----- Original Message -----
> From: "Juan Jose" <jj197005@gmail.com>
> To: "Alon Bar-Lev" <alonbl@redhat.com>
> Cc: "Ondra Machacek" <omachace@redhat.com>, "Yair Zaslavsky" <yzaslavs@redhat.com>, users@ovirt.org
> Sent: Tuesday, December 2, 2014 3:48:54 PM
> Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue
>
> Hello Alon and everybody,
>
> I have installed package ovirt-engine-extension-aaa-ldap and configure my
> files as the documentation says. The files are:
>
> /etc/ovirt-engine/extensions.d/siee.local-authn.properties:
>
> ovirt.engine.extension.name = siee.local-authn
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.ldap
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.ldap.AuthnExtension
> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
> ovirt.engine.aaa.authn.profile.name = siee.local
> ovirt.engine.aaa.authn.authz.plugin = siee.local-authz
> config.profile.file.1 = aaa/siee.local.properties
please use absolute file name for 3.5.0 relative will be available in 3.5.1
>
> /etc/ovirt-engine/extensions.d/siee.local-authz.properties:
>
> ovirt.engine.extension.name = siee.local-authz
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.ldap
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.ldap.AuthzExtension
> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
> config.profile.file.1 = aaa/siee.local.properties
please use absolute file name for 3.5.0 relative will be available in 3.5.1
>
> /etc/ovirt-engine/extensions.d/aaa/siee.local.properties:
>
> include = <ad.properties>
>
> #
> # Active directory domain name.
> #
> vars.domain = siee.local
>
> #
> # Search user and its password.
> #
> vars.user = juanjo@${global:vars.domain}
> vars.password = xxxxxxxx
this should be dedicate user for search not your private user.
please attach full engine.log, more correctly, stop engine, remove engine.log start engine, try to login and send log.
>
> #
> # Optional DNS servers, if enterprise
> # DNS server cannot resolve the domain srvrecord.
> #
> #vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain}
>
> pool.default.serverset.type = srvrecord
> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> pool.default.auth.simple.bindDN = ${global:vars.user}
> pool.default.auth.simple.password = ${global:vars.password}
>
> # Uncomment if using custom DNS
> #pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
> = ${global:vars.dns}
> #pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
>
> # Create keystore, import certificate chain and uncomment
> # if using ssl/tls.
> #pool.default.ssl.startTLS = true
> #pool.default.ssl.truststore.file =
> ${local:_basedir}/${global:vars.domain}.jks
> #pool.default.ssl.truststore.password = changeit
>
> And after this configuration I restart ovirt-engine service. When I try to
> login in administrator portal I can see the error "The user name or
> password is incorrect.". In /var/log/ovirt-engine/engine.log I have the
> errors:
>
> 2014-12-02 14:02:21,983 ERROR
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-8) Correlation ID: null, Call Stack: null, Custom
> Event ID: -1, Message: User juanjo cannot login, please verify the username
> and password.
> 2014-12-02 14:02:21,991 ERROR
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-8) Correlation ID: null, Call Stack: null, Custom
> Event ID: -1, Message: User juanjo failed to log in.
>
> I'm using correct user and password becuase I can login in a Windows client
> machine which is inside siee.local domain with this user and its correct
> password.
>
> What do you think it could be the problem?
>
> If you need more information or I have to configure any other parameters,
> please tell me.
please make sure you select the "siee.local" domain in dropdown of login screen.
when I get the engine.log I will be able to understand who to progress.
thanks!
>
> Many thanks in advanced,
>
> Juanjo.
>
>
>
> On Wed, Nov 26, 2014 at 3:19 PM, Alon Bar-Lev <alonbl@redhat.com> wrote:
>
> >
> >
> > ----- Original Message -----
> > > From: "Juan Jose" <jj197005@gmail.com>
> > > To: "Alon Bar-Lev" <alonbl@redhat.com>
> > > Cc: "Ondra Machacek" <omachace@redhat.com>, "Yair Zaslavsky" <
> > yzaslavs@redhat.com>, users@ovirt.org
> > > Sent: Wednesday, November 26, 2014 3:04:14 PM
> > > Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue
> > >
> > > Hello Alon and everybody,
> > >
> > > Check in my ovirt-engine machine for ovirt-engine-aaa-ldap package and it
> > > is not available:
> > >
> > > yum list "ovirt-engine*"
> > > Loaded plugins: fastestmirror, refresh-packagekit, security, versionlock
> > > Loading mirror speeds from cached hostfile
> > > * base: ftp.udl.es
> > > * epel: mirror.uv.es
> > > * extras: ftp.udl.es
> > > * ovirt-3.5: ftp.nluug.nl
> > > * ovirt-3.5-epel: mirror.uv.es
> > > * ovirt-3.5-jpackage-6.0-generic: mirror.ibcp.fr
> > > * ovirt-epel: mirror.uv.es
> > > * ovirt-jpackage-6.0-generic: mirror.ibcp.fr
> > > * updates: ftp.udl.es
> > > Installed Packages
> > > ovirt-engine.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-backend.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-cli.noarch
> > > 3.3.0.6-1.el6 @ovirt-3.3.3
> > > ovirt-engine-dbscripts.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-extensions-api-impl.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-jboss-as.x86_64
> > > 7.1.1-1.el6 @ovirt-3.5
> > > ovirt-engine-lib.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-restapi.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-sdk-python.noarch
> > > 3.5.0.8-1.el6 @ovirt-3.5
> > > ovirt-engine-setup.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-base.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-plugin-ovirt-engine.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-plugin-ovirt-engine-common.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-plugin-websocket-proxy.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-tools.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-userportal.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-webadmin-portal.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-websocket-proxy.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > Available Packages
> > > ovirt-engine-cli.noarch
> > > 3.5.0.5-1.el6 ovirt-3.5
> > > ovirt-engine-dwh.noarch
> > > 3.5.0-1.el6 ovirt-3.5
> > > ovirt-engine-dwh-setup.noarch
> > > 3.5.0-1.el6 ovirt-3.5
> > > ovirt-engine-extensions-api-impl-javadoc.noarch
> > > 3.5.0.1-1.el6 ovirt-3.5
> > > ovirt-engine-reports.noarch
> > > 3.5.1-0.1.el6 ovirt-3.5
> > > ovirt-engine-reports-setup.noarch
> > > 3.5.1-0.1.el6 ovirt-3.5
> > > ovirt-engine-sdk-java.noarch
> > > 3.5.0.5-1.el6 ovirt-3.5
> > > ovirt-engine-sdk-java-javadoc.noarch
> > > 3.5.0.5-1.el6 ovirt-3.5
> > > ovirt-engine-setup-plugin-allinone.noarch
> > >
> > > How can I get this package?
> >
> >
> > Thanks for trying!
> >
> > Package is available at ovirt-3.5-snapshot[1].
> >
> > [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/
> >
>