On 2/27/20 5:04 PM, Budur Nagaraju wrote:
Am using ldaps not starttls, when i do dig able to resolve the, not sure where exactly doing mistake.
I don't understand. So what dig command of the SRV did you use and what it returns? And why you have in one error _ldaps._tcp.psecure.net <http://tcp.psecure.net> and another _ldaps._tcp.abc.net <http://tcp.psecure.net>? Please, also send the settings from /etc/ovirt-engine/aaa/ and engine log.
Using 4.3 version.
Thanks, Nagaraju
On Thu, Feb 27, 2020, 9:22 PM Lucie Leistnerova <lleistne@redhat.com <mailto:lleistne@redhat.com>> wrote:
Hi, I've checked again the options in the aaa tool.
On 2/27/20 4:20 PM, Budur Nagaraju wrote:
can some one help me on the issue ? badly stuck on this have not got any pointer on fix .
An error occurred while attempting to query DNS in order to retrieve SRV records with name '_ldaps._tcp.abc.net <http://tcp.psecure.net>': NameNotFoundException(DNS name not found [response code 3]), ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58
It seems your DNS is not configured to resolve ldap servers. Please disable DNS and use direct fqdn/ip of the server or configure the DNS SRV record.
From the documentation: Press *Enter* to accept the default and configure domain name resolution for your LDAP server name:
|It is highly recommended to use DNS resolution for LDAP server. If for some reason you intend to use hosts or plain address disable DNS usage. Use DNS (Yes, No) [Yes]: |||
||
||
Thanks, Nagaraju
On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju <nbudoor@gmail.com <mailto:nbudoor@gmail.com>> wrote:
Hi Lucie,
Can you please help me on this issue? am using ldaps for the configuration.
Thanks, Nagaraju
On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju <nbudoor@gmail.com <mailto:nbudoor@gmail.com>> wrote:
Hi Lucie,
Have tried the option but when trying to logon from the browser getting the below error. Any tweaks can be made ?
An error occurred while attempting to query DNS in order to retrieve SRV records with name '_ldaps._tcp.psecure.net <http://tcp.psecure.net>': NameNotFoundException(DNS name not found [response code 3]), ldapSDKVersion=4.0.7, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58
Thanks, Nagaraju
On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova <lleistne@redhat.com <mailto:lleistne@redhat.com>> wrote:
Hi Budur,
or just use the tool for it - Configuring an External LDAP Provider https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html
Best regards,
Lucie
On 2/27/20 9:32 AM, Eduardo Mayoral wrote:
Should be as simple as this:
[root@ovirt-hc0 ~]# cat /etc/ovirt-engine/aaa//activedirectory/.properties include = <ad.properties>
vars.domain = XXXXXX vars.user = YYYYYYYYYYY vars.password = ZZZZZZZZZ
*pool.default.ssl.startTLS = true** **pool.default.ssl.startTLSProtocol = TLSv1.2*
pool.default.auth.simple.bindDN = ${global:vars.user} pool.default.auth.simple.password = ${global:vars.password} pool.default.serverset.type = srvrecord pool.default.serverset.srvrecord.domain = ${global:vars.domain}
Just remember to trust the certificate authority for the ldaps certificate in the ovirt engine server.
https://stackoverflow.com/questions/37043442/how-to-add-certificate-authorit...
On 27/2/20 4:42, Budur Nagaraju wrote:
Hi
Can someone help me in configuring ldaps in oVirt Engine 4.x ?
Thanks, Nagaraju
_______________________________________________ Users mailing list --users@ovirt.org <mailto:users@ovirt.org> To unsubscribe send an email tousers-leave@ovirt.org <mailto:users-leave@ovirt.org> Privacy Statement:https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct:https://www.ovirt.org/community/about/community-guidelines/ List Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/P6QHPSFZLOZ6EZ...
-- Eduardo Mayoral Jimeno Systems engineer, platform department. Arsys Internet. emayoral@arsys.es <mailto:emayoral@arsys.es> - +34 941 620 105 - ext 2153
_______________________________________________ Users mailing list --users@ovirt.org <mailto:users@ovirt.org> To unsubscribe send an email tousers-leave@ovirt.org <mailto:users-leave@ovirt.org> Privacy Statement:https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct:https://www.ovirt.org/community/about/community-guidelines/ List Archives:https://lists.ovirt.org/archives/list/users@ovirt.org/message/ADWCGNS353CUN3...
-- Lucie Leistnerova Senior Quality Engineer, QE Cloud, RHVM Red Hat EMEA
IRC: lleistne @ #rhev-qe
-- Lucie Leistnerova Senior Quality Engineer, QE Cloud, RHVM Red Hat EMEA
IRC: lleistne @ #rhev-qe
-- Lucie Leistnerova Senior Quality Engineer, QE Cloud, RHVM Red Hat EMEA IRC: lleistne @ #rhev-qe