Hi i am new to oVirt so i think i am missing something.
I my case ovirt-engine-extension-aaa-ldap-setup did not work and i am not a
domain administrator so i had to set it up by hand
I can login with my AD user into the VM portal but SSO to a windows 7 machine
does not happen
Thks for your help
rgds
Harry
my files:
in /etc/ovirt-engine/aaa/zkf200mut.prd.properties
vars.user = CN=HARRY (Adm),OU=Administrative
Accounts,OU=Operations,OU=203,DC=zkf200mut,DC=prd
vars.password = password
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = single
pool.default.serverset.single.server = 10.63.123.22
pool.default.dc-resolve.default.serverset.type = single
pool.default.dc-resolve.serverset.single.server = 10.63.123.22
pool.default.socketfactory.type = java
/etc/ovirt-engine/extensions.d/zkf200mut.prd-authn.properties
ovirt.engine.extension.name = zkf200mut.prd-authn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = zkf200mut.prd
ovirt.engine.aaa.authn.authz.plugin = zkf200mut.prd
config.profile.file.1 = ../aaa/zkf200mut.prd.properties
/etc/ovirt-engine/extensions.d/zkf200mut.prd.properties
ovirt.engine.extension.name = zkf200mut.prd
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = ../aaa/zkf200mut.prd.properties
engine.log -> when i login and click on the console of the VM
2019-06-04 12:24:30,442+02 INFO
[org.ovirt.engine.core.bll.aaa.TerminateSessionsForTokenCommand] (default
task-8) [354a4756] Running command: TerminateSessionsForTokenCommand internal:
true.
2019-06-04 12:24:46,247+02 INFO
[org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-7) [] User
m203h...@zkf200mut.prd successfully logged in with scopes: ovirt-app-admin
ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~
ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search
ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate
ovirt-ext=token:password-access
2019-06-04 12:24:46,316+02 INFO
[org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-7)
[d7805c4] Running command: CreateUserSessionCommand internal: false.
2019-06-04 12:24:46,331+02 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default
task-7) [d7805c4] EVENT_ID: USER_VDC_LOGIN(30), User
m203h...@zkf200mut.prd@zkf200mut.prd connecting from '10.63.120.199' using
session
'CGIKs/CP4HQdLoUhWAzsq996BKkMcKDrqdfHT1x/kIBzixxbNl/hle8BZCZmS2L/ehVZdoStH2JByXragQxeqw=='
logged in.
2019-06-04 12:24:47,015+02 ERROR
[org.ovirt.engine.core.bll.GetPermissionsForObjectQuery] (default task-3)
[1e271632-b9f4-4bcc-8205-ccd8ff1421f6] Query execution failed due to
insufficient permissions.
2019-06-04 12:24:47,017+02 ERROR
[org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default
task-3) [] Operation Failed: query execution failed due to insufficient
permissions.
2019-06-04 12:24:50,106+02 INFO [org.ovirt.engine.core.bll.SetVmTicketCommand]
(default task-8) [6f85887f] Running command: SetVmTicketCommand internal:
false. Entities affected : ID: 3985528e-5bd3-4d87-b766-361c7985788f Type:
VMAction group CONNECT_TO_VM with role type USER
2019-06-04 12:24:50,118+02 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand] (default
task-8) [6f85887f] START, SetVmTicketVDSCommand(HostName =
ovirtServer1.zkf200mut.prd,
SetVmTicketVDSCommandParameters:{hostId='d28491ac-2c3b-4462-b24b-1c673155c644',
vmId='3985528e-5bd3-4d87-b766-361c7985788f', protocol='SPICE',
ticket='PzMAJhjN75ij', validTime='120', userName='m203h...@zkf200mut.prd',
userId='12f092ed-db4c-4ed0-b4bb-f3051c4fc677',
disconnectAction='LOCK_SCREEN'}), log id: 103ea2
2019-06-04 12:24:50,150+02 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand] (default
task-8) [6f85887f] FINISH, SetVmTicketVDSCommand, return: , log id: 103ea2
2019-06-04 12:24:50,168+02 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default
task-8) [6f85887f] EVENT_ID: VM_SET_TICKET(164), User
m203h...@zkf200mut.prd@zkf200mut.prd initiated console session for VM W203YZ001V
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/SOJMZ74JNVNVCHM3KZHYOHBOHTMI4N66/
