<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix"> Dear All,<br>
I'm following this thread because thinking to SAML ovirt
integration. Can you help me ?<br>
Does ovirt support this kind of authentication ? Could you send me
more information or<br>
a link to guide ?<br>
Thanks a lot.<br>
Best Regards<br>
Enrico<br>
<br>
<br>
Il 25/04/2018 18:20, Kristian Petersen ha scritto:<br>
</div>
<blockquote type="cite"
cite="mid:CAEzpwAV_v70+Bx7uP=hKpLakgH9kdA3+HzC01N+EpqQZ8nLNdw@mail.gmail.com">
<div dir="ltr">
<div>I restarted the service and it is working beautifully
again. Thank you for you time and effort in helping me.</div>
<div><br>
</div>
As for what caused this mess...
<div>My hosted engine crashed after it's storage was temporarily
disconnected by an automatic application of an update which
then rebooted the NAS. After I was able to get the engine
back up, but running my IPA logins didn't work anymore and I
had no idea why that would be. I hadn't changed anything in
relation to any of that so it made little sense why it stopped
working.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Apr 25, 2018 at 1:39 AM, Ondra
Machacek <span dir="ltr"><<a
href="mailto:omachace@redhat.com" target="_blank"
moz-do-not-send="true">omachace@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Yep, you
need to restart ovirt-engine service so the changes take<br>
effect.<br>
<br>
Anyway, we need to figure out what removed your
IPA.properties and<br>
IPA.jks file. What did you do before it stop work?<span
class=""><br>
<br>
On 04/25/2018 12:37 AM, Kristian Petersen wrote:<br>
</span>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex"><span
class="">
<br>
---------- Forwarded message ----------<br>
From: *Kristian Petersen* <<a
href="mailto:nesretep@chem.byu.edu" target="_blank"
moz-do-not-send="true">nesretep@chem.byu.edu</a>
<mailto:<a href="mailto:nesretep@chem.byu.edu"
target="_blank" moz-do-not-send="true">nesretep@chem.byu.edu</a>><wbr>><br>
Date: Tue, Apr 24, 2018 at 12:38 PM<br>
Subject: Re: [ovirt-users] FreeIPA authentication broken<br>
</span><span class="">
To: Ondra Machacek <<a
href="mailto:omachace@redhat.com" target="_blank"
moz-do-not-send="true">omachace@redhat.com</a>
<mailto:<a href="mailto:omachace@redhat.com"
target="_blank" moz-do-not-send="true">omachace@redhat.com</a>>><br>
<br>
<br>
That directory only contains internal.properties. So I
copied the IPA.properties, IPA-authn.properties, and
IPA.jks files all into the 'aaa' subdirectory and set
ownership and permissions as you directed. I reran the
command you gave me initially and it prompted me for a
password for the user when entered the process exited
with status 0. However, the web interface still isn't
letting me log in. Do I need to restart a service for
the changes to be effective in the web UI?<br>
<br>
</span><span class="">
On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek <<a
href="mailto:omachace@redhat.com" target="_blank"
moz-do-not-send="true">omachace@redhat.com</a>
<mailto:<a href="mailto:omachace@redhat.com"
target="_blank" moz-do-not-send="true">omachace@redhat.com</a>>>
wrote:<br>
<br>
Right, you are missing file
/etc/ovirt-engine/aaa/IPA.prop<wbr>erties<br>
<br>
It's not subdirectory of
/etc/ovirt-engine/extensions.d<wbr>, but it's in<br>
/etc/ovirt-engine/ in 'aaa' subdirectory, can you
check what's there?<br>
Please check also the correct permissions of that
file, it should be<br>
'600' and owned by ovirt user.<br>
<br>
<br>
On 04/23/2018 10:25 PM, Kristian Petersen wrote:<br>
<br>
Looks like it can't find the IPA.properties
file. I tried<br>
following the path it is complaining about but
there are only<br>
files in /etc/ovirt-engine/extensions.d on the
engine VM. No<br>
subdirectories. However, that directory appears
to contain the<br>
files it is looking for. Both
IPA-authn.properties and<br>
IPA.properties are there as are the internal
properties files. Is there a config file we can
edit to tell it to look in the<br>
right place?<br>
<br>
<br>
<br>
<br>
-- <br>
Kristian Petersen<br>
System Administrator<br>
BYU Dept. of Chemistry and Biochemistry<br>
<br>
<br>
<br>
-- <br>
Kristian Petersen<br>
System Administrator<br>
BYU Dept. of Chemistry and Biochemistry<br>
<br>
<br>
</span><span class="">
______________________________<wbr>_________________<br>
Users mailing list<br>
<a href="mailto:Users@ovirt.org" target="_blank"
moz-do-not-send="true">Users@ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/users"
rel="noreferrer" target="_blank"
moz-do-not-send="true">http://lists.ovirt.org/mailman<wbr>/listinfo/users</a><br>
<br>
</span></blockquote>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">Kristian Petersen
<div>System Administrator</div>
<div>BYU Dept. of Chemistry and Biochemistry</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a>
</pre>
</blockquote>
<p><br>
</p>
<pre class="moz-signature" cols="72">--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
______________________________________________________________________ </pre>
</body>
</html>