On Wed, Dec 10, 2014 at 7:16 PM, Alon Bar-Lev <alonbl@redhat.com> wrote:

probably I some startup error at engine.log, can you please send me engine.log so I can see what's wrong?

> BTW: I tried my IPA lookup just for trying.... and I'm able to find all the
> users and also new users defined after migration to the new c7server.... ???
> https://drive.google.com/file/d/0BwoPbcrMv8mvbks2cmlhSmJjdnc/view?usp=sharing

ok. done.

Here it is

https://drive.google.com/file/d/0BwoPbcrMv8mvQWZ0R3lwX2RXTEU/view?usp=sharing

so legacy is working now, right?

>
> Gianluca
>

Yes, I can browse the IPA users and I can also login again with an IPA user with the same permissions he had before, connected with "localdomain.local" profile that is the legacy one

This afternoon when I posted the first question of this thread it didn't worked.

I don't know if oVirt makes a sort of broadcast related to the domain and so can find now the new IPA server transparently or the engine-config commands produced anything despite the errors they gave....

In relation with the ldap instance see this in engine.log just after engine last start after adding the aaa extension

2014-12-10 19:03:16,591 ERROR [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread 1-1)

[ovirt-engine-extension-aaa-ldap.authz::ldap1-authz] Cannot initialize LDAP framework, deferring initializ

ation. Error: no such object

2014-12-10 19:03:16,592 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Extension 'ldap1-authz' initialized

2014-12-10 19:03:16,596 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Initializing extension 'internal'

2014-12-10 19:03:16,598 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Extension 'internal' initialized

2014-12-10 19:03:16,598 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Initializing extension 'localdomain.local'

2014-12-10 19:03:16,599 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Extension 'localdomain.local' initialized

2014-12-10 19:03:16,599 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Start of enabled extensions list

2014-12-10 19:03:16,599 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Instance name: 'builtin-authn-localdomain.local', Extension name: 'Kerberos/Ldap Authn (Built-in)', Ve

rsion: 'N/A', Notes: '', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Buil

d interface Version: '0', File: 'N/A', Initialized: 'true'

2014-12-10 19:03:16,603 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread

1-1) Instance name: 'ldap1-authn', Extension name: 'ovirt-engine-extension-aaa-ldap.authn', Version: '1.0.0

', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.0.0-1.el6', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: '/etc/ovirt-engine/extensions.d/domain1-authn.properties', Initialized: 'true'

2014-12-10 19:03:16,604 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'builtin-authn-internal', Extension name: 'Internal Authn (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: 'N/A', Initialized: 'true'

2014-12-10 19:03:16,604 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'ldap1-authz', Extension name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.0.0', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.0.0-1.el6', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: '/etc/ovirt-engine/extensions.d/domain1-authz.properties', Initialized: 'true'

2014-12-10 19:03:16,605 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'internal', Extension name: 'Internal Authz (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: 'N/A', Initialized: 'true'

2014-12-10 19:03:16,606 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) Instance name: 'localdomain.local', Extension name: 'Kerberos/Ldap Authz (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: 'N/A', Initialized: 'true'

2014-12-10 19:03:16,609 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-1) End of enabled extensions list

and then no other ERROR messages, but you can check the whole log.

Gianluca