Network Function Open terminal connection failure from TCA Manager GUI for users
search cancel

Network Function Open terminal connection failure from TCA Manager GUI for users

book

Article ID: 401875

calendar_today

Updated On:

Products

VMware Telco Cloud Automation

Issue/Introduction

  • Open Terminal closed with error "Connection Closed Cleanly! Closing Client Connection"
  • TCA UI login is fine for the authenticated users
  • Checking the logs on the TCA-CP under /common/logs/admin/proxy.log 
     "org.springframework.security.access.AccessDeniedException: Could not assign role based on logged in VCenter user group memberships" 
  • Checking the logs on the TCA-CP under /common/logs/admin/web.log 
     "c.v.v.h.p.w.ProxyWebSocketHandler- Unable to authenticate to TCA SSH service"
  • User switched from vCenter/AD Authentication to SSO on the TCA environment 

Environment

2.3
3.2

Cause

This is expected behavior as AD user groups are mapped to groups within the SSO domain (vsphere.local) on the vCenter Server.
Additionally, TCA does not authenticate directly with the AD server; instead, it relies on vCenter to authenticate AD user accounts.

Resolution

Below is the workaround:

Configure vCenter users directly within TCA Permissions.
or
Configure TCA to use AD as the authentication provider directly instead of using AD through vCenter 
 

Additional Information

Login to the TCA UI will function as expected because the AD user groups are mapped to groups within the vsphere.local domain on the vCenter Server.
Additionally, TCA does not authenticate directly with the AD server; instead, it relies on vCenter to authenticate AD user accounts.

Powered by Wolken Software