Re: [ovirt-users] Adding domain to oVirt to 3.5 issue

----- Original Message -----

From: "Juan Jose" <jj197005@gmail.com> To: "Ondra Machacek" <omachace@redhat.com>, "Yair Zaslavsky" <yzaslavs@redhat.com>, alonbl@redhat.com, users@ovirt.org Sent: Tuesday, November 25, 2014 6:09:18 PM Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue

Hello again,

Yes the password is correct, I can login in a Windows machine to my domain siee.local with the user Juanjo. Moreover I have chanbged this user password to simpler one and the result is the same.

I have logged in administration portal with internal admin user and I try to navigate through the domain to find user to assign some user in a VM but nothing is showed as you can see in the attached screen image and any error is faced in administration portal, but the /var/log/ovirt-engine/engine.log show this:

2014-11-25 17:02:05,355 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy] (ajp--127.0.0.1-8702-5) Kerberos error: Pre-authentication information was invalid (24) 2014-11-25 17:02:05,356 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy] (ajp--127.0.0.1-8702-5) Authentication Failed. Please verify the username and password. 2014-11-25 17:02:05,357 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.DirectorySearcher] (ajp--127.0.0.1-8702-5) Failed ldap search server ldap://adserver.siee.local:389 using user juanjo@SIEE.LOCAL due to Authentication Failed. Please verify the username and password.. We should not try the next server 2014-11-25 17:02:05,359 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.LdapBrokerCommandBase] (ajp--127.0.0.1-8702-5) Failed to run command LdapSearchUserByQueryCommand. Domain is siee.local. User is juanjo@SIEE.LOCAL. 2014-11-25 17:02:05,402 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy] (ajp--127.0.0.1-8702-5) Kerberos error: Pre-authentication information was invalid (24) 2014-11-25 17:02:05,404 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy] (ajp--127.0.0.1-8702-5) Authentication Failed. Please verify the username and password. 2014-11-25 17:02:05,406 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.DirectorySearcher] (ajp--127.0.0.1-8702-5) Failed ldap search server ldap://adserver.siee.local:389 using user juanjo@SIEE.LOCAL due to Authentication Failed. Please verify the username and password.. We should not try the next server 2014-11-25 17:02:05,408 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.LdapBrokerCommandBase] (ajp--127.0.0.1-8702-5) Failed to run command LdapSearchGroupsByQueryCommand. Domain is siee.local. User is juanjo@SIEE.LOCAL.

every time I click "Go" button. Moreover I haven't changed anything from my Samba4 AD and it is working handling my siee.local domain. This error is showed since oVirt 3.5 upgrade.

Many thanks in advance,

Juanjo.

As Alon suggested, you can try the next provider for 3.5 However, until you do so, can you use kinit in order to perform kerberos authentication with the problematic user? Cheers, Yair

On Tue, Nov 25, 2014 at 2:29 PM, Ondra Machacek <omachace@redhat.com> wrote:

...

Also, can you please try to search within this domain, not only login to it? Does it fail or works good?

(in webadmin go to users tab and click add, select your domain and search for users).

...

From: "Alon Bar-Lev" <alonbl@redhat.com> To: "Juan Jose" <jj197005@gmail.com> Cc: "Ondra Machacek" <omachace@redhat.com>, "Yair Zaslavsky" < yzaslavs@redhat.com>, users@ovirt.org Sent: Tuesday, November 25, 2014 1:49:20 PM Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue

2014-11-25 12:54:10,687 ERROR [org.ovirt.engine.extensions.aaa.builtin.kerberosldap.DirectorySearcher] (ajp--127.0.0.1-8702-5) Failed ldap search server ldap://adserver.siee.local:389 using user juanjo@SIEE.LOCAL due to Authentication Failed. Please verify the username and password.. We should not try the next server

----- Original Message -----

...

From: "Juan Jose" <jj197005@gmail.com> To: "Ondra Machacek" <omachace@redhat.com>, alonbl@redhat.com, "Yair Zaslavsky" <yzaslavs@redhat.com>, users@ovirt.org Sent: Tuesday, November 25, 2014 2:29:26 PM Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue

Hello Ondra and everybody,

It works with my other user:

engine-manage-domains add --domain=siee.local --provider=ad --user=juanjo --add-permissions Enter password: Successfully added domain siee.local. oVirt Engine restart is required in order for the changes to take place (service ovirt-engine restart). Manage Domains completed successfully

But after restarted ovirt-engine if I try to loging with "juanjo" in

...

...

administrator portal and I receive the error "General command validation failure", as you can see in the attached image.

I'm showing below the engine.log lines with the error:

2014-11-25 12:54:10,680 ERROR

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy]

...

(ajp--127.0.0.1-8702-5) Kerberos error: Pre-authentication information was invalid (24) 2014-11-25 12:54:10,681 ERROR

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy]

...

(ajp--127.0.0.1-8702-5) Authentication Failed. Please verify the username and password. 2014-11-25 12:54:10,687 ERROR

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.DirectorySearcher]

...

(ajp--127.0.0.1-8702-5) Failed ldap search server ldap://adserver.siee.local:389 using user juanjo@SIEE.LOCAL due to Authentication Failed. Please verify the username and password.. We should not try the next server 2014-11-25 12:54:10,688 ERROR

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.LdapBrokerCommandBase]

...

(ajp--127.0.0.1-8702-5) Failed to run command LdapGetAdUserByUserNameCommand. Domain is siee.local. User is juanjo@SIEE.LOCAL. 2014-11-25 12:54:10,689 ERROR [org.ovirt.engine.core.bll.aaa.LoginAdminUserCommand] (ajp--127.0.0.1-8702-5) Error during CanDoActionFailure.: Class: class

org.ovirt.engine.core.extensions.mgr.ExtensionInvokeCommandFailedException

...

Input: {Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class

org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class

...

java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,

...

Extkey[name=EXTENSION_LICENSE;type=class

java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL

...

2.0, Extkey[name=EXTENSION_HOME_URL;type=class

java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=

...

http://www.ovirt.org, Extkey[name=EXTENSION_LOCALE;type=class

java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,

...

Extkey[name=EXTENSION_NAME;type=class

java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=Kerberos/Ldap

...

Authz (Built-in), Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class

java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,

...

Extkey[name=EXTENSION_CONFIGURATION;type=class

java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,

...

Extkey[name=EXTENSION_AUTHOR;type=class

java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The

...

oVirt Project, Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class

java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=100,

...

Extkey[name=EXTENSION_INSTANCE_NAME;type=class

java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=siee.local,

...

Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class

java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,

...

Extkey[name=AAA_AUTHZ_CAPABILITIES;type=class

java.lang.Long;uuid=AAA_AUTHZ_CAPABILITIES[6106d1fb-9291-4351-a947-b897b9540a23];]=1,

...

Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface

java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],

...

Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class

org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,

...

Extkey[name=EXTENSION_VERSION;type=class

java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=N/A,

...

Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface

java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[*],

...

Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface

org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.Kerberos/Ldap

...

Authz (Built-in).siee.local), Extkey[name=EXTENSION_PROVIDES;type=interface

java.util.Collection;uuid=EXTENSION_PROVIDES[8cf373a6-65b5-4594-b828-0e275087de91];]=[org.ovirt.engine.api.extensions.aaa.Authz]},

...

Extkey[name=AAA_AUTHZ_QUERY_FLAGS;type=class

java.lang.Integer;uuid=AAA_AUTHZ_QUERY_FLAGS[97d226e9-8d87-49a0-9a7f-af689320907b];]=3,

...

Extkey[name=EXTENSION_INVOKE_COMMAND;type=class

org.ovirt.engine.api.extensions.ExtUUID;uuid=EXTENSION_INVOKE_COMMAND[485778ab-bede-4f1a-b823-77b262a2f28d];]=AAA_AUTHZ_FETCH_PRINCIPAL_RECORD[5a5bf9bb-9336-4376-a823-26efe1ba26df],

...

Extkey[name=AAA_AUTHN_AUTH_RECORD;type=class

org.ovirt.engine.api.extensions.ExtMap;uuid=AAA_AUTHN_AUTH_RECORD[e9462168-b53b-44ac-9af5-f25e1697173e];]={Extkey[name=AAA_AUTHN_AUTH_RECORD_PRINCIPAL;type=class

...

java.lang.String;uuid=AAA_AUTHN_AUTH_RECORD_PRINCIPAL[c3498f07-11fe-464c-958c-8bd7490b119a];]=juanjo}}

...

Output: {Extkey[name=EXTENSION_INVOKE_RESULT;type=class

java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=2,

...

Extkey[name=AAA_AUTHZ_STATUS;type=class

java.lang.Integer;uuid=AAA_AUTHZ_STATUS[566f0ba5-8329-4de1-952a-7a81e4bedd3e];]=1}

...

at

org.ovirt.engine.core.extensions.mgr.ExtensionProxy.invoke(ExtensionProxy.java:91)

...

[extensions-manager.jar:] at

org.ovirt.engine.core.extensions.mgr.ExtensionProxy.invoke(ExtensionProxy.java:109)

...

[extensions-manager.jar:] at

org.ovirt.engine.core.aaa.AuthzUtils.fetchPrincipalRecordImpl(AuthzUtils.java:51)

...

[aaa.jar:] at

org.ovirt.engine.core.aaa.AuthzUtils.fetchPrincipalRecord(AuthzUtils.java:42)

...

[aaa.jar:] at

org.ovirt.engine.core.bll.aaa.LoginBaseCommand.isUserCanBeAuthenticated(LoginBaseCommand.java:234)

...

[bll.jar:] at

org.ovirt.engine.core.bll.aaa.LoginAdminUserCommand.canDoAction(LoginAdminUserCommand.java:15)

...

[bll.jar:] at

org.ovirt.engine.core.bll.CommandBase.internalCanDoAction(CommandBase.java:744)

...

[bll.jar:] at

org.ovirt.engine.core.bll.CommandBase.executeAction(CommandBase.java:338)

...

[bll.jar:] at org.ovirt.engine.core.bll.Backend.login(Backend.java:575) [bll.jar:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_51] at

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

...

[rt.jar:1.7.0_51] at

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

...

[rt.jar:1.7.0_51] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_51] at

org.jboss.as.ee.component.ManagedReferenceMethodInterceptorFactory$ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptorFactory.java:72)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:374)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.delegateInterception(Jsr299BindingsInterceptor.java:114)

...

[jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:125)

...

[jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:135)

...

[jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:36)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:374)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.ovirt.engine.core.bll.interceptors.ThreadLocalSessionCleanerInterceptor.injectWebContextToThreadLocal(ThreadLocalSessionCleanerInterceptor.java:13)

...

[bll.jar:] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_51] at

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

...

[rt.jar:1.7.0_51] at

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

...

[rt.jar:1.7.0_51] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_51] at

org.jboss.as.ee.component.ManagedReferenceLifecycleMethodInterceptorFactory$ManagedReferenceLifecycleMethodInterceptor.processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:123)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:36)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:82)

...

[jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:53)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ejb3.component.singleton.SingletonComponentInstanceAssociationInterceptor.processInvocation(SingletonComponentInstanceAssociationInterceptor.java:53)

...

[jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInNoTx(CMTTxInterceptor.java:211)

...

[jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.as.ejb3.tx.CMTTxInterceptor.supports(CMTTxInterceptor.java:363)

...

[jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:194)

...

[jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)

...

[jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)

...

[jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:173)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)

...

[jboss-invocation-1.1.1.Final.jar:1.1.1.Final] at

org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72)

...

[jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] at

org.ovirt.engine.core.common.interfaces.BackendLocal$$$view7.login(Unknown

...

Source) [common.jar:] at

org.ovirt.engine.ui.frontend.server.gwt.GenericApiGWTServiceImpl.login(GenericApiGWTServiceImpl.java:183)

...

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_51] at

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

...

[rt.jar:1.7.0_51] at

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

...

[rt.jar:1.7.0_51] at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_51] at com.google.gwt.rpc.server.RPC.invokeAndStreamResponse(RPC.java:196) at

com.google.gwt.rpc.server.RpcServlet.processCall(RpcServlet.java:172)

...

at

com.google.gwt.rpc.server.RpcServlet.processPost(RpcServlet.java:233)

...

at

com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)

...

at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.utils.servlet.HeaderFilter.doFilter(HeaderFilter.java:94)

...

[utils.jar:] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.ui.frontend.server.gwt.GwtCachingFilter.doFilter(GwtCachingFilter.java:132)

...

at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.branding.BrandingFilter.doFilter(BrandingFilter.java:72)

...

at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.utils.servlet.LocaleFilter.doFilter(LocaleFilter.java:64)

...

[utils.jar:] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.aaa.filters.SessionMgmtFilter.doFilter(SessionMgmtFilter.java:31)

...

[aaa.jar:] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.aaa.filters.LoginFilter.doFilter(LoginFilter.java:73)

...

[aaa.jar:] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.aaa.filters.NegotiationFilter.doFilter(NegotiationFilter.java:131)

...

[aaa.jar:] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:75)

...

[aaa.jar:] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.ovirt.engine.core.aaa.filters.SessionValidationFilter.doFilter(SessionValidationFilter.java:63)

...

[aaa.jar:] at

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

at

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

at

org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)

...

at

org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)

...

at

org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:489)

...

at

org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)

...

at

org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)

...

at

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

...

at org.jboss.web.rewrite.RewriteValve.invoke(RewriteValve.java:466) at

org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

...

at

org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)

...

at

org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:505)

...

at

org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:445)

...

at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_51]

Could you help me with this problem, please?

Many thanks in advanced,

Juanjo.

On Tue, Nov 25, 2014 at 12:24 PM, Ondra Machacek <omachace@redhat.com> wrote:

...

Hi,

can you please try different account than Administrator?

----- Original Message -----

...

From: "Juan Jose" <jj197005@gmail.com> To: omachace@redhat.com, alonbl@redhat.com, "Yair Zaslavsky" < yzaslavs@redhat.com>, users@ovirt.org Sent: Tuesday, November 25, 2014 11:01:13 AM Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue

Hello everybody,

Ondra you are right, I removed the domain. I have already tried to execute the command with lower case the domain name and the result is the

same

...

...

...

engine-manage-domains add --domain=siee.local --provider=ad --user=Administrator --add-permissions Enter password: No user in Directory was found for Administrator@SIEE.LOCAL.

Trying

...

next LDAP server in list Failure while testing domain siee.local. Details: No user information was found for user

the result to the command psql -U engine -d engine -c "select * from vdc_options where option_name='LDAPSecurityAuthentication'" is:

psql: FATAL: Ident authentication failed for user "engine"

And for second command psql -U engine -d engine -c "update vdc_options set option_value='siee.local:GSSAPI' where option_name='LDAPSecurityAuthentication'", I receive the same response:

psql: FATAL: Ident authentication failed for user "engine"

Is there any problem?

Many thanks in advanced,

Juanjo.

On Mon, Nov 24, 2014 at 1:57 PM, Ondra Machacek < omachace@redhat.com> wrote:

> I understood that domain can be deleted, but can't be added, > so there won't be needed values to update in vdc_options. > > Juanjo - Can you please provide us what's the result of command: > > $ psql -U engine -d engine -c "select * from vdc_options where > option_name='LDAPSecurityAuthentication'" > > If it's empty or if the domain name is upper case or lower case? > If it's upper, than please lower case it. > $ psql -U engine -d engine -c "update vdc_options set > option_value='siee.local:GSSAPI' where > option_name='LDAPSecurityAuthentication'" > > > ----- Original Message ----- > > From: "Alon Bar-Lev" <alonbl@redhat.com> > > To: "Ondra Machacek" <omachace@redhat.com> > > Cc: jj197005@gmail.com, users@ovirt.org, "Yair Zaslavsky" < > yzaslavs@redhat.com> > > Sent: Monday, November 24, 2014 1:49:11 PM > > Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue > > > > > > > > ----- Original Message ----- > > > From: "Ondra Machacek" <omachace@redhat.com> > > > To: jj197005@gmail.com > > > Cc: users@ovirt.org, "Yair Zaslavsky" <yzaslavs@redhat.com>, > > > "Alon > Bar-Lev" > > > <alonbl@redhat.com> > > > Sent: Monday, November 24, 2014 2:46:20 PM > > > Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue > > > > > > Please try to run your command with domain in lower case: > > > > > > engine-manage-domains add --domain=siee.local --provider=ad > > > --user=Administrator > > > > it is already added, won't it simpler to modify the vdc_options? > > > > > > > > > > > ----- Original Message ----- > > > > From: "Alon Bar-Lev" <alonbl@redhat.com> > > > > To: "Juan Jose" <jj197005@gmail.com> > > > > Cc: users@ovirt.org, "Yair Zaslavsky" <yzaslavs@redhat.com , "Ondra > > > > Machacek" <omachace@redhat.com> > > > > Sent: Monday, November 24, 2014 1:27:39 PM > > > > Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue > > > > > > > > > > > > Yes, > > > > I think we just fixed this[1]. > > > > We can fix this manually, yair, ondra what is the easiest fix? > > > > > > > > BTW: you can also checkout the new ldap provider > > > > (ovirt-engine-extension-aaa-ldap) in 3.5 which should be much more > > > > robust[1], I can help you set it up. > > > > > > > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1167211 > > > > [2] > > > > >

http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;...

...

...

> > > > > > > > ----- Original Message ----- > > > > > From: "Juan Jose" <jj197005@gmail.com> > > > > > To: users@ovirt.org > > > > > Sent: Monday, November 24, 2014 2:22:44 PM > > > > > Subject: [ovirt-users] Adding domain to oVirt to 3.5 issue > > > > > > > > > > Hello everybody, > > > > > > > > > > I have upgraded my oVirt 3.4 to 3.5 version without any > > > > > problem > > > > > apparently. > > > > > > > > > > After finish the upgrade I have tried to login with any of my AD > users > > > > > from > > > > > my Samba 4, like I used to do in oVirt 3.4 but I received > > > > > authentication > > > > > errors as below error: > > > > > > > > > > 2014-11-21 14:06:02,681 ERROR > > > > > >

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy]

...

...

> > > > > (ajp--127.0.0.1-8702-3) Kerberos error: Pre-authentication > information > > > > > was > > > > > invalid (24) > > > > > 2014-11-21 14:06:02,683 ERROR > > > > > >

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.GSSAPIDirContextAuthenticationStrategy]

...

...

> > > > > (ajp--127.0.0.1-8702-3) Authentication Failed. Please verify the > > > > > username > > > > > and password. > > > > > 2014-11-21 14:06:02,685 ERROR > > > > > >

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.DirectorySearcher]

...

...

> > > > > (ajp--127.0.0.1-8702-3) Failed ldap search server > > > > > ldap://adserver.siee.local:389 using user juanjo@SIEE.LOCAL due to > > > > > Authentication Failed. Please verify the username and password.. We > > > > > should > > > > > not try the next server > > > > > 2014-11-21 14:06:02,688 ERROR > > > > > >

[org.ovirt.engine.extensions.aaa.builtin.kerberosldap.LdapBrokerCommandBase]

...

...

> > > > > (ajp--127.0.0.1-8702-3) Failed to run command > > > > > LdapGetAdUserByUserNameCommand. Domain is siee.local. User is > > > > > juanjo@SIEE.LOCAL. > > > > > 2014-11-21 14:06:02,690 ERROR > > > > > [org.ovirt.engine.core.bll.aaa.LoginAdminUserCommand] > > > > > (ajp--127.0.0.1-8702-3) Error during CanDoActionFailure.: Class: > class > > > > > >

org.ovirt.engine.core.extensions.mgr.ExtensionInvokeCommandFailedException

...

...

> > > > > Input: > > > > > {Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class > > > > > >

org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class

...

...

> > > > > >

java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,

...

...

> > > > > Extkey[name=EXTENSION_LICENSE;type=class > > > > > >

java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL

...

...

> > > > > 2.0, Extkey[name=EXTENSION_HOME_URL;type=class > > > > > >

java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=

...

...

> > > > > http://www.ovirt.org , > > > > > Extkey[name=EXTENSION_LOCALE;type=class > > > > > >

java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,

...

...

> > > > > Extkey[name=EXTENSION_NAME;type=class > > > > > >

java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=Kerberos/Ldap

...

...

> > > > > Authz (Built-in), > > > > > Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class > > > > > >

java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,

...

...

> > > > > Extkey[name=EXTENSION_CONFIGURATION;type=class > > > > > >

java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,

...

...

> > > > > Extkey[name=EXTENSION_AUTHOR;type=class > > > > > >

java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The

...

...

> > > > > oVirt Project, > Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class > > > > > >

java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=100,

...

...

> > > > > Extkey[name=EXTENSION_INSTANCE_NAME;type=class > > > > > >

java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=siee.local,

...

...

> > > > > Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class > > > > > >

java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,

...

...

> > > > > Extkey[name=AAA_AUTHZ_CAPABILITIES;type=class > > > > > >

java.lang.Long;uuid=AAA_AUTHZ_CAPABILITIES[6106d1fb-9291-4351-a947-b897b9540a23];]=1,

...

...

> > > > > Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface > > > > > >

java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],

...

...

> > > > > Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class > > > > > >

org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,

...

...

> > > > > Extkey[name=EXTENSION_VERSION;type=class > > > > > >

java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=N/A,

...

...

> > > > > Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface > > > > > >

java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[*],

...

...

> > > > > Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface > > > > > >

org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.Kerberos/Ldap

...

...

> > > > > Authz (Built-in).siee.local), > > > > > Extkey[name=EXTENSION_PROVIDES;type=interface > > > > > >

java.util.Collection;uuid=EXTENSION_PROVIDES[8cf373a6-65b5-4594-b828-0e275087de91];]=[org.ovirt.engine.api.extensions.aaa.Authz]},

...

...

> > > > > Extkey[name=AAA_AUTHZ_QUERY_FLAGS;type=class > > > > > >

java.lang.Integer;uuid=AAA_AUTHZ_QUERY_FLAGS[97d226e9-8d87-49a0-9a7f-af689320907b];]=3,

...

...

> > > > > Extkey[name=EXTENSION_INVOKE_COMMAND;type=class > > > > > >

org.ovirt.engine.api.extensions.ExtUUID;uuid=EXTENSION_INVOKE_COMMAND[485778ab-bede-4f1a-b823-77b262a2f28d];]=AAA_AUTHZ_FETCH_PRINCIPAL_RECORD[5a5bf9bb-9336-4376-a823-26efe1ba26df],

...

...

> > > > > Extkey[name=AAA_AUTHN_AUTH_RECORD;type=class > > > > > >

org.ovirt.engine.api.extensions.ExtMap;uuid=AAA_AUTHN_AUTH_RECORD[e9462168-b53b-44ac-9af5-f25e1697173e];]={Extkey[name=AAA_AUTHN_AUTH_RECORD_PRINCIPAL;type=class

...

...

> > > > > >

java.lang.String;uuid=AAA_AUTHN_AUTH_RECORD_PRINCIPAL[c3498f07-11fe-464c-958c-8bd7490b119a];]=juanjo}}

...

...

> > > > > Output: > > > > > {Extkey[name=EXTENSION_INVOKE_RESULT;type=class > > > > > >

java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=2,

...

...

> > > > > Extkey[name=AAA_AUTHZ_STATUS;type=class > > > > > >

java.lang.Integer;uuid=AAA_AUTHZ_STATUS[566f0ba5-8329-4de1-952a-7a81e4bedd3e];]=1}

...

...

> > > > > > > > > > at > > > > > >

org.ovirt.engine.core.extensions.mgr.ExtensionProxy.invoke(ExtensionProxy.java:91)

...

...

> > > > > [extensions-manager.jar:] > > > > > at > > > > > >

org.ovirt.engine.core.extensions.mgr.ExtensionProxy.invoke(ExtensionProxy.java:109)

...

...

> > > > > [extensions-manager.jar:] > > > > > at > > > > > >

org.ovirt.engine.core.aaa.AuthzUtils.fetchPrincipalRecordImpl(AuthzUtils.java:51)

...

...

> > > > > [aaa.jar:] > > > > > at > > > > > >

org.ovirt.engine.core.aaa.AuthzUtils.fetchPrincipalRecord(AuthzUtils.java:42)

...

...

> > > > > [aaa.jar:] > > > > > at > > > > > >

org.ovirt.engine.core.bll.aaa.LoginBaseCommand.isUserCanBeAuthenticated(LoginBaseCommand.java:234)

...

...

> > > > > [bll.jar:] > > > > > at > > > > > >

org.ovirt.engine.core.bll.aaa.LoginAdminUserCommand.canDoAction(LoginAdminUserCommand.java:15)

...

...

> > > > > [bll.jar:] > > > > > at > > > > > >

org.ovirt.engine.core.bll.CommandBase.internalCanDoAction(CommandBase.java:744)

...

...

> > > > > [bll.jar:] > > > > > at > > > > > >

org.ovirt.engine.core.bll.CommandBase.executeAction(CommandBase.java:338)

...

...

> > > > > [bll.jar:] > > > > > at org.ovirt.engine.core.bll.Backend.login(Backend.java:575) > [bll.jar:] > > > > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > > > > > Method) > > > > > [rt.jar:1.7.0_51] > > > > > at > > > > > >

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

...

...

> > > > > [rt.jar:1.7.0_51] > > > > > at > > > > > >

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

...

...

> > > > > [rt.jar:1.7.0_51] > > > > > at java.lang.reflect.Method.invoke(Method.java:606) > [rt.jar:1.7.0_51] > > > > > at > > > > > >

org.jboss.as.ee.component.ManagedReferenceMethodInterceptorFactory$ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptorFactory.java:72)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:374)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.delegateInterception(Jsr299BindingsInterceptor.java:114)

...

...

> > > > > [jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:125)

...

...

> > > > > [jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:135)

...

...

> > > > > [jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:36)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:374)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.ovirt.engine.core.bll.interceptors.ThreadLocalSessionCleanerInterceptor.injectWebContextToThreadLocal(ThreadLocalSessionCleanerInterceptor.java:13)

...

...

> > > > > [bll.jar:] > > > > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > > > > > Method) > > > > > [rt.jar:1.7.0_51] > > > > > at > > > > > >

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

...

...

> > > > > [rt.jar:1.7.0_51] > > > > > at > > > > > >

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

...

...

> > > > > [rt.jar:1.7.0_51] > > > > > at java.lang.reflect.Method.invoke(Method.java:606) > [rt.jar:1.7.0_51] > > > > > at > > > > > >

org.jboss.as.ee.component.ManagedReferenceLifecycleMethodInterceptorFactory$ManagedReferenceLifecycleMethodInterceptor.processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:123)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:36)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:82)

...

...

> > > > > [jboss-as-weld-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:53)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ejb3.component.singleton.SingletonComponentInstanceAssociationInterceptor.processInvocation(SingletonComponentInstanceAssociationInterceptor.java:53)

...

...

> > > > > [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInNoTx(CMTTxInterceptor.java:211)

...

...

> > > > > [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ejb3.tx.CMTTxInterceptor.supports(CMTTxInterceptor.java:363)

...

...

> > > > > [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:194)

...

...

> > > > > [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)

...

...

> > > > > [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)

...

...

> > > > > [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > > org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) > > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:173)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)

...

...

> > > > > [jboss-invocation-1.1.1.Final.jar:1.1.1.Final] > > > > > at > > > > > >

org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72)

...

...

> > > > > [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final] > > > > > at > > > > > >

org.ovirt.engine.core.common.interfaces.BackendLocal$$$view7.login(Unknown

...

...

> > > > > Source) [common.jar:] > > > > > at > > > > > >

org.ovirt.engine.ui.frontend.server.gwt.GenericApiGWTServiceImpl.login(GenericApiGWTServiceImpl.java:183)

...

...

> > > > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > > > > > Method) > > > > > [rt.jar:1.7.0_51] > > > > > at > > > > > >

sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

...

...

> > > > > [rt.jar:1.7.0_51] > > > > > at > > > > > >

sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

...

...

> > > > > [rt.jar:1.7.0_51] > > > > > at java.lang.reflect.Method.invoke(Method.java:606) > [rt.jar:1.7.0_51] > > > > > at > com.google.gwt.rpc.server.RPC.invokeAndStreamResponse(RPC.java:196) > > > > > at > > > > > > com.google.gwt.rpc.server.RpcServlet.processCall(RpcServlet.java:172) > > > > > at > > > > > > com.google.gwt.rpc.server.RpcServlet.processPost(RpcServlet.java:233) > > > > > at > > > > > >

com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)

...

...

> > > > > at > > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:754) > > > > > [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] > > > > > at > > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:847) > > > > > [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.utils.servlet.HeaderFilter.doFilter(HeaderFilter.java:94)

...

...

> > > > > [utils.jar:] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.ui.frontend.server.gwt.GwtCachingFilter.doFilter(GwtCachingFilter.java:132)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.branding.BrandingFilter.doFilter(BrandingFilter.java:72)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.utils.servlet.LocaleFilter.doFilter(LocaleFilter.java:64)

...

...

> > > > > [utils.jar:] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.aaa.filters.SessionMgmtFilter.doFilter(SessionMgmtFilter.java:31)

...

...

> > > > > [aaa.jar:] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.aaa.filters.LoginFilter.doFilter(LoginFilter.java:73)

...

...

> > > > > [aaa.jar:] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.aaa.filters.NegotiationFilter.doFilter(NegotiationFilter.java:131)

...

...

> > > > > [aaa.jar:] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:75)

...

...

> > > > > [aaa.jar:] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.ovirt.engine.core.aaa.filters.SessionValidationFilter.doFilter(SessionValidationFilter.java:63)

...

...

> > > > > [aaa.jar:] > > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)

...

...

> > > > > at > > > > > >

org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:489)

...

...

> > > > > at > > > > > >

org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)

...

...

> > > > > at > > > > > >

org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)

...

...

> > > > > at > > > > > >

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)

...

...

> > > > > at org.jboss.web.rewrite.RewriteValve.invoke(RewriteValve.java:466) > > > > > at > > > > > >

org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

...

...

> > > > > at > > > > > >

org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)

...

...

> > > > > at > org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:505) > > > > > at > > > > > >

org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:445)

...

...

> > > > > at > > > > > > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) > > > > > at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_51] > > > > > > > > > > I have not changed any password from any of my AD users. > > > > > > > > > > I have removed from my oVirt 3.5 the domain with: > > > > > > > > > > engine-manage-domains delete --domain=siee.local > --user=Administrator > > > > > > > > > > And I have removed the domain without problems. But I want to add > it > > > > > again > > > > > but I can't. I execute the bellow command, put the

----- Original Message ----- the password

...

...

...

...

> > > > > of my > > > > > Administrator domain and I receive the error showed bellow: > > > > > > > > > > engine-manage-domains add --domain=SIEE.LOCAL --provider=ad > > > > > --user=Administrator > > > > > Enter password: > > > > > No user in Directory was found for Administrator@SIEE.LOCAL. > Trying > > > > > next > > > > > LDAP > > > > > server in list > > > > > Failure while testing domain siee.local. Details: No user > information > > > > > was > > > > > found for user > > > > > > > > > > The password that I use is correct because I can login with user > > > > > Administrator in the domain siee.local through a Windows 7 > Enterprise > > > > > client. All this issue comes after my upgrade to oVirt 3.5. Does > > > > > someone > > > > > help me with this problem?. If more info is needed or logs, please > ask > > > > > me. > > > > > > > > > > Many thanks in advanced, > > > > > > > > > > Juanjo > > > > > > > > > > _______________________________________________ > > > > > Users mailing list > > > > > Users@ovirt.org > > > > > http://lists.ovirt.org/mailman/listinfo/users > > > > > > > > > > > > > > >