I am starting to test Windows 10 in our environment, and I am having a bit of trouble getting Spark to run with SSO for a user who is not a local administrator.
If I double click the icon, Spark runs without UAC notifications but without SSO.
If I right-click and ‘Run as Administrator’, UAC immediately prompts for Admin credentials.
If I disable UAC, Spark works with SSO but I lose the ‘Metro’ apps (Edge, weather app, etc…)
If I add the user to the local administrators group, ‘Run as Administrator’ works with SSO… even with UAC enabled.
As it appears, I would need to make the users a local admin to get SSO working, or completely disable UAC (which kills Edge, calculator, etc…)
Running Spark with SSO on Windows 10 as a STANDARD non-local admin user WITHOUT creating a scheduled task, or using a 3rd party solution.
Simple fix is to install the Spark client in the C:\Users\Public\Spark folder. Worked like a charm. No UAC pop up or having to use a 3rd party solution or any additional workarounds. I followed the 28 Steps to Single Sign On for Openfire XMPP Server on Windows Server 2012 R2 with Spark documentation to setup SSO. The UAC issue does not affect Windows 7 clients, only my Windows 10 clients (I do not have Win 8 or 8.1 clients to test with).
Can you try this…sign into spark with sso. Lock your desktop, unlock your desktop, exit spark, and try to sign back to spark using sso. Its been my experience that on lock/unlock the tgt cache is cleared and not refreshed on unlock. this causes spark to fail since no tickets are in the cache. Id like additional confirmation. thanks
Hay… I’m actually Jason’s assistant and have been working along side him setting this up. I did what you said “Lock your desktop, unlock your desktop, exit spark, and try to sign back to spark using sso” and everything works fine. We are still doing testing on this. Will let you know anything we find out.
In my case. Since Im am also local admin I always have to run it in admin mode but for the rest of the users in the organization, installing it in the Users/public folder removes the requirement for UAC prompt.
I ran the Klist. From a list of 9 items it went down to 1 item but it did not completely clear out.
P.S. We just deployed it to about 100 computers and it is working perfectly so far. When the computer is locked the persons status is displayed as “Away”
I found this article which kind of confirms Speedy’s experience: java - Kerboros cached ticket deleted after using Windows lock screen - Stack Overflow
This explains what I thought was just a quirky issue within the new version of Spark… it didn’t really click that I was only seeing issues on the newer Win 10 machines I’ve deployed (I’ve only received a couple of calls on it though… generally they log into Spark first thing in the morning and remained logged in all day).