Hi, I looked at the logs and you have serious DNS problems: 2014-09-24 07:32:24,984 ERROR [org.ovirt.engine.core.bll.adbroker.GetRootDSE] (DefaultQuartzScheduler_Worker-15) Failed to query rootDSE for LDAP server ldap://szypa.net:389 due to szypa.net:389 2014-09-24 07:32:24,984 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (DefaultQuartzScheduler_Worker-15) Failed ldap search server ldap://szypa.net:389 using user ovirt@SZYPA.NET due to javax.naming.CommunicationException: szypa.net:389 [Root exception is java.net.UnknownHostException: szypa.net]. We should try the next server You cannot authenticate your users, because LDAP server ldap://szypa.net:389 cannot be resolved. Are you able to resolve szypa.net on you engine host? ----- Original Message -----
From: "Grzegorz Szypa" <grzegorz.szypa@gmail.com> To: "Martin Perina" <mperina@redhat.com>, users@ovirt.org Sent: Wednesday, September 24, 2014 7:32:56 AM Subject: Re: [ovirt-users] [ovirt 3.4.3] No KDC can be obtained for domain... after using engine-manage-domains edit
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> SRV _kerberos._ tcp.szypa.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65248 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION: ;_kerberos._tcp.szypa.net. IN SRV
;; AUTHORITY SECTION: net. 890 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1411536712 1800 900 604800 86400
;; Query time: 28 msec ;; SERVER: 172.30.30.1#53(172.30.30.1) ;; WHEN: Wed Sep 24 07:32:23 2014 ;; MSG SIZE rcvd: 115
This looks like that szypa.net domain doesn't exist at all. Do you really have correct DNS configuration on engine host?
2014-09-24 7:06 GMT+02:00 Martin Perina <mperina@redhat.com>:
Hi,
the error message mean, that we cannot find any KDC servers in DNS. Could you please post results of the following command:
dig SRV _kerberos._tcp.szypa.net
Regarding the errors after oVirt restart, could you please post your engine.log?
Thanks
Martin Perina
----- Original Message -----
From: "Grzegorz Szypa" <grzegorz.szypa@gmail.com> To: fkobzik@redhat.com, users@ovirt.org Sent: Tuesday, September 23, 2014 3:41:02 PM Subject: [ovirt-users] [ovirt 3.4.3] No KDC can be obtained for domain... after using engine-manage-domains edit
Hi.
I have a problem with losting connetction to Windows Active Directory.
Normaly I connect ovirt with AD like this:
"engine-manage-domains add --domain= szypa.net --provider=ad --user=ovirt --add-permissions"
After period time, example when i restart ovirt, connection is lost becouse i cannot add new user created in AD, so i thinking that i refresh conf. connection to ad:
"engine-manage-domains edit --domain= szypa.net --provider=ad --user=ovirt --add-permissions"
and i get this error:
No KDC can be obtained for domain szypa.net
have any idea?
I read that this problem is resolved in previous ovirt version
-- G.Sz.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
-- G.Sz.