8.3. Configuring Single Sign On for Virtual Machines

If you have only one running virtual machine in use, it is possible to bypass the User Portal and connect directly to the virtual machine using Single Sign On (SSO). SSO can be used on Red Hat Enterprise Linux and Windows virtual machines.

8.3.1. Configuring Single Sign-On for Red Hat Enterprise Linux Virtual Machines

To configure single sign-on (SSO) on Red Hat Enterprise Linux virtual machines using GNOME and KDE graphical desktop environments, install the Red Hat Enterprise Linux rhevm-guest-agent on the guest machine and install the packages associated with your Window Manager. These packages can be downloaded from the Red Hat Network.

Procedure 8.1. Configuring Single Sign-On for Red Hat Enterprise Linux virtual machines

  1. Log in to your Red Hat Enterprise Linux virtual machine. See Section 2.1, “Connecting to Virtual Machines”.
  2. Subscribe your virtual machine to the required channel on Red Hat Network.
    1. Log on to Red Hat Network (http://rhn.redhat.com/).
    2. Hover over Subscriptions at the top of the page.
    3. Click Registered Systems under the Classic Management in the menu that appears.
    4. A list of virtual machines appears. Select the virtual machine to which you are adding channels by clicking the name of the virtual machine.
    5. Click Alter Channel Subscriptions in the Subscribed Channels section of the screen.
    6. Select the Red Hat Enterprise Virt Agent (v. 6 Server for x86_64) channel from the list presented on the screen.
    7. Click the Change Subscription button to finalize the change.
  3. Download and install the rhevm-guest-agent package. Run the following command: 
    # yum install rhevm-guest-agent
  4. Install the remaining rhevm-guest-agent packages required by your Window Manager. The required packages are listed in the table below:

    Table 8.1. SSO Packages by Window Manager

    Window Manager Packages for Installation
    GNOME
    rhevm-guest-agent-pam-rhev-cred
    rhevm-guest-agent-gdm-plugin-rhevcred
    KDE
    rhevm-guest-agent-pam-rhev-cred
    rhevm-guest-agent-kvm-plugin-rhevcred

    For instance, on a machine running GNOME, run the following command: 
    # yum install rhevm-guest-agent-pam-rhev-cred rhevm-guest-agent-gdm-plugin-rhevcred
  5. Install ipa-client: 
    # ipa-client-install --permit --mkhomedir

    Note

    In environments that make use of DNS obfuscation, this command should be: 
    # ipa-client-install --domain=FQDN --server==FQDN
  6. Fetch the details of an IPA user: 
    # getent passwd IPA-USER-NAME
    This will return something like this: 
    some-ipa-user:*:936600010:936600001:our ipa user :/home/some-ipa-user:/bin/sh
    You will need this information in the next step, when you create a home directory for some-ipa-user.
  7. Set up a home directory for the IPA user:
    1. Create the new user's home directory: 
      # mkdir /home/some-ipa-user
    2. Give the new user ownership of the new user's home directory: 
      # chown 935500010:936600001 /home/some-ipa-user
Result
You have enabled single sign-on (SSO) on your Red Hat Enterprise Linux virtual machine. You do not have to use the User Portal to log in to the virtual machine. Use the instructions in Section 1.3, “Signing into and out of the Power User Portal”, and on the User Portal login screen tick the Connect Automatically check box to be taken directly to your virtual machine.