When I open ubuntu VDI,it stays here,and prompts "sorry that didn't work,try again" ,I need to enter my account and password again and then successfully log in.
Does anyone know how this problem can be solved?Thank you
Horizon 2206 server/agent for linux/client
AD authentication method:SSSD
I think you can use command like 'hostnamectl set-hostname YF2' for your YF2 host setting, and then leave/rejoin the domain, after that, you may re-configure the /etc/sssd/sssd.conf file(like in YF1), please have a try.
Your duplicate post on this topic has been reported to volunteer moderators.
Hi CY11490,
some 'best practices' here just F.Y.I.
a), please make sure your have time synced with the domain controller,.e.g both the AD and your VM synced with the same NTP server
b), please make sure the /etc/hosts file are updated as required;
c), please make sure you have update /etc/krb5.conf as required, please ask your IT expert for the correct values like kdc, admin_server, domain_realm etc
d), please make sure the /etc/sssd/sssd.conf file is updated as required;
you can also paster your /etc/hosts, krb5.conf and sssd.conf here for analysis.
The best way to get this issue solved quickly is, open a SR for it:)
@yanchaozhang is correct here in the troubleshooting steps. I've seen this issue after pushing out some new pools on Linux and it appears that you cannot login using domain creds.
I typically have our Senior Linux admin chase these down for our team.
Also I've seen solutions work from all the suggested steps @yanchaozhang is offering which I'll post below.
Hi CY11490,
some 'best practices' here just F.Y.I.
a), please make sure your have time synced with the domain controller,.e.g both the AD and your VM synced with the same NTP server
b), please make sure the /etc/hosts file are updated as required;
c), please make sure you have update /etc/krb5.conf as required, please ask your IT expert for the correct values like kdc, admin_server, domain_realm etc
d), please make sure the /etc/sssd/sssd.conf file is updated as required;
you can also paster your /etc/hosts, krb5.conf and sssd.conf here for analysis.
The best way to get this issue solved quickly is, open a SR for it:)
I tried it,but the problem remains,thanks
Here is my sssd.conf,poc.com is my test domain
I didn't change krb5.conf,because my vdi is ubuntu20.04 ,
I didn't find any obvious error your configuration files against /etc/hosts/ and sssd.conf;
for your krb5.conf file, is there any value like the folowing ? here, lxd.vdi is my domain
--------
[realms]
LXD.VDI = {
kdc = lxdad.lxd.vdi
admin_server = lxdad.lxd.vdi
}
[domain_realm]
.lxd.vdi = LXD.VDI
lxd.vdi = LXD.VDI
--------
also, what's the error message for the failure case ?
like journalctl output and/or /var/log/syslog
please paste it here for further analysis
tried to add my domain in the krb5.conf file, de-domain and re-add the domain, and then reinstall the client, SSO works normally, but after a few days, it doesn't work again, I didn't make any adjustments
this is my syslog,I found an issue that may be related to SSO
Hi CY11490,
What's the output of command:
sudo systemctl status sssd
please make sure the sssd service is enabled and auto started (e.g. systemctl enable sssd)
also, from the screenshot, seems you don't update your hostname;
How to set hostname?I have two VDI ,SSO of one VDI is normal,it is YF1,YF2 is abnormal,But their hostname format is the same。
I compared the/etc/ssd/sssd.conf and etc/vmware/viewagent-custom.conf files of the two VDIs, and their configurations are the same
I think you can use command like 'hostnamectl set-hostname YF2' for your YF2 host setting, and then leave/rejoin the domain, after that, you may re-configure the /etc/sssd/sssd.conf file(like in YF1), please have a try.
Thanks for the reminder,I found the problem, YF2's /etc/hostname file is empty, I added the hostname and uninstalled and reinstalled the Horizon agent, SSO is normal, I need to look into another new question why the hostname of some VDI is lost after the template clone of ubuntu, thanks again
Glad to hear the good news 🙂
please open a new one for the hostname lost issue.