<html><body><div style="font-family: lucida console,sans-serif; font-size: 12pt; color: #000000"><div>Hello Everyone,</div><div>Anything else possible to check ?</div><div><br data-mce-bogus="1"></div><div>Slava.</div><div><br></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><b>From: </b>"Slava Bendersky" <volga629@networklab.ca><br><b>To: </b>"Ondra Machacek" <omachace@redhat.com><br><b>Cc: </b>"users" <users@ovirt.org><br><b>Sent: </b>Saturday, February 4, 2017 2:27:31 PM<br><b>Subject: </b>Re: [ovirt-users] FreeIPA with ovirt 4.1<br></div><br><div data-marker="__QUOTED_TEXT__"><div style="font-family: lucida console,sans-serif; font-size: 12pt; color: #000000"><div>Hello Ondra,</div><div>Log is empty </div><br><div><div>[root@vhe00 ~]# ls -la /var/log/httpd/ssl_error_log</div><div>-rw-r--r--. 1 root root 0 Feb 2 04:45 /var/log/httpd/ssl_error_log</div></div><br><div>Slava.</div><br><hr id="zwchr"><div><b>From: </b>"Ondra Machacek" <omachace@redhat.com><br><b>To: </b>"Slava Bendersky" <volga629@networklab.ca><br><b>Cc: </b>"users" <users@ovirt.org>, "Ravi" <rnori@redhat.com><br><b>Sent: </b>Saturday, February 4, 2017 10:35:31 AM<br><b>Subject: </b>Re: [ovirt-users] FreeIPA with ovirt 4.1<br></div><br><div><div dir="auto"><div><br><div class="gmail_extra"><br><div class="gmail_quote">On Feb 4, 2017 1:21 AM, "Slava Bendersky" <<a href="mailto:volga629@networklab.ca" target="_blank">volga629@networklab.ca</a>> wrote:<br><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-family:lucida console,sans-serif;font-size:12pt;color:#000000"><div>Hello Everyone,</div><div>Having trouble implement FreeIPA authentication with GSSAPI SSO and ovirt 4.1. I ran setup and it finished OK then it wrote the files bellow. Next I log to web admin with internal user and added FeeIPA user as SuperUser role. Also I added under System FreeIPA group authorized to login on any attempt to login with FreeIPA credentials getting message</div><br><br><div><div>2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet] (default task-6) [] Internal Server Error: Unsupported command</div><div>2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-6) [] Unsupported command</div><div>2017-02-04 00:03:08,659Z ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-3) [] server_error: Unsupported command</div></div></div></div></blockquote></div></div></div><div dir="auto"><br></div><div dir="auto">Ravi, do you know what this can cause?</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-family:lucida console,sans-serif;font-size:12pt;color:#000000"><br><br><div>Also when in extensions.d directory contain the following files. If I remove <span style="color:#000000;font-family:'lucida console',sans-serif;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;display:inline!important;float:none">mydomain.lan-authn.properties then in web ui FreeIPA domain not showing up in drop down list. Any http don't have influence on this.</span></div></div></div></blockquote></div></div></div><div dir="auto"><br></div><div dir="auto">That is correct behavior, we dont show profiles, which uses http for authn.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-family:lucida console,sans-serif;font-size:12pt;color:#000000"><div><span style="color:#000000;font-family:'lucida console',sans-serif;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;display:inline!important;float:none"><br></span></div><div><div>[root@vhe00 extensions.d]# pwd</div><div>/etc/ovirt-engine/extensions.d</div><br><div>[root@vhe00 extensions.d]# ls</div><div>mydomain.lan-authn.properties <span style="color:#000000;font-family:'lucida console',sans-serif;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;display:inline!important;float:none">mydomain.lan</span>-http-authn.properties <span style="color:#000000;font-family:'lucida console',sans-serif;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;display:inline!important;float:none">mydomain.lan</span>.properties internal-authz.properties</div><div><span style="color:#000000;font-family:'lucida console',sans-serif;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;display:inline!important;float:none">mydomain.lan</span>-authz.properties <span style="color:#000000;font-family:'lucida console',sans-serif;font-size:16px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:#ffffff;display:inline!important;float:none">mydomain.lan</span>-http-mapping.properties internal-authn.properties</div><div>[root@vhe00 extensions.d]# </div></div><br><br><div>If possible clarify how it should be and what is possible issue.</div></div></div></blockquote></div></div></div><div dir="auto"><br></div><div dir="auto">Can you please take a look to /var/log/httpd/ssl_error_log if any errors there?</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-family:lucida console,sans-serif;font-size:12pt;color:#000000"><span style="color: #888888;"><br><br><br><div>Slava. </div></span></div></div><br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
<br></blockquote></div></div></div></div><br></div></div><br>_______________________________________________<br>Users mailing list<br>Users@ovirt.org<br>http://lists.ovirt.org/mailman/listinfo/users<br></div></div></body></html>