Hi,<div><br></div><div>serveradmin is a special user that the servers, like sunstone, use to forward user requests to the core. You can't login with that user.</div><div><br></div><div>You have more information about the opennebula authentication here [1], and what is the serveradmin account here [2]. In that second link you will also find how to configure the servers to use the updated serveradmin password you set.</div>
<div><br></div><div>Regards</div><div><br></div><div>[1] <a href="http://www.opennebula.org/documentation:rel3.2:external_auth">http://www.opennebula.org/documentation:rel3.2:external_auth</a></div><div>[2] <a href="http://www.opennebula.org/documentation:rel3.2:cloud_auth">http://www.opennebula.org/documentation:rel3.2:cloud_auth</a></div>
<div><br><div>--<br>Carlos Martín, MSc<br>Project Engineer<br>OpenNebula - The Open-source Solution for Data Center Virtualization<div><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="http://www.OpenNebula.org" target="_blank">www.OpenNebula.org</a> | <a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a> | <a href="http://twitter.com/opennebula" target="_blank">@OpenNebula</a></span><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="mailto:cmartin@opennebula.org" style="color:rgb(42,93,176)" target="_blank"></a></span></div>
<br>
<br><br><div class="gmail_quote">2012/4/8 Carlos Jiménez <span dir="ltr"><<a href="mailto:cjimenez@eneotecnologia.com">cjimenez@eneotecnologia.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hello everybody,<br>
<br>
I have four computers with CentOS 6.2: 1 running as a NFS Server, 2 as Host with KVM hypervisor installed and 1 as a Front-End with OpenNebula 3.2.1 installed.<br>
According to the documentation, ssh, oneadmin uid/gid, user profile (shared between all the computers by using NFS)... all of them have been set up.<br>
Additionally, I've installed and configured the front-end server to use MySQL instead of SQLite. After granting the right permissions to the opennebula table for the oneadmin user and once I've modified /etc/one/oned.conf DB options, this part is running fine too.<br>
<br>
I've used oneuser to modify the password of serveradmin and it seems that it was successful.<br>
This is the output of 'oneuser list':<br>
<br>
ID GROUP NAME AUTH PASSWORD<br>
0 oneadmin oneadmin core b29f6e6fed87fb100ae2e5921d66eb<u></u>76d5670af7<br>
1 oneadmin serveradmin server_c a7d66b6799d29142042316cc8cee0f<u></u>3c81eac33e<br>
<br>
<br>
I've launched oned, oneacctd and sunstone-server as oneadmin and all of them are running:<br>
<br>
oneadmin 11364 0.0 0.1 1460920 10476 ? Sl Apr04 0:20 /usr/bin/oned -f<br>
oneadmin 11389 0.0 0.0 43764 7020 ? SNl Apr04 3:29 \_ ruby /usr/lib/one/mads/one_vmm_<u></u>exec.rb -t 15 -r 0 kvm<br>
oneadmin 11400 0.0 0.0 39304 3984 ? SNl Apr04 3:28 \_ ruby /usr/lib/one/mads/one_im_exec.<u></u>rb -r 0 -t 15 kvm<br>
oneadmin 11410 0.0 0.0 39248 3932 ? SNl Apr04 3:27 \_ ruby /usr/lib/one/mads/one_tm.rb tm_shared/tm_shared.conf<br>
oneadmin 11424 0.0 0.0 39212 3864 ? SNl Apr04 3:28 \_ ruby /usr/lib/one/mads/one_hm.rb<br>
oneadmin 11435 0.0 0.0 39308 3988 ? SNl Apr04 3:36 \_ ruby /usr/lib/one/mads/one_image.rb fs -t 15<br>
oneadmin 11445 0.2 0.0 39388 4104 ? SNl Apr04 13:16 \_ ruby /usr/lib/one/mads/one_auth_<u></u>mad.rb --authn ssh,x509,ldap,server_cipher,<u></u>server_x509<br>
oneadmin 11365 0.0 0.0 192196 5424 ? Sl Apr04 0:19 /usr/bin/mm_sched<br>
oneadmin 11461 0.0 0.4 113828 32700 ? S Apr04 0:13 ruby /usr/lib/one/ruby/acct/acctd.<u></u>rb<br>
oneadmin 11471 0.0 0.5 163548 43708 ? Sl Apr04 5:29 ruby /usr/lib/one/sunstone/<u></u>sunstone-server.rb<br>
<br>
<br>
However, when I try to log in to Sunstone web interface using serveradmin or oneadmin credentials (or whatever else) it always fails. In the web it states that "OpenNebula is not running".<br>
I've checked oned.log and this is the output of both attempts:<br>
<br>
<br>
### serveradmin login attempt ###<br>
<br>
Sun Apr 8 15:02:05 2012 [ReM][D]: UserPoolInfo method invoked<br>
Sun Apr 8 15:02:05 2012 [AuM][D]: Message received: LOG I 9 Command execution fail: /var/lib/one/remotes/auth/<u></u>server_cipher/authenticate 'serveradmin' '<u></u>a7d66b6799d29142042316cc8cee0f<u></u>3c81eac33e' gmxtq1n6pxBEwnyjP94dU1EihSzqOU<u></u>3bQgVxVpIEizqsxonauO8PP/<u></u>sNTclxWciE<br>
Sun Apr 8 15:02:05 2012 [AuM][I]: Command execution fail: /var/lib/one/remotes/auth/<u></u>server_cipher/authenticate 'serveradmin' '<u></u>a7d66b6799d29142042316cc8cee0f<u></u>3c81eac33e' gmxtq1n6pxBEwnyjP94dU1EihSzqOU<u></u>3bQgVxVpIEizqsxonauO8PP/<u></u>sNTclxWciE<br>
Sun Apr 8 15:02:05 2012 [AuM][D]: Message received: LOG E 9 bad decrypt<br>
Sun Apr 8 15:02:05 2012 [AuM][I]: bad decrypt<br>
Sun Apr 8 15:02:05 2012 [AuM][D]: Message received: LOG I 9 ExitCode: 255<br>
Sun Apr 8 15:02:05 2012 [AuM][I]: ExitCode: 255<br>
Sun Apr 8 15:02:05 2012 [AuM][D]: Message received: AUTHENTICATE FAILURE 9 bad decrypt<br>
Sun Apr 8 15:02:05 2012 [AuM][E]: Auth Error: bad decrypt<br>
Sun Apr 8 15:02:05 2012 [ReM][E]: [UserPoolInfo] User couldn't be authenticated, aborting call.<br>
<br>
<br>
### oneadmin login attempt ###<br>
<br>
Sun Apr 8 15:02:18 2012 [ReM][D]: UserPoolInfo method invoked<br>
Sun Apr 8 15:02:18 2012 [AuM][D]: Message received: LOG I 10 Command execution fail: /var/lib/one/remotes/auth/<u></u>server_cipher/authenticate 'serveradmin' '<u></u>a7d66b6799d29142042316cc8cee0f<u></u>3c81eac33e' gmxtq1n6pxBEwnyjP94dU1EihSzqOU<u></u>3bQgVxVpIEizqsxonauO8PP/<u></u>sNTclxWciE<br>
Sun Apr 8 15:02:18 2012 [AuM][I]: Command execution fail: /var/lib/one/remotes/auth/<u></u>server_cipher/authenticate 'serveradmin' '<u></u>a7d66b6799d29142042316cc8cee0f<u></u>3c81eac33e' gmxtq1n6pxBEwnyjP94dU1EihSzqOU<u></u>3bQgVxVpIEizqsxonauO8PP/<u></u>sNTclxWciE<br>
Sun Apr 8 15:02:18 2012 [AuM][D]: Message received: LOG E 10 bad decrypt<br>
Sun Apr 8 15:02:18 2012 [AuM][I]: bad decrypt<br>
Sun Apr 8 15:02:18 2012 [AuM][D]: Message received: LOG I 10 ExitCode: 255<br>
Sun Apr 8 15:02:18 2012 [AuM][I]: ExitCode: 255<br>
Sun Apr 8 15:02:18 2012 [AuM][D]: Message received: AUTHENTICATE FAILURE 10 bad decrypt<br>
Sun Apr 8 15:02:18 2012 [AuM][E]: Auth Error: bad decrypt<br>
Sun Apr 8 15:02:18 2012 [ReM][E]: [UserPoolInfo] User couldn't be authenticated, aborting call.<br>
Sun Apr 8 15:02:22 2012 [ReM][D]: HostPoolInfo method invoked<br>
Sun Apr 8 15:02:22 2012 [ReM][D]: VirtualMachinePoolInfo method invoked<br>
Sun Apr 8 15:02:22 2012 [ReM][D]: AclInfo method invoked<br>
<br>
I think that cipher_server is the right auth option in this case.<br>
Notice that authenticate script in both cases receive 'serveradmin' credentials regardless of the use of oneadmin credentials in the second attempt.<br>
<br>
Please, could anybody help me with this login failure issue?<br>
<br>
Let me know if you need anything else.<br>
<br>
<br>
Thanks in advance.<br>
<br>
Carlos.<br>
______________________________<u></u>_________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/<u></u>listinfo.cgi/users-opennebula.<u></u>org</a><br>
</blockquote></div><br></div></div>