<div dir="ltr"><div>FOUND IT!!!!!!<br><br>include = &lt;ad.properties&gt;<br><br>#<br># Active directory domain name.<br>#<br>#vars.domain = <a href="http://ldap.mydomain.com">ldap.mydomain.com</a><br>vars.server = <a href="http://ldap.mydomain.com">ldap.mydomain.com</a><br><br>#<br># Search user and its password.<br>#<br>vars.user = <a href="mailto:juniper-admin@mydomain.com">juniper-admin@mydomain.com</a><br>vars.password = **************<br><br>#<br># Optional DNS servers, if enterprise<br># DNS server cannot resolve the domain srvrecord.<br>#<br>vars.dns = dns://<a href="http://srvdc03.mydomain.com">srvdc03.mydomain.com</a> dns://<a href="http://srvdc04.mydomain.com">srvdc04.mydomain.com</a><br><br>#pool.default.serverset.type = srvrecord<br>pool.default.serverset.single.server = ${global:vars.server}<br>pool.default.serverset.srvrecord.domain = ${global:vars.domain}<br>pool.default.auth.simple.bindDN = ${global:vars.user}<br>pool.default.auth.simple.password = ${global:vars.password}<br><br># Uncomment if using custom DNS<br>pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url = ${global:vars.dns}<br>pool.default.socketfactory.resolver.uRL = ${global:vars.dns<br><br><br><br></div>BIG THANKS MAN!!!!!<br></div><div class="gmail_extra"><br><div class="gmail_quote">2015-01-29 15:00 GMT+01:00 Ondra Machacek <span dir="ltr">&lt;<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;</span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<br>
On 01/29/2015 02:54 PM, Koen Vanoppen wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I just don&#39;t understand. Why did engine-manage-domains previously DID<br>
work, no problems what so ever and now I have this...<br>
</blockquote>
<br></span>
Because manage-domains didn&#39;t use global catalog. And probabaly the reason you don&#39;t have _ldap SRV record is that you didn&#39;t have them never and you just used &#39;--ldapServers&#39; parameter, that&#39;s why manage-domains worked with your domain.<br>
<br>
Now you are using DNS, not static configuration of ldap servers.<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">
<br>
2015-01-29 14:48 GMT+01:00 Ondra Machacek &lt;<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br></span>
&lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt;:<span class=""><br>
<br>
    It&#39;s same situation as before, but now you are missing ldap SRV record.<br>
<br>
    With same steps you used to add _gc SRV record add also _ldap SRV<br>
    record. But it&#39;s strange that you don&#39;t already have them.<br>
<br>
    On 01/29/2015 02:46 PM, Koen Vanoppen wrote:<br>
<br>
        I saw that when I pressed the send button. If I do that i again<br>
        get the<br>
        following:<br>
<br>
        2015-01-29 14:28:35,891 WARN<br></span>
        [org.ovirt.engineextensions.__<u></u>aaa.ldap.AuthzExtension] (MSC<br>
        service thread<br>
        1-1) [ovirt-engine-extension-aaa-__<u></u>ldap.authz::BRU_AIR-authz] Cannot<span class=""><br>
        initialize LDAP framework, deferring initialization. Error: An error<br>
        occurred while attempting to query DNS in order to retrieve SRV<br>
        records<br>
        with name &#39;_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a><br>
        &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<br></span>
        &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<u></u>__&#39;:<br>
        javax.naming.__<u></u>NameNotFoundException:<span class=""><br>
        DNS name not found [response code 3]; remaining name<br>
        &#39;_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a> &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<br></span>
        &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<u></u>__&#39;<span class=""><br>
        2015-01-29 14:28:35,924 WARN<br></span>
        [org.ovirt.engineextensions.__<u></u>aaa.ldap.AuthnExtension] (MSC<br>
        service thread<br>
        1-1) [ovirt-engine-extension-aaa-__<u></u>ldap.authn::BRU_AIR-authn] Cannot<span class=""><br>
        initialize LDAP framework, deferring initialization. Error: An error<br>
        occurred while attempting to query DNS in order to retrieve SRV<br>
        records<br>
        with name &#39;_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a><br>
        &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<br></span>
        &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<u></u>__&#39;:<br>
        javax.naming.__<u></u>NameNotFoundException:<span class=""><br>
        DNS name not found [response code 3]; remaining name<br>
        &#39;_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a> &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<br></span>
        &lt;<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>&gt;<u></u>__&#39;<span class=""><br>
<br>
        And yes I replayed mydomain with the correct one... :-)<br>
<br>
        2015-01-29 14:40 GMT+01:00 Ondra Machacek &lt;<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;<br></span>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt;&gt;<u></u>:<span class=""><br>
<br>
<br>
<br>
             On 01/29/2015 02:18 PM, Koen Vanoppen wrote:<br>
<br>
                 OK... Now I have this one :-)<br>
                 WARN<br></span>
        [org.ovirt.engineextensions.__<u></u>__aaa.ldap.AuthnExtension]<br>
                 (MSC service<br>
                 thread 1-2)<br>
        [ovirt-engine-extension-aaa-__<u></u>__ldap.authn::BRU_AIR-authn]<span class=""><br>
                 Cannot initialize LDAP framework, deferring<br>
        initialization. Error:<br>
                 Invalid DNS pseudo-URL(s):<br>
<br>
<br>
             uncomment vars.dns<br>
<br>
<br>
                 Changed the properties file to this:<br>
<br>
                 include = &lt;ad.properties&gt;<br>
<br>
                 #<br>
                 # Active directory domain name.<br>
                 #<br>
                 vars.domain = <a href="http://ldap.mydomain.com" target="_blank">ldap.mydomain.com</a><br>
        &lt;<a href="http://ldap.mydomain.com" target="_blank">http://ldap.mydomain.com</a>&gt; &lt;<a href="http://ldap.mydomain.com" target="_blank">http://ldap.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://ldap.mydomain.com" target="_blank">http://ldap.mydomain.com</a>&gt; (this one<br>
                 resolves to and gives ping back, front end of the pool)<br>
<br>
                 #<br>
                 # Search user and its password.<br>
                 #<br>
                 vars.user = <a href="mailto:juniper-admin@mydomain.com" target="_blank">juniper-admin@mydomain.com</a><br>
        &lt;mailto:<a href="mailto:juniper-admin@mydomain.com" target="_blank">juniper-admin@<u></u>mydomain.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:juniper-admin@" target="_blank">juniper-admin@</a>__<a href="http://mydomain.com" target="_blank">mydoma<u></u>in.com</a><br>
        &lt;mailto:<a href="mailto:juniper-admin@mydomain.com" target="_blank">juniper-admin@<u></u>mydomain.com</a>&gt;&gt;<br></span>
                 &lt;mailto:<a href="mailto:juniper-admin@" target="_blank">juniper-admin@</a><br>
        &lt;mailto:<a href="mailto:juniper-admin@" target="_blank">juniper-admin@</a>&gt;__<a href="http://mydoma__in.com" target="_blank">mydom<u></u>a__in.com</a> &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<span class=""><br>
                 &lt;mailto:<a href="mailto:juniper-admin@" target="_blank">juniper-admin@</a>__<a href="http://mydomain.com" target="_blank">mydoma<u></u>in.com</a><br>
        &lt;mailto:<a href="mailto:juniper-admin@mydomain.com" target="_blank">juniper-admin@<u></u>mydomain.com</a>&gt;&gt;&gt;<br>
                 vars.password = *****<br>
<br>
                 #<br>
                 # Optional DNS servers, if enterprise<br>
                 # DNS server cannot resolve the domain srvrecord.<br>
                 #<br>
                 #vars.dns = dns://srvdc03.my.domain<br>
        dns://srvdc04.my.domain (these<br>
                 resolve and give a ping back)<br>
<br>
                 pool.default.serverset.type = srvrecord<br></span>
                 #pool.default.serverset.____<u></u>single.server =<br>
        ${global:vars.server}<span class=""><br>
                 pool.default.serverset.____<u></u>srvrecord.domain =<br>
        ${global:vars.domain}<br>
                 pool.default.auth.simple.____<u></u>bindDN = ${global:vars.user}<br>
                 pool.default.auth.simple.____<u></u>password =<br>
        ${global:vars.password}<br>
<br></span><span class="">
                 # Uncomment if using custom DNS<br>
<br></span>
        pool.default.serverset.____<u></u>srvrecord.jndi-properties.____<u></u>java.naming.provider.url<br>
                 =<br>
                 ${global:vars.dns}<br>
                 pool.default.socketfactory.___<u></u>_resolver.uRL =<span class=""><br>
        ${global:vars.dns}<br>
<br>
<br>
                 Thanks for your effort!<br>
<br>
<br>
                 2015-01-29 13:50 GMT+01:00 Alon Bar-Lev<br>
        &lt;<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;<br>
                 &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;<br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;&gt;&gt;:<br>
<br>
<br>
<br>
                      ----- Original Message -----<br>
                      &gt; From: &quot;Koen Vanoppen&quot; &lt;<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.com</a><br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;&gt;<br></span><span class="">
                 &lt;mailto:<a href="mailto:vanoppen.koen@gmail" target="_blank">vanoppen.koen@gmail</a>.<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail" target="_blank">vanoppen.koen@gmail</a>.&gt;_<u></u>___com<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;&gt;&gt;&gt;<br>
                      &gt; To: &quot;Alon Bar-Lev&quot; &lt;<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;<br></span>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;&gt;&gt;<br>
                      &gt; <a href="mailto:Cc%3Ausers@ovirt.org" target="_blank">Cc:users@ovirt.org</a> &lt;mailto:<a href="mailto:Cc%253Ausers@ovirt.org" target="_blank">Cc%3Ausers@ovirt.org</a>&gt;<br>
        &lt;mailto:<a href="mailto:Cc%253Ausers@ovirt.org" target="_blank">Cc%3Ausers@ovirt.org</a> &lt;mailto:<a href="mailto:Cc%25253Ausers@ovirt.org" target="_blank">Cc%253Ausers@ovirt.org</a><u></u>&gt;&gt;<br>
                 &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;<span class=""><br>
        &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;&gt;&gt;<br>
                      &gt; Sent: Thursday, January 29, 2015 2:41:52 PM<br>
                      &gt; Subject: Re: [ovirt-users] AAA<br>
                      &gt;<br>
                      &gt; Yes We have:<br>
                      &gt;<br>
                      &gt; [root@ovirtmgmt01prod ~]# dig<br>
        @<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a> &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
        &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt; SRV<br>
                 _gc._<br>
                      &gt;<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a> &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
        &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br></span>
                 &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
                      &gt;<br>
                      &gt; ; &lt;&lt;&gt;&gt; DiG<br>
        9.8.2rc1-RedHat-9.8.2-0.23.___<u></u>_rc1.el6_5.1 &lt;&lt;&gt;&gt;<span class=""><br>
                 @<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a> &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
        &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
<br></span><div><div class="h5">
                 &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
                      &gt; SRV _gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a><br>
        &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt; &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
                      &gt; ; (1 server found)<br>
                      &gt; ;; global options: +cmd<br>
                      &gt; ;; Got answer:<br>
                      &gt; ;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NXDOMAIN,<br>
        id: 33340<br>
                      &gt; ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0,<br>
        AUTHORITY: 1,<br>
                 ADDITIONAL: 0<br>
                      &gt;<br>
                      &gt; ;; QUESTION SECTION:<br>
                      &gt; ;_gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a> &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
        &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;. IN      SRV<br>
<br>
                      this ^^^^^^^ means that you do not have srv<br>
        record. are you<br>
                 sure you<br>
                      replace <a href="http://mydomain.com" target="_blank">mydomain.com</a> &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
        &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                 &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt; with your actual active<br>
                      directory domain name?<br>
                      have you tried to look into your dns manager for this<br>
                 information as<br>
                      well?<br>
<br>
                       &gt;<br>
                       &gt; ;; AUTHORITY SECTION:<br>
                       &gt; <a href="http://mydomain.com" target="_blank">mydomain.com</a> &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
        &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                 &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;.   3600    IN      SOA<br>
        <a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a> &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
        &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;.<br>
                       &gt; hostmaster.airport. 1398582 900 600 86400 3600<br>
                       &gt;<br>
                       &gt; ;; Query time: 12 msec<br>
                       &gt; ;; SERVER: 10.110.3.123#53(10.110.3.123)<br>
                       &gt; ;; WHEN: Thu Jan 29 13:40:41 2015<br>
                       &gt; ;; MSG SIZE  rcvd: 98<br>
                       &gt;<br>
                       &gt;<br>
                       &gt;<br>
                       &gt; 2015-01-29 13:33 GMT+01:00 Alon Bar-Lev<br>
                 &lt;<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;<br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;<br></div></div><span class="">
                      &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt; &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;&gt;&gt;:<br>
                       &gt;<br>
                       &gt; &gt;<br>
                       &gt; &gt;<br>
                       &gt; &gt; ----- Original Message -----<br>
                       &gt; &gt; &gt; From: &quot;Koen Vanoppen&quot;<br>
        &lt;<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.com</a> &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;&gt;<br></span><span class="">
                      &lt;mailto:<a href="mailto:vanoppen.koen@gmail" target="_blank">vanoppen.koen@gmail</a>.<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail" target="_blank">vanoppen.koen@gmail</a>.&gt;_<u></u>___com<br>
                 &lt;mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; To: &quot;Alon Bar-Lev&quot; &lt;<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;<br></span><span class="">
                      &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt; &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br></span><span class="">
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;&gt;&gt;,<br>
        <a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt; &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a><br></span>
        &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;&gt; &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a><br>
        &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;<br>
                 &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;&gt;&gt;<span class=""><br>
                       &gt; &gt; &gt; Sent: Thursday, January 29, 2015 2:19:32 PM<br>
                       &gt; &gt; &gt; Subject: Re: [ovirt-users] AAA<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; Big thanks for your help, but still the same:<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; #<br>
                       &gt; &gt; &gt; # Active directory domain name.<br>
                       &gt; &gt; &gt; #<br>
                       &gt; &gt; &gt; vars.domain = <a href="http://mydomain.com" target="_blank">mydomain.com</a><br>
        &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt; &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                 &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; #<br>
                       &gt; &gt; &gt; # Search user and its password.<br>
                       &gt; &gt; &gt; #<br>
                       &gt; &gt; &gt; vars.user = admin@${global:vars.domain}<br>
                       &gt; &gt; &gt; vars.password = *****<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; #<br>
                       &gt; &gt; &gt; # Optional DNS servers, if enterprise<br>
                       &gt; &gt; &gt; # DNS server cannot resolve the domain<br>
        srvrecord.<br>
                       &gt; &gt; &gt; #<br>
                       &gt; &gt; &gt; vars.dns =<br></span>
        dns://srvdc03.${global:vars.__<u></u>__domain}<br>
                       &gt; &gt; &gt; dns://srvdc04.${global:vars.__<u></u>__domain}<span class=""><br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; pool.default.serverset.type = srvrecord<br>
                       &gt; &gt; &gt; pool.default.serverset.____<u></u>srvrecord.domain =<br>
                 ${global:vars.domain}<br>
                       &gt; &gt; &gt; pool.default.auth.simple.____<u></u>bindDN =<br>
        ${global:vars.user}<br>
                       &gt; &gt; &gt; pool.default.auth.simple.____<u></u>password =<br>
                 ${global:vars.password}<br>
                       &gt; &gt; &gt;<br></span><span class="">
                       &gt; &gt; &gt; # Uncomment if using custom DNS<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt;<br>
<br>
<br></span>
        pool.default.serverset.____<u></u>srvrecord.jndi-properties.____<u></u>java.naming.provider.url<br>
                      =<br>
                       &gt; &gt; &gt; ${global:vars.dns}<br>
                       &gt; &gt; &gt; pool.default.socketfactory.___<u></u>_resolver.uRL =<br>
                 ${global:vars.dns}<span class=""><br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt;<br>
                 [ovirt-engine-extension-aaa-__<u></u>__ldap.authz::BRU_AIR-authz]<br>
                      Cannot initialize<br>
                       &gt; &gt; &gt; LDAP framework, deferring initialization.<br></span><div><div class="h5">
        Error: No<br>
                 DNS SRV<br>
                      records were<br>
                       &gt; &gt; &gt; found with record name<br>
        &#39;_gc._tcp.brussels.airport&#39;.<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; And I can&#39;t put &#39;_gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a><br>
        &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
                      &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt; in the dns... Isn&#39;t<br>
        there another<br>
                       &gt; &gt; &gt; way it just resolves the dns servers I gave<br>
        him?<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt;<br>
                       &gt; &gt; Microsoft Domain controller must have gc<br>
        service entry<br>
                 within<br>
                      DNS to work<br>
                       &gt; &gt; properly.<br>
                       &gt; &gt; 1. Are you sure you have Microsoft DNS<br>
        installed on<br>
        <a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a> &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
        &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt; ?<br>
                       &gt; &gt; 2. Can you please execute:<br>
                       &gt; &gt; $ dig @<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a><br>
        &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt;<br></div></div><span class="">
        &lt;<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>&gt; SRV<br>
                      _gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a> &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
        &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br></span><span class="">
                 &lt;<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>&gt;<br>
                       &gt; &gt; 3. Can you please open the DNS manager within<br>
        your<br>
                 domain and<br>
                      search for<br>
                       &gt; &gt; srv records? Maybe you have DNS installed<br>
        only on few<br>
                 servers,<br>
                      using the<br>
                       &gt; &gt; DNS manager you can also see which.<br>
                       &gt; &gt;<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; 2015-01-29 13:02 GMT+01:00 Alon Bar-Lev<br>
                 &lt;<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;<br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;<br></span><span class="">
                      &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt; &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br></span><span class="">
        &lt;mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>&gt;&gt;&gt;&gt;:<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; ----- Original Message -----<br>
                       &gt; &gt; &gt; &gt; &gt; From: &quot;Ondra Machacek&quot;<br>
        &lt;<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt;<br></span><span class="">
                      &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt; &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt;&gt;<u></u>&gt;<br></span><span class="">
                       &gt; &gt; &gt; &gt; &gt; To: &quot;Koen Vanoppen&quot;<br>
        &lt;<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.com</a> &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;&gt;<br></span>
                      &lt;mailto:<a href="mailto:vanoppen.koen@gmail" target="_blank">vanoppen.koen@gmail</a>.<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail" target="_blank">vanoppen.koen@gmail</a>.&gt;_<u></u>___com<span class=""><br>
                 &lt;mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
        &lt;mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>&gt;&gt;&gt;&gt;, <a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a><br>
        &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;<br>
                 &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;&gt;<br></span>
                      &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;<div><div class="h5"><br>
        &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> &lt;mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; Sent: Thursday, January 29, 2015 1:49:00 PM<br>
                       &gt; &gt; &gt; &gt; &gt; Subject: Re: [ovirt-users] AAA<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; On 01/29/2015 12:30 PM, Koen Vanoppen<br>
        wrote:<br>
                       &gt; &gt; &gt; &gt; &gt; &gt; No, I don&#39;t. and I wouldn&#39;t know how<br>
        he got to<br>
                 this name...<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; Well, then you have to, if you want to use<br>
                       &gt; &gt; &#39;pool.default.serverset.type<br>
                       &gt; &gt; &gt; &gt; &gt; = srvrecord&#39;.<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; It just need to know where your global<br>
        catalog is<br>
                      running, since it&#39;s<br>
                       &gt; &gt; &gt; &gt; &gt; needed for new provider.<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; It searches for global catalog like this:<br>
                       &gt; &gt; &gt; &gt; &gt; dig @${vars.dns} -t SRV<br>
        _gc._tcp.${vars.domain}<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; So you need to have this SRV record in<br>
        DNS, if<br>
                 you want<br>
                      to use<br>
                       &gt; &gt; srvrecord<br>
                       &gt; &gt; &gt; &gt; &gt; serverset type. Or you don&#39;t have to if<br>
        you use<br>
                 single<br>
                      server type.<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; active directory will not work without<br>
        access to<br>
                 global<br>
                      catalog.<br>
                       &gt; &gt; &gt; &gt; please set one or more of the domain<br>
        controllers<br>
                 as dns<br>
                      server, for<br>
                       &gt; &gt; &gt; &gt; example:<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; vars.dns =<br></div></div>
        dns://dc1.${global:vars.____<u></u>domain}<br>
                       &gt; &gt; dns://dc2.${global:vars.____<u></u>domain}<span class=""><br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; please also uncomment/add these lines to<br>
        make vars.dns<br>
                      effective.<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt;<br>
<br>
<br></span>
        pool.default.serverset.____<u></u>srvrecord.jndi-properties.____<u></u>java.naming.provider.url<br>
                       &gt; &gt; &gt; &gt; = ${global:vars.dns}<br>
                       &gt; &gt; &gt; &gt; pool.default.socketfactory.___<u></u>_resolver.uRL =<span class=""><br>
                 ${global:vars.dns}<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; Thanks!<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt; Thanks for the reply!<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt; 2015-01-29 11:53 GMT+01:00 Ondra Machacek<br>
                      &lt;<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;<br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt;<br>
                 &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt; &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt; &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt; &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;<br>
                 &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br></span>
        &lt;mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>&gt;&gt;&gt;<u></u>&gt;__&gt;__:<span class=""><br>
<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;     On 01/29/2015 11:41 AM, Koen<br>
        Vanoppen wrote:<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         Can somebody help me setting<br>
        up AAA<br>
                 for ovirt<br>
                      3.5.1?<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         I&#39;m getting this now:<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         2015-01-29 11:35:36,889 WARN<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
<br></span>
          [org.ovirt.engineextensions.__<u></u>____aaa.ldap.AuthzExtension] (MSC<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         service thread<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         1-1)<br>
                       &gt; &gt;<br>
        [ovirt-engine-extension-aaa-__<u></u>____ldap.authz::BRU_AIR-authz]<span class=""><br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         Cannot<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         initialize LDAP framework,<br>
        deferring<br>
                      initialization.<br>
                       &gt; &gt; Error: An<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         error<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         occurred while attempting to<br>
        query DNS<br>
                 in order to<br>
                       &gt; &gt; retrieve SRV<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         records<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         with name<br>
        &#39;_gc._tcp.brussels.airport&#39;:<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></span>
                   javax.naming.______<u></u>NameNotFoundException: DNS name<span class=""><br>
                      not found<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         [response code<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         3]; remaining name<br>
                 &#39;_gc._tcp.brussels.airport&#39;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;     Do you have this<br>
                 &#39;_gc._tcp.brussels.airport&#39; SRV<br>
                      record in DNS<br>
                       &gt; &gt; ?<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         my 3 configs:<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         _*BRU_AIR-authn.properties*_<br>
                       &gt; &gt; &gt; &gt; &gt; &gt; <a href="http://ovirt.engine.extension.name" target="_blank">ovirt.engine.extension.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;<br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;<br></span>
                      &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi__on.name" target="_blank">extensi<u></u>__on.name</a><span class=""><br>
        &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;&gt; &lt;<br></span>
                       &gt; &gt; &gt; &gt; <a href="http://ovirt.engine.extension." target="_blank">http://ovirt.engine.extension.</a><u></u>____name<br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi____on.name" target="_blank">extensi<u></u>____on.name</a><br>
        &lt;<a href="http://extensi__on.name" target="_blank">http://extensi__on.name</a>&gt; &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<br>
                      &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi__on.name" target="_blank">extensi<u></u>__on.name</a> &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<span class=""><br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;&gt;&gt; =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         BRU_AIR-authn<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></span>
                   ovirt.engine.extension.______<u></u>bindings.method =<br>
                      jbossmodule<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
<br>
          ovirt.engine.extension.______<u></u>binding.jbossmodule.module =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          org.ovirt.engine-extensions.__<u></u>____aaa.ldap<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
<br>
          ovirt.engine.extension.______<u></u>binding.jbossmodule.class =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
<br>
          org.ovirt.engineextensions.___<u></u>___aaa.ldap.AuthnExtension<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          ovirt.engine.extension.______<u></u>provides =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   org.ovirt.engine.api.______<u></u>extensions.aaa.Authn<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   ovirt.engine.aaa.authn.__<a href="http://profi____le.name" target="_blank">profi<u></u>____le.name</a><br>
        &lt;<a href="http://profi__le.name" target="_blank">http://profi__le.name</a>&gt; &lt;<a href="http://profile.name" target="_blank">http://profile.name</a>&gt;<br>
                      &lt;<a href="http://profile.name" target="_blank">http://profile.name</a>&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   &lt;<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://aut__hn.profile.name" target="_blank">aut<u></u>__hn.profile.name</a><span class=""><br>
        &lt;<a href="http://authn.profile.name" target="_blank">http://authn.profile.name</a>&gt;<br>
                 &lt;<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://authn.profile.name" target="_blank">aut<u></u>hn.profile.name</a><br>
        &lt;<a href="http://ovirt.engine.aaa.authn.profile.name" target="_blank">http://ovirt.engine.aaa.<u></u>authn.profile.name</a>&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></span>
                   &lt;<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://aut____hn.profile.name" target="_blank">aut<u></u>____hn.profile.name</a><br>
        &lt;<a href="http://aut__hn.profile.name" target="_blank">http://aut__hn.profile.name</a>&gt;<br>
                 &lt;<a href="http://authn.profile.name" target="_blank">http://authn.profile.name</a>&gt;<br>
                      &lt;<a href="http://authn.profile.name" target="_blank">http://authn.profile.name</a>&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   &lt;<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://aut__hn.profile.name" target="_blank">aut<u></u>__hn.profile.name</a><span class=""><br>
        &lt;<a href="http://authn.profile.name" target="_blank">http://authn.profile.name</a>&gt;<br>
                 &lt;<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://authn.profile.name" target="_blank">aut<u></u>hn.profile.name</a><br>
        &lt;<a href="http://ovirt.engine.aaa.authn.profile.name" target="_blank">http://ovirt.engine.aaa.<u></u>authn.profile.name</a>&gt;&gt;&gt;&gt; =<br>
                      BRU-AIR<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></span>
          ovirt.engine.aaa.authn.authz._<u></u>_____plugin =<br>
                      BRU_AIR-authz<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         config.profile.file.1 =<br>
                       &gt; &gt; &gt; &gt;<br>
        /etc/ovirt-engine/aaa/BRU_AIR.<u></u>______properties<span class=""><br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         _*BRU_AIR-authz.properties*_<br>
                       &gt; &gt; &gt; &gt; &gt; &gt; <a href="http://ovirt.engine.extension.name" target="_blank">ovirt.engine.extension.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;<br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;<br></span>
                      &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi__on.name" target="_blank">extensi<u></u>__on.name</a><span class=""><br>
        &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;&gt; &lt;<br></span>
                       &gt; &gt; &gt; &gt; <a href="http://ovirt.engine.extension." target="_blank">http://ovirt.engine.extension.</a><u></u>____name<br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi____on.name" target="_blank">extensi<u></u>____on.name</a><br>
        &lt;<a href="http://extensi__on.name" target="_blank">http://extensi__on.name</a>&gt; &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<br>
                      &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<br>
<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi__on.name" target="_blank">extensi<u></u>__on.name</a> &lt;<a href="http://extension.name" target="_blank">http://extension.name</a>&gt;<span class=""><br>
                 &lt;<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
        &lt;<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>&gt;&gt;&gt;&gt; =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         BRU_AIR-authz<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></span>
                   ovirt.engine.extension.______<u></u>bindings.method =<br>
                      jbossmodule<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
<br>
          ovirt.engine.extension.______<u></u>binding.jbossmodule.module =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          org.ovirt.engine-extensions.__<u></u>____aaa.ldap<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
<br>
          ovirt.engine.extension.______<u></u>binding.jbossmodule.class =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
<br>
          org.ovirt.engineextensions.___<u></u>___aaa.ldap.AuthzExtension<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          ovirt.engine.extension.______<u></u>provides =<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   org.ovirt.engine.api.______<u></u>extensions.aaa.Authz<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         config.profile.file.1 =<br>
                       &gt; &gt; &gt; &gt;<br>
        /etc/ovirt-engine/aaa/BRU_AIR.<u></u>______properties<div><div class="h5"><br>
<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         _*BRU_AIR.properties*_<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         include = &lt;ad.properties&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         #<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         # Active directory domain name.<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         #<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         vars.domain = <a href="http://mydomain.com" target="_blank">mydomain.com</a><br>
        &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                 &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                      &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt; &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         &lt;<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         #<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         # Search user and its password.<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         #<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         vars.user =<br>
        admin@${global:vars.domain}<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         vars.password = ***********<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         #<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         # Optional DNS servers, if<br>
        enterprise<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         # DNS server cannot resolve<br>
        the domain<br>
                 srvrecord.<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         #<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         vars.dns =<br>
        dns://<a href="http://dc01.mydomain.com" target="_blank">dc01.mydomain.com</a> &lt;<a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>&gt;<br>
                 &lt;<a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>&gt;<br>
                      &lt;<a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>&gt; &lt;<br>
                       &gt; &gt; <a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         &lt;<a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         pool.default.serverset.type =<br>
        srvrecord<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></div></div>
                   pool.default.serverset.______<u></u>srvrecord.domain =<br>
                       &gt; &gt; &gt; &gt; ${global:vars.domain}<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          pool.default.auth.simple._____<u></u>_bindDN =<br>
                      ${global:vars.user}<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
          pool.default.auth.simple._____<u></u>_password =<span class=""><br>
                       &gt; &gt; ${global:vars.password<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         In the GUI for adding user I<br>
        get this:<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         An error occurred while<br>
        attempting to<br>
                 query DNS<br>
                      in order to<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         retrieve SRV<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         records with name<br>
                 &#39;_gc__tcp_brussels_airport&#39;:<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></span>
                   javax_naming_______<u></u>NameNotFoundException: DNS name<span class=""><br>
                      not found<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         [response code<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         3]; remaining name<br>
                 &#39;_gc__tcp_brussels_airport&#39;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         Any ideas? I ran out...<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         Kind regards,<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         Koen<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br></span>
                   ______________________________<u></u>_______________________<span class=""><br>
                       &gt; &gt; &gt; &gt; &gt; &gt;         Users mailing list<br>
                       &gt; &gt; &gt; &gt; &gt; &gt; <a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt; &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;&gt;<br>
                 &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;<br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;&gt;&gt;<br>
                      &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;<br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;&gt;<br>
                 &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;<br></span>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
        <a href="http://lists.ovirt.org/______mailman/listinfo/users" target="_blank">http://lists.ovirt.org/______<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/____mailman/listinfo/users" target="_blank">http://lists.ovirt.org/____<u></u>mailman/listinfo/users</a>&gt;<span class=""><br>
                 &lt;<a href="http://lists.ovirt.org/____mailman/listinfo/users" target="_blank">http://lists.ovirt.org/____<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a>&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                   &lt;<a href="http://lists.ovirt.org/____mailman/listinfo/users" target="_blank">http://lists.ovirt.org/____<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a>&gt;<br>
                 &lt;<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/<u></u>mailman/listinfo/users</a>&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
        ______________________________<u></u>_____________________<br>
                       &gt; &gt; &gt; &gt; &gt; Users mailing list<br>
                       &gt; &gt; &gt; &gt; &gt; <a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt; &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;&gt;<br>
                 &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;<br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
        <a href="http://lists.ovirt.org/____mailman/listinfo/users" target="_blank">http://lists.ovirt.org/____<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a>&gt;<br>
                 &lt;<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/<u></u>mailman/listinfo/users</a>&gt;&gt;<br>
                       &gt; &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt; &gt;<br>
                       &gt; &gt; &gt;<br>
                       &gt; &gt;<br>
                       &gt;<br>
<br>
<br>
<br>
<br></span><span class="">
                 ______________________________<u></u>_____________________<br>
                 Users mailing list<br>
        <a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt; &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
        &lt;mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>&gt;&gt;<br></span><span class="">
        <a href="http://lists.ovirt.org/____mailman/listinfo/users" target="_blank">http://lists.ovirt.org/____<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a>&gt;<br>
                 &lt;<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a><br>
        &lt;<a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/<u></u>mailman/listinfo/users</a>&gt;&gt;<br>
<br>
<br>
<br>
</span></blockquote>
</blockquote></div><br></div>