Dear Lucie,
Thanks for your help.
You can find my configuration file below :
sudo nano /etc/ovirt-engine/extensions.d/ldap.mydomain.fr-authn.properties
ovirt.engine.extension.name = ldap.mydomain.fr-authn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = ldap.mydomain.fr
ovirt.engine.aaa.authn.authz.plugin = ldap.mydomain.fr
config.profile.file.1 = ../aaa/ldap.mydomain.fr.properties
config.globals.baseDN.simple_baseDN = ou=people,dc=mydomain,dc=fr
sudo nano /etc/ovirt-engine/extensions.d/ldap.mydomain.fr-authz.properties
ovirt.engine.extension.name = ldap.mydomain.fr
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = ../aaa/ldap.mydomain.fr.properties
config.globals.baseDN.simple_baseDN = ou=people,dc=mydomain,dc=fr
sudo nano /etc/ovirt-engine/aaa/ldap.mydomain.fr.properties
include = <isds.properties>
vars.server = ldap.mydomain.fr
pool.authz.auth.type = none
pool.default.serverset.type = single
pool.default.serverset.single.server = ${global:vars.server}
pool.default.serverset.single.port = 636
pool.default.ssl.enable = true
pool.default.ssl.truststore.file = ${local:_basedir}/ldap.mydomain.fr.jks
pool.default.ssl.truststore.password = changeit
Thank you beforehand,
Best Regards,
LAMY Lucas
Le 19 févr. 2020 à 8:31 AM, Lucie Leistnerova
<lleistne(a)redhat.com> a écrit :
Hi Lucas,
how is your ldap set? Can you please share settings in /etc/ovirt-engine/extensions.d
Is the driver properly set? I've found similar issue here
https://users.ovirt.narkive.com/FveKIVCV/ovirt-users-adding-users-through...
Thank you.
Lucie
> On 2/18/20 4:14 PM, Lucas Lamy wrote:
> Hello everyone.
>
> I have previously configured LDAP connexion though
ovirt-engine-extension-aaa-ldap-setup.
>
> The only working configuration was IBM Security Directory Server (the IBM Security
Directory Server RFC-2307 Schema doesn't work), ladps and anonymous search user. But
the LDAP server I’m testing is OpenLDAP and not IBM.
>
> Indeed with IBM the search and login are working fine when I test them with
ovirt-engine-extensions-tool aaa.
>
> But when I try to add a LDAP User in the User Administration Panel I get this Error
message : "Error while executing action AddUser : Internal Engine Error".
>
> None of the solutions I've found on previous threads seems to works.
>
> Does someone have an idea please ?
> Please find the logs attached.
> Thank you beforehand.
>
>
> Caused by: org.postgresql.util.PSQLException: ERROR: null value in column
"external_id" violates not-null constraint Detail: Failing row contains (**user
info**). Where: SQL statement "INSERT INTO users ( department, domain, email, name,
note, surname, user_id, username, external_id, namespace ) VALUES ( v_department,
v_domain, v_email, v_name, v_note, v_surname, v_user_id, v_username, v_external_id,
v_namespace )" PL/pgSQL function insertuser(character varying,character
varying,character varying,character varying,character varying,character
varying,uuid,character varying,text,character varying) line 3 at SQL state$ at
org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2433)
at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:2178) at
org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:306) at
org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:441) at
org.postgresql.jdbc.PgStatement.execute(PgStatement.java:365) at
org.postgresql.jdbc.PgPreparedStatement.executeWithFlags(PgPreparedStatement.java:155) at
org.postgresql.jdbc.PgCallableStatement.executeWithFlags(PgCallableStatement.java:78) at
org.postgresql.jdbc.PgPreparedStatement.execute(PgPreparedStatement.java:144) at
org.jboss.jca.adapters.jdbc.CachedPreparedStatement.execute(CachedPreparedStatement.java:303)
at
org.jboss.jca.adapters.jdbc.WrappedPreparedStatement.execute(WrappedPreparedStatement.java:442)
at org.springframework.jdbc.core.JdbcTemplate.lambda$call$4(JdbcTemplate.java:1105)
[spring-jdbc.jar:5.0.4.RELEASE] at
org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:1050)
[spring-jdbc.jar:5.0.4.RELEASE] ... 162 more 2020-02-15 10:16:53,337+01 ERROR
[org.ovirt.engine.core.bll.aaa.AddUserCommand] (default task-4)
[222f7ca7-b669-40e0-b152-2ca898ebde09] Transaction rolled-back for command
'org.ovirt.engine.core.bll.aaa.$ 2020-02-15 10:16:53,341+01 WARN
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-4)
[222f7ca7-b669-40e0-b152-2ca898ebde09] EVENT_ID: USER_FAILED_ADD_ADUSER(327), Fail, Failed
to add User 'user' to the system.
> _______________________________________________
> Users mailing list -- users(a)ovirt.org
> To unsubscribe send an email to users-leave(a)ovirt.org
> Privacy Statement:
https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/PLCLWVJUD7K...
--
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA
IRC: lleistne @ #rhev-qe