On 01/29/2015 12:30 PM, Koen Vanoppen wrote:
No, I don't. and I wouldn't know how he got to this name...
Well, then you have to, if you want to use 'pool.default.serverset.type
= srvrecord'.
It just need to know where your global catalog is running, since it's
needed for new provider.
It searches for global catalog like this:
dig @${vars.dns} -t SRV _gc._tcp.${vars.domain}
So you need to have this SRV record in DNS, if you want to use srvrecord
serverset type. Or you don't have to if you use single server type.
Thanks for the reply!
2015-01-29 11:53 GMT+01:00 Ondra Machacek <omachace(a)redhat.com
<mailto:omachace@redhat.com>>:
On 01/29/2015 11:41 AM, Koen Vanoppen wrote:
Can somebody help me setting up AAA for ovirt 3.5.1?
I'm getting this now:
2015-01-29 11:35:36,889 WARN
[org.ovirt.engineextensions.__aaa.ldap.AuthzExtension] (MSC
service thread
1-1) [ovirt-engine-extension-aaa-__ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV
records
with name '_gc._tcp.brussels.airport':
javax.naming.__NameNotFoundException: DNS name not found
[response code
3]; remaining name '_gc._tcp.brussels.airport'
Do you have this '_gc._tcp.brussels.airport' SRV record in DNS ?
my 3 configs:
_*BRU_AIR-authn.properties*_
ovirt.engine.extension.name <
http://ovirt.engine.extension.name>
<
http://ovirt.engine.__extension.name
<
http://ovirt.engine.extension.name>> =
BRU_AIR-authn
ovirt.engine.extension.__bindings.method = jbossmodule
ovirt.engine.extension.__binding.jbossmodule.module =
org.ovirt.engine-extensions.__aaa.ldap
ovirt.engine.extension.__binding.jbossmodule.class =
org.ovirt.engineextensions.__aaa.ldap.AuthnExtension
ovirt.engine.extension.__provides =
org.ovirt.engine.api.__extensions.aaa.Authn
ovirt.engine.aaa.authn.__profile.name
<
http://ovirt.engine.aaa.authn.profile.name>
<
http://ovirt.engine.aaa.__authn.profile.name
<
http://ovirt.engine.aaa.authn.profile.name>> = BRU-AIR
ovirt.engine.aaa.authn.authz.__plugin = BRU_AIR-authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.__properties
_*BRU_AIR-authz.properties*_
ovirt.engine.extension.name <
http://ovirt.engine.extension.name>
<
http://ovirt.engine.__extension.name
<
http://ovirt.engine.extension.name>> =
BRU_AIR-authz
ovirt.engine.extension.__bindings.method = jbossmodule
ovirt.engine.extension.__binding.jbossmodule.module =
org.ovirt.engine-extensions.__aaa.ldap
ovirt.engine.extension.__binding.jbossmodule.class =
org.ovirt.engineextensions.__aaa.ldap.AuthzExtension
ovirt.engine.extension.__provides =
org.ovirt.engine.api.__extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.__properties
_*BRU_AIR.properties*_
include = <ad.properties>
#
# Active directory domain name.
#
vars.domain =
mydomain.com <
http://mydomain.com>
<
http://mydomain.com>
#
# Search user and its password.
#
vars.user = admin@${global:vars.domain}
vars.password = ***********
#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
vars.dns =
dns://dc01.mydomain.com <
http://dc01.mydomain.com>
<
http://dc01.mydomain.com>
pool.default.serverset.type = srvrecord
pool.default.serverset.__srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.__bindDN = ${global:vars.user}
pool.default.auth.simple.__password = ${global:vars.password
In the GUI for adding user I get this:
An error occurred while attempting to query DNS in order to
retrieve SRV
records with name '_gc__tcp_brussels_airport':
javax_naming___NameNotFoundException: DNS name not found
[response code
3]; remaining name '_gc__tcp_brussels_airport'
Any ideas? I ran out...
Kind regards,
Koen
_________________________________________________
Users mailing list
Users(a)ovirt.org <mailto:Users@ovirt.org>
http://lists.ovirt.org/__mailman/listinfo/users
<
http://lists.ovirt.org/mailman/listinfo/users>