hello i'm trying to use ad authentication in my ovirt setup
however i can't seem to get it to work.

i can browse the ad and select users & groups but logging in does not work

output of engine-manage-domains
engine-manage-domains -report -action=validate
Domain mydomain.com is valid.
The configured user for domain mydomain.com is sync@MYDOMAIN.COM
Manage Domains completed successfully

in the egine.log i see following info :
2013-11-05 09:53:45,088 ERROR [org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper] (ajp--127.0.0.1-8702-11) Error in running LDAP query. BaseDN is , filter is (cn=*). Exception message is: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''
2013-11-05 09:53:45,100 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp--127.0.0.1-8702-11) Failed ldap search server LDAP://srvdc06.mydomain.com:389 using user vzeebrod@MYDOMAIN.COM due to : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''. We should try the next server
2013-11-05 09:53:45,179 ERROR [org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper] (ajp--127.0.0.1-8702-11) Error in running LDAP query. BaseDN is , filter is (cn=*). Exception message is: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''
2013-11-05 09:53:45,189 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp--127.0.0.1-8702-11) Failed ldap search server LDAP://srvdc04.mydomain.com:389 using user vzeebrod@MYDOMAIN.COM due to : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''. We should try the next server
2013-11-05 09:53:45,253 ERROR [org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper] (ajp--127.0.0.1-8702-11) Error in running LDAP query. BaseDN is , filter is (cn=*). Exception message is: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''
2013-11-05 09:53:45,262 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp--127.0.0.1-8702-11) Failed ldap search server LDAP://srvdc05.mydomain.com:389 using user vzeebrod@MYDOMAIN.COM due to : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''. We should try the next server
2013-11-05 09:53:45,335 ERROR [org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper] (ajp--127.0.0.1-8702-11) Error in running LDAP query. BaseDN is , filter is (cn=*). Exception message is: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; remaining name ''
2013-11-05 09:53:45,353 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp--127.0.0.1-8702-11) Failed ldap search server LDAP://srvdc08.mydomain.com:389 using user vzeebrod@MYDOMAIN.COM due to : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; remaining name ''. We should try the next server
2013-11-05 09:53:45,433 ERROR [org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper] (ajp--127.0.0.1-8702-11) Error in running LDAP query. BaseDN is , filter is (cn=*). Exception message is: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; remaining name ''
2013-11-05 09:53:45,451 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp--127.0.0.1-8702-11) Failed ldap search server LDAP://srvdc07.mydomain.com:389 using user vzeebrod@MYDOMAIN.COM due to : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C09074B, comment: Error processing name, data 0, v23f0]; remaining name ''. We should try the next server
2013-11-05 09:53:45,523 ERROR [org.ovirt.engine.core.bll.adbroker.LDAPTemplateWrapper] (ajp--127.0.0.1-8702-11) Error in running LDAP query. BaseDN is , filter is (cn=*). Exception message is: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''
2013-11-05 09:53:45,540 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp--127.0.0.1-8702-11) Failed ldap search server LDAP://srvdc03.mydomain.com:389 using user vzeebrod@MYDOMAIN.COM due to : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; nested exception is javax.naming.InvalidNameException: : [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090715, comment: Error processing name, data 0, v1db1]; remaining name ''. We should try the next server
2013-11-05 09:53:45,987 WARN  [org.ovirt.engine.core.bll.LoginAdminUserCommand] (ajp--127.0.0.1-8702-11) CanDoAction of action LoginAdminUser failed. Reasons:USER_NOT_AUTHORIZED_TO_PERFORM_ACTION

when i try to get a kerberos ticket on the server i'm able to get a correct ticket