VMware Horizon Community
CY11490
Contributor
Contributor
Jump to solution

ubuntu20.04 desktop requires two logins to the account

When I open ubuntu VDI,it stays here,and prompts "sorry that didn't work,try again" ,I need to enter my account and password again and then successfully log in.

Does anyone know how this problem can be solved?Thank you 

Horizon 2206 server/agent for linux/client

AD authentication method:SSSD

 

CY11490_0-1673682966637.png

 

Reply
0 Kudos
1 Solution

Accepted Solutions
yanchaozhang
VMware Employee
VMware Employee
Jump to solution

I think you can use command like  'hostnamectl set-hostname YF2' for your YF2 host setting, and then leave/rejoin the domain, after that, you may re-configure the /etc/sssd/sssd.conf file(like in YF1), please have a try.

View solution in original post

16 Replies
scott28tt
VMware Employee
VMware Employee
Jump to solution

Your duplicate post on this topic has been reported to volunteer moderators.

 


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
Reply
0 Kudos
chenyu_vmware
VMware Employee
VMware Employee
Jump to solution

Could you please have a try to use Linux agent 2209 build, to see whether sso can auto login. As we re-design the sso logic at build 2209. Thanks. If sso still can't auto login with Linux agent 2209 build, please open one PR and attach the dct logs for Engineer to analysis, thanks.
Reply
0 Kudos
yanchaozhang
VMware Employee
VMware Employee
Jump to solution

Hi CY11490,

 

some 'best practices' here just F.Y.I.

a), please make sure your have time synced with the domain controller,.e.g both the AD and your VM synced with the same NTP server
b), please make sure the /etc/hosts file are updated as required;

c), please make sure you have update /etc/krb5.conf as required, please ask your IT expert for the correct values like kdc, admin_server, domain_realm etc

d), please make sure the /etc/sssd/sssd.conf file is updated as required;

you can also paster your /etc/hosts, krb5.conf and sssd.conf here for analysis.

 

The best way to get this issue solved quickly is,  open a SR for it:)

Reply
0 Kudos
zsalazar
Enthusiast
Enthusiast
Jump to solution

@yanchaozhang is correct here in the troubleshooting steps. I've seen this issue after pushing out some new pools on Linux and it appears that you cannot login using domain creds.

I typically have our Senior Linux admin chase these down for our team.

 

Also I've seen solutions work from all the suggested steps @yanchaozhang  is offering which I'll post below.

 

 yanchaozhang
VMware Employee
 
‎01-19-2023 12:25 AM

 

Hi CY11490,

 

some 'best practices' here just F.Y.I.

a), please make sure your have time synced with the domain controller,.e.g both the AD and your VM synced with the same NTP server
b), please make sure the /etc/hosts file are updated as required;

c), please make sure you have update /etc/krb5.conf as required, please ask your IT expert for the correct values like kdc, admin_server, domain_realm etc

d), please make sure the /etc/sssd/sssd.conf file is updated as required;

you can also paster your /etc/hosts, krb5.conf and sssd.conf here for analysis.

 

The best way to get this issue solved quickly is,  open a SR for it:)

 

Reply
0 Kudos
CY11490
Contributor
Contributor
Jump to solution

I tried it,but the problem remains,thanks

Reply
0 Kudos
CY11490
Contributor
Contributor
Jump to solution

Here is my sssd.conf,poc.com is my test domain

CY11490_0-1675405050095.png

CY11490_1-1675405130573.png

I didn't change krb5.conf,because my vdi is ubuntu20.04 ,

CY11490_2-1675405266175.png

 

 

Reply
0 Kudos
yanchaozhang
VMware Employee
VMware Employee
Jump to solution

I didn't find any obvious error your configuration files against /etc/hosts/ and sssd.conf;

for your krb5.conf file,  is there any value like the folowing ? here, lxd.vdi is my domain

 

--------
[realms]
LXD.VDI = {
kdc = lxdad.lxd.vdi
admin_server = lxdad.lxd.vdi
}

[domain_realm]
.lxd.vdi = LXD.VDI
lxd.vdi = LXD.VDI
--------

 

 

also, what's the error message for the failure case ?

like journalctl output and/or /var/log/syslog

please paste it here for further analysis

Reply
0 Kudos
CY11490
Contributor
Contributor
Jump to solution

tried to add my domain in the krb5.conf file, de-domain and re-add the domain, and then reinstall the client, SSO works normally, but after a few days, it doesn't work again, I didn't make any adjustments

CY11490_0-1676251952604.png

 

CY11490_1-1676251974883.png

 

Reply
0 Kudos
CY11490
Contributor
Contributor
Jump to solution

this is my syslog,I found an issue that may be related to SSO

CY11490_0-1676252531562.png

 

Reply
0 Kudos
yanchaozhang
VMware Employee
VMware Employee
Jump to solution

Hi CY11490,

 

What's the output of command:

sudo systemctl status sssd

 

Reply
0 Kudos
CY11490
Contributor
Contributor
Jump to solution

CY11490_0-1676273835805.png

 

Reply
0 Kudos
yanchaozhang
VMware Employee
VMware Employee
Jump to solution

please make sure the sssd service is enabled and auto started (e.g. systemctl enable sssd)

also, from the screenshot, seems you don't update your hostname;

 

Reply
0 Kudos
CY11490
Contributor
Contributor
Jump to solution

 How to set hostname?I have two VDI ,SSO of one VDI is normal,it is YF1,YF2 is abnormal,But their hostname format is the same。

I compared the/etc/ssd/sssd.conf and etc/vmware/viewagent-custom.conf files of the two VDIs, and their configurations are the same

 
CY11490_0-1676605175585.png

CY11490_1-1676605290116.png

 

Reply
0 Kudos
yanchaozhang
VMware Employee
VMware Employee
Jump to solution

I think you can use command like  'hostnamectl set-hostname YF2' for your YF2 host setting, and then leave/rejoin the domain, after that, you may re-configure the /etc/sssd/sssd.conf file(like in YF1), please have a try.

CY11490
Contributor
Contributor
Jump to solution

Thanks for the reminder,I found the problem, YF2's /etc/hostname file is empty, I added the hostname and uninstalled and reinstalled the Horizon agent, SSO is normal, I need to look into another new question why the hostname of some VDI is lost after the template clone of ubuntu, thanks again

Reply
0 Kudos
yanchaozhang
VMware Employee
VMware Employee
Jump to solution

Glad to hear the good news 🙂

please open a new one for the hostname lost issue.

Reply
0 Kudos