<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Wed, Dec 10, 2014 at 7:16 PM, Alon Bar-Lev <span dir="ltr"><<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span class=""><br></span><span class=""><br>
<br>
</span>probably I some startup error at engine.log, can you please send me engine.log so I can see what's wrong?</blockquote><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<span class=""><br>
> BTW: I tried my IPA lookup just for trying.... and I'm able to find all the<br>
> users and also new users defined after migration to the new c7server.... ???<br>
> <a href="https://drive.google.com/file/d/0BwoPbcrMv8mvbks2cmlhSmJjdnc/view?usp=sharing" target="_blank">https://drive.google.com/file/d/0BwoPbcrMv8mvbks2cmlhSmJjdnc/view?usp=sharing</a><br>
<br></span></blockquote><div><br></div><div>ok. done.</div><div>Here it is</div><div><a href="https://drive.google.com/file/d/0BwoPbcrMv8mvQWZ0R3lwX2RXTEU/view?usp=sharing">https://drive.google.com/file/d/0BwoPbcrMv8mvQWZ0R3lwX2RXTEU/view?usp=sharing</a><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span class="">
</span>so legacy is working now, right?<br>
<br>
><br>
> Gianluca<br>
><br>
</blockquote></div><br></div><div class="gmail_extra">Yes, I can browse the IPA users and I can also login again with an IPA user with the same permissions he had before, connected with "localdomain.local" profile that is the legacy one</div><div class="gmail_extra">This afternoon when I posted the first question of this thread it didn't worked.</div><div class="gmail_extra">I don't know if oVirt makes a sort of broadcast related to the domain and so can find now the new IPA server transparently or the engine-config commands produced anything despite the errors they gave....</div><div class="gmail_extra"><br></div><div class="gmail_extra">In relation with the ldap instance see this in engine.log just after engine last start after adding the aaa extension</div><div class="gmail_extra"><br></div><div class="gmail_extra"><div class="gmail_extra">2014-12-10 19:03:16,591 ERROR [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread 1-1)</div><div class="gmail_extra"> [ovirt-engine-extension-aaa-ldap.authz::ldap1-authz] Cannot initialize LDAP framework, deferring initializ</div><div class="gmail_extra">ation. Error: no such object</div><div class="gmail_extra">2014-12-10 19:03:16,592 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div class="gmail_extra">1-1) Extension 'ldap1-authz' initialized</div><div class="gmail_extra">2014-12-10 19:03:16,596 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div class="gmail_extra">1-1) Initializing extension 'internal'</div><div class="gmail_extra">2014-12-10 19:03:16,598 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div class="gmail_extra">1-1) Extension 'internal' initialized</div><div class="gmail_extra">2014-12-10 19:03:16,598 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div class="gmail_extra">1-1) Initializing extension 'localdomain.local'</div><div class="gmail_extra">2014-12-10 19:03:16,599 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div class="gmail_extra">1-1) Extension 'localdomain.local' initialized</div><div class="gmail_extra">2014-12-10 19:03:16,599 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div class="gmail_extra">1-1) Start of enabled extensions list</div><div class="gmail_extra">2014-12-10 19:03:16,599 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div class="gmail_extra">1-1) Instance name: 'builtin-authn-localdomain.local', Extension name: 'Kerberos/Ldap Authn (Built-in)', Ve</div><div class="gmail_extra">rsion: 'N/A', Notes: '', License: 'ASL 2.0', Home: '<a href="http://www.ovirt.org">http://www.ovirt.org</a>', Author 'The oVirt Project', Buil</div><div class="gmail_extra">d interface Version: '0', File: 'N/A', Initialized: 'true'</div><div><div>2014-12-10 19:03:16,603 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread</div><div>1-1) Instance name: 'ldap1-authn', Extension name: 'ovirt-engine-extension-aaa-ldap.authn', Version: '1.0.0</div><div>', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.0.0-1.el6', License: 'ASL 2.0', Home: '<a href="http://www.ovirt.org">http://www.ovirt.org</a>', Author 'The oVirt Project', Build interface Version: '0', File: '/etc/ovirt-engine/extensions.d/domain1-authn.properties', Initialized: 'true'</div><div>2014-12-10 19:03:16,604 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'builtin-authn-internal', Extension name: 'Internal Authn (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: '<a href="http://www.ovirt.org">http://www.ovirt.org</a>', Author 'The oVirt Project', Build interface Version: '0', File: 'N/A', Initialized: 'true'</div><div>2014-12-10 19:03:16,604 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'ldap1-authz', Extension name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.0.0', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.0.0-1.el6', License: 'ASL 2.0', Home: '<a href="http://www.ovirt.org">http://www.ovirt.org</a>', Author 'The oVirt Project', Build interface Version: '0', File: '/etc/ovirt-engine/extensions.d/domain1-authz.properties', Initialized: 'true'</div><div>2014-12-10 19:03:16,605 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'internal', Extension name: 'Internal Authz (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: '<a href="http://www.ovirt.org">http://www.ovirt.org</a>', Author 'The oVirt Project', Build interface Version: '0', File: 'N/A', Initialized: 'true'</div><div>2014-12-10 19:03:16,606 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'localdomain.local', Extension name: 'Kerberos/Ldap Authz (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: '<a href="http://www.ovirt.org">http://www.ovirt.org</a>', Author 'The oVirt Project', Build interface Version: '0', File: 'N/A', Initialized: 'true'</div><div>2014-12-10 19:03:16,609 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) End of enabled extensions list</div></div><div><br></div><div>and then no other ERROR messages, but you can check the whole log.</div><div><br></div></div><div class="gmail_extra"><br></div><div class="gmail_extra">Gianluca</div></div>