Hi Marcus, Thanks for sharing the details.
I couldn't find any errors with saml in the log, below are the logs after enabling saml. Not sure if that's saml config issue. 2024-01-29 16:57:10,499 INFO [o.a.c.s.SAML2AuthManagerImpl] (main:null) (logid:) SAML auth plugin loaded 2024-01-29 16:57:12,574 INFO [o.a.c.s.SAML2AuthManagerImpl] (main:null) (logid:) No SAML keystore found, created and saved a new Service Provider keypair Regards, Suresh On Wed, Jan 31, 2024 at 12:20 AM Marcus Torres <m...@marctorres.org> wrote: > Hello Suresh > > 1. Cloudstack version 4.18.1.0 > 2. Management server = Rocky Linux 8.5 > 3. Hypervisors = Rocky Linux 8.5 > 4. the only change was enabling SAML in the global config in the UI. > 5. I saw some entries in the log regarding SAML and the 'admin' user not > being able to authenticate against SAML. not sure if it's related > > I've sent the you management log to your gmail address if that's OK. it's > pretty large and i've scrubbed it of any sensitive data > > Thanks Suresh. > > On Tue, Jan 30, 2024 at 11:52 AM Suresh Kumar Anaparti < > sureshkumar.anapa...@gmail.com> wrote: > > > Hi Marcus, > > > > Thanks for the update. > > > > Maybe some issue after enabling SAML, can you share the cloudstack > version, > > and error log from the management server? > > > > Regards, > > Suresh > > > > On Tue, Jan 30, 2024 at 9:21 PM Marcus Torres <m...@marctorres.org> wrote: > > > > > @SureshKumarAnaparti > > > > > > That worked! after a restart of the management service, I'm able to hit > > the > > > UI on port 8080 now! thank you for that tip!! > > > > > > It's peculiar that simply enabling SAML in the global config and > having a > > > fault SAML config would stop the UI from opening port 8080 to access > the > > > webpage. > > > > > > Thanks again! > > > > > > On Mon, Jan 29, 2024 at 11:32 PM Suresh Kumar Anaparti < > > > sureshkumar.anapa...@gmail.com> wrote: > > > > > > > Hi Marcus, > > > > > > > > You can revert the config (disable saml) using the update sql query > > > below. > > > > > > > > UPDATE cloud.configuration SET value = 'false' WHERE name = > > > > 'saml2.enabled'; > > > > > > > > Regards, > > > > Suresh > > > > > > > > On Tue, Jan 30, 2024 at 5:41 AM Marcus Torres <m...@marctorres.org> > > wrote: > > > > > > > > > Hi! > > > > > i recently enabled saml in the global config settings in the UI and > > > upon > > > > a > > > > > restart of the management service , the cloudstack-management > process > > > > > starts successfully and i'm seeing activity and traffic to and from > > the > > > > > hypervisors, looks like the management server is working, but the > UI > > is > > > > not > > > > > reachable at all on port 8080. > > > > > > > > > > > > > > > * i do not have ssl https enabled > > > > > * selinux is disabled > > > > > * iptables is disabled > > > > > * i don't see 8080 port open/listening in netstat > > > > > * port 9090 is open and listening > > > > > * mysql is up and running fine > > > > > * cloudmonkey api no longer able to connect since 8080 is down > > > > > > > > > > the saml config could in fact be a red herring and unrelated but > > that's > > > > > the last change besides adding a new isolated vlan guest network. > > > > > > > > > > does the ability exist to revert or edit global config settings > from > > > > > command line , that were originally made in the ui ? > > > > > > > > > > thanks for your time ! > > > > > > > > > > > > > > >
