[ovirt-users] Re: ldaps-config

Am using ldaps not starttls,  when i do dig able to resolve the,  not sure where exactly doing mistake.

Using 4.3 version. Thanks, Nagaraju On Thu, Feb 27, 2020, 9:22 PM Lucie Leistnerova <lleistne(a)redhat.com <mailto:lleistne@redhat.com>> wrote: Hi, I've checked again the options in the aaa tool. On 2/27/20 4:20 PM, Budur Nagaraju wrote: > can some one help me on the issue ? badly stuck on this have not > got any pointer on fix . > > An error occurred while attempting to query DNS in order to > retrieve SRV records with name '_ldaps._tcp.abc.net > <http://tcp.psecure.net>';: NameNotFoundException(DNS name not > found [response code 3]), ldapSDKVersion=4.0.7, > revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58 > It seems your DNS is not configured to resolve ldap servers. Please disable DNS and use direct fqdn/ip of the server or configure the DNS SRV record. From the documentation: Press *Enter* to accept the default and configure domain name resolution for your LDAP server name: |It is highly recommended to use DNS resolution for LDAP server. If for some reason you intend to use hosts or plain address disable DNS usage. Use DNS (Yes, No) [Yes]: ||| || || > Thanks, > Nagaraju > > > On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju <nbudoor(a)gmail.com > <mailto:nbudoor@gmail.com>> wrote: > > Hi Lucie, > > Can you please help me on this issue? am using ldaps for the > configuration. > > Thanks, > Nagaraju > > > On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju > <nbudoor(a)gmail.com <mailto:nbudoor@gmail.com>> wrote: > > Hi Lucie, > > Have tried the option but when trying to logon from the > browser getting the below error. > Any tweaks can be made ? > > > An error occurred while attempting to query DNS in order > to retrieve SRV records with name > '_ldaps._tcp.psecure.net <http://tcp.psecure.net>';: > NameNotFoundException(DNS name not found [response code > 3]), ldapSDKVersion=4.0.7, > revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58 > > Thanks, > Nagaraju > > > > On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova > <lleistne(a)redhat.com <mailto:lleistne@redhat.com>> wrote: > > Hi Budur, > > or just use the tool for it - Configuring an External > LDAP Provider > https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html > > Best regards, > > Lucie > > On 2/27/20 9:32 AM, Eduardo Mayoral wrote: >> >> Should be as simple as this: >> >> >> [root@ovirt-hc0 ~]# cat >> /etc/ovirt-engine/aaa//activedirectory/.properties >> include = <ad.properties> >> >> vars.domain = XXXXXX >> vars.user = YYYYYYYYYYY >> vars.password = ZZZZZZZZZ >> >> *pool.default.ssl.startTLS = true** >> **pool.default.ssl.startTLSProtocol = TLSv1.2* >> >> pool.default.auth.simple.bindDN = ${global:vars.user} >> pool.default.auth.simple.password = >> ${global:vars.password} >> pool.default.serverset.type = srvrecord >> pool.default.serverset.srvrecord.domain = >> ${global:vars.domain} >> >> >> >> Just remember to trust the certificate authority for >> the ldaps certificate in the ovirt engine server. >> >> https://stackoverflow.com/questions/37043442/how-to-add-certificate-autho... >> >> >> On 27/2/20 4:42, Budur Nagaraju wrote: >>> Hi >>> >>> Can someone help me in configuring ldaps in oVirt >>> Engine 4.x ? >>> >>> Thanks, >>> Nagaraju >>> >>> >>> _______________________________________________ >>> Users mailing list --users(a)ovirt.org <mailto:users@ovirt.org> >>> To unsubscribe send an email tousers-leave(a)ovirt.org <mailto:users-leave@ovirt.org> >>> Privacy Statement:https://www.ovirt.org/site/privacy-policy/ >>> oVirt Code of Conduct:https://www.ovirt.org/community/about/community-guidelines/ >>> List Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6... >> -- >> Eduardo Mayoral Jimeno >> Systems engineer, platform department. Arsys Internet. >> emayoral(a)arsys.es <mailto:emayoral@arsys.es> - +34 941 620 105 - ext 2153 >> >> _______________________________________________ >> Users mailing list --users(a)ovirt.org <mailto:users@ovirt.org> >> To unsubscribe send an email tousers-leave(a)ovirt.org <mailto:users-leave@ovirt.org> >> Privacy Statement:https://www.ovirt.org/site/privacy-policy/ >> oVirt Code of Conduct:https://www.ovirt.org/community/about/community-guidelines/ >> List Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/AD... > > -- > Lucie Leistnerova > Senior Quality Engineer, QE Cloud, RHVM > Red Hat EMEA > > IRC: lleistne @ #rhev-qe > -- Lucie Leistnerova Senior Quality Engineer, QE Cloud, RHVM Red Hat EMEA IRC: lleistne @ #rhev-qe