<div dir="ltr">I just don't understand. Why did engine-manage-domains previously DID work, no problems what so ever and now I have this...<br></div><div class="gmail_extra"><br><div class="gmail_quote">2015-01-29 14:48 GMT+01:00 Ondra Machacek <span dir="ltr"><<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">It's same situation as before, but now you are missing ldap SRV record.<br>
<br>
With same steps you used to add _gc SRV record add also _ldap SRV record. But it's strange that you don't already have them.<span class=""><br>
<br>
On 01/29/2015 02:46 PM, Koen Vanoppen wrote:<br>
</span><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">
I saw that when I pressed the send button. If I do that i again get the<br>
following:<br>
<br>
2015-01-29 14:28:35,891 WARN<br>
[org.ovirt.engineextensions.<u></u>aaa.ldap.AuthzExtension] (MSC service thread<br>
1-1) [ovirt-engine-extension-aaa-<u></u>ldap.authz::BRU_AIR-authz] Cannot<br>
initialize LDAP framework, deferring initialization. Error: An error<br>
occurred while attempting to query DNS in order to retrieve SRV records<br>
with name '_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a><br></span>
<<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>><u></u>': javax.naming.<u></u>NameNotFoundException:<span class=""><br>
DNS name not found [response code 3]; remaining name<br></span>
'_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a> <<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>><u></u>'<span class=""><br>
2015-01-29 14:28:35,924 WARN<br>
[org.ovirt.engineextensions.<u></u>aaa.ldap.AuthnExtension] (MSC service thread<br>
1-1) [ovirt-engine-extension-aaa-<u></u>ldap.authn::BRU_AIR-authn] Cannot<br>
initialize LDAP framework, deferring initialization. Error: An error<br>
occurred while attempting to query DNS in order to retrieve SRV records<br>
with name '_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a><br></span>
<<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>><u></u>': javax.naming.<u></u>NameNotFoundException:<span class=""><br>
DNS name not found [response code 3]; remaining name<br></span>
'_ldap._<a href="http://tcp.ldap.mydomain.com" target="_blank">tcp.ldap.mydomain.com</a> <<a href="http://tcp.ldap.mydomain.com" target="_blank">http://tcp.ldap.mydomain.com</a>><u></u>'<span class=""><br>
<br>
And yes I replayed mydomain with the correct one... :-)<br>
<br>
2015-01-29 14:40 GMT+01:00 Ondra Machacek <<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br></span>
<mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>>>:<span class=""><br>
<br>
<br>
<br>
On 01/29/2015 02:18 PM, Koen Vanoppen wrote:<br>
<br>
OK... Now I have this one :-)<br></span>
WARN [org.ovirt.engineextensions.__<u></u>aaa.ldap.AuthnExtension]<br>
(MSC service<br>
thread 1-2) [ovirt-engine-extension-aaa-__<u></u>ldap.authn::BRU_AIR-authn]<span class=""><br>
Cannot initialize LDAP framework, deferring initialization. Error:<br>
Invalid DNS pseudo-URL(s):<br>
<br>
<br>
uncomment vars.dns<br>
<br>
<br>
Changed the properties file to this:<br>
<br>
include = <ad.properties><br>
<br>
#<br>
# Active directory domain name.<br>
#<br>
vars.domain = <a href="http://ldap.mydomain.com" target="_blank">ldap.mydomain.com</a> <<a href="http://ldap.mydomain.com" target="_blank">http://ldap.mydomain.com</a>><br>
<<a href="http://ldap.mydomain.com" target="_blank">http://ldap.mydomain.com</a>> (this one<br>
resolves to and gives ping back, front end of the pool)<br>
<br>
#<br>
# Search user and its password.<br>
#<br>
vars.user = <a href="mailto:juniper-admin@mydomain.com" target="_blank">juniper-admin@mydomain.com</a><br>
<mailto:<a href="mailto:juniper-admin@mydomain.com" target="_blank">juniper-admin@<u></u>mydomain.com</a>><br></span>
<mailto:<a href="mailto:juniper-admin@" target="_blank">juniper-admin@</a>__<a href="http://mydomain.com" target="_blank">mydoma<u></u>in.com</a><span class=""><br>
<mailto:<a href="mailto:juniper-admin@mydomain.com" target="_blank">juniper-admin@<u></u>mydomain.com</a>>><br>
vars.password = *****<br>
<br>
#<br>
# Optional DNS servers, if enterprise<br>
# DNS server cannot resolve the domain srvrecord.<br>
#<br>
#vars.dns = dns://srvdc03.my.domain dns://srvdc04.my.domain (these<br>
resolve and give a ping back)<br>
<br>
pool.default.serverset.type = srvrecord<br></span>
#pool.default.serverset.__<u></u>single.server = ${global:vars.server}<span class=""><br>
pool.default.serverset.__<u></u>srvrecord.domain = ${global:vars.domain}<br>
pool.default.auth.simple.__<u></u>bindDN = ${global:vars.user}<br>
pool.default.auth.simple.__<u></u>password = ${global:vars.password}<br>
<br></span><span class="">
# Uncomment if using custom DNS<br></span>
pool.default.serverset.__<u></u>srvrecord.jndi-properties.__<u></u>java.naming.provider.url<br>
=<br>
${global:vars.dns}<br>
pool.default.socketfactory.__<u></u>resolver.uRL = ${global:vars.dns}<span class=""><br>
<br>
<br>
Thanks for your effort!<br>
<br>
<br>
2015-01-29 13:50 GMT+01:00 Alon Bar-Lev <<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>><br></span>
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> <mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>>>>:<span class=""><br>
<br>
<br>
<br>
----- Original Message -----<br>
> From: "Koen Vanoppen" <<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.com</a><br>
<mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>><br></span><span class="">
<mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com <mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>>>><br>
> To: "Alon Bar-Lev" <<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br></span><span class="">
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>> <mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>>>><br></span><span class="">
> <a href="mailto:Cc%3Ausers@ovirt.org" target="_blank">Cc:users@ovirt.org</a> <mailto:<a href="mailto:Cc%253Ausers@ovirt.org" target="_blank">Cc%3Ausers@ovirt.org</a>><br>
<mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> <mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>>><br>
> Sent: Thursday, January 29, 2015 2:41:52 PM<br>
> Subject: Re: [ovirt-users] AAA<br>
><br>
> Yes We have:<br>
><br>
> [root@ovirtmgmt01prod ~]# dig @<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a><br></span>
<<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>> <<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>> SRV<br>
_gc._<br>
><a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a> <<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><br>
<<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><br>
><br>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.__<u></u>rc1.el6_5.1 <<>><br>
@<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a> <<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>><div><div class="h5"><br>
<<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>><br>
> SRV _gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a> <<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><br>
<<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><br>
> ; (1 server found)<br>
> ;; global options: +cmd<br>
> ;; Got answer:<br>
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33340<br>
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,<br>
ADDITIONAL: 0<br>
><br>
> ;; QUESTION SECTION:<br>
> ;_gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a> <<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><br>
<<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>>. IN SRV<br>
<br>
this ^^^^^^^ means that you do not have srv record. are you<br>
sure you<br>
replace <a href="http://mydomain.com" target="_blank">mydomain.com</a> <<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>><br>
<<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>> with your actual active<br>
directory domain name?<br>
have you tried to look into your dns manager for this<br>
information as<br>
well?<br>
<br>
><br>
> ;; AUTHORITY SECTION:<br>
> <a href="http://mydomain.com" target="_blank">mydomain.com</a> <<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>><br>
<<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>>. 3600 IN SOA<br>
<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a> <<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>><br>
<<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>>.<br>
> hostmaster.airport. 1398582 900 600 86400 3600<br>
><br>
> ;; Query time: 12 msec<br>
> ;; SERVER: 10.110.3.123#53(10.110.3.123)<br>
> ;; WHEN: Thu Jan 29 13:40:41 2015<br>
> ;; MSG SIZE rcvd: 98<br>
><br>
><br>
><br>
> 2015-01-29 13:33 GMT+01:00 Alon Bar-Lev<br>
<<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> <mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>><br></div></div>
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> <mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>>>>:<span class=""><br>
><br>
> ><br>
> ><br>
> > ----- Original Message -----<br>
> > > From: "Koen Vanoppen" <<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.com</a><br>
<mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>><br></span><span class="">
<mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
<mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>>>><br>
> > > To: "Alon Bar-Lev" <<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a><br>
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>><br></span><div><div class="h5">
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> <mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>>>>,<br>
<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> <mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>> <mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a><br>
<mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>>><br>
> > > Sent: Thursday, January 29, 2015 2:19:32 PM<br>
> > > Subject: Re: [ovirt-users] AAA<br>
> > ><br>
> > > Big thanks for your help, but still the same:<br>
> > ><br>
> > > #<br>
> > > # Active directory domain name.<br>
> > > #<br>
> > > vars.domain = <a href="http://mydomain.com" target="_blank">mydomain.com</a> <<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>><br>
<<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>><br>
> > ><br>
> > > #<br>
> > > # Search user and its password.<br>
> > > #<br>
> > > vars.user = admin@${global:vars.domain}<br>
> > > vars.password = *****<br>
> > ><br>
> > > #<br>
> > > # Optional DNS servers, if enterprise<br>
> > > # DNS server cannot resolve the domain srvrecord.<br>
> > > #<br></div></div>
> > > vars.dns = dns://srvdc03.${global:vars.__<u></u>domain}<br>
> > > dns://srvdc04.${global:vars.__<u></u>domain}<span class=""><br>
> > ><br>
> > > pool.default.serverset.type = srvrecord<br>
> > > pool.default.serverset.__<u></u>srvrecord.domain =<br>
${global:vars.domain}<br>
> > > pool.default.auth.simple.__<u></u>bindDN = ${global:vars.user}<br>
> > > pool.default.auth.simple.__<u></u>password =<br>
${global:vars.password}<br>
> > ><br></span><span class="">
> > > # Uncomment if using custom DNS<br>
> > ><br>
> ><br>
<br></span>
pool.default.serverset.__<u></u>srvrecord.jndi-properties.__<u></u>java.naming.provider.url<br>
=<br>
> > > ${global:vars.dns}<br>
> > > pool.default.socketfactory.__<u></u>resolver.uRL =<br>
${global:vars.dns}<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
[ovirt-engine-extension-aaa-__<u></u>ldap.authz::BRU_AIR-authz]<br>
Cannot initialize<span class=""><br>
> > > LDAP framework, deferring initialization. Error: No<br>
DNS SRV<br>
records were<br>
> > > found with record name '_gc._tcp.brussels.airport'.<br>
> > ><br>
> > > And I can't put '_gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a><br>
<<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><br>
<<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>> in the dns... Isn't there another<br>
> > > way it just resolves the dns servers I gave him?<br>
> > ><br>
> ><br>
> > Microsoft Domain controller must have gc service entry<br>
within<br>
DNS to work<br>
> > properly.<br>
> > 1. Are you sure you have Microsoft DNS installed on<br>
<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a> <<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>><br>
<<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>> ?<br>
> > 2. Can you please execute:<br>
> > $ dig @<a href="http://srvdc03.mydomain.com" target="_blank">srvdc03.mydomain.com</a><br></span>
<<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>> <<a href="http://srvdc03.mydomain.com" target="_blank">http://srvdc03.mydomain.com</a>> SRV<br>
_gc._<a href="http://tcp.mydomain.com" target="_blank">tcp.mydomain.com</a> <<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><span class=""><br>
<<a href="http://tcp.mydomain.com" target="_blank">http://tcp.mydomain.com</a>><br>
> > 3. Can you please open the DNS manager within your<br>
domain and<br>
search for<br>
> > srv records? Maybe you have DNS installed only on few<br>
servers,<br>
using the<br>
> > DNS manager you can also see which.<br>
> ><br>
> > ><br>
> > > 2015-01-29 13:02 GMT+01:00 Alon Bar-Lev<br>
<<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> <mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>><br></span>
<mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a> <mailto:<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>>>>:<span class=""><br>
> > ><br>
> > > ><br>
> > > ><br>
> > > > ----- Original Message -----<br>
> > > > > From: "Ondra Machacek" <<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
<mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>><br></span><span class="">
<mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> <mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>>>><br>
> > > > > To: "Koen Vanoppen" <<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.com</a><br>
<mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>><br></span><span class="">
<mailto:<a href="mailto:vanoppen.koen@gmail." target="_blank">vanoppen.koen@gmail.</a>__<u></u>com<br>
<mailto:<a href="mailto:vanoppen.koen@gmail.com" target="_blank">vanoppen.koen@gmail.<u></u>com</a>>>>, <a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a><br>
<mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>><br></span><div><div class="h5">
<mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a> <mailto:<a href="mailto:users@ovirt.org" target="_blank">users@ovirt.org</a>>><br>
> > > > > Sent: Thursday, January 29, 2015 1:49:00 PM<br>
> > > > > Subject: Re: [ovirt-users] AAA<br>
> > > > ><br>
> > > > ><br>
> > > > > On 01/29/2015 12:30 PM, Koen Vanoppen wrote:<br>
> > > > > > No, I don't. and I wouldn't know how he got to<br>
this name...<br>
> > > > ><br>
> > > > > Well, then you have to, if you want to use<br>
> > 'pool.default.serverset.type<br>
> > > > > = srvrecord'.<br>
> > > > ><br>
> > > > > It just need to know where your global catalog is<br>
running, since it's<br>
> > > > > needed for new provider.<br>
> > > > ><br>
> > > > > It searches for global catalog like this:<br>
> > > > > dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}<br>
> > > > ><br>
> > > > > So you need to have this SRV record in DNS, if<br>
you want<br>
to use<br>
> > srvrecord<br>
> > > > > serverset type. Or you don't have to if you use<br>
single<br>
server type.<br>
> > > ><br>
> > > > active directory will not work without access to<br>
global<br>
catalog.<br>
> > > > please set one or more of the domain controllers<br>
as dns<br>
server, for<br>
> > > > example:<br>
> > > ><br></div></div>
> > > > vars.dns = dns://dc1.${global:vars.__<u></u>domain}<br>
> > dns://dc2.${global:vars.__<u></u>domain}<span class=""><br>
> > > ><br>
> > > > please also uncomment/add these lines to make vars.dns<br>
effective.<br>
> > > ><br>
> > > ><br>
> ><br>
<br></span>
pool.default.serverset.__<u></u>srvrecord.jndi-properties.__<u></u>java.naming.provider.url<br>
> > > > = ${global:vars.dns}<br>
> > > > pool.default.socketfactory.__<u></u>resolver.uRL =<span class=""><br>
${global:vars.dns}<br>
> > > ><br>
> > > > Thanks!<br>
> > > ><br>
> > > > ><br>
> > > > > ><br>
> > > > > > Thanks for the reply!<br>
> > > > > ><br>
> > > > > > 2015-01-29 11:53 GMT+01:00 Ondra Machacek<br>
<<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> <mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>><br>
<mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a> <mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>>><br>
> > > > > > <mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br>
<mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>> <mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a><br></span>
<mailto:<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>>>><u></u>>__:<span class=""><br>
<br>
> > > > > ><br>
> > > > > > On 01/29/2015 11:41 AM, Koen Vanoppen wrote:<br>
> > > > > ><br>
> > > > > > Can somebody help me setting up AAA<br>
for ovirt<br>
3.5.1?<br>
> > > > > ><br>
> > > > > > I'm getting this now:<br>
> > > > > ><br>
> > > > > > 2015-01-29 11:35:36,889 WARN<br>
> > > > > ><br></span>
[org.ovirt.engineextensions.__<u></u>__aaa.ldap.AuthzExtension] (MSC<br>
> > > > > > service thread<br>
> > > > > > 1-1)<br>
> > [ovirt-engine-extension-aaa-__<u></u>__ldap.authz::BRU_AIR-authz]<span class=""><br>
> > > > > > Cannot<br>
> > > > > > initialize LDAP framework, deferring<br>
initialization.<br>
> > Error: An<br>
> > > > > > error<br>
> > > > > > occurred while attempting to query DNS<br>
in order to<br>
> > retrieve SRV<br>
> > > > > > records<br>
> > > > > > with name '_gc._tcp.brussels.airport':<br>
> > > > > ><br></span>
javax.naming.____<u></u>NameNotFoundException: DNS name<span class=""><br>
not found<br>
> > > > > > [response code<br>
> > > > > > 3]; remaining name<br>
'_gc._tcp.brussels.airport'<br>
> > > > > ><br>
> > > > > ><br>
> > > > > > Do you have this<br>
'_gc._tcp.brussels.airport' SRV<br>
record in DNS<br>
> > ?<br>
> > > > > ><br>
> > > > > ><br>
> > > > > > my 3 configs:<br>
> > > > > > _*BRU_AIR-authn.properties*_<br>
> > > > > > <a href="http://ovirt.engine.extension.name" target="_blank">ovirt.engine.extension.name</a><br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>><br></span>
<<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>>> <<br>
> > > > <a href="http://ovirt.engine.extension." target="_blank">http://ovirt.engine.extension.</a><u></u>__name<br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>>><br>
> > > > > ><br>
<<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi__on.name" target="_blank">extensi<u></u>__on.name</a> <<a href="http://extension.name" target="_blank">http://extension.name</a>><br>
<<a href="http://extension.name" target="_blank">http://extension.name</a>><span class=""><br>
> > > > > > <<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>>>> =<br>
> > > > > > BRU_AIR-authn<br>
> > > > > ><br></span>
ovirt.engine.extension.____<u></u>bindings.method =<br>
jbossmodule<br>
> > > > > ><br>
ovirt.engine.extension.____<u></u>binding.jbossmodule.module =<br>
> > > > > > org.ovirt.engine-extensions.__<u></u>__aaa.ldap<br>
> > > > > ><br>
ovirt.engine.extension.____<u></u>binding.jbossmodule.class =<br>
> > > > > ><br>
org.ovirt.engineextensions.___<u></u>_aaa.ldap.AuthnExtension<br>
> > > > > > ovirt.engine.extension.____<u></u>provides =<br>
> > > > > ><br>
org.ovirt.engine.api.____<u></u>extensions.aaa.Authn<br>
> > > > > ><br>
ovirt.engine.aaa.authn.__<a href="http://profi__le.name" target="_blank">profi<u></u>__le.name</a> <<a href="http://profile.name" target="_blank">http://profile.name</a>><br>
<<a href="http://profile.name" target="_blank">http://profile.name</a>><br>
> > > > > ><br>
<<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://authn.profile.name" target="_blank">aut<u></u>hn.profile.name</a><br>
<<a href="http://ovirt.engine.aaa.authn.profile.name" target="_blank">http://ovirt.engine.aaa.<u></u>authn.profile.name</a>>><br>
> > > > > ><br>
<<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://aut__hn.profile.name" target="_blank">aut<u></u>__hn.profile.name</a><br>
<<a href="http://authn.profile.name" target="_blank">http://authn.profile.name</a>><br>
<<a href="http://authn.profile.name" target="_blank">http://authn.profile.name</a>><span class=""><br>
> > > > > ><br>
<<a href="http://ovirt.engine.aaa." target="_blank">http://ovirt.engine.aaa.</a>__<a href="http://authn.profile.name" target="_blank">aut<u></u>hn.profile.name</a><br>
<<a href="http://ovirt.engine.aaa.authn.profile.name" target="_blank">http://ovirt.engine.aaa.<u></u>authn.profile.name</a>>>> =<br>
BRU-AIR<br></span>
> > > > > > ovirt.engine.aaa.authn.authz._<u></u>___plugin =<br>
BRU_AIR-authz<br>
> > > > > > config.profile.file.1 =<br>
> > > > /etc/ovirt-engine/aaa/BRU_AIR.<u></u>____properties<br>
> > > > > ><br>
> > > > > > _*BRU_AIR-authz.properties*_<br>
> > > > > > <a href="http://ovirt.engine.extension.name" target="_blank">ovirt.engine.extension.name</a><br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>><br>
<<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>>> <<br>
> > > > <a href="http://ovirt.engine.extension." target="_blank">http://ovirt.engine.extension.</a><u></u>__name<br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>>><br>
> > > > > ><br>
<<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extensi__on.name" target="_blank">extensi<u></u>__on.name</a> <<a href="http://extension.name" target="_blank">http://extension.name</a>><br>
<<a href="http://extension.name" target="_blank">http://extension.name</a>><span class=""><br>
<br>
> > > > > > <<a href="http://ovirt.engine." target="_blank">http://ovirt.engine.</a>__<a href="http://extension.name" target="_blank">extensi<u></u>on.name</a><br>
<<a href="http://ovirt.engine.extension.name" target="_blank">http://ovirt.engine.<u></u>extension.name</a>>>> =<br>
> > > > > > BRU_AIR-authz<br>
> > > > > ><br></span>
ovirt.engine.extension.____<u></u>bindings.method =<br>
jbossmodule<br>
> > > > > ><br>
ovirt.engine.extension.____<u></u>binding.jbossmodule.module =<br>
> > > > > > org.ovirt.engine-extensions.__<u></u>__aaa.ldap<br>
> > > > > ><br>
ovirt.engine.extension.____<u></u>binding.jbossmodule.class =<br>
> > > > > ><br>
org.ovirt.engineextensions.___<u></u>_aaa.ldap.AuthzExtension<br>
> > > > > > ovirt.engine.extension.____<u></u>provides =<br>
> > > > > ><br>
org.ovirt.engine.api.____<u></u>extensions.aaa.Authz<br>
> > > > > > config.profile.file.1 =<br>
> > > > /etc/ovirt-engine/aaa/BRU_AIR.<u></u>____properties<div><div class="h5"><br>
> > > > > ><br>
> > > > > > _*BRU_AIR.properties*_<br>
> > > > > > include = <ad.properties><br>
> > > > > ><br>
> > > > > > #<br>
> > > > > > # Active directory domain name.<br>
> > > > > > #<br>
> > > > > > vars.domain = <a href="http://mydomain.com" target="_blank">mydomain.com</a><br>
<<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>><br>
<<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>> <<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>><br>
> > > > > > <<a href="http://mydomain.com" target="_blank">http://mydomain.com</a>><br>
> > > > > ><br>
> > > > > > #<br>
> > > > > > # Search user and its password.<br>
> > > > > > #<br>
> > > > > > vars.user = admin@${global:vars.domain}<br>
> > > > > > vars.password = ***********<br>
> > > > > ><br>
> > > > > > #<br>
> > > > > > # Optional DNS servers, if enterprise<br>
> > > > > > # DNS server cannot resolve the domain<br>
srvrecord.<br>
> > > > > > #<br>
> > > > > > vars.dns = dns://<a href="http://dc01.mydomain.com" target="_blank">dc01.mydomain.com</a><br>
<<a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>><br>
<<a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>> <<br>
> > <a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>><br>
> > > > > > <<a href="http://dc01.mydomain.com" target="_blank">http://dc01.mydomain.com</a>><br>
> > > > > ><br>
> > > > > > pool.default.serverset.type = srvrecord<br>
> > > > > ><br></div></div>
pool.default.serverset.____<u></u>srvrecord.domain =<br>
> > > > ${global:vars.domain}<br>
> > > > > > pool.default.auth.simple.____<u></u>bindDN =<br>
${global:vars.user}<br>
> > > > > > pool.default.auth.simple.____<u></u>password =<span class=""><br>
> > ${global:vars.password<br>
> > > > > ><br>
> > > > > > In the GUI for adding user I get this:<br>
> > > > > ><br>
> > > > > > An error occurred while attempting to<br>
query DNS<br>
in order to<br>
> > > > > > retrieve SRV<br>
> > > > > > records with name<br>
'_gc__tcp_brussels_airport':<br>
> > > > > ><br></span>
javax_naming_____<u></u>NameNotFoundException: DNS name<span class=""><br>
not found<br>
> > > > > > [response code<br>
> > > > > > 3]; remaining name<br>
'_gc__tcp_brussels_airport'<br>
> > > > > ><br>
> > > > > > Any ideas? I ran out...<br>
> > > > > ><br>
> > > > > > Kind regards,<br>
> > > > > ><br>
> > > > > > Koen<br>
> > > > > ><br>
> > > > > ><br>
> > > > > ><br></span>
______________________________<u></u>_____________________<span class=""><br>
> > > > > > Users mailing list<br>
> > > > > > <a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> <mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>><br>
<mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> <mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>>><br>
<mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> <mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>><br></span>
<mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> <mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>>>><br>
> > > > > ><br>
<a href="http://lists.ovirt.org/____mailman/listinfo/users" target="_blank">http://lists.ovirt.org/____<u></u>mailman/listinfo/users</a><br>
<<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a>><br>
> > > > > ><br>
<<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a><br>
<<a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/<u></u>mailman/listinfo/users</a>>><span class=""><br>
> > > > > ><br>
> > > > > ><br>
> > > > > ______________________________<u></u>___________________<br>
> > > > > Users mailing list<br>
> > > > > <a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> <mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>><br>
<mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> <mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>>><br>
> > > > > <a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a><br>
<<a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/<u></u>mailman/listinfo/users</a>><br>
> > > > ><br>
> > > ><br>
> > ><br>
> ><br>
><br>
<br>
<br>
<br>
<br>
______________________________<u></u>___________________<br>
Users mailing list<br>
<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a> <mailto:<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a>><br></span>
<a href="http://lists.ovirt.org/__mailman/listinfo/users" target="_blank">http://lists.ovirt.org/__<u></u>mailman/listinfo/users</a><br>
<<a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/<u></u>mailman/listinfo/users</a>><br>
<br>
<br>
</blockquote>
</blockquote></div><br></div>