Oracle Virtual Desktop Infrastructure 3.2.2 Users Are Unable to Login And Access Their Desktops (Doc ID 1918347.1)

Last updated on AUGUST 07, 2017

Applies to:

Oracle Virtual Desktop Infrastructure - Version 3.2.2 to 3.5.1 [Release 3.0]
Information in this document applies to any platform.

Symptoms

Users find that when attempting to login to Oracle Virtual Desktop Infrastructure (VDI) 3.2.2 from Sun Ray clients, after entering their user credentials, the session hangs, and it spins forever.  Their assigned Desktops or the VDI Desktop Chooser is never seen. VDI is configured to use Active Directory (AD)/Kerberos Authentication.

The following steps of investigation by the VDI administrator on the servers in the VDI cluster were carried out:

NOTE: Information on #1 and 2 can be found in document: Troubleshooting Tips for Active Directory / Kerberos Authentication Issues within Oracle Virtual Desktop Infrastructure <document 1532505.1>



1. kinit of admin user (from both servers)-- PASS
2, kinit of normal user -- PASS
3. ldapseach from both VDI servers -- PASS

The ldapsearch command can be used to access the Active Directory server from the VDi servers in the cluster. An example of the command on Solaris[TM] is:

  
 

This will search the LDAP server ldapvip.ssgd.com using the admin user (configured in VDI to access the User Directory):

 uid=tnbind,uid=tn,ou=applications,o=ssgd.com

and searching for data on the user:

 uniquemember=uid=cmoses,ou=People,o=ssgd.com

It should return LDAP Group information for the user.


4. "vda-client -u" command from both servers -- PASS

Use the command:

# /opt/SUNWvda/lib/vda-client -u <user>

WHERE <user> is the Users ID.  It should retrun the ipaddress of a Desktop assigned to a user

 

5. Connecting to VMs from Sun Ray Windows Connection (uttsc) -- PASS
6. Connecting to VMs from Microsoft Terminal Services client -- PASS
7. Confirm the VMs are healthy by viewiing from Desktop Provider's console e.g Login into VirtualBox BUI-- PASS
8. Had a test user reduce to a single desktop to see if the Desktop Selector list was the problem. -- FAIL (Problem still occurs)
9. Had the AD administrator look for login attempts.  It was found that no attempts to connect to the AD server were being made.
10. Add the encryption types to the krb5.conf file and restarted cacao - Problem stil occurs

Details on this step can be found in: Login failures for Virtual Desktop Infrastructure or Secure Global Desktop Users Authenticating Against Active Directory. <document 1022272.1>


11. Confirm that searching for users is successfully from the VDI admin console -- PASS


It was found that the first DNS server listed in /etc/resolv.conf is unable to respond to the ldap specific query:

# nslookup -query=any -nofail -norecurse _ldap._tcp.<LDAP Domain> <IP of DNS server>

WHERE <LDAP Domain> is the LDAP Domain configured for VDI

           <IP of DNS server> is the ip-address of the DNS server on the VDI server


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms