Re: [ovirt-users] Can not configure with simple LDAP.

2014-10-07 00:27:59,829 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (MSC service thread 1-14) Exception during sequence: LDAPException(resultCode=91 (connect error), errorMessage='An error occurred while attempting to connect to server ldap.rxc05271.com:389: java.io.IOException: An error occurred while attempting to establish a connection to server ldap.rxc05271.com/111.64.166.75:389: java.net.ConnectException: Connection refused') ----- Original Message ----- > From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; > To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; > Cc: users(a)ovirt.org > Sent: Monday, October 6, 2014 6:31:17 PM > Subject: Re: [ovirt-users] Can not configure with simple LDAP. > > engine.log attached. > > Regards > > (2014/10/06 23:57), Alon Bar-Lev wrote: >> ----- Original Message ----- >>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>> Cc: users(a)ovirt.org >>> Sent: Monday, October 6, 2014 3:40:05 PM >>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>> >>> Alon, >>> >>> Thanks, the ovirt-engine-extension-aaa-ldap was updated successfully. >>> and then I restarted my ovirt-engine. >>> >>> I tried the following: >>> >>> 1) Login to the User Portal using LDAP account "tani". >>> Failed. (it was able to login before doing update.) >>> >>> 2) Then deleting the LDAP account "tani" from admin portal. >>> >>> 3) Tried to add new account "tani" again. >>> I selected "rxc05271.com (authz-company)" instead of "internal (internal)" >>> but "Go" bottun is hidden. >>> >>> What should I do next? >> it probably means that the engine cannot interact with the ldap. >> can you see any error message during engine startup that related? >> can you stop engine remove engine.log start engine and send me the >> engine.log? >> >>> Regards, >>> Fumihide Tani >>> >>> (2014/10/06 20:39), Alon Bar-Lev wrote: >>>> ----- Original Message ----- >>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>> Cc: users(a)ovirt.org >>>>> Sent: Monday, October 6, 2014 2:36:38 PM >>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>>> >>>>> Hi, Alon >>>>> >>>>> I can not update the ovirt-engine-extension-aaa-ldap.noarch >>>>> 0.0.0-0.0.master.20140923213100.git10a282b.el6. to the one you >>>>> specified. >>>>> Is it still not exist in ovirt-3.5-pre repo? >>>> right, they are at snapshots. >>>> you can take the extension rpm and only update it. >>>> >>>> yum localupdate >>>> http://resources.ovirt.org/pub/ovirt-3.5-snapshot/rpm/el6/noarch/ovirt-en... >>>> >>>>> Regards, >>>>> Fumihide Tani >>>>> >>>>> (2014/10/06 17:07), Alon Bar-Lev wrote: >>>>>> Hello Fumihide, >>>>>> >>>>>> I pushed a significant change into ldap package, in some cases it will >>>>>> provide better response times. >>>>>> The change is within group resolution. >>>>>> I wounder if you can test it, should be at least >>>>>> ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d. >>>>>> >>>>>> Regards, >>>>>> Alon Bar-Lev. >>>>>> >>>>>> ----- Original Message ----- >>>>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>>>> Cc: users(a)ovirt.org >>>>>>> Sent: Thursday, September 25, 2014 4:41:09 PM >>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>>>>> >>>>>>> Hi, Alon, >>>>>>> >>>>>>> Without waiting until the weekend, >>>>>>> I have finished the flesh install of the oVirt 3.5 RC3 today. >>>>>>> As a result, with same AAA settings, >>>>>>> My OpenLDAP's users became possible to login to the Web User Portal >>>>>>> now. >>>>>>> Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is >>>>>>> not. >>>>>>> >>>>>>> Very much thanks, >>>>>>> Fumihide Tani >>>>>>> >>>>>>> (2014/09/25 7:27), Alon Bar-Lev wrote: >>>>>>>> This is severe, the upgrade is not working properly you have issues >>>>>>>> with >>>>>>>> accessing database. >>>>>>>> If database is not important I suggest a fresh install, run >>>>>>>> engine-cleanup >>>>>>>> then engine-setup. >>>>>>>> If database is important please forward this to devel mailing list >>>>>>>> for >>>>>>>> someone to help, regardless of LDAP. >>>>>>>> Regards, >>>>>>>> Alon >>>>>>>> >>>>>>>> >>>>>>>> 4-09-25 00:36:08,389 ERROR >>>>>>>> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] >>>>>>>> (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1: >>>>>>>> java.lang.ArrayIndexOutOfBoundsException: 1 >>>>>>>> at >>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeDAODbFacadeImpl.java:208) >>>>>>>> [dal.jar:] >>>>>>>> at >>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.access$000(VdsNumaNodeDAODbFacadeImpl.java:20) >>>>>>>> [dal.jar:] >>>>>>>> at >>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:184) >>>>>>>> [dal.jar:] >>>>>>>> at >>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:168) >>>>>>>> [dal.jar:] >>>>>>>> >>>>>>>> >>>>>>>> ----- Original Message ----- >>>>>>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>>>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>>>>>> Sent: Wednesday, September 24, 2014 6:40:58 PM >>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>>>>>>> >>>>>>>>> Result of running engine-setup: >>>>>>>>> [root@ovirt ~]# yum list installed|grep ovirt-engine >>>>>>>>> ovirt-engine.noarch 3.5.0-0.0.master.20140923231936.git42065cc.el6 >>>>>>>>> >>>>>>>>> Yes, engine is updated to newest one.! >>>>>>>>> >>>>>>>>> But I still continued failing to login. >>>>>>>>> engine.log attached. >>>>>>>>> >>>>>>>>> Very thanks, >>>>>>>>> >>>>>>>>> (2014/09/24 23:59), Alon Bar-Lev wrote: >>>>>>>>>> you probably need to run engine-setup >>>>>>>>>> >>>>>>>>>> ----- Original Message ----- >>>>>>>>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>>>>>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>>>>>>>> Sent: Wednesday, September 24, 2014 4:59:22 PM >>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>>>>>>>>> >>>>>>>>>>> Oops! >>>>>>>>>>> # yum list installed | grep ovirt-engine >>>>>>>>>>> ovirt-engine.noarch 3.5.0-0.0.master.20140821064931.gitb794d66.el6 >>>>>>>>>>> (snip) >>>>>>>>>>> ..... >>>>>>>>>>> >>>>>>>>>>> Many ovirt-3.5-* modules are updated by yum today but engine is >>>>>>>>>>> not. >>>>>>>>>>> Why not updated to RC3?? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> (2014/09/24 22:42), Alon Bar-Lev wrote: >>>>>>>>>>>> Unless I am missing something, you run old engine: >>>>>>>>>>>> >>>>>>>>>>>> 2014-09-24 22:16:24,136 INFO [org.ovirt.engine.core.bll.Backend] >>>>>>>>>>>> (MSC >>>>>>>>>>>> service thread 1-12) Running ovirt-engine >>>>>>>>>>>> 3.5.0-0.0.master.20140821064931.gitb794d66.el6 >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> ----- Original Message ----- >>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>>>>>>>>>> Sent: Wednesday, September 24, 2014 4:21:09 PM >>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>>>>>>>>>>> >>>>>>>>>>>>> Attached engine.log with "FINEST" >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks, >>>>>>>>>>>>> >>>>>>>>>>>>> (2014/09/24 21:32), Alon Bar-Lev wrote: >>>>>>>>>>>>>> ----- Original Message ----- >>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>>>>>>>>>>>> Cc: users(a)ovirt.org >>>>>>>>>>>>>>> Sent: Wednesday, September 24, 2014 3:24:23 PM >>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi, Alon, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I have updated the oVirt 3.5 RC2 to the newest RC3 today. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> From my CentOS6.5 based oVirt Engine server and the >>>>>>>>>>>>>>> oVirt >>>>>>>>>>>>>>> Host >>>>>>>>>>>>>>> server, >>>>>>>>>>>>>>> # yum clean all >>>>>>>>>>>>>>> # yum update >>>>>>>>>>>>>>> Then rebooted these servers. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> But my LDAP problem is continued and same result as before. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> When I login to the oVirt User Portal, >>>>>>>>>>>>>>> User Name: tani >>>>>>>>>>>>>>> Password: (OpenLDAP's userPassword) >>>>>>>>>>>>>>> Domain: rxc05271.com >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> UI displays "General command validation failure." >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Please advice. >>>>>>>>>>>>>> Hopefully I can if you provide log... :) >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>> Fumihide Tani >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> (2014/09/22 22:20), Alon Bar-Lev wrote: >>>>>>>>>>>>>>>> The version of engine you are using is probably out of date >>>>>>>>>>>>>>>> and >>>>>>>>>>>>>>>> unsynced >>>>>>>>>>>>>>>> with latest ldap package (20140821064931). >>>>>>>>>>>>>>>> Please make sure you take latest from[1] >>>>>>>>>>>>>>>> Thanks! >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/ >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> ----- Original Message ----- >>>>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>>>>>>>>>>>>>> Cc: users(a)ovirt.org >>>>>>>>>>>>>>>>> Sent: Monday, September 22, 2014 3:42:52 PM >>>>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple >>>>>>>>>>>>>>>>> LDAP. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Hi, Alon, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Your requested engine.log attached. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Also, I tried to login to web user portal by "tani" >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> User Name: tani >>>>>>>>>>>>>>>>> Password: (OpenLDAP userPassword) >>>>>>>>>>>>>>>>> Domain: rxc05271.com >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> cause: "General command validation failure." >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Attated log includes login by "Fumihide" first, "tani" >>>>>>>>>>>>>>>>> second. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Very thanks, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> (2014/09/22 21:24), Alon Bar-Lev wrote: >>>>>>>>>>>>>>>>>> ----- Original Message ----- >>>>>>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271(a)nifty.com&gt; >>>>>>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; >>>>>>>>>>>>>>>>>>> Cc: users(a)ovirt.org >>>>>>>>>>>>>>>>>>> Sent: Monday, September 22, 2014 3:06:39 PM >>>>>>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple >>>>>>>>>>>>>>>>>>> LDAP. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Sorry, I misunderstood. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> This is outputs after LDAP user logged in. >>>>>>>>>>>>>>>>>> Please attach log as files, not inline, easier to handle. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> 2014-09-22 21:01:32,638 DEBUG >>>>>>>>>>>>>>>>>> [org.ovirt.engineextensions.aaa.ldap.Framework] >>>>>>>>>>>>>>>>>> (ajp--127.0.0.1-8702-4) >>>>>>>>>>>>>>>>>> SearchRequest: SearchRequest(baseDN='dc=rxc05271,dc=com', >>>>>>>>>>>>>>>>>> scope=SUB, >>>>>>>>>>>>>>>>>> deref=NEVER, sizeLimit=0, timeLimit=0, >>>>>>>>>>>>>>>>>> filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)', >>>>>>>>>>>>>>>>>> attrs={entryUUID, >>>>>>>>>>>>>>>>>> uid, displayName, memberOf, department, givenName, sn, >>>>>>>>>>>>>>>>>> title, >>>>>>>>>>>>>>>>>> mail}, >>>>>>>>>>>>>>>>>> controls={SimplePagedResultsControl(pageSize=100, >>>>>>>>>>>>>>>>>> isCritical=false)}) >>>>>>>>>>>>>>>>>> 2014-09-22 21:01:32,640 DEBUG >>>>>>>>>>>>>>>>>> [org.ovirt.engineextensions.aaa.ldap.Framework] >>>>>>>>>>>>>>>>>> (ajp--127.0.0.1-8702-4) >>>>>>>>>>>>>>>>>> SearchResult: SearchResult(resultCode=0 (success), >>>>>>>>>>>>>>>>>> messageID=3, >>>>>>>>>>>>>>>>>> entriesReturned=0, referencesReturned=0, >>>>>>>>>>>>>>>>>> responseControls={SimplePagedResultsControl(pageSize=0, >>>>>>>>>>>>>>>>>> isCritical=false)}) >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >From the above I see that a search was issued: >>>>>>>>>>>>>>>>>>> &(objectClass=uidObject)(uid=*)(uid=Fumihide) >>>>>>>>>>>>>>>>>> And no result returned. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Per previous output: >>>>>>>>>>>>>>>>>> --- >>>>>>>>>>>>>>>>>> # tani, Users, rxc05271.com >>>>>>>>>>>>>>>>>> dn: uid=tani,ou=Users,dc=rxc05271,dc=com >>>>>>>>>>>>>>>>>> objectClass: inetOrgPerson >>>>>>>>>>>>>>>>>> objectClass: uidObject >>>>>>>>>>>>>>>>>> uid: tani >>>>>>>>>>>>>>>>>> cn: Fumihide Tani >>>>>>>>>>>>>>>>>> givenName: Fumihide >>>>>>>>>>>>>>>>>> mail: tani(a)rxc05271.com >>>>>>>>>>>>>>>>>> sn: Tani >>>>>>>>>>>>>>>>>> userPassword:: a3VtaXRhbg== >>>>>>>>>>>>>>>>>> --- >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Your user name is tani and not Fumihide. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Alon >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>> >