Last updated on AUGUST 07, 2017
Applies to:Oracle Virtual Desktop Infrastructure - Version 3.2.2 to 3.5.1 [Release 3.0]
Information in this document applies to any platform.
Users find that when attempting to login to Oracle Virtual Desktop Infrastructure (VDI) 3.2.2 from Sun Ray clients, after entering their user credentials, the session hangs, and it spins forever. Their assigned Desktops or the VDI Desktop Chooser is never seen. VDI is configured to use Active Directory (AD)/Kerberos Authentication.
The following steps of investigation by the VDI administrator on the servers in the VDI cluster were carried out:
1. kinit of admin user (from both servers)-- PASS
2, kinit of normal user -- PASS
3. ldapseach from both VDI servers -- PASS
The ldapsearch command can be used to access the Active Directory server from the VDi servers in the cluster. An example of the command on Solaris[TM] is:
This will search the LDAP server ldapvip.ssgd.com using the admin user (configured in VDI to access the User Directory):
and searching for data on the user:
It should return LDAP Group information for the user.
4. "vda-client -u" command from both servers -- PASS
Use the command:
# /opt/SUNWvda/lib/vda-client -u <user>
WHERE <user> is the Users ID. It should retrun the ipaddress of a Desktop assigned to a user
5. Connecting to VMs from Sun Ray Windows Connection (uttsc) -- PASS
6. Connecting to VMs from Microsoft Terminal Services client -- PASS
7. Confirm the VMs are healthy by viewiing from Desktop Provider's console e.g Login into VirtualBox BUI-- PASS
8. Had a test user reduce to a single desktop to see if the Desktop Selector list was the problem. -- FAIL (Problem still occurs)
9. Had the AD administrator look for login attempts. It was found that no attempts to connect to the AD server were being made.
10. Add the encryption types to the krb5.conf file and restarted cacao - Problem stil occurs
Details on this step can be found in: Login failures for Virtual Desktop Infrastructure or Secure Global Desktop Users Authenticating Against Active Directory. <document 1022272.1>
11. Confirm that searching for users is successfully from the VDI admin console -- PASS
It was found that the first DNS server listed in /etc/resolv.conf is unable to respond to the ldap specific query:
# nslookup -query=any -nofail -norecurse _ldap._tcp.<LDAP Domain> <IP of DNS server>
WHERE <LDAP Domain> is the LDAP Domain configured for VDI
<IP of DNS server> is the ip-address of the DNS server on the VDI server
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms