[ovirt-users] Troubleshooting VM SSO on Windows 10 (ovirt 4.2.1)

Cristian Mammoli c.mammoli at apra.it
Thu Mar 1 11:35:18 UTC 2018 

Hi, I'm trying to setup sso on Windows 10, vm is domain joined, has 
agent installed and credential provider registered.Of course I setup an 
AD domain and the vm has sso enabled

Whenever I log to the user portal and open a VM I'm presented with the 
login screen and nothing happens, it's like the engine doesn't send the 
command to autologin.

In the agent logs there's nothing interesting but the communication 
between the engine and the agent is ok: for example the command to 
lock-screen on console close runs and works:

Dummy-2::INFO::2018-03-01 
09:01:39,124::ovirtagentlogic::322::root::Received an external command: 
lock-screen...

This is an extract from engine logs when I login in the user portal and 
start a connection:

2018-03-01 11:30:01,558+01 INFO 
[org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-30) 
[] User c.mammoli at apra.it successfully logged in with scopes: 
ovirt-app-admin ovirt-app-api ovirt-app-portal 
ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all 
ovirt-ext=token-info:authz-search 
ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate 
ovirt-ext=token:password-access
2018-03-01 11:30:01,606+01 INFO 
[org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default 
task-31) [7bc265f] Running command: CreateUserSessionCommand internal: 
false.
2018-03-01 11:30:01,623+01 INFO 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(default task-31) [7bc265f] EVENT_ID: USER_VDC_LOGIN(30), User 
c.mammoli at apra.it@apra.it connecting from '192.168.1.100' using session 
'5NMjCbUiehNLAGMeeWsr4L5TatL+uUGsNHOxQtCvSa9i0DaQ7uoGSi6zaZdXu08vrEk5gyQUJAsB2+COzLwtEw==' 
logged in.
2018-03-01 11:30:02,163+01 ERROR 
[org.ovirt.engine.core.bll.GetSystemStatisticsQuery] (default task-39) 
[14276418-5de7-44a6-bb64-c60965de0acf] Query execution failed due to 
insufficient permissions.
2018-03-01 11:30:02,664+01 INFO 
[org.ovirt.engine.core.bll.SetVmTicketCommand] (default task-54) 
[617f130b] Running command: SetVmTicketCommand internal: false. Entities 
affected :  ID: c0250fe0-5d8b-44de-82bc-04610952f453 Type: VMAction 
group CONNECT_TO_VM with role type USER
2018-03-01 11:30:02,683+01 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand] 
(default task-54) [617f130b] START, SetVmTicketVDSCommand(HostName = 
r630-01.apra.it, 
SetVmTicketVDSCommandParameters:{hostId='d99a8356-72e8-4130-a1cc-e148762eca57', 
vmId='c0250fe0-5d8b-44de-82bc-04610952f453', protocol='SPICE', 
ticket='u2b1nv+rH+pw', validTime='120', userName='c.mammoli at apra.it', 
userId='39f9d718-6e65-456a-8a6f-71976bcbbf2f', 
disconnectAction='LOCK_SCREEN'}), log id: 18fa2ef
2018-03-01 11:30:02,703+01 INFO 
[org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand] 
(default task-54) [617f130b] FINISH, SetVmTicketVDSCommand, log id: 18fa2ef
2018-03-01 11:30:02,713+01 INFO 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(default task-54) [617f130b] EVENT_ID: VM_SET_TICKET(164), User 
c.mammoli at apra.it@apra.it initiated console session for VM testvdi02
2018-03-01 11:30:11,558+01 INFO 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(EE-ManagedThreadFactory-engineScheduled-Thread-49) [] EVENT_ID: 
VM_CONSOLE_CONNECTED(167), User c.mammoli at apra.it is connected to VM 
testvdi02.

Any help would be appreciated

More information about the Users mailing list