Hi, I've checked again the options in the aaa tool.

On 2/27/20 4:20 PM, Budur Nagaraju wrote:
can some one help me on the issue ? badly stuck on this have not got any pointer on fix .

An error occurred while attempting to query DNS in order to retrieve SRV records with name '_ldaps._tcp.abc.net': NameNotFoundException(DNS name not found [response code 3]), ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58

It seems your DNS is not configured to resolve ldap servers. Please disable DNS and use direct fqdn/ip of the server or configure the DNS SRV record.

From the documentation:
Press Enter to accept the default and configure domain name resolution for your LDAP server name: 
 It is highly recommended to use DNS resolution for LDAP server.
 If for some reason you intend to use hosts or plain address disable DNS usage.
 Use DNS (Yes, No) [Yes]:

Thanks,
Nagaraju

On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju <nbudoor@gmail.com> wrote:
Hi Lucie,

Can you please help me on this issue? am using ldaps for the configuration.

Thanks,
Nagaraju


On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju <nbudoor@gmail.com> wrote:
Hi Lucie,

Have tried the option but when trying to logon from the browser getting the below error.
Any tweaks can be made ?


An error occurred while attempting to query DNS in order to retrieve SRV records with name '_ldaps._tcp.psecure.net': NameNotFoundException(DNS name not found [response code 3]), ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58

Thanks,
Nagaraju



On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova <lleistne@redhat.com> wrote:

Hi Budur,

or just use the tool for it - Configuring an External LDAP Provider
https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html

Best regards,

Lucie

On 2/27/20 9:32 AM, Eduardo Mayoral wrote:

Should be as simple as this:


[root@ovirt-hc0 ~]# cat /etc/ovirt-engine/aaa/activedirectory.properties
include = <ad.properties>

vars.domain = XXXXXX
vars.user = YYYYYYYYYYY
vars.password = ZZZZZZZZZ

pool.default.ssl.startTLS = true
pool.default.ssl.startTLSProtocol = TLSv1.2

pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}



Just remember to trust the certificate authority for the ldaps certificate in the ovirt engine server.

https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7


On 27/2/20 4:42, Budur Nagaraju wrote:
Hi

Can someone help me in configuring ldaps in oVirt Engine 4.x ?

Thanks,
Nagaraju


_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/

-- 
Eduardo Mayoral Jimeno
Systems engineer, platform department. Arsys Internet.
emayoral@arsys.es - +34 941 620 105 - ext 2153

_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/

-- 
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA

IRC: lleistne @ #rhev-qe

-- 
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA

IRC: lleistne @ #rhev-qe