Re: [Users] ovirt kerberos/ldap

Please provide info also on the IPA server you are using (use rpm -qa for that) ----- Original Message ----- > From: "Yaniv Kaul" <ykaul(a)redhat.com&gt; > To: "Eduardo Ramos" <eduardo(a)freedominterface.org&gt; > Cc: users(a)ovirt.org > Sent: Thursday, February 21, 2013 11:14:41 AM > Subject: Re: [Users] ovirt kerberos/ldap > > ----- Original Message ----- >> Hi all! >> >> I'm trying to link a ldap/kerberos to my ovirt without success. I'm >> stuck with this: >> >> oVirt engine: >> >> # engine-manage-domains -action=add -domain=gsr.inpe.br >> -user=admin/admin -interactive -provider=IPA >> Enter password: >> >> Error: exception message: KDC has no support for encryption type >> (14) - >> BAD_ENCRYPTION_TYPE > Please snoop the connection between the engine and the IPA server. > Port 88, full packets ('-s 1500' on tcpdump), into file ('-w > /tmp/kerb.pcap' ). > Y. > >> Failure while testing domain gsr.inpe.br. Details: Kerberos error. >> Please check log for further details. >> >> kdc log: >> >> Feb 20 18:02:55 ldap krb5kdc[4314]: AS_REQ (1 etypes {23}) >> 150.163.73.78: BAD_ENCRYPTION_TYPE: admin/admin(a)GSR.INPE.BR for >> krbtgt/GSR.INPE.BR(a)GSR.INPE.BR, KDC has no support for encryption >> type >> >> Any sugestion? >> _______________________________________________ >> Users mailing list >> Users(a)ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> > _______________________________________________ > Users mailing list > Users(a)ovirt.org > http://lists.ovirt.org/mailman/listinfo/users >