5:37 p.m.
---------- Forwarded message ----------
From: Kristian Petersen <nesretep(a)chem.byu.edu>
Date: Tue, Apr 24, 2018 at 12:38 PM
Subject: Re: [ovirt-users] FreeIPA authentication broken
To: Ondra Machacek <omachace(a)redhat.com>
That directory only contains internal.properties. So I copied the
IPA.properties, IPA-authn.properties, and IPA.jks files all into the 'aaa'
subdirectory and set ownership and permissions as you directed. I reran
the command you gave me initially and it prompted me for a password for the
user when entered the process exited with status 0. However, the web
interface still isn't letting me log in. Do I need to restart a service
for the changes to be effective in the web UI?
On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek <omachace(a)redhat.com>
wrote:
Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties
It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in
/etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's there?
Please check also the correct permissions of that file, it should be
'600' and owned by ovirt user.
On 04/23/2018 10:25 PM, Kristian Petersen wrote:
> Looks like it can't find the IPA.properties file. I tried following the
> path it is complaining about but there are only files in
> /etc/ovirt-engine/extensions.d on the engine VM. No subdirectories.
> However, that directory appears to contain the files it is looking for.
> Both IPA-authn.properties and IPA.properties are there as are the internal
> properties files. Is there a config file we can edit to tell it to look in
> the right place?
>
>
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
2:39 a.m.
New subject: Fwd: FreeIPA authentication broken
Yep, you need to restart ovirt-engine service so the changes take
effect.
Anyway, we need to figure out what removed your IPA.properties and
IPA.jks file. What did you do before it stop work?
On 04/25/2018 12:37 AM, Kristian Petersen wrote:
---------- Forwarded message ----------
From: *Kristian Petersen* <nesretep(a)chem.byu.edu
<mailto:nesretep@chem.byu.edu>>
Date: Tue, Apr 24, 2018 at 12:38 PM
Subject: Re: [ovirt-users] FreeIPA authentication broken
To: Ondra Machacek <omachace(a)redhat.com <mailto:omachace@redhat.com>>
That directory only contains internal.properties. So I copied the
IPA.properties, IPA-authn.properties, and IPA.jks files all into the
'aaa' subdirectory and set ownership and permissions as you directed. I
reran the command you gave me initially and it prompted me for a
password for the user when entered the process exited with status 0.
However, the web interface still isn't letting me log in. Do I need to
restart a service for the changes to be effective in the web UI?
On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek <omachace(a)redhat.com
<mailto:omachace@redhat.com>> wrote:
Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties
It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in
/etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's there?
Please check also the correct permissions of that file, it should be
'600' and owned by ovirt user.
On 04/23/2018 10:25 PM, Kristian Petersen wrote:
Looks like it can't find the IPA.properties file. I tried
following the path it is complaining about but there are only
files in /etc/ovirt-engine/extensions.d on the engine VM. No
subdirectories. However, that directory appears to contain the
files it is looking for. Both IPA-authn.properties and
IPA.properties are there as are the internal properties files.
Is there a config file we can edit to tell it to look in the
right place?
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
11:20 a.m.
New subject: Fwd: FreeIPA authentication broken
I restarted the service and it is working beautifully again. Thank you for
you time and effort in helping me.
As for what caused this mess...
My hosted engine crashed after it's storage was temporarily disconnected by
an automatic application of an update which then rebooted the NAS. After I
was able to get the engine back up, but running my IPA logins didn't work
anymore and I had no idea why that would be. I hadn't changed anything in
relation to any of that so it made little sense why it stopped working.
On Wed, Apr 25, 2018 at 1:39 AM, Ondra Machacek <omachace(a)redhat.com> wrote:
Yep, you need to restart ovirt-engine service so the changes take
effect.
Anyway, we need to figure out what removed your IPA.properties and
IPA.jks file. What did you do before it stop work?
On 04/25/2018 12:37 AM, Kristian Petersen wrote:
>
> ---------- Forwarded message ----------
> From: *Kristian Petersen* <nesretep(a)chem.byu.edu <mailto:
> nesretep(a)chem.byu.edu>>
> Date: Tue, Apr 24, 2018 at 12:38 PM
> Subject: Re: [ovirt-users] FreeIPA authentication broken
> To: Ondra Machacek <omachace(a)redhat.com <mailto:omachace@redhat.com>>
>
>
> That directory only contains internal.properties. So I copied the
> IPA.properties, IPA-authn.properties, and IPA.jks files all into the 'aaa'
> subdirectory and set ownership and permissions as you directed. I reran
> the command you gave me initially and it prompted me for a password for the
> user when entered the process exited with status 0. However, the web
> interface still isn't letting me log in. Do I need to restart a service
> for the changes to be effective in the web UI?
>
> On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek <omachace(a)redhat.com
> <mailto:omachace@redhat.com>> wrote:
>
> Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties
>
> It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in
> /etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's
there?
> Please check also the correct permissions of that file, it should be
> '600' and owned by ovirt user.
>
>
> On 04/23/2018 10:25 PM, Kristian Petersen wrote:
>
> Looks like it can't find the IPA.properties file. I tried
> following the path it is complaining about but there are only
> files in /etc/ovirt-engine/extensions.d on the engine VM. No
> subdirectories. However, that directory appears to contain the
> files it is looking for. Both IPA-authn.properties and
> IPA.properties are there as are the internal properties files.
> Is there a config file we can edit to tell it to look in the
> right place?
>
>
>
>
> --
> Kristian Petersen
> System Administrator
> BYU Dept. of Chemistry and Biochemistry
>
>
>
> --
> Kristian Petersen
> System Administrator
> BYU Dept. of Chemistry and Biochemistry
>
>
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
4:43 a.m.
New subject: Fwd: FreeIPA authentication broken
This is a multi-part message in MIME format.
--------------3D7D37BE87FF70B8AE2D3A3A
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Dear All,
I'm following this thread because thinking to SAML ovirt integration.
Can you help me ?
Does ovirt support this kind of authentication ? Could you send me more
information or
a link to guide ?
Thanks a lot.
Best Regards
Enrico
Il 25/04/2018 18:20, Kristian Petersen ha scritto:
I restarted the service and it is working beautifully again. Thank
you for you time and effort in helping me.
As for what caused this mess...
My hosted engine crashed after it's storage was temporarily
disconnected by an automatic application of an update which then
rebooted the NAS. After I was able to get the engine back up, but
running my IPA logins didn't work anymore and I had no idea why that
would be. I hadn't changed anything in relation to any of that so it
made little sense why it stopped working.
On Wed, Apr 25, 2018 at 1:39 AM, Ondra Machacek <omachace(a)redhat.com
<mailto:omachace@redhat.com>> wrote:
Yep, you need to restart ovirt-engine service so the changes take
effect.
Anyway, we need to figure out what removed your IPA.properties and
IPA.jks file. What did you do before it stop work?
On 04/25/2018 12:37 AM, Kristian Petersen wrote:
---------- Forwarded message ----------
From: *Kristian Petersen* <nesretep(a)chem.byu.edu
<mailto:nesretep@chem.byu.edu> <mailto:nesretep@chem.byu.edu
<mailto:nesretep@chem.byu.edu>>>
Date: Tue, Apr 24, 2018 at 12:38 PM
Subject: Re: [ovirt-users] FreeIPA authentication broken
To: Ondra Machacek <omachace(a)redhat.com
<mailto:omachace@redhat.com> <mailto:omachace@redhat.com
<mailto:omachace@redhat.com>>>
That directory only contains internal.properties. So I copied
the IPA.properties, IPA-authn.properties, and IPA.jks files
all into the 'aaa' subdirectory and set ownership and
permissions as you directed. I reran the command you gave me
initially and it prompted me for a password for the user when
entered the process exited with status 0. However, the web
interface still isn't letting me log in. Do I need to restart
a service for the changes to be effective in the web UI?
On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek
<omachace(a)redhat.com <mailto:omachace@redhat.com>
<mailto:omachace@redhat.com <mailto:omachace@redhat.com>>> wrote:
Right, you are missing file
/etc/ovirt-engine/aaa/IPA.properties
It's not subdirectory of /etc/ovirt-engine/extensions.d,
but it's in
/etc/ovirt-engine/ in 'aaa' subdirectory, can you check
what's there?
Please check also the correct permissions of that file, it
should be
'600' and owned by ovirt user.
On 04/23/2018 10:25 PM, Kristian Petersen wrote:
Looks like it can't find the IPA.properties file. I tried
following the path it is complaining about but there
are only
files in /etc/ovirt-engine/extensions.d on the engine
VM. No
subdirectories. However, that directory appears to
contain the
files it is looking for. Both IPA-authn.properties and
IPA.properties are there as are the internal
properties files. Is there a config file we can edit
to tell it to look in the
right place?
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
_______________________________________________
Users mailing list
Users(a)ovirt.org <mailto:Users@ovirt.org>
http://lists.ovirt.org/mailman/listinfo/users
<http://lists.ovirt.org/mailman/listinfo/users>
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
______________________________________________________________________
--------------3D7D37BE87FF70B8AE2D3A3A
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix"> Dear All,<br>
I'm following this thread because thinking to SAML ovirt
integration. Can you help me ?<br>
Does ovirt support this kind of authentication ? Could you send me
more information or<br>
a link to guide ?<br>
Thanks a lot.<br>
Best Regards<br>
Enrico<br>
<br>
<br>
Il 25/04/2018 18:20, Kristian Petersen ha scritto:<br>
</div>
<blockquote type="cite"
cite="mid:CAEzpwAV_v70+Bx7uP=hKpLakgH9kdA3+HzC01N+EpqQZ8nLNdw@mail.gmail.com">
<div dir="ltr">
<div>I restarted the service and it is working beautifully
again. Thank you for you time and effort in helping me.</div>
<div><br>
</div>
As for what caused this mess...
<div>My hosted engine crashed after it's storage was temporarily
disconnected by an automatic application of an update which
then rebooted the NAS. After I was able to get the engine
back up, but running my IPA logins didn't work anymore and I
had no idea why that would be. I hadn't changed anything in
relation to any of that so it made little sense why it stopped
working.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Apr 25, 2018 at 1:39 AM, Ondra
Machacek <span dir="ltr"><<a
href="mailto:omachace@redhat.com" target="_blank"
moz-do-not-send="true">omachace(a)redhat.com</a>&gt;</span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Yep, you
need to restart ovirt-engine service so the changes take<br>
effect.<br>
<br>
Anyway, we need to figure out what removed your
IPA.properties and<br>
IPA.jks file. What did you do before it stop work?<span
class=""><br>
<br>
On 04/25/2018 12:37 AM, Kristian Petersen wrote:<br>
</span>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex"><span
class="">
<br>
---------- Forwarded message ----------<br>
From: *Kristian Petersen* <<a
href="mailto:nesretep@chem.byu.edu" target="_blank"
moz-do-not-send="true">nesretep(a)chem.byu.edu</a>
<mailto:<a href="mailto:nesretep@chem.byu.edu"
target="_blank"
moz-do-not-send="true">nesretep(a)chem.byu.edu</a>&gt;<wbr>&gt;<br>
Date: Tue, Apr 24, 2018 at 12:38 PM<br>
Subject: Re: [ovirt-users] FreeIPA authentication broken<br>
</span><span class="">
To: Ondra Machacek <<a
href="mailto:omachace@redhat.com" target="_blank"
moz-do-not-send="true">omachace(a)redhat.com</a>
<mailto:<a href="mailto:omachace@redhat.com"
target="_blank"
moz-do-not-send="true">omachace(a)redhat.com</a>&gt;&gt;<br>
<br>
<br>
That directory only contains internal.properties. So I
copied the IPA.properties, IPA-authn.properties, and
IPA.jks files all into the 'aaa' subdirectory and set
ownership and permissions as you directed. I reran the
command you gave me initially and it prompted me for a
password for the user when entered the process exited
with status 0. However, the web interface still isn't
letting me log in. Do I need to restart a service for
the changes to be effective in the web UI?<br>
<br>
</span><span class="">
On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek <<a
href="mailto:omachace@redhat.com" target="_blank"
moz-do-not-send="true">omachace(a)redhat.com</a>
<mailto:<a href="mailto:omachace@redhat.com"
target="_blank"
moz-do-not-send="true">omachace(a)redhat.com</a>&gt;&gt;
wrote:<br>
<br>
Right, you are missing file
/etc/ovirt-engine/aaa/IPA.prop<wbr>erties<br>
<br>
It's not subdirectory of
/etc/ovirt-engine/extensions.d<wbr>, but it's in<br>
/etc/ovirt-engine/ in 'aaa' subdirectory, can you
check what's there?<br>
Please check also the correct permissions of that
file, it should be<br>
'600' and owned by ovirt user.<br>
<br>
<br>
On 04/23/2018 10:25 PM, Kristian Petersen wrote:<br>
<br>
Looks like it can't find the IPA.properties
file. I tried<br>
following the path it is complaining about but
there are only<br>
files in /etc/ovirt-engine/extensions.d on the
engine VM. No<br>
subdirectories. However, that directory appears
to contain the<br>
files it is looking for. Both
IPA-authn.properties and<br>
IPA.properties are there as are the internal
properties files. Is there a config file we can
edit to tell it to look in the<br>
right place?<br>
<br>
<br>
<br>
<br>
-- <br>
Kristian Petersen<br>
System Administrator<br>
BYU Dept. of Chemistry and Biochemistry<br>
<br>
<br>
<br>
-- <br>
Kristian Petersen<br>
System Administrator<br>
BYU Dept. of Chemistry and Biochemistry<br>
<br>
<br>
</span><span class="">
______________________________<wbr>_________________<br>
Users mailing list<br>
<a href="mailto:Users@ovirt.org" target="_blank"
moz-do-not-send="true">Users(a)ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/users"
rel="noreferrer" target="_blank"
moz-do-not-send="true">http://lists.ovirt.org/mailman<wbr...
<br>
</span></blockquote>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">Kristian Petersen
<div>System Administrator</div>
<div>BYU Dept. of Chemistry and Biochemistry</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated"
href="mailto:Users@ovirt.org">Users@ovirt.org</a>
<a class="moz-txt-link-freetext"
href="http://lists.ovirt.org/mailman/listinfo/users">http://...
</pre>
</blockquote>
<p><br>
</p>
<pre class="moz-signature" cols="72">--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
______________________________________________________________________ </pre>
</body>
</html>
--------------3D7D37BE87FF70B8AE2D3A3A--
2432
days inactive
2434
days old
3 comments
3 participants
participants (3)
-
Enrico Becchetti -
Kristian Petersen -
Ondra Machacek