Thk Roy,it did help me ! when i update my database then engine-manage-domain goes fine!
I really prefer to attach the log ,but there has no such file
/var/log/ovirt-engine/ovirt-engine-upgrade.log
[root@ovirt-engine ~]# ls -ld /var/log/ovirt-engine/ovirt-engine-upgrade.log
ls: cannot access /var/log/ovirt-engine/ovirt-engine-upgrade.log: No such file or
directory
[root@ovirt-engine ~]# find /var/log/ -iname "*upgrade*"
nothing..
Anything else can i help?
On 22 May, 2012, at 3:04 PM, Roy Golan wrote:
On 05/22/2012 08:34 AM, Oved Ourfalli wrote:
>
> ----- Original Message -----
>> From: "T-Sinjon"<tscbj1989(a)gmail.com>
>> To: "Roy Golan"<rgolan(a)redhat.com>
>> Cc: "Oved Ourfalli"<ovedo(a)redhat.com>, users(a)ovirt.org
>> Sent: Tuesday, May 22, 2012 5:33:06 AM
>> Subject: Re: [Users] engine-manage-domains can't add user , domain
>>
>> HI, Roy
>>
>> I have update my engine to newest use ' rpm -Uvh ' -
>>
>> I used rpms from
>>
http://jenkins.ovirt.org/view/ovirt_engine/job/ovirt_engine_create_rpms/
>> .
>>
>> [root@ovirt-engine ~]# rpm -qa | grep ovirt-engine
>> ovirt-engine-dbscripts-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-config-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-log-collector-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-image-uploader-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-restapi-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-sdk-1.3-1.fc16.noarch
>> ovirt-engine-tools-common-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-backend-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-jbossas-1.2-2.fc16.x86_64
>> ovirt-engine-iso-uploader-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-setup-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-userportal-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-jboss-deps-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-webadmin-portal-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-genericapi-3.1.0_0001-1.8.fc16.x86_64
>> ovirt-engine-notification-service-3.1.0_0001-1.8.fc16.x86_64
>>
>> and now I add domain again , it still have error and there's no log
>> can find from engine-manage-domains.log, what should i do now ?
>>
>> [root@ovirt-engine ~]# engine-manage-domains -action=add
>> -domain=local -user=admin -provider=IPA -interactive
>> Failed reading current configuration. Details: Error "Error fetching
>> LDAPProviderTypes value: no such entry with version 'general'."
>> while reading configuration value LDAPProviderTypes.
>>
> Looks like your database isn't updated.
> I'm not sure whether a database upgrade is run automatically when you update the
RPMs, but according to the error you get it is probably isn't.
if rpm -Uvh didn't fire the upgrade script its a bug.
pls attach /var/log/ovirt-engine/ovirt-engine-upgrade.log to see if something went wrong
> In the RPM ovirt-engine-dbscripts-3.1.0_0001-1.8.fc16.x86_64 you should have an
upgrade script.
> (use rpm -qil on ovirt-engine-dbscripts-3.1.0_0001-1.8.fc16.x86_64 to find out where
it is, as I'm not sure exactly where it's installed).
>
> Run it using the command" ./upgrade.sh -u postgres
> It will upgrade your database.
>
> Oved
>> On 15 May, 2012, at 5:10 PM, Roy Golan wrote:
>>
>>> On 05/15/2012 08:48 AM, Yair Zaslavsky wrote:
>>>> On 05/15/2012 08:35 AM, Oved Ourfalli wrote:
>>>>> ----- Original Message -----
>>>>>> From: "T-Sinjon"<tscbj1989(a)gmail.com>
>>>>>> To: "Oved Ourfalli"<ovedo(a)redhat.com>
>>>>>> Cc: users(a)ovirt.org
>>>>>> Sent: Tuesday, May 15, 2012 5:53:16 AM
>>>>>> Subject: Re: [Users] engine-manage-domains can't add user ,
>>>>>> domain
>>>>>>
>>>>>> after use kinit login tsinjon , the error changes to , why this
>>>>>> happened?
>>>>>>
>>>>>> [root@ovirt-engine ~]# engine-manage-domains -action=add
>>>>>> -domain='local' -user='tsinjon' -interactive
>>>>>> Enter password:
>>>>>>
>>>>>> No user in Directory was found for tsinjon@LOCAL. Trying next
>>>>>> LDAP
>>>>>> server in list
>>>>>> Failure while testing domain local. Details: No user information
>>>>>> was
>>>>>> found for user
>>>>>>
>>>>> Can't see why kinit matters here, but looking at your command I
>>>>> noticed you used single quotes for the user and domain name.
>>>>> I'm not sure it knows to handle this correctly.
>>>>> Did you try without the quotes?
>>>>>
>>>>> Also, what version are you working with?
>>>>> We had a problem a few weeks ago, of identifying the correct ldap
>>>>> provider. To fix that we added an option to specify the ldap
>>>>> provider type. It determines which query will be used in order
>>>>> to get the user details.
>>>>>
>>>>> cc-ing Roy, which added this. iirc it is mandatory to provide
>>>>> this option, so you probably don't have this option in your
>>>>> environment.
>>>>> Roy - is there an upstream release with this fix?
>>>> Oved - this was merged upstream.
>>>> T-Sinjon - have you cloned the git repo and compiled or are you
>>>> using RPMs?
>>> T-Sinjon - once your updated you'll be able to specify the which
>>> type is your LDAP server and overcome this problem.
>>>
>>> e.g.
>>> engine-manage-domains -action=add -domain='local' -provider=ipa
>>> -user='tsinjon' -interactive
>>>
>>>
>>>>
>>>>> Regards,
>>>>> Oved
>>>>>> On 15 May, 2012, at 10:47 AM, T-Sinjon wrote:
>>>>>>
>>>>>>> I have added those SRV info into my zone file , and it did go
,
>>>>>>> the log looks fine , but engine-manage-domains still return
>>>>>>> error
>>>>>>>
>>>>>>> 2012-05-15 10:45:19,222 INFO
>>>>>>> [org.ovirt.engine.core.utils.kerberos.ManageDomains]
Creating
>>>>>>> kerberos configuration for domain(s): local
>>>>>>> 2012-05-15 10:45:19,258 INFO
>>>>>>> [org.ovirt.engine.core.utils.kerberos.ManageDomains]
>>>>>>> Successfully
>>>>>>> created kerberos configuration for domain(s): local
>>>>>>> 2012-05-15 10:45:19,259 INFO
>>>>>>> [org.ovirt.engine.core.utils.kerberos.ManageDomains]
Testing
>>>>>>> kerberos configuration for domain: local
>>>>>>>
>>>>>>> [root@ovirt-engine ~]# engine-manage-domains -action=add
>>>>>>> -domain='local' -user='tsinjon' -interactive
>>>>>>> Enter password:
>>>>>>>
>>>>>>> Error: exception message: Integrity check on decrypted
field
>>>>>>> failed (31) - PREAUTH_FAILED
>>>>>>> Failure while testing domain local. Details: Kerberos error.
>>>>>>> Please
>>>>>>> check log for further details.
>>>>>>>
>>>>>>>
>>>>>>> On 14 May, 2012, at 10:12 PM, Oved Ourfalli wrote:
>>>>>>>
>>>>>>>> ----- Original Message -----
>>>>>>>>> From:
"T-Sinjon"<tscbj1989(a)gmail.com>
>>>>>>>>> To: users(a)ovirt.org
>>>>>>>>> Sent: Monday, May 14, 2012 5:07:46 PM
>>>>>>>>> Subject: [Users] engine-manage-domains can't add
user ,
>>>>>>>>> domain
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I use FreeIPA to authenticate users, ipa user-add
has no
>>>>>>>>> problem,
>>>>>>>>> but when i do :
>>>>>>>>>
>>>>>>>>> [root@ovirt-engine ~]# engine-manage-domains
-action=add
>>>>>>>>> -domain='local' -user='tsinjon'
-interactive
>>>>>>>>>
>>>>>>>>> Error: Authentication Failed. Please verify the
fully
>>>>>>>>> qualified
>>>>>>>>> domain name that is used for authentication is
correct..
>>>>>>>>> Problematic
>>>>>>>>> domain is: local
>>>>>>>>> Failure while applying Kerberos configuration.
Details:
>>>>>>>>> Authentication Failed. Please verify the fully
qualified
>>>>>>>>> domain
>>>>>>>>> name
>>>>>>>>> that is used for authentication is correct.
>>>>>>>>>
>>>>>>>>> and log from engine-manage-domains.log :
>>>>>>>>>
>>>>>>>>> 2012-05-14 21:58:47,892 INFO
>>>>>>>>> [org.ovirt.engine.core.utils.kerberos.ManageDomains]
Creating
>>>>>>>>> kerberos configuration for domain(s): local
>>>>>>>>> 2012-05-14 21:58:47,923 ERROR
>>>>>>>>> [org.ovirt.engine.core.dns.DnsSRVLocator] Error in
getting
>>>>>>>>> SRV
>>>>>>>>> list
>>>>>>>>> for protocol _tcp and domain LOCAL Exception message
is DNS
>>>>>>>>> name
>>>>>>>>> not
>>>>>>>>> found [response code 3]
>>>>>>>>>
>>>>>>>>> my domain is 'local' , like
ovirt-engine.local
>>>>>>>>> 、ovirt-node-1.local
>>>>>>>>> …etc
>>>>>>>>>
>>>>>>>>> What can i do to get through it?
>>>>>>>>>
>>>>>>>> The utility (and also the ovirt engine) are relying on
DNS SRV
>>>>>>>> records in order to find LDAP and kerberos servers
(supporting
>>>>>>>> Active directory, IPA or RHDS).
>>>>>>>> So, in order to work with it you must have the following
in
>>>>>>>> the
>>>>>>>> DNS
>>>>>>>> 1. PTR record for your LDAP server
>>>>>>>> 2. LDAP SRV record for your LDAP server
>>>>>>>> 3. LDAP kerberos record for your LDAP server
>>>>>>>>
>>>>>>>> If you don't really have access to the DNS you can
install a
>>>>>>>> package called "dnsmasq", and perform this
changes by yourself
>>>>>>>> in
>>>>>>>> its config file.
>>>>>>>>
>>>>>>>> Oved
>>>>>>>>> _______________________________________________
>>>>>>>>> Users mailing list
>>>>>>>>> Users(a)ovirt.org
>>>>>>>>>
http://lists.ovirt.org/mailman/listinfo/users
>>>>>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> Users(a)ovirt.org
>>>>>
http://lists.ovirt.org/mailman/listinfo/users
>> _______________________________________________
>> Users mailing list
>> Users(a)ovirt.org
>>
http://lists.ovirt.org/mailman/listinfo/users
>>