Many thanks Itamar, I had not noticed that bug.
The -addPermissions flag indeed did the trick.

- DHC

On Mon, Sep 24, 2012 at 4:58 PM, Itamar Heim <iheim@redhat.com> wrote:
On 09/24/2012 11:31 PM, Dead Horse wrote:
I have built ovirt-engine from the latest GIT master over the past few
nights and am running into a MS AD/LDAP error.  This same MS AD setup
works fine with Released 3.1.

Current nightly builds from jenkins are not building all the GWT
permutations (Internet Explorer for example) so I have been attempting
to re-build the engine so I can test using Internet Explorer.
It would be nice if the nightly jenkins builds could be changed to do
the build with all GWT permutations enabled.

I am building in an FC17 environment with updates applied and current as
of today. Accordingly maven3 and all build dependencies are installed
from the FC17 repositories.
I tried the latest nightly from Jenkins and it does not exhibit the
below error. I am guessing I must not have the build recipe/env correct.

Bug 858769 - manage-domains: once the domain is added admin@internal can't search in that domain

I assume you are not using -addPermissions during the manage domains command - it should workaround it.
I know yair is working on analyzing this.


The AD error I am running into looks like:

2012-09-24 16:15:44,037 ERROR
[org.ovirt.engine.core.bll.adbroker.DirectorySearcher]
(ajp--127.0.0.1-8702-4) Failed ldap search server
LDAP://someserver.foo.com:389 <http://someserver.foo.com:389> due to

Kerberos error. Please check log for further details.. We should not try
the next server
2012-09-24 16:15:44,039 ERROR
[org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy]
(ajp--127.0.0.1-8702-2) Error from Kerberos: java.lang.NullPointerException
     at
org.ovirt.engine.core.bll.adbroker.GSSAPICallbackHandler.handle(GSSAPICallbackHandler.java:47)
     at
javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:969)
     at
javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:966)
     at java.security.AccessController.doPrivileged(Native Method)
     at
javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:965)
     at
com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:870)
     at
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:715)
     at
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:580)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
     at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:601)
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
     at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
     at java.security.AccessController.doPrivileged(Native Method)
     at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
     at
org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy.authenticateToKDC(GSSAPIDirContextAuthenticationStrategy.java:127)
     at
org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy.explicitAuth(GSSAPIDirContextAuthenticationStrategy.java:119)
     at
org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy.authenticate(GSSAPIDirContextAuthenticationStrategy.java:111)
     at
org.ovirt.engine.core.bll.adbroker.GSSAPILdapTemplateWrapper.useAuthenticationStrategy(GSSAPILdapTemplateWrapper.java:86)
     at
org.ovirt.engine.core.bll.adbroker.PrepareLdapConnectionTask.call(PrepareLdapConnectionTask.java:56)
     at
org.ovirt.engine.core.bll.adbroker.DirectorySearcher.find(DirectorySearcher.java:103)
     at
org.ovirt.engine.core.bll.adbroker.DirectorySearcher.FindAll(DirectorySearcher.java:48)
     at
org.ovirt.engine.core.bll.adbroker.LdapSearchGroupsByQueryCommand.executeQuery(LdapSearchGroupsByQueryCommand.java:22)
     at
org.ovirt.engine.core.bll.adbroker.LdapBrokerCommandBase.execute(LdapBrokerCommandBase.java:69)
     at
org.ovirt.engine.core.bll.adbroker.LdapBrokerBase.RunAdAction(LdapBrokerBase.java:18)
     at org.ovirt.engine.core.bll.SearchQuery.adSearch(SearchQuery.java:194)
     at
org.ovirt.engine.core.bll.SearchQuery.searchAdGroups(SearchQuery.java:172)
     at
org.ovirt.engine.core.bll.SearchQuery.executeQueryCommand(SearchQuery.java:79)
     at
org.ovirt.engine.core.bll.QueriesCommandBase.ExecuteCommand(QueriesCommandBase.java:71)
     at
org.ovirt.engine.core.dal.VdcCommandBase.Execute(VdcCommandBase.java:41)
     at org.ovirt.engine.core.bll.Backend.runQueryImpl(Backend.java:384)
     at org.ovirt.engine.core.bll.Backend.RunQuery(Backend.java:367)
     at sun.reflect.GeneratedMethodAccessor12.invoke(Unknown Source)
     at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:601)
     at
org.jboss.as.ee.component.ManagedReferenceMethodInterceptorFactory$ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptorFactory.java:72)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:374)
     at
org.ovirt.engine.core.utils.ThreadLocalSessionCleanerInterceptor.injectWebContextToThreadLocal(ThreadLocalSessionCleanerInterceptor.java:11)
     at sun.reflect.GeneratedMethodAccessor7.invoke(Unknown Source)
     at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:601)
     at
org.jboss.as.ee.component.ManagedReferenceLifecycleMethodInterceptorFactory$ManagedReferenceLifecycleMethodInterceptor.processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:123)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53)
     at
org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:36)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
     at
org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:53)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.as.ejb3.component.singleton.SingletonComponentInstanceAssociationInterceptor.processInvocation(SingletonComponentInstanceAssociationInterceptor.java:53)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInNoTx(CMTTxInterceptor.java:211)
     at
org.jboss.as.ejb3.tx.CMTTxInterceptor.supports(CMTTxInterceptor.java:363)
     at
org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:194)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
     at
org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
     at
org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:173)
     at
org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
     at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
     at
org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72)
     at
org.ovirt.engine.core.common.interfaces.BackendLocal$$$view9.RunQuery(Unknown
Source)
     at
org.ovirt.engine.ui.frontend.server.gwt.GenericApiGWTServiceImpl.RunQuery(GenericApiGWTServiceImpl.java:51)
     at sun.reflect.GeneratedMethodAccessor15.invoke(Unknown Source)
     at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     at java.lang.reflect.Method.invoke(Method.java:601)
     at com.google.gwt.rpc.server.RPC.invokeAndStreamResponse(RPC.java:196)
     at
com.google.gwt.rpc.server.RpcServlet.processCall(RpcServlet.java:161)
     at
com.google.gwt.rpc.server.RpcServlet.processPost(RpcServlet.java:222)
     at
com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
     at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
     at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
     at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
     at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
     at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:489)
     at
org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
     at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
     at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
     at org.jboss.web.rewrite.RewriteValve.invoke(RewriteValve.java:466)
     at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
     at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:505)
     at
org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:445)
     at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
     at java.lang.Thread.run(Thread.java:722)

- DHC


_______________________________________________
Engine-devel mailing list
Engine-devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-devel