<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style>
<!--
@font-face
        {font-family:Wingdings}
@font-face
        {font-family:Wingdings}
@font-face
        {font-family:Calibri}
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif"}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline}
p
        {margin-right:0cm;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif"}
code
        {font-family:"Courier New"}
pre
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Courier New"}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {margin-top:0cm;
        margin-right:0cm;
        margin-bottom:0cm;
        margin-left:36.0pt;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif"}
span.EmailStyle17
        {font-family:"Calibri","sans-serif";
        color:windowtext}
span.HTMLPreformattedChar
        {font-family:"Courier New"}
.MsoChpDefault
        {}
@page WordSection1
        {margin:70.85pt 2.0cm 2.0cm 2.0cm}
div.WordSection1
        {}
ol
        {margin-bottom:0cm}
ul
        {margin-bottom:0cm}
-->
</style>
</head>
<body lang="IT" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hi all,</span></p>
<p class="MsoNormal"><span lang="EN-US">I’m trying to add a domain (active directory), but I can’t get it to work.</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">The command I execute is:</span></p>
<p class="MsoNormal"><span lang="EN-US">rhevm-manage-domains -action=add -domain='FPT.LOCAL' -user='fptadmin' –interactive</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">Attached you can find:</span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt"><span lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">
</span></span></span><span lang="EN-US">Output of the command</span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt"><span lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">
</span></span></span><span lang="EN-US">Logs from /var/log/rhevm/rhevm-manage-domains/rhevm-manage-domains.log</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">I found a RHEV KB saying: </span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">For <strong><span style="font-family:"Calibri","sans-serif"">Error: LDAP query Failed</span></strong>, make sure the Active Directory server
<strong><span style="font-family:"Calibri","sans-serif"">and</span></strong> the RHEVM server have the correct PTR records in the DNS reverse lookup zone file</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">And another one says:</span></p>
<p><span lang="EN-US">It's required to create PTR entry into DNS for the following:</span></p>
<p style="margin-left:36.0pt; text-indent:-18.0pt"><span lang="EN-US" style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span lang="EN-US">Name Server (NS) - Start of Authority (SOA)<br>
Example: WIN-TL8JB8JAG8.ad.mydomain.com.</span></p>
<p style="margin-left:36.0pt; text-indent:-18.0pt"><span lang="EN-US" style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span lang="EN-US">Active Directory Name<br>
Example: ad.mydomain.com.</span></p>
<p style="margin-left:36.0pt; text-indent:-18.0pt"><span lang="EN-US" style="font-size:10.0pt; font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><span lang="EN-US">RHEVM machine<br>
Example: rhevm.ad.mydomain.com.</span></p>
<p class="MsoNormal"><span lang="EN-US">We are fulfilling this requirement, as nslookup of these 3 machines’ IP work.</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">Additional info.</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US">These commands work (if you need I can paste the full output):</span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<pre><code><span lang="EN-US">#dig SRV _kerberos._tcp.FPT.LOCAL</span></code></pre>
<pre><code><span lang="EN-US">#dig SRV _kerberos._udp.FPT.LOCAL</span></code></pre>
<pre><code><span lang="EN-US">#dig SRV _ldap._tcp.FPT.LOCAL</span></code><span lang="EN-US"></span></pre>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New""># kinit fptadmin02@FPT.LOCAL</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New""># klist</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New"">Ticket cache: FILE:/tmp/krb5cc_0</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New"">Default principal: fptadmin02@FPT.LOCAL</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New""> </span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New"">Valid starting Expires Service principal</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New"">08/30/12 15:55:46 08/31/12 01:55:51 krbtgt/FPT.LOCAL@FPT.LOCAL</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New""> renew until 09/06/12 15:55:46</span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New""> </span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:"Courier New""> </span></p>
<p class="MsoNormal"><span lang="EN-US">Thank you very much in advance</span></p>
</div>
<br>
<br>
<div align="left">
<p style="font-family:Calibri,Sans-Serif; font-size:10pt"><span style="color:#000000; font-weight:bold">Alberto Scotto</span>
<span style="color:#808080"></span><br>
<br>
<span style="color:#000000"><img border="0" alt="Blue" src="cid:d821ce0543394a2e81b51ca3e6032148" style="margin:0px">
</span><br>
<span style="color:#808080">Via Cardinal Massaia, 83<br>
10147 - Torino - ITALY <br>
phone: +39 011 29100 <br>
<a href="al.scotto@reply.it" target="" style="color:blue; text-decoration:underline">al.scotto@reply.it</a>
<br>
<a title="" href="www.reply.it" target="" style="color:blue; text-decoration:underline">www.reply.it</a>
</span><br>
</p>
</div>
<br>
<hr>
<font face="Arial" color="Gray" size="1"><br>
--<br>
The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information
by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.<br>
</font>
</body>
</html>