of the
connection to the vm from user portal :

I've noticed that error : Error in finding LDAP servers for domain
rstemis.reg01.rtss.qc.ca using user levsim01 at CSSSBASQUES.REG01.RTSS.QC.CA

This domain : rstemis.reg01.rtss.qc.ca is not my domain but another domain
member of the same forest...

2014-02-20 00:02:47,721 INFO
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(org.ovirt.thread.pool-6-thread-40) [63705695] Correlation ID: 63705695, Job ID:
bba86395-6eaa-4539-9557-2a0ba45b161c, Call Stack: null, Custom Event ID: -1,
Message: VM test was started by admin (Host:
csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca).
2014-02-20 00:02:50,795 INFO
 [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-47) VM test 8bf43efc-9424-4ffd-b5c6-1c92623267ea
moved from WaitForLaunch --> PoweringUp
2014-02-20 00:02:50,804 INFO
 [org.ovirt.engine.core.vdsbroker.vdsbroker.FullListVdsCommand]
(DefaultQuartzScheduler_Worker-47) START, FullListVdsCommand(HostName =
csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca, HostId =
0e900351-de49-4646-a4b1-394343e32f81,
vds=Host[csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca],
vmIds=[8bf43efc-9424-4ffd-b5c6-1c92623267ea]), log id: 4714a293
2014-02-20 00:02:50,813 INFO
 [org.ovirt.engine.core.vdsbroker.vdsbroker.FullListVdsCommand]
(DefaultQuartzScheduler_Worker-47) FINISH, FullListVdsCommand, return:
[Ljava.util.HashMap;@1bbd855a, log id: 4714a293
2014-02-20 00:02:50,815 INFO
 [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-47) Received a console Device without an address
when processing VM 8bf43efc-9424-4ffd-b5c6-1c92623267ea devices, skipping
device: {alias=console0, specParams={}, device=console, type=console,
deviceId=dd007a77-cbf1-4c58-9cea-39427e770d5d}
2014-02-20 00:03:48,442 INFO
 [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-44) VM test 8bf43efc-9424-4ffd-b5c6-1c92623267ea
moved from PoweringUp --> Up
2014-02-20 00:03:48,449 INFO
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-44) Correlation ID: 63705695, Job ID:
bba86395-6eaa-4539-9557-2a0ba45b161c, Call Stack: null, Custom Event ID: -1,
Message: VM test started on Host csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca
2014-02-20 00:03:59,757 WARN
 [org.ovirt.engine.core.bll.GetConfigurationValueQuery] (ajp--127.0.0.1-8702-2)
calling GetConfigurationValueQuery (UserMessageOfTheDay) with null version,
using default general for version
2014-02-20 00:04:21,710 INFO
 [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-99) VM test 8bf43efc-9424-4ffd-b5c6-1c92623267ea
moved from Up --> RebootInProgress
2014-02-20 00:05:01,101 INFO
 [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-66) VM test 8bf43efc-9424-4ffd-b5c6-1c92623267ea
moved from RebootInProgress --> Up
2014-02-20 00:05:31,126 ERROR
[org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp--127.0.0.1-8702-5)
Error in finding LDAP servers for domain rstemis.reg01.rtss.qc.ca using user
levsim01 at CSSSBASQUES.REG01.RTSS.QC.CA
2014-02-20 00:05:31,593 INFO  [org.ovirt.engine.core.bll.LoginUserCommand]
(ajp--127.0.0.1-8702-5) Running command: LoginUserCommand internal: false.
2014-02-20 00:05:31,600 INFO
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(ajp--127.0.0.1-8702-5) Correlation ID: null, Call Stack: null, Custom Event ID:
-1, Message: User levsim01 logged in.
2014-02-20 00:05:34,780 INFO  [org.ovirt.engine.core.bll.SetVmTicketCommand]
(ajp--127.0.0.1-8702-5) [6916f2f] Running command: SetVmTicketCommand internal:
false. Entities affected :  ID: 8bf43efc-9424-4ffd-b5c6-1c92623267ea Type: VM
2014-02-20 00:05:34,787 INFO
 [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
(ajp--127.0.0.1-8702-5) [6916f2f] START, SetVmTicketVDSCommand(HostName =
csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca, HostId =
0e900351-de49-4646-a4b1-394343e32f81, vmId=8bf43efc-9424-4ffd-b5c6-1c92623267ea,
ticket=y5bNXmtoILn7, validTime=120,m userName=levsim01,
userId=4643e1c0-bd18-493c-8c51-a342802168b0), log id: 44ef4679
2014-02-20 00:05:34,806 INFO
 [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
(ajp--127.0.0.1-8702-5) [6916f2f] FINISH, SetVmTicketVDSCommand, log id:
44ef4679
2014-02-20 00:05:34,813 INFO
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(ajp--127.0.0.1-8702-5) [6916f2f] Correlation ID: 6916f2f, Call Stack: null,
Custom Event ID: -1, Message: user levsim01 initiated console session for VM
test
2014-02-20 00:05:49,829 INFO  [org.ovirt.engine.core.bll.SetVmTicketCommand]
(ajp--127.0.0.1-8702-4) [50148fc] Running command: SetVmTicketCommand internal:
false. Entities affected :  ID: 8bf43efc-9424-4ffd-b5c6-1c92623267ea Type: VM
2014-02-20 00:05:49,832 INFO
 [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
(ajp--127.0.0.1-8702-4) [50148fc] START, SetVmTicketVDSCommand(HostName =
csl01basqu0vh01.csssbasques.reg01.rtss.qc.ca, HostId =
0e900351-de49-4646-a4b1-394343e32f81, vmId=8bf43efc-9424-4ffd-b5c6-1c92623267ea,
ticket=thO14QusWk0w, validTime=120,m userName=levsim01,
userId=4643e1c0-bd18-493c-8c51-a342802168b0), log id: b7b1cf
2014-02-20 00:05:49,849 INFO
 [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand]
(ajp--127.0.0.1-8702-4) [50148fc] FINISH, SetVmTicketVDSCommand, log id: b7b1cf
2014-02-20 00:05:49,862 INFO
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(ajp--127.0.0.1-8702-4) [50148fc] Correlation ID: 50148fc, Call Stack: null,
Custom Event ID: -1, Message: user levsim01 initiated console session for VM
test
2014-02-20 00:05:52,547 INFO
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-59) Correlation ID: null, Call Stack: null,
Custom Event ID: -1, Message: User levsim01 at csssbasques.reg01.rtss.qc.ca is
connected to VM test.
2014-02-20 00:06:07,732 INFO
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-81) Correlation ID: null, Call Stack: null,
Custom Event ID: -1, Message: User levsim01 at csssbasques.reg01.rtss.qc.ca got
disconnected from VM test.

Also, i get this error each hour :

2014-02-19 23:46:15,522 ERROR
[org.ovirt.engine.core.utils.timer.SchedulerUtilQuartzImpl]
(DefaultQuartzScheduler_Worker-37) Failed to invoke scheduled method
refreshAllUsers: java.lang.reflect.InvocationTargetException
    at sun.reflect.GeneratedMethodAccessor175.invoke(Unknown Source) [:1.7.0_51]
    at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.7.0_51]
    at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_51]
    at org.ovirt.engine.core.utils.timer.JobWrapper.execute(JobWrapper.java:60)
[scheduler.jar:]
    at org.quartz.core.JobRunShell.run(JobRunShell.java:213) [quartz.jar:]
    at
org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
[quartz.jar:]
Caused by: java.lang.NullPointerException
    at
org.ovirt.engine.core.bll.DbUserCacheManager.refreshUser(DbUserCacheManager.java:220)
[bll.jar:]
    at
org.ovirt.engine.core.bll.DbUserCacheManager.refreshUsers(DbUserCacheManager.java:137)
[bll.jar:]
    at
org.ovirt.engine.core.bll.DbUserCacheManager.refreshAllUsers(DbUserCacheManager.java:92)
[bll.jar:]
    ... 6 more

Somthing wrong with my directory config?

Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140220/75a572f0/attachment-0001.html>

More information about the Users mailing list