I am attempting to setup in ‘User Security’ settings → Rendering jobs as user
I am getting the error;
2023-07-21 12:01:22: 0: SandboxedPlugin: Render Job As User enabled, running as user 'service.acc', which is defined in the User Settings for this job's user
2023-07-21 12:01:22: ERROR: Encountered the following error while initializing the Plugin Sandbox: 'Could not retrieve requested secret.'.
2023-07-21 12:01:22: Cannot render the current job [ID:"64b729ed0820e661608b82dc" / Name:"print test"]. Contact Thinkbox Support for more information.
2023-07-21 12:01:22: ERROR: 0: An exception occurred: Failed to load the plugin because: Could not initialize the plugin sandbox (Deadline.Plugins.PluginException) (Deadline.Plugins.RenderPluginException)
The error seems to be specific to retrieving a secret. I have gone to manage identities panel and ensured that the machine attempting to run this task is an approved client.
I am wondering a couple of things;
If this is a linux client why is it wanting to retrieve a secret? In the manage users panel there is a place to enter the users password but it has a caveat of; (for windows only)
How do I determine what secret the machine is trying to retrieve in order to troubleshoot why it is unable to do so?
I have read through a few other topics that don’t seem to get me any further nor have the exact same errors;
Secrets are anything that has uses a password field. So the user account needed to mount a Windows letter drive for intance would count. Given this is a Linux machine, I assume that’s not what’s happening here, but instead there’s some event plugin attempting to run that has a password field that needs reading.
That password is used for impersonating the Windows user on that machine, not for secrets management.
The RCS log should have a corresponding ‘client attempted to read secret X’ we can refer to to see what’s attempting to be read.
You’ve already done this, but if you didn’t check against the docs here on secrets management, take a look to be sure that client has both an identity assigned and is registered.
I am having a look at the RCS and webservice logs and the entries relevant to the render aren’t immediately obvious. Any chance you could give an example or breadcrumbs of what I should be looking for?
I have turned on verbose logging as per attached screenshot.
I have gone through the secrets management docs and pretty sure the server is configured and the client is configured.
I had configured the Deadline workers monitor to look at the Repo via direct connect and RCS. I have removed all config and JUST configured remote connection to RCS. Now I can see those requests on the RCS log and I have managed to get a test render out.
